PRIVACY POLICY – HOW WE TREAT YOUR DATA – Updated 28h January 2019
WHO ARE WE?
We are Howards Solicitors Limited, a law practice regulated by the Solicitors Regulation Authority (“HS”) and we are committed to maintaining, protecting and respecting the confidentiality, integrity and security of personal information about each of our clients (“you”).
If you give us any personal information about yourself or others, we promise to treat it securely, fairly and lawfully.
HOW TO CONTACT US
If you have any queries about this Privacy Policy or the information we collect or hold about you, please contact the Data Protection officer who is Oliver Gardner at:
The Data Protection Officer
Howards Solicitors Limited
72-74 Wellington Road South
Stockport
SK1 3SU
E-mail: oliver.gardner@howardssolicitors.com
Tel: 0161 872 9999
ACCESSING THE PERSONAL INFORMATION WE HOLD
Should you want any information about what data of yours we are holding or should you want to see the information we hold then please direct your request to Data Protection officer whose details are set out above. You may make the request wither over the telephone, by email or by post.
We will endeavour to answer your query within no more than 5 working days and where we agree to provide the information your require, we will do so within no more than 3 working days thereafter and in any reasonable format that you request subject.
WHAT INFORMATION WE COLLECT ABOUT YOU
The personal data you have provided, we have collected from you, or we have received from third parties includes:
- Name, address and address history, date of birth, gender and national insurance number;
- Contact details, including telephone numbers and e-mail addresses;
- When you contact us through any digital channel we will inform you of the methods used by each of those channels at point of entry and at any point where we capture personal information. The information we collect includes IP addresses and is used for fraud prevention and to improve customer experience;
- Sufficient information whether financial details about your family and dependents to help us with your instructions
WHERE WE COLLECT YOUR INFORMATION FROM
We will address you about your case, both orally and in writing, and may ask you to fill out forms of questionnaires particularly with relevance to the details of your instructions, the handling your case and such information that can be provided by telephone, e-mail, fax or otherwise.
HOW WE USE YOUR INFORMATION
We may use your information in the following ways:
- To help us with your instructions such as the handling of your case in accordance with all legal obligations;
- To comply with our legal obligations to carry out identity and anti-money laundering checks;
- To comply with the requirements of the relevant regulatory bodies, e.g. the Law Society, the Solicitors Regulation Authority, Financial Conduct Authority and Legal Aid Agency;
- To notify you about other services similar to those already provided and which may be appropriate to you
WHO WE SHARE YOUR INFORMATION WITH
In order to provide our services, we may share your information with various third parties. These third parties include:
- The solicitor acting for any opponent in legal proceedings;
- Our service providers including technology companies providing IT systems and support to us;
- Regulatory bodies as set out above;
- HM Revenue & Customs for tax relief purposes and regulatory reporting;
- Financial institutions and other similar organisations we deal with in the course of the services we offer;
- Auditors, accountants, legal counsel or other advisors assisting on any of our business purposes
We do not provide your data for the purposes of any marketing and will never market for sale your details to any other party.
WHERE YOUR INFORMATION IS STORED AND PROCESSED
All the information is processed within the UK and all information is stored in our office or on cloud-based servers located within the UK.
HOW WE PROTECT YOUR INFORMATION
We have security measures against unlawful or unauthorised processing of information we hold and:
- Against the accident loss or damage;
- We have in place a separate cyber policy to cover any unintentional breaches along with certain additional insurance cover within our office insurance policy and professional indemnity policy
HOW LONG WE KEEP YOUR INFORMATION
We will hold your information for at least as long as we need to in order to deal with your case. After your case has concluded we will store your file for between 3 and 6 years. We will not keep all of your information, only the information necessary if we need to address an issue regarding your case after it finalises.
Our files can be mandatorily audited for up to 6 years after the matter concludes and in some cases even longer than that. Similarly, a negligence claim can be made at any time up to 6 years after the completion of the matter. We are therefore required to store your file for at least that period. Other than in rare circumstances, the file and all of its contents will be automatically destroyed at the year point. It is not our policy to inform you of destruction.
In respect of some of the information we hold about you, we will store that information for longer and even indefinitely. Such information may include your name, date of birth, address, contact details. We keep this information in the event that you may instruct us to act for you again, if a third party contacts us seeking to make contact with you. Your personal information will only be stored on our electronic case management software. The case management system can only be accessed by employees of the firm. Access to the data contained therein is password protected and encrypted.
YOUR RIGHTS
You have various rights in relation to the data provided to us. These are as follows:
- The right to be informed which includes the right to receive clear information on personal data we hold and who we share it with as set out within our privacy policy;
- The right to request a copy of your information. You can request a copy of the information which we hold, and this is known as a Subject Access Request;
- The right to correct any mistakes in your information. We take all efforts to store information correctly but if any mistakes come to light and you notify us we shall promptly rectify the same and you may contact us regarding your information if you find, at any time, it is incorrect, we set our below our contact details;
- The right to request deletion of your information (known as “right to be forgotten”). We shall delete all information pursuant to any request unless there are reasonable grounds requiring us to refuse to do so or to spend the time for so doing. Usually we shall comply with any request for deletion of data if it is no longer necessary for us to hold the same or you wish to withdraw your consent or indeed you object to us holding or processing any data for some other reason, legal or otherwise, making it appropriate for such data to be deleted.
- The right to limit how we use your information You can tell us how you wish to limit the ways in which we will use your information.
- The right to data portability You have the right to request your data and receive it in a way that you can easily access it.
- The right to object to the use of your data in some circumstances you can prevent the use of your data.
- Your right to relating to your information being processed without human involvement This relates to how decisions may be made about you and/or your personal information by automated computer process.
- The right to access information held about you by a public body
- The right to raise a concern or complaint You can report any concerns or complaints you may have o an organisation who holds your personal information.
MANAGING YOUR DATA
We will continually monitor and review our data protection policies. This will include maintaining a register of any breaches, complaints and requests. The data protection officer will review this file and the procedures generally, at least twice yearly.
In addition we will monitor and review the policies and potential for breaches so far as any third party providers we may from time to time share your data with. This will include but will not be limited to a full review on the appointment of a new expert to our panel, the appointment of new IT contractors, case management software, storage and disposal providers and on the implementation of any new or amended procedures that may affect your private, personal information.
HOW TO MAKE A COMPLAINT
We would always invite you to first contact us with your concerns or complaints and we will endeavour to address them to your satisfaction.
If you are not satisfied with our response to any queries or complaints you raise or believe we have not processed your Personal Data in accordance with this policy and the Data Protecting Legislation you have the right to lodge a complaint at the Information Commissioner’s Office (https://ico.org.uk/).
You can contact the ICO via their website or write to them at:
Information Commissioner’s office:
Wycliffe House
Water Lane
Wilmslow
SK9 5AF