Privacy Policy
GDPR Privacy Notice Update
Updated Privacy Laws
You may be aware that this month privacy laws are changing. As of 25 May 2018 the General Data Protection Regulations (hereinafter referred to as “the GDPR) will come into force, overhauling the current data protection laws and will place stricter and more onerous obligations on organisations that receive personal data. As such, you will find that organisations will contact you regarding this update, and will be asking you how you would like to be contacted. A link to the Information Commissioner’s Office (ICO) website can be found below for further information.
We would like to make clear that the changes to current privacy laws does not change what we do with your personal data. We will continue to require photo ID and proof of address at the outset of every transaction, and we will still require your contact details and other information as described in our client care letters in order to conduct your transaction effectively. The changes in the law mean that you will have more control over how your data is used, and how you can be contacted. The changes being introduced help better protect your personal data.
We are amending our Terms of Business and this Privacy Notice to include certain information that will assist you with making the right choices for yourself in respect of personal data. We ask that you read this information very carefully, and if you have any questions, please do not hesitate to contact us.
Who we are
We are Chambers Solicitors, of 22 Windsor Road Slough Berkshire SL1 2EJ, and we are your data controller. Our telephone number is 01753 522 204, our fax number is 01753 524 876 and our DX number is 42274 Slough West. A list of Partners is available at our offices.
Our Data Protection Officer
We have nominated Mr A S Lall to be our Data Protection Officer. He will be in charge of co-ordinating the changeover to the new data protection laws. We ask that any requests for information be put in writing to our offices, marked for the attention of Mr A S Lall. If you wish to discuss anything relating to your personal data over the telephone, please call us and ask for Simran, who is our designated Compliance Assistant.
What personal data is held
We will hold details of the below in respect of our clients firm-wide (this list is not exhaustive):-
- Name;
- Address;
- Date of birth;
- National Insurance number;
- Telephone number;
- Email address;
- Mortgage account number;
- Bank account number and sort code;
- Medical information;
- Lifestyle and social circumstances;
- Business details;
- Education and employment details;
- Physical or mental health details;
- Political opinions or religious belief;
- Sexual life;
- Trade union memberships;
- Offences or alleged offences.
The legal basis under which we process your information
At the outset of your transaction we sent to you a client care letter, which you either returned to us signed, or returned a signed declaration of instructions. This constitute our legal retainer, our contract, and it is necessary for us to process your personal data for the performance of this contract.
We are also required to comply with our legal obligations, under Money Laundering Regulations, Law Society good practice guidance and the SRA rules. This includes taking the personal data listed above in order to effectively carry out your transaction.
How the data is stored
While your transaction is ongoing, your personal data is stored in your personal file, which is kept locked in your fee-earner’s room. Once the matter has concluded, the file is stored in our on-site storage facility for up to 2 months, following which it is transferred to our off-site facility, to which only our Partners hold the keys.
Who will it be shared with and for what purpose
We only use your personal data in order to carry out your instructions, for example when purchasing a property, we will use your details to apply to Land Registry for registration, or when you are involved in a Road Traffic Accident, we will use your details to arrange for a medical exam. We do not share your information with third parties unless it is in the usual course of your transaction.
How long we will store your data
We store your paper file for 6 years following completion of the matter in accordance with usual practice. Following that date we will destroy the file securely, save for original documents (such as deeds, wills, probate etc.) and we remove the electronic file from our system in line with this policy.
Your rights
You have the right to access your data via a Subject Access Request (SAR). We do not charge for this and we aim to provide information as soon as reasonably practicable and in any event within one month of receipt of the request. Please note that the SAR is also subject to our regulatory requirements for confidentiality and disclosure. If you wish to make a SAR please contact us and we will provide you with our SAR Form for completion and return.
You also have the right to have your data corrected, if you deem it incorrect. You also now have the right to erasure of your personal data when it is no longer required for the purposes for which it is collected, the right to restrict or the right to object to us processing your data in specific circumstances. Regarding these rights, you will appreciate that without the personal data that relates to your transaction it is likely that we are unable to act for you, as we must comply with our regulatory and compliance requirements.
You are able to make a request to have your data transferred to another controller, which does not differ from current good practice. We will need your written authority to do this, as before.
You also have the right to lodge a complaint with the ICO. We ask that you follow our usual complaints procedure, which is available upon request.
Transfer of data
We will not transfer your data outside of the UK or the EU.
Automated-decision making
We do not use your personal data to carry out automated-decision making or profiling.
Legally privileged information
Where personal data is classed as legally privileged, that data is exempt from the GDPR information provisions.
Useful links:
ICO Website https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
GDPR http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf
