This notice explains when and why we collect personal information about you; how we use it, the conditions under which we may disclose it to others and how we keep it secure.
This notice does not apply to any websites that may have a link to ours.
We are committed to protecting your personal data.
Who we are
Data is collected, processed and stored by Spearpoint Franks Solicitors Ltd. and we are what is known as the ‘data controller’ of the personal information you provide to us.
Our website and services are not aimed specifically at children because in legal work, children are generally represented by their parent or guardians. If you are a child and need further advice or explanation about how we would use your data, please email email@example.com
What information we collect
The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you.
There are two types of personal data (personal information) that you may provide to us:
- Personal data: is the general information that you supply about yourself – such as your name, address, gender, date of birth, contact details, financial information etc. We will use your non-sensitive personal data to (i) register you as a new client, (ii) manage payment, (iii) collect and recover monies owed to us and (iv) to manage our relationship with you. Our legal grounds for processing this data are for performance of a contract with you.
- Sensitive personal data: is, by its nature, more sensitive information and may include your racial or ethnic origin, religion, sexual orientation, political opinions, health data, philosophical views, biometric and genetic data. We will collect this sensitive data for the purposes of providing our services to you or if we need to comply with a legal obligation.
In the majority of cases, personal data will be restricted to basic information and information needed to complete ID checks. However, some of the work we do may require us to ask for more sensitive information.
In regards to fixed fee and retainer clients, legitimate interest will be the legal basis.
Sources of information
Information about you may be obtained from a number of sources; including:
- You may volunteer the information about yourself
- You may provide information relating to someone else – if you have the authority to do so
- Information may be passed to us by third parties in order that we can undertake your legal work on your behalf. Typically these can be:
- Banks or building societies
- Organisations that have referred work to us
- Solicitors acting on the other side
- Local authorities
- Medical institutions – who provide your personal records information
Why we need it
The primary reason for asking you to provide us with your personal data is to allow us to carry out your requests – which will ordinarily be to represent you and carry out your legal work.
The following are some examples, although not exhaustive, of what we may use your information for:
- Verifying your identity
- Verifying source of funds
- Communicating with you
- To establish funding of your matter or transaction
- Processing your legal transaction including:
- Providing you with advice
- carrying out litigation on your behalf
- attending hearings on your behalf
- preparing documents or to complete transactions
- Keeping financial records of your transactions and the transactions we make on your behalf
- Seeking advice from third parties, such as legal and non-legal experts
- Responding to any complaint or allegation of negligence against us
Who has access to it
We have a data protection regime in place to oversee the effective and secure processing of your personal data. We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Generally, we will only use your information within Spearpoint Franks Solicitors Ltd.. However, there may be circumstances in carrying out your legal work where we may need to disclose some information to third parties; for example:
- HM Land Registry to register a property
- Court or Tribunal
- Solicitors acting on the other side
- Asking an independent Barrister or Counsel for advice; or to represent you
- Non-legal experts to obtain advice or assistance
- Translation Agencies
- Contracted Suppliers
- External auditors or our Regulator; e.g. SRA, ICO etc.
- Bank or Building Society or other financial institutions
- Providers of identity verification
- Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
- If there is an emergency and we think you or others are at risk
In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.
There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.
Protecting your data is important to us and we have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have exceptional standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.
We use computer safeguards such as Anti-Virus, Ransomware protection, Mimecast (email protection) and have full server backups. We enforce physical access controls to our buildings and files to keep data safe.
We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
In certain circumstances you can ask us to delete your data. See the section entitled ‘your rights’ below for more information.
We may anonymise your personal data (so that you can no longer be identified from such data) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us. For example:
- As long as necessary to carry out your legal work
- For a minimum of 6 years from the conclusion or closure of your legal work in case you, or we, need to re-open your case for the purpose of defending complaints or claims against us
- Some information or matters may be kept for 16 years – such as matrimonial matters (financial orders or maintenance agreements etc.)
- Wills and related documents may be kept indefinitely
You are able to exercise certain rights in relation to your personal data that we process. These are set out in more detail at
Information Commissioner’s Office (ICO) – GDPR
In relation to a Subject Access Right request, you may request that we inform you of the data we hold about you and how we process it. We will not charge a fee for responding to this request unless your request is clearly unfounded, repetitive or excessive in which case we may charge a reasonable fee or decline to respond.
We will, in most cases, reply within one month of the date of the request unless your request is complex or you have made a large number of requests in which case we will notify you of any delay and will in any event reply within 3 months.
If you wish to make a Subject Access Request, please send the request to the person dealing with your case or email firstname.lastname@example.org.
Complaints about the use of personal data
We are committed to protecting your personal data but if for some reason you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
If you wish to raise a complaint on how we have handled your personal data, you can contact Lee Spearpoint at email@example.com
We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
We may change this Privacy Notice from time to time and shall notify you of any changes.
We will never send marketing communications via SMS or call you in regards to marketing without your specific consent; nor do we ever pass on or sell your details to a third party.
How we collect personal data
The following are examples, although not exhaustive, of how we collect your personal information:
- Submitting an online enquiry
- Personal details form when first instructing us
- Following/liking/subscribing to our social media channels
- Ask us a question or submit any queries or concerns you have via email or on social media channels
- Post information to our website or social media channels, for example when we offer the option for you to comment on, or join, discussions
- When you leave a review about us on, for example, Google Reviews
How we may use your details
The following are examples, although not exhaustive, of how we may use your personal information for our legitimate business interests:
- fraud prevention
- network and information systems security
We may use your personal information for legitimate interests such reasonable expectation to provide you with information you would expect to receive or that would benefit and enhance our relationship. This information will help us review and improve our products and services.