Policies & Procedures

Welcome to the Policies & Procedures section of our website. At Spearpoint Franks Solicitors, we are committed to upholding the highest standards of practice and ethical conduct. Below, you will find detailed information on how we protect your privacy under the General Data Protection Regulation (GDPR), our approach to recruitment and diversity to ensure fairness and equal opportunity, and our complaints procedure to address any concerns swiftly and fairly. We believe in transparency and accountability, ensuring our clients and employees are well-informed and respected in all aspects of our operations.

Quick Links:

Privacy Policy

Our Commitment to Your Privacy

This notice explains when and why we collect personal information about you and how we use it, the conditions under which we may disclose it to others, and how we keep it secure.

This notice does not apply to any websites that may have a link to ours. We are committed to protecting your personal data.

Who We Are

Data is collected, processed and stored by Spearpoint Franks Solicitors Ltd. And we are what is known as the ‘data controller’ of the personal information you provide to us.

Children

Our website and services are not aimed specifically at children because in legal work, children are generally represented by their parent or guardians. If you are a child and need further advice or explanation about how we would use your data, please email our Data Protection Officer, Maura Franks, at maura@sfsolicitors.co.uk.

Data We Collect

We collect two categories of personal data:

Personal Data: Includes your name, address, contact details, financial information, etc. We use this information to register you as a client, manage our services, and handle our contractual obligations with you.
Sensitive Personal Data: Includes data on racial or ethnic origin, religious beliefs, and other sensitive information. We collect this information only when necessary to provide our specialised legal services or to comply with legal requirements.

How We Collect Your Data

We gather information directly from you, but also receive data from third parties such as banks, other solicitors, and medical institutions, enabling us to perform our legal services effectively.

Scope of personal information to be processed:

What information we collect

The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you.
There are two types of personal data (personal information) that you may provide to us:

Personal data: is the general information that you supply about yourself – such as your name, address, gender, date of birth, contact details, financial information etc. We will use your non-sensitive personal data to (i) register you as a new client, (ii) manage payment, (iii) collect and recover monies owed to us and (iv) to manage our relationship with you. Our legal grounds for processing this data are for performance of a contract with you.
Sensitive personal data: is, by its nature, more sensitive information and may include your racial or ethnic origin, religion, sexual orientation, political opinions, health data, philosophical views, biometric and genetic data. We will collect this sensitive data for the purposes of providing our services to you or if we need to comply with a legal obligation.

In the majority of cases, personal data will be restricted to basic information and information needed to complete ID checks. However, some of the work we do may require us to ask for more sensitive information. In regards to retainer clients, legitimate interest will be the legal basis.

Sources of information

Information about you may be obtained from a number of sources; including:

You may volunteer the information about yourself
You may provide information relating to someone else – if you have the authority to do so
Information may be passed to us by third parties in order that we can undertake your legal work on your behalf. Typically these can be:
- Experts
- Banks or building societies
- Organisations that have referred work to us
- Solicitors acting on the other side
- Local authorities
- Medical institutions – who provide your personal records information

Why we need it

The primary reason for asking you to provide us with your personal data is to allow us to carry out your requests – which will ordinarily be to represent you and carry out your legal work. The following are some examples, although not exhaustive, of what we may use your information for:

Verifying your identity
Verifying source of funds
Communicating with you
To establish funding of your matter or transaction
Processing your legal transaction including:
- Providing you with advice
- carrying out litigation on your behalf
- attending hearings on your behalf
- preparing documents or to complete transactions
Keeping financial records of your transactions and the transactions we make on your behalf
Seeking advice from third parties, such as legal and non-legal experts
Responding to any complaint or allegation of negligence against us

Who has access to it

We have a data protection regime in place to oversee the effective and secure processing of your personal data. We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Generally, we will only use your information within Spearpoint Franks Solicitors Ltd.. However, there may be circumstances in carrying out your legal work where we may need to disclose some information to third parties; for example:

HM Land Registry to register a property
Court or Tribunal
Solicitors acting on the other side
Asking an independent Barrister or Counsel for advice; or to represent you
Non-legal experts to obtain advice or assistance
Translation Agencies
Contracted Suppliers
External auditors or our Regulator; e.g. SRA, ICO etc.
Bank or Building Society or other financial institutions
Providers of identity verification
Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
If there is an emergency and we think you or others are at risk

In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.

There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.

How we collect personal data

The following are examples, although not exhaustive, of how we collect your personal information:

Submitting an online enquiry
Personal details form when first instructing us
Following/liking/subscribing to our social media channels
Ask us a question or submit any queries or concerns you have via email or on social media channels
Post information to our website or social media channels, for example when we offer the option for you to comment on, or join, discussions
When you leave a review about us on, for example, Google Reviews

How we may use your details

The following are examples, although not exhaustive, of how we may use your personal information for our legitimate business interests:

fraud prevention
network and information systems security

We may use your personal information for legitimate interests such reasonable expectation to provide you with information you would expect to receive or that would benefit and enhance our relationship. This information will help us review and improve our products and services

Data Sharing

We will never send marketing communications via SMS or call you in regards to marketing without your specific consent; nor do we ever pass on or sell your details to a third party.

If specific consent is requested Spearpoint Franks will obtain and record specific and clear permissions for sharing data with named third parties, for specifically defined uses, and in specified communication channels.

Details should be given as to when data sharing agreements, describing and ensuring the arrangements concerning the collection of the necessary permissions, defining the scope of the personal data to be shared – along with the meta-data that will enable the receiving party to be able to create an audit trail, sufficient to enable them to respond to any challenge as to why an individual’s data has been processed, or to facilitate a data subject access request, and which details the security measures that will be put in place to protect the data in transit, and which establishes the shared understanding of the receiving organisations’ obligations as a data controller with responsibility for all aspects of the regulation as data controllers of the new copy of the data which is being shared with them.

You may transfer personal data if the transfer is covered by UK adequacy regulations. Adequacy regulations confirm that a particular third country (or a specified territory or sector in a third country) or international organisation has an adequate data protection regime to protect personal data.

Security measures

Protecting your data is important to us and we have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have exceptional standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.

We use computer safeguards such as Anti-Virus, Ransomware protection, Mimecast (email protection) and have full server backups. We enforce physical access controls to our buildings and files to keep data safe.

We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.

In certain circumstances, you can ask us to delete your data. See the section entitled ‘your rights’ below for more information.

We may anonymise your personal data (so that you can no longer be identified from such data) for research or statistical purposes in which case we may use this information indefinitely without further notice.

Data Retention

Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us. For example:

As long as necessary to carry out your legal work
For a minimum of 6 years from the conclusion or closure of your legal work in case you, or we, need to re-open your case for the purpose of defending complaints or claims against us
In cases where we act for a child (6 years after youngest child turns 18)

Your Rights

You are able to exercise certain rights in relation to your personal data that we process. These are set out in more detail at
Information Commissioner’s Office (ICO) – GDPR
In relation to a Subject Access Right request, you may request that we inform you of the data we hold about you and how we process it. We will not charge a fee for responding to this request unless your request is clearly unfounded, repetitive or excessive in which case we may charge a reasonable fee or decline to respond.
We will reply within one month of the date of the request unless it is deemed by the DPO to be a complex request in which case we may require further time but no longer than three months.

If you wish to make a Subject Access Request, please send the request to the person dealing with your case or email maura@sfsolicitors.co.uk.

Complaints about the use of personal data

We are committed to protecting your personal data but if for some reason you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

If you wish to raise a complaint on how we have handled your personal data, you can contact Maura Franks at maura@sfsolicitors.co.uk
We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you. We may change this Privacy Notice from time to time and shall notify you of any changes.

anchor GDPR

Diversity Policy

anchor Diversity

Complaints Procedure

We are committed to providing a high quality legal service to all our clients. When something goes wrong, we would like you to tell us about it. This helps us to continue to improve our standards.

Our complaints procedure

If you have a complaint, please contact us with the details.

What will happen next?

The timescale for dealing with a complaint is as follows:-

1. We will send you a letter acknowledging your complaint within 21 days of receiving it and ask you for full details of your complaint. We will also let you know the name of the person who will be dealing with your complaint.

2. Your complaint will be passed to our Client Care Director or senior solicitor within 14 days.

3. The member of staff who acted for you will be asked to reply to your complaint. The reply will be examined along with the information in your complaint file and, if necessary, the member of staff will be spoken to. We will then write to you within 21 days, inviting you to a meeting to discuss and hopefully resolve your complaint.

4. We will then write to you with 21 days of the meeting to confirm what took place and any solutions agreed with you. If you do not want a meeting, or if it is not possible, we will send you a detailed reply to your complaint instead within 21 days. This will include suggestions for resolving the matter.

5. At this stage, if you are still not satisfied please contact us again. We will then arrange to review our decision. This will happen within 14 working days.

If you still remain dissatisfied with the outcome of the complaint, then you may wish to contact the Legal Ombudsman.

Before accepting a complaint for an investigation, the Legal Ombudsman will check you have tried to resolve your complaint with us first. If you have, then you must take your complaint to the Legal Ombudsman: –

• Within six months of receiving a final response to your complaint
And
• No more than one year from the date of the act/omission; or
• No more than one year from when you should reasonably have known there was cause for complaint.

If you would like more information about the Legal Ombudsman then please contact them:

Contact details:
Visit www.legalombudsman.org.uk
Call 0300 555 0333 between 9am to 5.30pm
Email enquiries@legalombudsman.org.uk
Legal Ombudsman PO Box 6167 Slough, SL1 0EH

You will not be charged any fees for our time spent dealing with your complaint.

If for any reason we feel we are unable to meet this time scale, for example because the case is complex or because the Client Care Manager is on annual leave, then we will of course advise you and set out a revised timescale.

Anchor Complaints

Diversity at Our Firm

At Spearpoint Franks Solicitors, we are committed to fostering a diverse and inclusive workplace that reflects the varied fabric of the society in which we operate. Following the guidelines set forth by the Solicitors Regulation Authority (SRA) since January 2014, our firm embraces the challenge of being as diverse as possible in our recruitment and retention strategies.

Our Commitment

We believe that diversity enriches our work environment and enhances the quality of our services. We uphold a robust equal opportunities policy, ensuring that every employee and applicant receives fair treatment, regardless of background. Our commitment to inclusivity is embedded in our firm's culture and operational practices.

Survey Insights

In July 2023, we conducted an internal diversity survey that provided us with valuable insights into the composition of our workforce. We are pleased to report that for a small organisation such as ours, we have a broad spectrum of diversity among our employees in terms of age, socio-economic and educational backgrounds, and religious and belief systems. We are also proud to support employees who are caregivers in our community.

Looking Ahead

Whilst we are proud of our progress, we acknowledge there is always room for improvement. We continually strive to enhance our diversity initiatives and are committed to learning, growing, and evolving our practices to create an even more inclusive workplace.

Conclusion

At Spearpoint Franks Solicitors, diversity is not just about compliance; it's about valuing each individual and harnessing the collective power of our unique differences. We back this initiative not only because it is a regulatory requirement but also because we believe that a diverse law firm is a strong law firm.