INTRODUCTION

Welcome to the Jeffrey Mills Solicitors privacy notice.

Jeffrey Mills Solicitors respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.

PURPOSE OF THIS PRIVACY NOTICE

This privacy notice aims to give you information on how Jeffrey Mills Solicitors collects and processes your personal data.

This website is not intended for children and we do not knowingly collect data relating to children via the website.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

CONTROLLER

Jeffrey Mills Solicitors is the controller and responsible for your personal data (collectively referred to as Jeffrey Mills Solicitors, “we”, “us” or “our” in this privacy notice).

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

CONTACT DETAILS

Our full details are:

Full name of legal entity: Beacon Wealth Legal Limited t/a Jeffrey Mills Solicitors

Email address: enquiries@jeffreymills.co.uk

Head office address: 26 Market Square St Neots Cambridgeshire PE19 2PJ

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

YOUR DUTY TO INFORM US OF CHANGES

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Information about you may be obtained from a number of sources; including:

  • You may volunteer the information about yourself
  • You may provide information relating to someone else – if you have the authority to do so
  • Information may be passed to us by third parties in order that we can undertake your legal work on your behalf. Typically these organisations can be:
    • Banks or building societies
    • Panel providers who allocate legal work to law firms
    • Organisations that have referred work to us
    • Medical or financial institutions – who provide your personal records / information

WHY IT IS REQUIRED

The primary reason for asking you to provide us with your personal data, is to allow us to carry out your requests – which will ordinarily be to represent you and carry out your legal work.

The following are some examples, although not exhaustive, of what we may use your information for:

  • Verifying your identity
  • Verifying source of funds
  • Communicating with you
  • To establish funding of your matter or transaction
  • Obtaining insurance policies on your behalf
  • Processing your legal transaction including:
    • Providing you with advice; carrying out litigation on your behalf; attending hearings on your behalf; preparing documents or to complete transactions
  • Keeping financial records of your transactions and the transactions we make on your behalf
  • Seeking advice from third parties; such as legal and non-legal experts
  • Responding to any complaint or allegation of negligence against us

WHO HAS ACCESS TO IT

We have a data protection regime in place to oversee the effective and secure processing of your personal data. We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Generally, we will only use your information within Jeffrey Mills Solicitors. However there may be circumstances, in carrying out your legal work, where we may need to disclose some information to third parties; for example:

  • HM Land Registry to register a property
  • HM Revenue & Customs; e.g. for Stamp Duty Liability
  • Court or Tribunal
  • Solicitors acting on the other side
  • Asking an independent Barrister or Counsel for advice; or to represent you
  • Non legal experts to obtain advice or assistance
  • Translation Agencies
  • Contracted Suppliers
  • External auditors or our Regulator; e.g. SRA, ICO etc.
  • Bank or Building Society; or other financial institutions
  • Insurance Companies
  • Providers of identity verification
  • Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
  • If there is an emergency and we think you or others are at risk

In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.

There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent which you are free to withdraw at any time.

DATA SECURITY

We recognise that your information is valuable and we take all reasonable measures to protect your data from being accidently lost, used or accessed in an unauthorised way, altered or disclosed.  In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a need to know.

We have high standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.

We use computer safeguards such as firewalls and data encryption and annual penetration testing; and we enforce, where possible, physical access controls to our buildings and files to keep data safe.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

DATA RETENTION PERIOD

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, reporting requirements, or as long as is set out in any relevant contract you may hold with us. For example:

  • As long as necessary to carry out your legal work
  • For a minimum of 6 years from the conclusion or closure of your legal work; in case you, or we, need to re-open your case for the purpose of defending complaints or claims against us
  • For the duration of a trust
  • Probate matters where there is a surviving spouse or civil partner may be retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance
  • Wills and related documents may be kept indefinitely
  • Deeds related to unregistered property may be kept indefinitely as they evidence ownership

YOUR LEGAL RIGHTS UNDER GDPR

Under GDPR, you are entitled to access your personal data (otherwise known as a ‘right to access’). If you wish to make a request, please do so in writing to the person dealing with your matter.

A request for access to your personal data means you are entitled to a copy of the data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc.- but it does not mean you are entitled to the documents that contain this data.

Under certain circumstances, in addition to the entitlement to ‘access your data’, you have the following rights:

  1. The right to be informed: which is fulfilled by way of this privacy notice and our transparent explanation as to how we use your personal data
  2. The right to rectification: you are entitled to have personal data rectified if it is inaccurate or incomplete
  3. The right to erasure / ‘right to be forgotten’: you have the right to request the deletion or removal of your personal data where there is no compelling reason for its continued processing. This right only applies in the following specific circumstances:
  • Where the personal data is no longer necessary in regards to the purpose for which it was originally collected
  • Where consent is relied upon as the lawful basis for holding your data and you withdraw your consent
  • Where you object to the processing and there is no overriding legitimate interest for continuing the processing
  • The personal data was unlawfully processed
  • Where you object to the processing for direct marketing purposes
  1. The right to object: you have the right to object to processing based on legitimate interests; and direct marketing. This right only applies in the following circumstances:
  • An objection to stop processing personal data for direct marketing purposes is absolute – there are no exemptions or grounds to refuse – we must stop processing in this context
  • You must have an objection on grounds relating to your particular situation
  • We must stop processing your personal data unless:
    • We can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms; or
    • The processing is for the establishment, exercise or defence of legal claims.
  1. The right to restrict processing: you have the right to request the restriction or suppression of your data. When processing is restricted, we can store the data but not use it. This right only applies in the following circumstances:
  • Where you contest the accuracy of the personal data – we should restrict the processing until we have verified the accuracy of that data
  • Where you object to the processing (where it was necessary for the performance of a public interest or purpose of legitimate interests), and we are considering whether our organisation’s legitimate grounds override your right
  • Where processing is unlawful and you request restriction
  • If we no longer need the personal data but you require the data to establish, exercise or defend a legal claim

COMPLAINTS PROCEEDURE – PERSONAL DATA

If you wish to raise a complaint regarding how we have handled your personal data or dealt with your request to exercise any of your rights you can contact the Practice Manager who will investigate further.

We will endeavour to deal with your complaint at the earliest opportunity.  If you are not satisfied with our response or believe we are not processing your personal information in accordance with the current data protection legislation, you can complain to the Information Commissioner’s Office (ICO).

MARKETING DATA

We may contact you for the purpose of direct marketing. This means that we may use your personal data that we have collected in accordance with this privacy policy to contact you about our products or services, events etc. which we feel may interest you. The direct marketing communications may be provided to you by social media channels, email or post. We will never send marketing communications via SMS or call you without your specific consent; nor do we ever pass on or sell your details to a third party.

YOUR RIGHTS

You have the right to object to this processing. Should you wish to do so please email g.mills@jeffreymills.co.uk

 

PERSONAL INFORMATION PROTECTION

We will only ever use non sensitive personal information to target individuals with marketing materials; such as name, address, telephone, email, job description and previous buying behaviours. Sensitive information or specific details will never be used to target marketing communications. We may use personalisation to collect analytics to inform marketing and produce relevant content for the marketing strategy to enable it to enhance and personalise the “consumer experience”.

If you do not wish us to continue to contact you in this way please contact us by emailing g.mills@jeffreymills.co.uk with your name and email address. Your details will be removed immediately. You may still receive transactional emails from us regarding your legal case.

Any questions regarding this notice and our privacy practices should be sent by email to g.mills@jeffreymills.co.uk