Under the terms of the General Data Protection Regulations (GDPR) we are obliged to handle your personal data in a certain way. In particular, we are required to:
(a) Tell you the details of the type of personal data we may hold or process about you; and
(b) the purpose for which we hold that personal data; and
(c) Any person or company (any third party) who may receive your personal data; and
(d) where your personal data is being held; and
(e) advise you of your rights in relation to your personal data.
Our Privacy Notice may be updated over time, you may check the link on our website at any time to view our current Privacy Notice.
We are a firm of solicitors, our London office is located at 294 Grays Inn Road, Kings Cross, London, WC1X 8DX.
Why do we need your data? Legal purposes for acquiring your data
In order to prevent or detect fraud or money laundering, we are required to obtain evidence of your identity, such as a passport, proof of address, and evidence as to the source of any monies you may need us to hold or receive on your behalf.
Opting in or out for our newsletter
To receive our email newsletters, you will be required to give us explicit consent by ‘opting in’ on our website. Choosing not to ‘opt in’ does not have any effect on the services we provide you. It is also separate from the identification and proof of address we require from you – It only means you will not receive our newsletter and updates.
Where is your personal data held and who is it shared with?
For storage purposes, your personal data and information about your relationship with us are held on; our computers, an in-house server and Microsoft Office 365 suite of services. We use ActionStep as our client and matter management system. We use JotForm to collect information via forms embedded in our website and Zapier to process information between these software. We use HubSpot to manage our CRM. Your personal data may not be held in all of the above storages, you may request information in relation to precisely where your personal data is being held. Personal data will be kept by the firm or its successors for only as long as it is required or permitted by law.
To comply with due diligence requirements relating to fraud and anti-money laundering, we may share your information for the purpose of checking its validity with Searchflow, Anti-Money Laundering (AML) Regulatory Compliance, banks and lenders.
Your personal data will not be shared with any third party for marketing purposes. Information about you and your matter may be shared with other Strain Keville employees who you are not familiar with or other third parties such as a barrister or expert witness. This will only be done in the interest of carrying out your instructions.
How do we collect your personal data?
Information includes any information, which relates to or comes from:
(a) Interviews, correspondence both written and verbal, proposals, referrals or other dealings with us;
(b) the conduct of your dealings with us and/or others. This includes details of transactions and how and when payment is affected;
(c) information supplied by others and/or obtained by us in the course of carrying out your instructions or in complying with any legal requirements.
GDPR: Your Personal Data Rights
As a data subject, you have rights under the GDPR in relation to your personal data. In particular, at any time you may:
Request access to your personal data;
(b) request any rectifications of your personal data to be made. Or to correct any inaccuracies in your information;
(c) request your personal data to be erased, meaning you have a right to be forgotten;
(d) object to, and request restriction of processing your personal data and/or your data being moved or sent anywhere you do not want it to go. We will communicate any rectification or erasure of personal data to each recipient of your personal data unless it is impossible or involves a disproportionate effort. In the event we do share your personal data with other recipients beyond those mentioned above we agree to inform you about those recipients upon request;
(e) complain to the Information Commissioner’s Office (ICO) at any time if you believe your personal data has been mishandled; and
(f) request to be advised of the consequences of refusing to provide us with your personal data.
We will not charge a fee for compliance with any of the above requests, insofar as the requests are not repetitious, excessive or unreasonable. You may express any inquiries or requests relating to your personal data by telephone (020 7323 5000) or by emailing our data protection leader Matthew Strain: firstname.lastname@example.org.
We will not collect any personal data relating to race, ethnicity, political opinions, religious beliefs, trade union membership, genetic data, biometric data, sexual orientation or health unless it is in your best interests and/or processing is necessary to establish, exercise or defend legal claims or whenever courts are acting in their judicial capacity.
What we may need from
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.