6. Sharing information

6.1 We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

6.2 We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

6.3 We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

7. Where your data is held

7.1 Information may be held at our offices and third party agencies, service providers, representatives and agents as described above (see ‘Who we share your personal data with’).

7.2 Some of these third parties may be based outside the European Economic Area (EEA). For more information, including on how we safeguard your personal data when this occurs, see below: ‘Transferring your personal data out of the EEA’.

8. How long we keep your information

8.1 We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. A copy of our retention periods schedule is available here and on request.

8.2 When it is no longer necessary to retain your personal data we will delete it.

9.  Transfer of your information out of the EEA

To deliver services to you, it is sometimes necessary for us to share your personal data outside the EEA, e.g. with your and our service providers located outside the EEA; if you are based outside the EEA; where there is an international dimension to the matter in which we are advising you.

9.1 These transfers are subject to special rules under European and UK data protection law.

10. Your rights

You have the following rights, which you can exercise free of charge:

Access

The right to be provided with a copy of your personal data (the right of access)

Rectification

The right to require us to correct any mistakes in your personal data

To be forgotten

The right to require us to delete your personal data - in certain situations

Restrict processing

The right to require us to restrict processing of your personal data - in certain circumstances, e.g. if you contest the accuracy of the data

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party - in certain situations

To object

The right to object:
(1) at any time to your personal data being processed for direct marketing (including profiling);
(2) in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.

Not to be subject to automated individual decision-making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

 

If you would like to exercise any of those rights, please:-

10.1 Make a written data subject request. You can email, call or write to us and ensure that you; let us have enough information to identify you e.g. your full name, address and client or matter reference number); let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and let us know what right you want to exercise and the information to which your request relates.

11. Keeping your personal information safe

11.1 We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

11.2 We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

12. How to complain

12.1 We hope that we can resolve any query or concern you raise about our use of your information with you directly.

12.2 The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authoring in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns/ or by telephone: 0303 123 1113.

13. Changes to this privacy notice

This privacy notice was published on 24 March 2022. We may change this privacy notice on occasion. You should check this policy to ensure you are aware of the most recent version.

14. How to contact us

Please contact our Data Protection Officer, David Williams, if you have any questions about this privacy notice or the information we hold about you.

Contact details are as follows:-

By email: davewilliams@wykesilkeston.co.uk

By letter: David Williams, Wykes O’Donnell Williams, 14/15 Street, Ilkeston, Derbyshire, DE7 5GT

By telephone: 01159 328776

15.  Do you need extra help?

If you would like this notice in another format (for example: audio, large print, braille) please contact us (see ‘How to contact us’ above).

Solicitors Regulation Authority, ID 67404

Established in Derbyshire for over 30 years