At Lennons, (“we”) are committed to protecting and respecting your privacy.
Who we are
Lennons Solicitors Limited (Lennons) collects, uses and is responsible for personal information about you. When we do this, we are the “controller” of this information for the General Data Protection Regulation and other applicable data protection laws. The data controller is Lennons Solicitors Limited (Company Number 06525900) whose registered office is at Chess Chambers, 2 Broadway Court, High Street, Chesham, Buckinghamshire HP5 1EG. Jenny Russell (our Compliance Officer for Legal Practice) is our nominated representative and she can be contacted at firstname.lastname@example.org or on 01494 773377.
Information collected by us
When carrying out legal work and to meet our statutory, legal and contractual obligations we collect personal information from you, some examples are given in the categories below:
- Identity – full name, marital status, title, username, date of birth, gender, employer and your position, passport, driving licence, utility bills etc.
- Contact details – address, e-mail address, telephone numbers etc.
- Financial – bank account details, credit card details etc.
- Case – details of the legal case that we are acting on
We may also collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our site www.lennonssolicitors.co.uk (“our site”) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our service, participate in discussion boards or other social media functions on our site, enter a client survey and any other activities carried out on our site and when you report a problem with our site. If you contact us with queries, we may keep a record of that. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph and other information.
- Further information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Information we receive from other sources. We may receive information about you from third parties including, for example, lenders, estate agents, search information providers or credit reference agencies.
Uses made of the information
We use information held about you in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;
- to notify you about changes to our service;
- to verify identification and prevent fraud and to meet anti-money laundering obligations;
- to disclose information to comply with legal or statutory obligations; and
- to undertake file audits or training to comply with our legitimate interest.
- Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so; and
- as part of our efforts to keep our site safe and secure.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).
Consequences of failing to provide your data
You do not have to provide us with your personal data. However, if you do not do so, we may not be able to enter into a contract with you or perform a contract we have with you.
Disclosure of your information
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. If a change happens your data should still be used in the same terms as this privacy notice.
- If Lennons Solicitors or substantially all of its assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets.
- To other suppliers with your consent, such as expert witnesses, Counsel, other Solicitors, our insurers in the event of a claim or other external agencies;
- Service providers who provide IT and administrative services to meet our legal obligations;
- Government departments such as HMRC, HM Land Registry, courts, tribunals, probate registry, court of protection etc to provide legal services and to meet our legal obligations; and
- Property agents involved in any transactions.
Transfers outside the EU
It may be necessary to transfer your personal information outside the European Economic Area (EEA) to comply with your instructions or if it is necessary for the services we provide. These countries do not have the same data protection laws as the UK and EEA. When we transfer your personal data, we transfer it to countries deemed by the European Commission to have adequate protection. If you would like any further information, please contact us.
Where we store your personal data
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long we store your personal data
When a case is concluded, it is retained by us for a period of 15 years or indefinitely depending on the type of matter. It is stored securely off site.
Occasionally we may make data anonymous, removing your personal data so that we can keep it indefinitely for research, statistical or training purposes.
Under the General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are:
- Request access to your personal information;
- Require us to correct any mistakes or complete missing information we hold on you;
- Require us to erase your personal information in certain circumstances;
- Receive a copy of the personal information you have provided to us or have this sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine-readable format;
- Object at any time to processing of your personal information for direct marketing;
- Object in certain other situations to the continued processing of your personal information;
- Restrict our processing of your personal information in certain circumstances;
- Request not to be subject to automated decision making which produce legal effects that concern you or affect you in a significantly similar way.
If you want more information about your rights under the GDPR, please see the Guidance from the Information Commissioners Office on Individual’s rights under the GDPR.
If you want to exercise any of these rights, please:
- Email or call Jenny Russell;
- Provide other information so that we can identify you. We may need to contact you to request further information to verify your identity;
- Let us have your proof of identity and address;
- State the right or rights that you wish to exercise.
We will respond to you within one month from when we receive your request. In some limited circumstances we may have reasons not to comply with your request or need additional time to respond but we would notify you if that was the case.
Please note if you wish to unsubscribe from any email you can do so by clicking the link within the email or emailing email@example.com.
We hope that you are happy with our service and that we can resolve any issues or complaints that arise. Please get in touch with Jenny Russell if you have any concerns.
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where the alleged infringement of data protection laws occurred. The UK supervisory authority is the Information Commissioner’s Office who can be contacted at https://ico.org.uk/concerns/.
If it would be helpful to have this notice provided in another format (for example: in another language, audio or braille) please contact us.