|Reasons to use your data||Legal basis to use your data|
|Provide a service for which we have been instructed||Contract|
|Respond when you have contacted us through our website||Contract|
|Further your case by sending updates (whether this be in writing, email, phone or SMS)||Contract|
|Take/accept payment for the service we have provided||Contract|
|Meet any legal requirements we have (including regulatory obligations)||Legal Obligation|
|Review and respond to complaints about the service we have provided||Contract|
|Review job applications to work at GWlegal||Contract|
|Marketing our legal services to you||Legitimate Interest/Consent|
What do the legal reasons for using your data mean?
Contract – we need to process your personal data to fulfil our contractual obligations to you; or because you have asked us to do something before entering into a contract (e.g. provide a quote).
Consent – this means offering you real choice and control. This puts you in charge - we use consent for marketing to new clients. More can be read on this by reading our marketing policy here: https://gw.legal/legal/marketing-policy
Legal Obligation – this is used if we need to process your personal data to comply with a common law or statutory obligation. For example, any personal data received in order to comply with the Money Laundering Regulations 2017 will only be processed for the purpose of preventing money laundering or terrorist financing unless such processing is permitted by law or you consent to any alternative use of the data.
Legitimate Interest – this is appropriate when we you use your data in ways you would reasonably expect and which have a minimal impact on privacy, or where there is a compelling justification for the use of your data. For more information on our assessment for legitimate interests please read our marketing policy by visiting: https://gw.legal/legal/marketing-policy
When you make an online enquiry we may use your personal information for the following purposes:
• To enable you to access and use our services; and/or
• To personalise aspects of our overall service to you; and/or
• To contact you in relation to your enquiry.
Whenever you make an enquiry about any of the services advertised on our website we may collect and store your personal information including name, email address and telephone number.
By submitting your details you are allowing GWlegal (and/or its subdivisions/brands) to provide you with information about the services you select. We will periodically review your personal information to ensure that we do not keep it any longer than necessary. We will only contact you in relation to the enquiry you made for a limited amount of time. We will not add you to our marketing database based on this enquiry alone - only if you instruct us as your solicitors will we ask for consent to market other legal services to you. For more information on marketing please read our marketing policy by visiting:https://gw.legal/legal/marketing-policy
Your Rights – Accessing your Information
Under the Data Protection Legislation, you can request a copy of the information GWlegal holds on you. This is known as a Subject Access Request and the information can usually be obtained at no cost to you. We will send you this information within 30 days of your request. There are some instances in which information you have requested cannot be sent based on legal reasons. We would discuss this with you in detail.
To request a copy, please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at email@example.com.
Your Rights – Updating your Information
If any of the information we hold on you is incorrect please write and let us know so we can rectify this. Contact us at Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at firstname.lastname@example.org.
Your Rights – Right to be Forgotten
Since the 25th May 2018 you can request for us to erase the information we hold on you. We have 30 days in which to do this from the date of your request. We will comply with this request unless we have a lawful reason to keep the information (there could be regulatory requirements for example). If we are unable to erase your information we will discuss this with you in detail and let you know the reason why. We may keep a copy of this request on file.
To request your information to be erased, please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at email@example.com.
Your Rights – Right to Object
You have the right to object to us using your information – but this is dependent on the legal basis for which we are using your information.
As an example if we are using ‘consent’ as the legal basis in which we can process your personal information then you have the right to withdraw the consent given. Consent would usually be given to us to market further legal services to you, and we will also give you the option within our marketing material to change/withdraw your consent.
Alternatively if you object to us using your information and our legal basis is ‘contract’ then we would have to discuss this with you in detail first.
To talk about withdrawing consent, please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at firstname.lastname@example.org.
Your Rights – Right to Porting Data
If you would like to move, copy or transfer your data that we have on file to another company please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at email@example.com.
Your Rights – Right to Restrict Processing
If you would like to restrict the processing (using) of your data please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at firstname.lastname@example.org. This is not an absolute right and only applies in certain circumstances. If processing is restricted we are permitted to store your data but not use it.
Your Right - Automated Decision-Making
If you would like to object to the profiling of your data or automated decision making, please write to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at email@example.com.
How long do we keep your information for after opening a case?
When you have instructed a case that has completed, we keep our files for six years in electronic format and we will destroy them thereafter unless you ask us not to. Wills & Probate files are however kept in either electronic or paper format indefinitely. Files relating to minors are kept electronically and are kept until six years after they turn 18 years of age - we will destroy them thereafter unless you ask us not to. If you do not go ahead with your case, we may destroy your file at any time.
Whilst we will delete our files after 6 years we will keep a separate record of your information indefinitely for the following reasons:
• Conflict Checks – to make sure we can act for someone and it wouldn’t conflict with our obligations to you. This also helps with preventing fraud.
• Marketing – if you’re in our marketing database (our marketing policy can be viewed here) we will need to keep these details on file so we can contact you as agreed/requested
You can ask for a copy of our policy on keeping your data and the reasons for this by writing to Compliance Team, GWlegal, 20 Chapel Street, Liverpool, L3 9GW. Alternatively you can call us on 0345 373 3737 or email us at firstname.lastname@example.org.
Changes to our Policy
We may from time to time be required to update our Privacy and Security policy therefore it is advisable that you read through the policy each time you make an enquiry. The most up to date version of the policy will be available on this page. If you do not agree to any of the changes made, please refrain from using our website, submitting an enquiry or instructing us as your solicitor. If significant changes are made to our Privacy and Security Policy we will alert to these changes by a placing a prominent notification on the website.
How do we Protect your Data?
We take protecting your data very seriously. The data you give us may be subject to Legal Professional Privilege and is often extremely sensitive and confidential.
With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We have clear Data Protection and information security policies and procedures in place (along with Regulatory and other legal obligations to keep your data safe) and these are regularly assessed as part of our quality standards and compliance processes.
We protect our IT system from cyber-attacks. Access to your personal data is password protected, and sensitive data is secured by encryption.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
Data Privacy and Security
At GWlegal, we maintain a key asset register, which includes relevant information of all existing IT systems that hold personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are >necessary to ensure the best possible privacy.
We also maintain an active information security work programme which seeks to protect the availability, confidentiality and integrity of all physical and information assets. Specifically, this helps us to:
• Protect against potential breaches of confidentiality;
• Ensure all IT facilities are protected against damage, loss or misuse;
• Increase awareness and understanding of the responsibility of our employees to protect the confidentiality and integrity of the information that they manage;
• Ensure the optimum security of our websites using secure SSL certificates to maintain an encrypted connection;
• Staying ahead of the vulnerability curve by only allowing currently secure encryption negotiation, ensuring clients aren’t subject to data leakage by credential theft;
• Prevent email fraud using the latest available protocols for email identity validation, protecting our clients from masquerading scammers;
• Ensuring our network perimeter is protected by industry best technologies, constant assessment of outside-in vulnerability to maintain integrity of our systems
Your Right to Complain
As part of our commitment to customer satisfaction, GWlegal has a rigorous complaints procedure that you can access at any time. Please let us know as soon as possible if you have any problems or you would like a copy of our Complaints Procedure.
If you have a complaint about the service you receive from us, at any time, you should raise this with the person responsible for your case. If they cannot resolve the matter then you should speak to the manager of the team.
If, after that, you are dissatisfied with how your complaint has been dealt with, you should contact our Customer Services Manager, Lauren Roberts on 0345 373 3737, by email Lauren.Roberts@gw.legal or by writing to us. Your complaint will then be dealt with in accordance with our complaints procedure, a copy of which is available on request. Please do not store up any complaints, please raise them straight away.
If you are still dissatisfied, you may take your complaint to the Legal Ombudsman. Normally, you will have to bring your complaint to the Legal Ombudsman within six months of receiving a final response from us about your complaint and six years from the date of the act or omission giving rise to the complaint or alternatively three years from the date you should reasonably have known there are grounds for complaint (if the act/omission took place before 6th October 2010 or was more than six years ago). Their information is available here: www.legalombudsman.org.uk
If the complaint is in relation to how we use, access and/or store your personal data and you are not happy with the outcome you can contact the ICO. Their information is available here: www.ico.org.uk
Links to third party websites
We can hold no responsibility for the content and/or processes of third party websites that you visit as a result of using the GWlegal website and any websites maintained or run by GWlegal including any brands, trading styles etc.
Where is your Data Processed?
In the main your data is stored and processed within the United Kingdom (UK) but some information could be transferred out, usually this will be for our transactional emails that help further your case – we use a company called Mandrill who is not based in the UK.
Whenever we transfer any data out of the UK, we ensure a similar degree of protection is afforded to it and treated with the same security measures regardless of location, and in accordance with our internal processes and policies as well as regulatory and legal obligations. In particular, we ensure that at least one of the following safeguards is implemented:
• We will only transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK by means of an adequacy decision or similar in accordance with UK adequacy regulations or otherwise comply with EU GDPR transfer restrictions, as applicable
• Where we use certain service providers, we may use specific contractual provisions which gives personal data the same protection it has within the UK and ensures a similar level of protection to the personal data as if it was processed within the UK, as applicable, and/or
• We will require that any overseas third party to which we disclose personal data to: (a) only use that personal data for the purposes for which it was disclosed (b) use all technical and organisational measures which are reasonable in the circumstances to secure that personal data (c) delete that personal data which it is no longer required, and (d) treat that personal data in accordance with this Data and Privacy Notice and the appropriate data privacy law
GWlegal is the trading name of GWLAWYER LIMITED (formerly Goldsmith Williams Solicitors) who are registered in England & Wales under company no. 11173746. Registered office: 20 Chapel Street, Liverpool, L3 9GW where a list of members is open for inspection. Authorised and regulated by the Solicitors Regulation Authority under number 662544. Calls charged at a national rate
Last Updated 9th November 2022