- Oakwood Solicitors Ltd (“we”, “our” or “us”), trading as Oakwood Solicitors is a firm of solicitors and is a body recognised by the Solicitors Regulation Authority under section 9 of the Administration of Justice Act 1985.
- In this privacy notice, “associated firms” means Oakwood Solicitors (Property) Limited and Oakwood Solicitors (Scotland) Ltd and the owners and members of those companies.
- We are committed to ensuring that when we collect and use information provided to us or information about visitors to our websites (as described below) we do so in accordance with applicable data privacy laws.
- For further information, please contact firstname.lastname@example.org
- Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
- Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors
- Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
- We will collect personal information directly from you, from clients or from authorised representatives. We may also collect personal information from third parties such as regulatory authorities, your employer, other organisations with whom you have dealings, government agencies, credit reporting agencies, recruitment agencies, information or service providers, publicly available records and the third parties described in the ‘Disclosure of your information’ section below. We will handle any unsolicited information in accordance with law, including destroying or de-identifying such information where we are required to do so by law.
- We may collect current and historical personal information including your name, contact details, identification, organisation, employment, positions held and enquiry/complaint details. We may also collect personal information about your other dealings with us and our clients, including any contact we have with you in person, by telephone, email or online.
- Ordinarily your data is stored on our servers or on our case management system, Eclipse Proclaim, which are based at our offices but are also backed up externally. All electronic data is stored in the United Kingdom. If we are unable to assist you with your legal enquiry, we confirm that we will retain your case details for up to 24 months. If however; we are able to pursue your case and you enter into an Agreement with us we are obliged to retain the information for a period of 6 years following closure of your case.
- When you use our online services, we may collect the following:
- Information you provide by completing forms (this includes information you give us when registering for any of our online services, subscribing to our services, submitting material or requesting further services);
- Information you provide to us if you contact us, for example to report a problem with our online services or raise a query or comment; and
- Details of visits made to our online services including, but not limited to, the volume of traffic received, logs (including, where available, the IP address and location of the device connecting to the online services and other technical information and identifiers about the device and the nature of the visit) and the resources accessed.
Careers and Recruitment
- If you apply for a job or work placement you may need to provide information about your education, employment, background and state of health. Your application will constitute your express consent to our use of this information to assess your application and to allow us to carry out both recruitment analytics and any monitoring activities which may be required of us under applicable law as an employer.
- We may also carry out screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal and regulatory record checks) and consider you for other positions. We may exchange your personal information with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment providers, referees and your current and previous employers. Without your personal information, we may not be able to progress considering you for positions with us.
USE OF YOUR INFORMATION
- We use your information where it is necessary for the performance of a contract with you or necessary in connection with a legal obligation, or where we otherwise consider such use of your information as not detrimental to you, within your reasonable expectations and necessary to fulfil our legitimate interests.
- In particular we use your information in order to provide you with, and improve, our services, for example:
- To carry out our obligations arising from any contracts entered into between you and us.
- To facilitate our internal business operations, including to fulfil our legal requirements (including in relation to anti-money laundering) and professional obligations.
- To maintain and develop our relationship with you.
- To provide you on an ongoing basis with information and services, including legal advice, that you request from us or which we feel may interest you as permitted under applicable law, and to measure the popularity and effectiveness of services such as newsletters and seminar invitations, in order to improve what we offer to you and other recipients.
- To ensure that content from our online services is presented in the most effective and secure manner for you and for your device and settings.
- For research, planning, service development, security or risk management.
- To maintain and update our records.
We may not be able to do these things without your personal information.
- Under applicable data protection legislation, we have a duty of care to ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information.
- We will only retain your personal information for as long as is reasonably necessary in the circumstances. Personal information provided in connection with the provision of our legal services will be retained for no longer than fifteen years unless we agree otherwise with you.
DISCLOSURE OF YOUR INFORMATION
- We may, in providing our services and operating our business, allow our associated firms and our service providers to access your information.
- In addition, we may exchange your personal information with third parties where:
- You have consented to us sharing your personal information in this way;
- We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with anti-money laundering requirements) or in order to enforce or apply our terms of business or to protect the rights and interests, property, or safety of our firm, our clients or others;
- All, or substantially all our assets, or the assets of an associated firm, are merged with or acquired by a third party, or we expand or re-organise our business, in which case your personal information may form part of the transferred or merged assets or we may need to transfer your information to new entities or third parties through which our business will be carried out;
- It is relevant in the circumstances to disclose the information to our clients, your employer or place of business, your professional advisers and parties with whom we have co-promotional arrangements (such as jointly sponsored events);
- We provide anonymous statistical information about users of our websites and related usage information to reputable third parties, including analytics and search engine providers; or
- We use a third-party service provider to provide services that involve data processing, for example archival, auditing, reference checking, professional advisory (including legal, accounting, compliance, financial and business consulting), mailing house, delivery, technology, website, research, banking, payment, client contact, data processing, insurance, forensic, litigation support, marketing and security services.
- Some of the third parties with whom we share personal information may be located outside of the United Kingdom and / or the European Economic Area. While such third parties will often be subject to privacy and confidentiality obligations, you accept that such obligations may differ from and be less stringent than the requirements of the UK’s privacy laws. In those cases, we are not responsible for imposing the laws of the UK and you may not be able to seek redress under the laws in that jurisdiction.
- Our Case Management provider is Eclipse Proclaim and in providing our Case Management System Eclipse Proclaim may have limited access to your data as a consequence of the provision of services to us. We have appropriate contractual provisions in place to ensure that Eclipse Proclaim do not otherwise disclose or use any such data.
- The transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted to our online services; any transmission is at your own risk. Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure. For example, if you communicate with us using email, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.
- We take reasonable steps to hold information securely in electronic or physical form. Our information security policy is supported by a number of security standards, processes and procedures and we store information in access-controlled premises or in electronic databases requiring logins and passwords. We require our third-party data storage providers to comply with appropriate information security industry standards. All partners and staff and third-party providers with access to confidential information are subject to confidentiality obligations.
- Outgoing emails from us include a footer note containing a message along the lines of: “This email is intended only for the addressee named above and may contain confidential or legally privileged information. If you are not the intended recipient please telephone us immediately on XXXX. You must not read, copy, disseminate to other parties, or otherwise use the contents of this email. It is the responsibility of the recipient of this email and any attachments to ensure that they are free of any virus or defect, which might affect any computer or IT system into which they are received and opened. XXXXX accepts no responsibility for any loss or damage arising in any way from the receipt or use of this email and any attachments.”
- In addition to our online services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include Twitter, LinkedIn, Facebook and YouTube, where we have certain accounts and profiles.
- If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you.
- Right of access – You have a right to access personal data that we hold about you. This is referred to as a “subject access request”. We shall respond to subject access requests in accordance with the law, which usually means without delay but at the latest within one month.
- Right to rectification – You have a right to have inaccurate personal data rectified or completed.
- Right to erasure – You have a right to request that your personal data is removed from our records.
- Right to restrict processing – You have a right to request the restriction or suppression of your personal data, subject to certain exceptions.
- Right to data portability – You have a right to obtain and reuse your personal data for your own purposes and to move, copy or transfer your data from our IT environment to another in a safe and secure way.
- Right to object – You have a right to object to us using your data based on the legitimate interests of our business, or for direct marketing (including profiling) purposes.
- Invoking your rights – If you would like to invoke any of the above data subject rights with us, please write to Abbie Keech at Oakwood Solicitors, 635 Roundhay Road, Leeds, LS8 4BA or Email us at email@example.com.
- All of the rights at 33 to 38 above do not apply to information about you that we are obliged by law or by an order of a court or tribunal to disclose, to the extent that any exercise of those rights by you would prevent any such disclosure. This means, for example, that we may refuse to erase information about you if we may need to disclose that information to a court, a regulatory body, a statutory complaints body, or to law enforcement authorities.
- All of the rights at 33 to 38 above do not apply to information about you where disclosure of that information is necessary for the purpose of, or in connection with, legal proceedings (including prospective legal proceedings) or for the purpose of obtaining legal advice, or otherwise for the purposes of establishing, exercising or defending legal rights. This means, for example, that we may refuse to stop using information about you if we need to use it to defend our own legal rights.
- We may send you marketing materials relating to our services by email or post. If, at any time, you would prefer to stop receiving newsletters and updates from us, please use the “unsubscribe” option included in the email or other material or alternatively send an email to firstname.lastname@example.org.
- Accuracy of information – In order to provide the highest level of customer service possible, we need to keep accurate personal data about you. We take reasonable steps to ensure the accuracy of any personal data or sensitive information we obtain. We ensure the source of any personal data or sensitive information is clear and we carefully consider any challenges to the accuracy of this information. We also consider when it is necessary to update this information, such as name or address changes and you can help us by informing us of these changes when they occur.
- The privacy laws of some jurisdictions give individuals the right to access, amend or delete their personal information or, in some circumstances, to restrict the processing of their personal information.
- If you would like to request a copy of your data or would like to change or erase all or any part of the information we hold about you, please contact us as set out below. We may refuse to provide access and may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision as required by law.
THE KIND OF INFORMATION WE HOLD ABOUT INDIVIDUALS OTHER THAN CLIENTS AND HOW THIS DATA IS USED
- Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). During the course of our day to day basis we acquire information regarding individuals other than our Clients and we will retain this data where we have a legitimate business reason to do so.
- Typically, we acquire personal data on individuals other than our clients in the following circumstances:
- Where we have met individuals at networking or other marketing events;
- Where individuals have made enquiries with us regarding possible goods or services but have not subsequently become clients of the business;
- Where we have dealt with individuals in the capacity as suppliers of goods or services to the Company;
- Where we have regular business related dealings with you
- In many circumstances the extent of the data we hold is limited and may be publicly available by way of other websites but usually the information we will retain is limited to:
- Contact information including but not limited to email addresses, contact telephone numbers, business addresses and in some cases personal addresses.
- We have a legitimate business interest in retaining this data on the basis that we must retain some personal data on third parties and suppliers in the ordinary course of business. We may also use this data to send marketing information to you in respect of promotions, events or other updates relating to us. We have a legitimate interest in retaining your data for this purpose however you have the right to ask us to erase or rectify your data and the right to opt out of receiving marketing information.
STATUS OF THIS POLICY
- If you contact us by telephone, we may keep a record of your phone number for purposes of dealing with your case and for future marketing. All calls will be recorded for training and quality assurance. In order to improve our service to our Clients, we may also request a Trustpilot review on behalf of the team. This is entirely optional and can be provided anonymously should you so wish. Correspondence with us may be stored for future reference.
CONTACT AND FURTHER INFORMATION
- If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.