Privacy Notice – Solicitor Title LLP
Any personal information provided to or gathered by Solicitors Title is controlled by Solicitors Title LLP, a limited liability partnership registered in England & Wales under number OC385073, whose registered office is at 17A Gandy Street, Exeter, Devon EX4 3LS (“we”, “us”, “our”).
We are committed to protecting and maintaining your privacy; this Privacy Notice describes how Solicitors Title LLP collects, processes and stores personal data, to include via our website: www.solicitorstitle.co.uk, other sites and other online platforms. All information provided to us through this site will be treated as confidential and we will not abuse this trust by providing all or any part of your information to others unless you have consented to this or where this is in our legitimate interests, further outlined below. We have taken a layered approach to this Privacy Notice.
Your information will never be sold, licensed, loaned or otherwise distributed to any other organisation unless we are required to do so by applicable law or in fulfilling the work that we undertake for our clients. Subject to any overriding obligation to which we are subject, you have the right to object to the processing of your personal information, by a simple request that we stop such processing. Where this Privacy Notice invites a simple request, you can send this through our enquiry form on our Contact Us page, to: email@example.com or by letter to any of our offices.
Collection of your Personal Information
We may collect personal information in various ways, including in e-mail or written correspondence with you or to which we are copied, through our website or directly from you at meetings or events. You have a choice whether to provide any information to us, except where this is necessary to fulfil any contract – such as in relation to the provision of our services (albeit recognising that such a decision may mean that we are unable to provide our services as you expect), or where we are required to do so by applicable law or a Government agency or law enforcement.
In order to provide our services, we may obtain certain information about companies or businesses that instruct us or who are connected with our clients’ matters; in addition such information may be processed for the purposes of our obligations under relevant anti-money-laundering regulations.
We assess and document our processing activities on an ongoing basis and update our records, accordingly; our approach seeks to ensure good data governance and compliance with our data protection obligations.
Why we Process your Personal Information
Our use of your personal information will at all times be in accordance with applicable data protection laws; we rely on the following grounds justifying our processing of personal data:
Consent – explicit consent for us to do so.
A Contract or Legal Obligation – to fulfil our obligations under an existing contract or other legal obligation, in certain circumstances our right to process this information will override your right to object to us doing so.
Legitimate Interests – we may judge that we have legitimate grounds to process your personal information in certain ways and where that is the case, we will balance our own interests against your own or the relevant individual whose data is being processed, to ensure that the rights and interests of those individuals who interact with us are protected.
Where information is obtained through or as a result of your use of our Site, we will only use this information for the following purposes:
• to understand and appreciate your needs and requirements as a user of our site or our services generally;
• for analysis in relation to the technical specification and user experience of our site, for the purposes of developing and improving our site and the services that we provide;
• to provide relevant information about our services or those that we may offer from time to time; and
• to keep in contact with you.
We do not process special category data, as that term is understood within the relevant data protection legislation.
Managing Your Preferences, including for Marketing
In addition, we may process your information for marketing purposes (including offers, promotions and updates in relation to our services, that we believe may be of interest to you) either where you are or have been a user of our services in relation to similar goods or services previously or where you have given your explicit consent.
You have the right to manage your preferences in relation to the kinds of information that we collect and the manner in which your information is processed – you can update these preferences at any time through our site; you can also withdraw your consent, either as a whole or in relation to particular kinds of information or delivery methods. We encourage our users and clients to exercise these preferences so that they only receive the information that they wish from us and so that our use of their information is consistent with their own expectations.
You may ask us to erase information that we hold about you, except where there is some other reason requiring us to maintain the information, such as for insurance purposes, for example. We monitor and will also delete information and data that we hold, where we reasonably consider this no longer to be required.
If you have accepted the relevant cookies, we may collect, store and process non-personal information about you automatically as a result of your use of this site, such as the type of internet or mobile browser that you are using to gain access and any website from which you linked to us, but you cannot be identified from this information. We will only use such non-personal information to help provide an effective and more relevant website offering.
Under GDPR, the nature of the processing that we undertake does not require us to appoint a formal Data Protection Officer (DPO); however, we may maintain equivalent standards and the nominated representative for the purposes of compliance with our data protection obligations, known as our Information Officer, is Richard James, who is also our Compliance Officer for Legal Practice (COLP, as required by the Code of Conduct).
Security of your Data
We take the security and confidentiality of the data and information that we hold seriously. The protection of our customers’ personal information is important to us and we have therefore adopted a number of technical and organisational measures to achieve these aims. These include encrypted access to our systems, only accessible by our personnel, utilising secure and regularly-updated passwords and access to and processing of information though our site, using secure HTTPS. We do not however process any bank or card details through our site; instead using an established third party provider to take payments online.
Sharing your Personal Information
We will never share your personal information with others for commercial gain or in ways that you would not reasonably expect of us.
Unless we have your explicit consent otherwise, we will only share your personal information where this is necessary to fulfil our contract with you or where we have a legal obligation to do so. You appreciate that in order to provide you with our services or to sell you our products, it may be necessary or more efficient for us to engage other businesses that provide complementary services, allowing us to fulfil your needs or where such other services are necessary for us to operate our business; examples, without limiting this description, may include IT backups, website management, HR advice and consultancy, payroll and bookkeeping services, software and program providers, banking and financial provider and equipment suppliers.
In addition, we may process your information where we are required or permitted to do so under applicable law, where required to do so by any Government agency or law enforcement, where it is necessary in connection with the sale or potential sale of our business or where we conclude that we have and can show one or more legitimate interests for doing so.
Service Providers and Third Parties
We may on occasion have the need to transfer your data to suppliers located outside of the European Economic Area (EEA), including in the USA. We will only do so where the legal regimes of those territories outside of the EEA offer an equivalent standard of data protection to our own.
Where it is necessary to provide information to external service providers or partners in relation to services that they provide to us, in order to operate our business or to provide you with the services requested, we have adopted approved model data protection clauses in our arrangements with them, to ensure they meet the same high standards required in relation to the processing of your personal information under applicable data protection laws.
Technical and Organisational Measures and Security
We have and maintain appropriate technical and organisational security measures to protect your personal information from and against unauthorised or unlawful use, or accidental loss, damage or destruction, which we review from time to time.
In relation to data security, you accept the risk that data transmitted to us through this site via electronic means may be intercepted before reaching us or may be accessed by unauthorised third parties, or exploited unlawfully. We do not assume any responsibility for guarding against the acts of third parties and shall not be liable for any direct, indirect or consequential losses or damages incurred or suffered as a result.
How long we Store Personal Data
We are required to maintain the data that we collect in providing our services to clients, for certain periods of time – we already operate a clear file retention policy, after which such data will generally be erased or securely destroyed. We have concluded that it may be of benefit to our clients to maintain a single record of cases which are no longer archived, to be able to confirm that we may have purchased a particular property for a client and the date, for example; but no further data of information will be maintained.
Your Rights and how to Exercise Them
You may request a copy of the information that we hold about you (known as a Subject Access Request). In addition, under the GDPR, you may exercise the following rights:
A right of access to the information that we hold about you – as above.
A right to have your information corrected if it is inaccurate or incomplete.
A right to have information removed or deleted from our records and systems.
A right to block us from processing your personal data or to limit the way(s) in which we can use it.
A right of portability; to request that we move your personal information to someone else, in a machine- readable form.
Please contact us via a simple request, where you wish to exercise any of your above rights or if you wish to file a complaint about our collection, processing or use of your personal information.
Right to Object to Processing
Whatever justification we rely on, under GDPR you have a right to object to our processing of your personal information, unless we have a separate legal or regulatory obligation to do so, in which case our processing will only be limited to the extent to which we need to process your information. However, except for this, you may confirm your objection to the extent and kinds of processing being undertaken, by sending us a simple request, updating your preferences.
Disclosure of your Information
We only transmit data to third parties in very limited circumstances and never for the purposes of marketing or to ‘sell’ the data we hold. We observe the highest levels of confidentiality and security in the management of the data we process, in compliance with the Code of Conduct to which we adhere as solicitors, as required by our regulator, the Solicitors Regulations Authority (the “Code of Conduct”) and in general terms. Certain information may be available to essential organisations upon whom we rely to run our business – examples include our IT company and our case-management software provider; our contractual terms with those third parties provide the assurances under Article 28 of GDPR that they will abide by the requirements of GDPR in processing data, to the extent that we require, on our behalf.
We will never sell, transfer or disclose personal data for commercial gain or for any purpose outside of that strictly necessary to run our business and provide our services.
If we established any subsidiary or related company, or in the event that we were in negotiations to transfer all or a part of our business, information may be disclosed to that third party but only in so far as such disclosure would not commit a breach of our professional obligation to maintain the confidentiality of our clients’ affairs, under the Code of Conduct and only then to the extent necessary for the purposes of those negotiations.
Your Preferences about our use of your Personal Information
If we send you any information by way of marketing, this will be based on our having previously sold to you or responded to an enquiry for similar goods or services; all communications of this nature will include a simple means of unsubscribing. You may wish to update your preferences concerning what you receive and in what format that takes; to let us know about your preferences, to include if you wish to change them, please visit the relevant area of this Site or otherwise send us a simple request confirming those changes and we will update your preferences to reflect your wishes immediately.
Should you no longer wish to be contacted by us, please either confirm this in a simple request or by updating your preferences.
Retaining Personal Information
We will only keep your personal information for such period as we deem necessary to fulfil the purpose(s) for which it has been collected or in relation to legal obligations to which we are subject. We monitor and regularly delete information and data that we hold, where we reasonably consider this to be no longer required for any legitimate purpose.
Where we are able to fulfil a request to delete and erase your personal information, we will fulfil that request, unless there is some other obligation to which we are subject requiring us to retain your data, in which case we will retain it only for so long as is necessary to meet that other legal obligation.
Your Information and Keeping it Up-to-Date
You have the right to request details of the information that we hold about you. Should you wish to be provided with these details, please contact us with a simple request.
We wish to keep any information that we hold about you accurate and up to date and therefore please contact us if the information we hold about you needs updating.
If you have any questions or concerns regarding your privacy, or if you experience difficulties in accessing or viewing any site(s) operated by us, please contact us.
We value your feedback in relation to our online presence and therefore welcome any comments or feedback which you may have.
Changes to this Privacy Notice
We may change or modify this Privacy Notice at any time and we recommend that you check the latest version of this notice each time that you access the Site. The date of the most recent update will appear below. Any significant changes to this notice may be confirmed through direct communication with you, where we consider that such changes should specifically be brought to your attention.
If you have any questions or concerns regarding your privacy, or if you experience difficulties in accessing or viewing our Site or using our services, please contact us.
Further details of our and your legal rights and our obligations and duties can be found at the Information Commissioner’s Office (ICO) website at: https://ico.org.uk.
This Privacy Notice was last updated on 26 April 2018.