What is the purpose of this document?
Community Law Service (Northampton and County) hereafter known as CLS is committed to protecting the privacy and security of your personal information.
This privacy notice describes how we collect and use personal information about you, in accordance with the General Data Protection Regulation (GDPR). It applies to all clients, prospective clients and business contacts about whom we hold personal information. We may update this notice at any time.
CLS is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice. Our business address is 49-53 Hazelwood Road, Northampton, NN1 1LG
If you are our client, you should also refer to the information about protection of personal data which we gave you in our client contract, when we started acting for you on your particular matter.
What personal data about you may we collect?
We may collect, store, and use the following categories of personal information about you:
- personal contact details such as name, title, addresses, telephone numbers, and personal email addresses, social media profile addresses.
- job title
- employer or business name.
- personal and business interests
- the history of our communications with you
- your likely advice needs.
How may we collect personal data about you?
We will only ever start to collect, store and use personal information about you if you have consented to it. In most cases we will collect directly from you, with your consent. However we may amplify that information over time, from publicly available sources such our subsequent communications with you.
Why will we collect, store and use personal data about you?
We collect, store and use personal data about you in order to:
- inform you about our services and news
- update you on relevant developments via newsletters and/or e-bulletins
Will your personal data be shared with third parties?
Privacy is important to us; therefore, it goes without saying that we would never sell, rent or give your personal information to any third party without your consent.
Will we transfer your personal data outside the European Economic Area?
Not without your knowledge and consent.
How long will we keep your personal data?
We will keep your personal data for the above purposes until either (i) we become aware it is no longer valid, or (ii) you ask us to delete it.
What rights do you have?
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Under certain circumstances, by law you have the right to request:
- access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
- the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact firstname.lastname@example.org
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact email@example.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
The data controller is Julie Silver, Chief Executive who has responsibility for overseeing compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact firstname.lastname@example.org. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
Privacy notice for clients
The information below supplements our general privacy notice listed above and applies specifically to our clients.
The EU General Data Protection Regulation and the Data Protection Act 2018 require us to advise you that your particulars are held on our database and we shall process your information in accordance with the requirements of data protection legislation. We will use the information you provide primarily for the provision of advice services to you, but also for related purposes, including updating and enhancing client records, analysis to help us manage our services, statutory returns and legal and regulatory compliance, and providing you with updates directly relevant to your matter.
Any personal data we receive from you for the purposes of our money laundering checks will be processed only for the purposes of preventing money laundering and terrorist financing, or as otherwise permitted by law or with your express consent.
Our use of this information is subject to your instructions, data protection law and our duty of confidentiality. The related purposes referred to above are either in your or our legitimate interests, or our legal obligations.
If you send us personal data about anyone other than yourself you should ensure that, where appropriate, you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
In particular circumstances, we may disclose the information that you have provided or that we have collected or received about you to other persons and organisations. For example, this information may be disclosed to other suppliers of professional services (e.g. barristers, accountants or expert witnesses) whom we are instructing on your behalf or who are appointed by another party to your matter; suppliers of administrative, accountancy and audit, financial/banking and technical services; the courts, governmental and regulatory authorities and organisations that regulate the legal profession. All such third parties are required to maintain confidentiality in relation to your files.
We may be required to produce all or part of your file to assessors appointed as part of an audit, or a quality check in connection with our Lexcel, Law Society Quality Scheme or other accreditation. We use an external IT maintenance provider who has entered into a confidentiality agreement. In relation to Legal Aid funded Housing cases it is sometimes necessary to send your file to a costs draftsman to prepare a bill of costs and to produce your file to the court. These disclosures are a necessary part of carrying out your instructions. If you make a claim against our service or we consider circumstances have arisen which may give rise to a claim and which we are obliged to notify our insurers, then it may be necessary for us to supply a copy of your file to our insurers. We consider that it is in our legitimate interests to do so.
You have the right to access any personal data that we hold about you. We seek to keep that personal data correct and up to date. You should let us know if you believe the information we hold about you needs to be corrected or updated. Further details about how to do this can be found on the Information Commissioner’s Office website at www.ico.gov.uk. You have the right to make a complaint to the Information Commissioner’s Office if you are unhappy about the way in which we handle your data.
CLS is registered with the Information Commissioner’s Office as a data controller for the purposes of Data Protection law under registration number Z1750080.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time.