This was the question faced by the High Court in the recent case of KA v MA. In it the Judge...
- Who we are?
- Information that we collect from you
- Use of your personal information
- Disclosure of your information
- International Transfers
- Data retention
- Accessing and updating
1. Who are we?
Welcome to Birkett Long LLP, which owns and operates “birkettlong.co.uk” and “birkettlongifa.co.uk” (“Birkett Long”).
By using this website you consent to Birkett Long collecting, storing and processing certain information about you, and where you are a Company or LLP, about the Company’s or LLP’s employees or agents, under the terms of this policy.
Birkett Long LLP Email: firstname.lastname@example.org
Data Protection Officer Telephone: 01206 217326
1 Amphora Place
Essex CO3 3WG
3. Information that we collect from you
When you visit this site you may be asked to provide certain information about yourself including your name, contact details and credit or debit card information. We will respect the security and confidentiality of your personal data and treat it in accordance with the law.
We may also collect information about your usage of our website (see “Cookies” below) as well as information about you from e-mails or letters and documents you send to us outside of the website, or from publicly available information.
4. Use of your personal information
We will only collect, use and process your personal information if:
- We have a legitimate business purpose for doing so. This includes where we:
- Are responding to your enquiry;
- Providing legal, financial, HR or associated services or information to you;
- Hosting and maintaining our website;
- Detecting and preventing fraud and other crimes;
- Maintaining cyber security;
- Sending information to third parties in connection with your matter;
- Sending you information which we think will be of interest to you; this could be sent by post or electronic means*;
- To determine the effectiveness of promotional campaigns and advertising;
- To better understand how people interact with our websites;
- Provided these interests are in line with your rights and freedoms under the applicable data protection law; OR
- You have agreed to this for specific purposes; OR
- It is necessary for us to comply with our legal obligations. This includes:
- Verifying your identity;
- Verifying the source of funds sent to us;
- Recording any financial transactions with you or on your behalf.
*Opt-out of receiving other information
While we have a legitimate purpose for using your information to keep you informed of current legal and financial issues, products and services that may be of interest, if you would prefer not to receive such information then please tick the opt-out box on our enquiry form. If you have not chosen to opt-out, where we have emailed or posted the information you will on each occasion have the opportunity to “unsubscribe” from future messages. You can also ask us to remove you from such mailings by emailing us at email@example.com or writing to the Marketing Team at the contact address given above.
5. Disclosure of your information
Sharing with service providers and third parties
If you engage us to provide legal, HR or financial services Birkett Long may disclose information about you to its financiers, credit reference and debt recovery agencies, and third party service providers in order to fulfil regulatory requirements related to anti-money-laundering and for our own business requirements related to knowing our client. They will add this information to their records and this may be seen by other organisations that carry out credit assessment and fraud prevention searches.
In order to provide our services it may sometimes be necessary to engage the services of a third party, such as an expert in another profession, a barrister or foreign lawyer, in order to progress our contract with you. Where we engage third party suppliers to provide services that involve processing your personal information provided by us, this processing will be on our behalf and carried out in accordance with our instructions and this policy.
When advising you in relation to Financial Services your data may be combined with the data of a third party insurance provider or investment broker and the results may determine whether you are eligible for certain products and services. Processing your information in this way:
- Means that third party suppliers of financial products could decline to offer terms or impose enhanced terms, which could increase the cost of certain products or services.
- Acceptance on non-standard terms can be retained on a register that other providers can review.
- Means that suppliers offering investment products could decline to offer certain types of trust or only be prepared to offer investment on special terms.
- Means that if we pass your information to an insurer or broker to apply for insurance or financial products on your behalf, information provided may be put onto a register of claims and shared with other insurers to prevent fraudulent claims.
Birkett Long may change its suppliers for its IT solutions and this may involve transferring all or some of the data we hold from one IT system to another, which means the data may pass via a third party or be held or stored on our behalf by a new third party provider.
When we engage third party service providers in connection with our legitimate business purposes set out above, in providing them with your data we will enter into data processing agreements to ensure the data is only processed in accordance with our instructions and on a confidential and secure basis.
Birkett Long may disclose your information to a person to whom it proposes to transfer its rights and/or responsibilities under any contract with you or to whom Birkett Long transfers its business or a relevant part of its business. Such a person shall be entitled to process your data in the same manner set out in this policy.
We may provide your information to regulators and law enforcement agencies where required to do so by law for the purposes of preventing and detecting fraud or other criminal offences.
Sharing with group members
We may share your information with other members of our group where we believe their services will be of interest to you or relate to the matter we are assisting you with.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
6. International Transfers
The information you provide to us may be transferred outside the European Economic Area for the purposes of carrying out your instructions in connection with the provision of our services. However, we will always take steps to ensure that your information is used by third parties in accordance with this policy and we will only transfer your personal information outside of the EEA:
- where the transfer is to a place that is regarded by the European Commission as providing adequate protection for your personal information; or
- where we have put in place appropriate safeguards, for example by using a contract for the transfer which contains specific data protection provisions that have been adopted by the European Commission or a relevant data protection authority; or
- where you have consented to this, or there is another legal basis on which we are entitled to make the transfer.
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. As the transmission of information via the internet is not completely secure we cannot guarantee the security of your information transmitted to our Website at the time of transmission.
9. Data retention
We will retain your information for such time as is reasonably required to enable us to fulfil the purpose for which it was collected and associated purposes (including dealing with future related follow up or complaints or claims against us) or as long as the law requires. In some circumstances we may retain and process limited information in order to ensure ongoing compliance with your request to remove you from our databases.
10. Accessing and updating
You are entitled to see the information held about you and you may ask us to make any necessary changes to ensure that it is accurate and kept up to date or object to our use of your personal information. In some circumstances you may be entitled to request that your data is deleted and provided this does not override our legitimate basis for retaining the information, taking account of your fundamental rights, it will be deleted.
If you wish to access, correct or delete your personal information or transfer it to another business, please contact us at the address or via the email address above.
If you are unhappy with how we have handled your personal information or have any concerns about how we handle your data please contact our Data Protection Officer via the contact details listed above. You can also make a complaint to the authority responsible for data protection, the Information Commissioner’s Office.