Privacy Notice – Tait & Mackenzie
Tait & Mackenzie LLP, Solicitors, of 4 La Porte Precinct, Grangemouth FK3 8AT (hereinafter referred to as “we”) Tel: 01324 471121 Email: firstname.lastname@example.org
We are a Law Firm providing Advice and Assistance and carrying out Legal Procedures and Services for our clients on a wide range of issues. As a Law Firm, regulated by the Law Society of Scotland, we are a Data Controller. Our Partner, Douglas Brown takes ultimate responsibility for data protection. If you would like any further information regarding use and retention of your data or any matter arising out of this Privacy Notice then you can contact our data protection lead – Douglas Brown at Tait & Mackenzie Email: email@example.com Tel: 01324 471121
We take the security of your data (whether provided by yourself or by a third party) very seriously and are committed to protecting it. This Privacy Notice details our procedures for collection and use of your personal data. It also explains your rights to access or change your personal data.
Collection of your personal data
As a Law Firm, we require to collect data concerning you from a wide range of sources. We collect data from you direct (face to face, or by letter, email or telephone call) and also from different sources including (a) your relatives and representatives where you instruct us to do so, (b) providers of identity verification and compliance services, (c) organisations who have referred you to us, (d) other solicitors and professionals such as accountants, financial advisers, insurance companies, financial institutions, doctors and other health care providers who are connected with your transaction, (e) online and internet sources and websites, and (f) other relevant third parties involved in your transaction.
Type of personal data collected
We require from you:-
(A) such data as name and address, contact details (telephone and email), occupation, employment, date of birth, National Insurance Number, relationship to other persons, passport and driving licence details, photo identification, and ID and address documentation;
(B) Such financial data of yours as is required by us to comply with Anti-money Laundering Regulations and to enable us to properly carry out the transaction on your behalf;
(C) Any Health Records needed in connection with the transaction which we are dealing with; and
(D) All other necessary information (from you and from third parties) relating to you and your transaction, to enable us to properly carry out the transaction on your behalf.
Legal Basis for the processing and use of your personal data
The legal basis on which we will use your personal data is:- (a) your consent (if it has been requested by us), (b) to comply with our legal obligations, (c) to perform a contract of services for you, or (d) where there are other legitimate interests or requirements to do so (as can be evidenced and verified by us).
NOTE 1: Unless stated otherwise the legal basis of carrying out the present work for you will be to perform a contract of services for you.
NOTE 2: Where the legal basis is consent, you have a right to withdraw consent at any time.
Purposes for which the data is intended to be processed
(1) Performance of Contract
To communicate with you regarding your instructions and any other relevant matter and to provide legal advice and legal services to you where you are a client of the firm. To share information with (a) other professionals such as solicitors, advocates, accountants, doctors, architects, surveyors, (b) appropriate Local Authority, Court, and Government officials, (c) appropriate official organisations such as Revenue Scotland, Registers of Scotland, Police Scotland etc, as is required for your transaction or for the fulfilment of our legal and Law Society obligations.
(2) Compliance with Law, Legal Obligations, and Legitimate Interests
(a) To comply with our legal obligations and to prevent financial crime including money laundering under the Money laundering, Terrorist Financing and Transfer of Funds Regulations 2017.
(b) To respond to enquiries from potential clients.
(c) To keep all necessary Records for accounts and Compliance purposes.
Where we store your personal data and information security
We take appropriate technical and organisational measures to secure your personal information and protect it against unauthorised or unlawful processing as well as against its accidental loss or destruction or damage. These measures include (a) using secure servers to store your personal data, (b) verifying the identity of individuals that access your personal data, (c) utilising appropriate anti-virus and anti-malware systems to protect against cyber threats, (d) providing regular training to all our employees.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted.
Sharing personal data
We may require to share your personal information with external third parties but only as strictly required for your transaction or to comply with our legal or Law Society obligations. We will try to keep this to a minimum and take reasonable steps to ensure that recipients shall only process the disclosed personal data for those purposes and in accordance with our instructions.
In the course of certain types of work, we may be required to share your personal with advocates, other solicitors, expert witnesses and other professional persons who may be controllers of that data. We may also require to instruct local agents to handle certain court-based activities from time to time for reasons of cost-effectiveness and efficiency.
We will not transfer your personal data to anyone else without your permission, except:-
(1) Where we are obliged to do so by law or regulatory obligations; (2) Where we are required to share your information with any external third parties who provide services to us; and (3) Where it is necessary to enable us to carry out the transaction which we are dealing with on your behalf.
We will never sell your information or disclose it for direct marketing purposes, and we do not allow our third-party service providers to use your personal data for their own purposes.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. The types of organisations/groups that we may share personal data with include:-
(1) service providers
(2) financial organisations
(4) government departments
(5) the courts
(6) other professional advisers and consultants
(7) regulatory authorities
(8) persons and organisations as authorised by you or which we require to share data with as a necessary part of the transaction which we are dealing with for you.
We do not transfer your personal data outside the European Economic Area (EEA) unless you provide us with specific consent to do so.
How long we will keep your personal data for
We do not hold information for longer than is necessary. We have a Records and Retention System which sets out the periods and rules for retaining and reviewing all data that we hold. There are different retention periods depending upon the nature of the transaction and the nature of the information. The Law Society of Scotland, which regulates us, recommends minimum periods of file retention and we comply with those. These can be found at this link:- https://www.lawscot.org.uk/members/rules-and-guidance/rules-and-guidance/section-e/division-b/guidance/the-ownership-and-destruction-of-files/
Changes in personal information
It is important that the personal data we hold about you is accurate and up-to-date. Please keep us informed if your personal information changes during your working relationship with us.
Questions and concerns
You have the right to lodge a complaint with the Information Commissioners Office (ICO) if you think we have infringed your rights. The ICO’s contact details are as follows:
Information Commissioner’s Office
Wilmslow, Cheshire, SK9 5AF
Tel. No. – 0303 123 1113
You have the following rights under data protection law:-
Right to be informed:- This Privacy Notice provides you with details as to how we collect and use your personal data.
Right to access:- You have a right to request access to the personal data we hold about you by making a “subject access request” to us. You will be provided with a copy of all personal information that we hold about you. You will not be charged for us providing you with this information
Right of rectification:- You have a right to request that we correct or complete any inaccurate or incomplete personal date which we hold about you.
Right of erasure:- You have the right to ask us to delete your personal data where it is no longer necessary for us to use it, or where you have withdrawn consent, or where we have no lawful basis for retaining it. If we are required to keep your personal data to comply with our legal or regulatory obligations or legitimate interests in legal proceedings or claims, then we may have to decline your request, and retain some or all of your personal data.
Right to restrict processing:- You have the right to request that we restrict the processing of your personal data that we hold about you for specific reasons or to a specific task.
Right to data portability:- You have a right to obtain and reuse the personal data that we hold about you for your own purposes in certain circumstances.
Right to object:- You have a right to object to any processing of your personal data by us.
Tait & Mackenzie – 25 May 2018 firstname.lastname@example.org Tel: 01324 471121
Tait & Mackenzie LLP (Registered Number SC307141), Registered Office Address: 4 La Porte Precinct, Grangemouth, FK3 8AT