This policy covers Shentons Solicitors and Mediators (“Shentons”) use of personal information.
If you provide us with any personal data (including when using this website) we may use it to provide you with any further information or services you have requested. We may also use it for any other purpose for which you give your consent. For example, we may send you additional information about the firm or its services in pursuit of our legitimate interests or if you have consented to us doing so.
• the personal information we collect about you
• what we do with your information, and
• with whom your information might be shared.
• What do we do with the information you supply to us?
From time to time, you will be asked to submit personal information about yourself (e.g. name, email address and mobile telephone number) in order to receive or use our services- including by entering your details in the fields requested on our website- and to enable Shentons and its service providers to provide you with the services you select.
If you are aged 16 or under, please get your parent/guardian’s permission before hand.
Whenever you provide such information, we will treat that information in accordance with this policy. When you supply personal information to Shentons we have legal obligations towards you in the way we use such data. We must collect the information fairly and tell you if we want to pass the information on to anyone else.
Any information you provide will only be used within Shentons and by its agents, service providers and its regulators and auditors. Your information will also be disclosed where required by law.
Any personal data you provide to us will be used by us to deal with any enquiry you make – including those made through the website- and to provide any services which you ask us to provide. We may also add your details to our database. We will not use these details to contact you with any information other than in relation to your enquiry and related services.
When you send a cv or job application to us or we receive it on your behalf from a recruitment agency, you will be supplying us with some personal data. If you have submitted this speculatively, unless we contact you to say we will be taking your application further, we will destroy the information submitted.
If you are responding to an advertised vacancy, then we will keep your information whilst the recruitment process is underway. Information on unsuccessful applicants will be destroyed after 12 months. Information on successful applicants will be kept in their personnel file and retained during the period of engagement and in accordance with our retention policy.
Please note that we cannot guarantee that any email sent from you to us will be received by us or that its contents are or will remain secure during or following transmission. Likewise we cannot guarantee that emails sent by us to you are secure. If you have any concerns about the security of email transmissions to or from us, you may prefer to telephone or write to us instead. In particular, please do not send your bank details to us by email and never act on instructions purporting to come from us by email containing bank account details.
Shentons Solicitors and Mediators (sometimes referred to simply as “Shentons”, ‘we’ or ‘us’) is a ‘data controller’ for the purposes of data protection legislation (i.e. we are responsible for and control the processing of your personal information).
We are based in the United Kingdom and do not have equipment outside of the UK which is used for processing personal data.
If you submit an enquiry (whether by telephone, in person, in writing, by email or via our website) then we will hold your email details and any information you provide. We will use and keep (process) this information so we can respond to your enquiry. If you instruct us to act for you, then we will use the information you provide in order to progress your matter or case and it will be kept at the end with papers securely archived and then confidentially destroyed in accordance with our regulatory and legal requirements.
We collect personal information about you (such as your name, address, email address, telephone contact numbers) when you contact us. We also collect personal information when you contact us or send us feedback via the website or social media.
Occasionally we may receive information about you from other sources (such as the local authority or police), which we will add to the information we already hold about you in order to help us provide our services to you.
If you give us information on behalf of someone else, such as when you are a guardian or parent of a child (which can be someone of 16 or under) or you act as a deputy or attorney, you must confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
• give consent on his/her behalf to the processing of his/her personal data;
• receive on his/her behalf any data protection notices;
• give consent to the transfer of his/her personal data abroad; and
• give consent to the processing of his/her data that falls within the special categories, such as information relating to health and sexual orientation.
We may ask you to provide sensitive personal information as part of your matter or case. If we request such information, we will explain why we are requesting it and how we intend to use it. We will only request this type of personal information with your explicit consent and for the purposes of progressing your matter or case.
Special categories of personal information includes information relating to:
• your ethnic origin
• your political opinions
• your religious or philosophical beliefs
• whether you belong to a trade union
• your health
• your sex life or sexual orientation, and
• your genetic or biometric data which identifies you
We may also request information concerning criminal convictions and offences for the purposes of representing you in a matter or case.
We reserve the right to monitor and record communications with you (such as telephone conversations and emails) for the purposes of representing you, quality assurance, training, fraud prevention and compliance.
The website www.shentons.co.uk is owned by Shentons Solicitors and Mediators.
We use the information about you primarily for the provision of legal services to you and for related purposes so that we can:
• identify you and manage any matters or cases that you have with us;
• update and enhance client records;
• process your requests;
• conduct research, statistical analysis and behavioural analysis;
• carry out customer profiling and analyse your preferences;
• let you know about other products or services that may be of interest to you—see ‘Marketing’ section below;
• detect and prevent fraud;
• do an online identity check;
• make statutory returns;
• comply with our legal and regulatory obligations;
• customise our website and its content to our client’s particular preferences;
• notify you of any changes to our website or to our services that may affect you; and
• improve our services.
Our use of that information is subject to your instructions, data protection law and our duty of confidentiality.
We would like to send you information by post, email or telephone about our services which may be of interest to you.
We will ask whether you would like us to send you marketing messages when you first instruct us or when we send you marketing subsequently.
If you have agreed or have asked to receive marketing from us, you can opt out at any time. See ‘What rights do you have?’ below for further information. You can also manage your preferences by letting us know if you only want to receive information on a particular topic or in a particular way- just let us know.
Please note that our work for you may require us to pass on such information to third parties such as expert witnesses and other professional advisers, including sometimes advisers appointed by another party to your matter. We may also give such information to others who perform services for us. Our practice may be audited or checked by our accountants or our regulator or by other organisations. All such third parties are required to maintain confidentiality in relation to your files.
Examples of those to whom we may disclose your personal data are:
• our agents and service providers. Please see the table below for examples.
• law enforcement agencies in connection with any investigation to help prevent unlawful activity
• our banks in connection with the progress of your case or matter
• your representative such as a parent or guardian or attorney
We use technical and organisation measures to safeguard your personal data, for example:
• access to electronic data about your case or matter is controlled by a password and user name unique to your adviser in the firm. Paper records are held in the office and are only taken out of the office when required for specific reasons such as for meetings or a court hearing;
• we store your personal data on secure servers; and
• for those matters involving court hearings, details are accessed via secure court portals and laptops used for these hearings are encrypted
• we carry Cyber Essentials accreditation
Whilst we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).
If you want detailed information on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We do not normally copy your personal information to anyone outside the European Economic Area. However, we may need to transfer your personal data to countries, some of which may be located outside the European Economic Area, for the purpose of performing a contract with you or to implement pre-contract measures taken at your request. This will be in connection with your matter or case. Rest assured that when we are aware of this we will check with the ICO to ensure any transfer is subject to appropriate security measures to safeguard your personal data. Please note that personal data transferred to the United States may not have adequate levels of protection. If protections are not considered adequate then we may also seek your explicit consent to the proposed transfer. This might arise for example where a beneficiary of a deceased’s estate lives in such a country. If you access or send us information from abroad, then this will be at your own risk.
You have a right of access under data protection law to the personal data that we hold about you. You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy, please:
• email, call or write to us (see ‘How can you contact us?’ below)
• let us have proof of your identity and address (we prefer your current driving licence or passport and a recent utility or credit card bill), and
• let us know the information you want a copy of, including any account or reference numbers, if you have them
Unless your request is manifestly unfounded or excessive (e.g. because it is repetitive – and we may then refuse to act on the request) we will not make a charge for this service. Unless you request otherwise, we will provide the information electronically. Information provided will be written in clear and plain language, concise, transparent, intelligible and easily accessible. (Some documents may be written or presented in a particular way for legal reasons and if you request we will provide a short explanation to help you understand them.)
We will provide this information without undue delay and in any event within one month of the request, although we may extend the period by two further months where necessary taking in to account the complexity and volume, but we will let you know if this is the case.
We are committed to holding personal data that is correct and up to date. You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:
• email, call or write to us (see ‘How can you contact us?’ below)
• let us have enough information to identify you (e.g. matter number, your name and ID details), and
• let us know what is incorrect and what it should be replaced with
If we have provided the personal data to third parties, we will let you know who this is and inform them of the rectification required where possible. We will make the rectification without undue delay and within one month. If it is a complex request we may have to extend this by two months, but we will let you know if this is the case.
You have the right to ask us to erase personal data without undue delay in certain circumstances, such as you wish to withdraw consent to us processing it for marketing purposes. However, this does not apply if we are required to comply with a legal obligation or if the processing is necessary for the establishment, exercise or defence of legal claims. Please note that even after your case or matter is finished, we have legal obligations to keep personal data for longer.
You have the right to block or suppress processing of personal data. For example, this may be because you contest the accuracy of the personal data we hold or you object to us processing it. Please be aware that restricting your data in this way may mean that we will no longer be able to act for you. We are also able to continue to process personal data for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
This right allows you to obtain and reuse your personal data by moving, copying or transferring it from one IT environment to another. This applies when we are processing your data based on consent or under a contract and it is carried out by electronic means. If so, we will provide this data free of charge in a structured, commonly used and machine readable form.
You can object to us processing personal data for marketing purposes or where it is used in connection with our legitimate interests. Unless we are processing this data for the performance of a legal task, or for a compelling legitimate ground which overrides your interests, rights and freedoms, we will stop processing your personal data.
You can ask us to stop contacting you for direct marketing purposes or to request it in a different way (such as email rather than post). If you would like to do this, please:
• email, call or write to us (see ‘How can you contact us?’ below).
• let us have proof of your identity and address (usually a copy of your driving licence or passport and a recent utility or credit card bill) and
• let us know what method of contact you do not wish us to use (for example, you may be happy for us to contact you by email but not by telephone)
If you have a concern about the way your personal data has been handled by us please let us know so that we can help. In addition, you have the right to complain to the ICO. The contact details are on the ICO website www.ico.org.uk where you can start a Live Chat or send an email (firstname.lastname@example.org) or you can call the Help Line 0303 123 1113 (+44 1625 545 745 if you are outside the UK).
If you would like this policy in another format (for example in large print) please contact us (see ‘How can you contact us?’ below).