Privacy Notice – GDPR compliant
This privacy notice contains information about what data we collect and store about you and why. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.
Who are we?
BSG Solicitors LLP, main office at 314 Regents Park Road, Finchley, London N3 2JX, collects, uses and is responsible for personal information about you. When we do this we are the “controller” of this information for the purposes of the General Data Protection (GDPR) and other applicable data protection laws.
Our Data Control Officer is Paul Grant (Partner) assisted by David Sichel (Partner).
When carrying out our legal services to you we collect the following personal information that you provide to us:
We collect the following information from other sources:
This personal information (name, address, email address etc.…) must be provided by you to us, to enable us to provide our legal services and related activities. It is also used to provide you with information about our services.
Legal basis for collecting and using your personal information
We rely on the following as the legal bases for processing your information:
Who will we share your personal information with?
We will share personal information with law enforcement agencies if required by applicable law.
We will not share your personal information with any other third parties without your consent unless required to do so by law, or where it is altogether necessary to do so.
Transfer of your information outside the European Economic Area (EEA)
It may be necessary to transfer your personal information outside the EEA or to an international organisation in order to check and discuss information. If so, you will be advised in advance to give your consent.
These countries do not have same data protection laws as the United Kingdom and EEA. The European Commission has not given a formal decision that these countries provide data protection that is substantially similar to those in the United Kingdom and EEA, however any transfer will be subject to safeguards as permitted under Article 46 of the General Data Protection Regulation. These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused.
How long will we store your personal data for?
We will retain your personal data for the following time periods:
If you would like further details on the retention period for your specific matter please contact the lawyer dealing with your matter or our Data Control Officer. Your data will be destroyed/deleted at the appropriate time.
We are relying on your explicit consent to provide our services. You provided this consent when you signed our client care letter. As stated above, we use a number of lawful bases for processing your personal data and therefore will not require your explicit consent to do this.
You have the right to withdraw this consent at any time, but this will not affect the lawfulness of any processing activity we have carried out prior to you withdrawing your consent. You can opt-out here or contact us at firstname.lastname@example.org or on 020 8343 4411.
The data subject is entitled to the following rights:
(i) The right to be informed (ii) the right to obtain copies (iii) the right to access their personal data (iv) the right to have inaccurate personal data rectified (v) the right to request the restriction or suppression of their personal data and (vi) the right to be forgotten.
Under the General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are:
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioner’s Office on Individual’s rights under the GDPR.
If you want to exercise any of these rights, please:
We will respond to you within one month from when we receive your request. Please note if you wish to unsubscribe from any email you can do so by following the instructions on any communication we send to you. It may take five days for this to become effective.
How to make a complaint?
We hope that you are happy with our service and that our Data Control Officer can resolve any issues or complaints that arise. Please get in touch if you have any concerns (see “Get in touch” below).
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where the alleged infringement of data protection laws occurred. The UK supervisory authority of the Information Commissioner’s Office who can be contacted at the following website address: https://ico.orguk/concerns/.
Automated Decision Making
We do not use automated decision making in relation to the legal services we provide.
We protect your personal data using all reasonable and proportionate means, including computer security systems, staff training, compliance with all appropriate data protection legislation and professional conduct rules.
We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will inform you.
Changes to this privacy notice
This privacy was published in May 2018 and will be reviewed in May 2019.
We constantly review our internal privacy practices and may change this policy from time to time. When we do we will inform you.
Get in touch
If you have any questions about this privacy notice or the information we hold about you, please contact our Data Control Officer.
The best way to reach us is to email or alternatively, please write to us or call us.
If it would be helpful to have this notice provided in another format (for example: in another language, audio, braille) please contact us (see “Get in touch” above).