174 Law Family Specialists and Family Mediation Solutions are trading styles of HLP LEGAL LIMITED Company Registration No. 12064088 registered office The Lauries, 142 Claughton Road, Birkenhead CH41 6EY) Authorised and Regulated by the Solicitors Regulation Authority (registration number 660373)
We at 174 Law Family Specialists value the right to privacy. This Policy applies to our use of any and all Data / Personal Information collected by us in relation to you, your retainer with us and thereafter.
This policy sets out how 174 Law uses and protects any information that you give to us when you use our service.
By using 174 Law Family Specialists, you are agreeing to these Terms. This is a legal agreement. If you do not wish to be bound by these terms and conditions, then you must inform us forthwith and we may not be able to continue to act on your behalf.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
- “Account” means collectively the personal information, Payment Information and credentials used by you to access any of our services;
- “Client” means any individual who is or has retained Us in relation to one of our service packages
- “Data” means collectively all information that you submit to us throughout the duration of the retainer between us in other words your personal Information . This includes, but is not limited to, Personal details , Account details and any other information submitted using any of our Services;
- “Data Protection Officer” means Robin Kendall
- “Personal Information” means any information that identifies or be used to identify you or a Subscriber, directly or indirectly, including, but not limited to, first and last name, date of birth, email address, gender, occupation or other demographic information;
- “Us, We or Our” means HLP Legal Ltd, 174 Law Family Specialists or Family Mediation Solutions The Lauries, 142 Claughton Road, Birkenhead CH41 6EY;
- “Service” means collectively any direct or online facilities, tools, services or information that We make available either now or in the future;
- “System” means any communications infrastructure that We make available through this service now or in the future. This includes, but is not limited to, case management , Cloud facilities, web-based email, message boards, live chat facilities and email links;
- “User” / “Users” means any third party with whom we engage on your behalf during the provision of our services to you and is not employed by Us and acting in the course of their employment; and
- “Web Site” means the website www.174familylaw.co.uk and familymediationsolutionsuk.com and any sub-domains of this site unless expressly excluded by their own terms and conditions.
- “You” means any individual who wishes to engage with any aspect of the services provided by us. We do not share client details with any 3rd parties save for circumstances as referred to in Clause below. However, without limitation, any of the following data may be collected:
2. Data Collected
We do not share client details with any 3rd parties.
However, without limitation, any of the following data may be collected:
- 1 name;
- 2 date of birth;
- 3 job title;
- 4 profession;
- 5 contact information such as email addresses and telephone numbers;
- 6 demographic information such as post code;
- 7 IP address (*);
- 8 web browser type and version (*);
- 9 operating system (*);
- 10 a list of URLS starting with a referring site, your activity on this Web Site, and the site you exit to (*); and
- 12 Account identifier
- 13 National Insurance Number
* means automatically collected when accessing our website. We collect most of this information from you direct. However, we may also collect information:
3. How your personal data is collected
- from publicly accessible sources, eg Companies House or HM Land Registry;
- directly from a third party, eg
- sanctions screening providers;
- credit reference agencies;
- client due diligence providers;
- from a third party with your consent, eg:
- your bank or building society, another financial institution or advisor;
- consultants and other professionals we may engage in relation to your matter;
- your employer and/or trade union, professional body or pension administrators;
- your doctors, medical and occupational health professionals;
- via our information technology (IT) systems, eg:
- case management system
- reception logs;
- CCTV communications systems, email and instant messaging systems such as Skype
4. Our use of Data
- 1 Under data protection law, we can only use your personal data if we have a proper reason for doing so, eg:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.The table below explains what we use (process) your personal data for and our reasons for doing so:
- A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
|What we use your personal data for||Our reasons|
|To provide legal services to you||For the performance of our contract with you or to take steps at your request before entering into a contract|
|Conducting checks to identify our clients and verify their identity Screening for financial and other sanctions or embargoes Other processing necessary to comply with professional, legal and regulatory obligations that apply to our business, eg under health and safety regulation or rules issued by our professional regulator||To comply with our legal and regulatory obligations|
|Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies||To comply with our legal and regulatory obligations|
|Ensuring business policies are adhered to, eg policies covering security and internet use||For our legitimate interests or those of a third party, ie to make sure we are following our own internal procedures|
|Operational reasons, such as improving efficiency, training and quality control||For our legitimate interests or those of a third party, ie to be as efficient as we can|
|Ensuring the confidentiality of commercially sensitive information||For our legitimate interests or those of a third party, ie to protect our intellectual property and other commercially valuable informationTo comply with our legal and regulatory obligations|
|Statistical analysis to help us manage our practice, eg in relation to our financial performance, client base, work type or other efficiency measures||For our legitimate interests or those of a third party, ie to be as efficient as we can|
|Preventing unauthorised access and modifications to systems||For our legitimate interests or those of a third party, ie to prevent and detect criminal activity that could be damaging for us and for youTo comply with our legal and regulatory obligations|
|Updating client records||For the performance of our contract with you or to take steps at your request before entering into a contract.To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, eg making sure that we can keep in touch with our clients about existing and new services|
|Statutory returns||To comply with our legal and regulatory obligations|
|Ensuring safe working practices, staff administration and assessments||To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, eg to make sure we are following our own internal procedures and working efficiently so we can|
|Marketing our services to:—existing and former clients—third parties who have previously expressed an interest in our services—third parties with whom we have had no previous dealings.||For our legitimate interests or those of a third party, ie to promote our business to existing and former clients|
|Credit reference checks via external credit reference agencies||For our legitimate interests or a those of a third party, ie for credit control and to ensure our clients are likely to be able to pay for our services|
|External audits and quality checks, eg for Lexcel, ISO or Investors in People accreditation and the audit of our accounts||For our legitimate interests or a those of a third party, ie to maintain our accreditations so we can demonstrate we operate at the highest standardsTo comply with our legal and regulatory obligations|
The above table does not apply to special category personal data, which we will only process with your explicit consent.
- 4.2 Any personal Data you submit will be retained by 174 Law for as long as you use the Services and agree to our Systems and procedures post retainer. Data that you may submit through any communications System that we may provide will be retained for such period as defined in our terms of business.
- 4.3 Unless we are obliged or permitted by law to do so, and subject to Clause 5, your Data will not be disclosed to third parties. This does not include other companies within our group.
- 4.4 All personal Data is stored securely in accordance with the principles of the Data Protection Act 1998. For more details on security, see clause 10 below.
- 4.5 From time to time, we may include links in our e-mails to other web sites which we think may be of interest to you.
- 4.6 Each email communication you receive from us will have the option to remove your e-mail address from our list. We may, from time to time, employ the services of or otherwise engage with other parties / agents / professionals in relation to the advancement or progression of the matter upon which we are instructed or for dealing with matters that may arise to include, but are not limited to, payment handling, search engine facilities, advertising and marketing. The providers of such services will only have access to such personal Data as deemed necessary for the furtherance of the objective upon which the third party service is to be engaged. Any Data used by such parties is used only to the extent required by them to perform the services that We request. Any use for other purposes is strictly prohibited. Furthermore, any Data that is processed by third parties must be processed within the terms of this Policy and in particular Clause 10 and in accordance with the Data Protection Act 1998. Further more we also impose contractual obligations on service providers relating to ensure they can only use your personal data to provide services to us and to you.
We routinely share personal data with:-
5. Third Party Services
- professional advisers who we instruct on your behalf or refer you to, eg barristers, medical professionals, accountants, tax advisors or other experts;
- other third parties where necessary to carry out your instructions, eg your mortgage provider or HM Land Registry in the case of a property transaction or Companies House;
- credit reference agencies;
- our insurers and brokers;
- external auditors, eg in relation to ISO or Lexcel accreditation and the audit of our accounts;
- our bank[s];
- Legal Aid Agency
- external service suppliers, representatives and agents that we use to make our business more efficient, eg typing services, marketing agencies, document collation or analysis suppliers;We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.We will not share your personal data with any other third party.
6. Changes of Business Ownership and Control
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
- 6.1 We may, from time to time, expand or reduce its business and this may involve the sale of certain divisions or the transfer of control of certain divisions to other parties. Data provided by Users will, where it is relevant to any division so transferred, be transferred along with that division and the new owner or newly controlling party will, under the terms of this Policy, be permitted to use the Data for the purposes for which it was supplied by you.
- 6.2 In the event that any Data submitted by Users will be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted you will not be given the choice to have your Data deleted or withheld from the new owner or controller.
7. Controlling Access to your Data
Wherever you are required to submit Data, you may be given options to restrict our use of that Data. This may include the following:
- 7.1 use of Data for direct marketing purposes; and
- 7.2 sharing Data with third parties.
8. Your Right to Withhold Information
- 8.1 You may access certain levels of service without providing any Data at all such as our website. However, to use all Services and Systems you will be required to submit Account information or other Data of sufficient amount to enable us to undertake the service you are contracting with us to provide and in order to comply with our regulatory bodies.
- 8.2 You may however restrict the personal data we hold for you post retainer. For more information see clause 18 below.
9. Accessing your own Data
- 9.1 You may access your Account at any time to view or amend the Data. You may need to modify or update your Data if your circumstances change. Additional Data as to your marketing preferences may also be stored and you may change this at any time.
- 9.2 You have the right to ask for a copy of your personal Data on payment of a small fee.
10.1 Data security is of great importance to 174 Law Family Specialists and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected online.
11. Where we store your personal data
All information you provide to us is stored on our highly secure servers that are managed 24/7 and is not transferred outside the European Economic Area (“EEA”)Information may be held at our offices, third party agencies, service providers, representatives and agents as described above (see ‘ Who we share your personal data with’).
- We use a number of software products by way of practice / case management. This software is stored on our main server which is in house or in the cloud. However even if the former occasionally the software provider may have cause to remotely or otherwise access our account upon which they may have cause to access your personal data. They are as follows:-
- i.Practice Management Software called Leap. This is stored on the main server on site. LEAP is used for our accounts management. You can read more about https://www.leap.co.uk/privacy/
- ii.We use case management systems as follows :-
The provisions of clause 5 Third Party Services apply to the above.
Where you data is stored on paper this is retained in house until the conclusion of your retainer upon which your file will be closed and placed into our secure file retention facilities which can be found at appendix 2.
We use Mailchimp as our Email Marketing provider. Your contact information will be stored in our MailChimp account, which has datacentres in the USA. You can read more about MailChimp security here https://mailchimp.com/about/security/
- Marketing emails will be sent from our MailChimp account
- We will track interactions and engagement with our emails e.g. which links are clicked on or when you wish to unsubscribe from our database
- Unfortunately, the transmission of information via the internet can never be completely secure. Although we will use reasonable endeavours to protect your personal data, we cannot guarantee the security of your data whilst transmitted on line. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
12. How long will we store your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
However by law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for a period defined by our regulatory body the Solicitors Regulation Authority and other government bodies such as Inland Revenue, after they cease being customers.In some circumstances you can ask us to delete your data: To exercise this right please see clause 14 below.
13. Changes to this Policy
14. Your Legal Rights
You have the right to:
14.1 Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
14.2 Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
14.3 Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
14.4 Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
14.5 Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
14.6 Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
14.7 Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- complete a data subject request form—available from our Data Protection officer
- email, call or write to our Data Protection Officer—see below: ‘ How to contact us’; and
- let us have enough information to identify you [ (eg your full name, address and client or matter reference number)];
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- let us know what right you want to exercise and the information to which your request relates.
15. Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
16. How to complain
We hope that we can resolve any query or concern you may raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.17.
18. How to contact us
Our data Protection Officer’s contact details are
174 Law Family Specialists, The Lauries 142 Claughton Road, Birkenhead CH41 6EY
Tel: 0151 647 7372