You’re a client (or someone who works for a client)
If you’re a client, or work for one of our clients, you can find out more about the purposes we will collect and use your personal data for, and other important information, below.
What personal data do we collect?
- Biographical details (name, job title and other information about you or your role)
- Contact details (both private and work, where appropriate)
- Identity documents and supporting records (such as driving licence, passport, and proof of address)
- Business information (which may or may not include your personal data)
- Financial details (such as personal bank account details and records of transactions with us including invoices and credit notes)
- Records of communications with us (including emails, call history and audio/video recordings, where agreed with you in advance)
- Feedback and survey results
Where do we get your personal data from?
- If you’re our client, we’ll usually get your personal data directly from you
- If you work for our client, we may get your personal data from your colleagues, other professional advisers or other parties involved in a matter
What do we use your personal data for?
- Onboarding you, or the organisation you work for, as a client, including verifying your identity where required
- Performing our obligations and exercising our rights in line with our instructions and our terms of business
- Complying with our legal and professional obligations
- Telling you more about the services we provide by email
What is our lawful basis for using your personal data?
There are six available legal grounds for using personal data. The grounds relied upon by us for the above purposes are:
- We’ll use your contact details and identity documents to verify your identity in accordance with our legal obligation to do so under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (however, where you agree to us verifying your identity for our third party provider, we will do this based on your consent)
- If you’re our client, we’ll use your personal data to provide our services in line with your instructions and to manage the relationship between us, including invoicing and payment, under our contract with you (which includes our engagement letters, instruction forms and terms of business)
- If you work for our client, we’ll use your personal data to provide our services to the person or company that has employed or engaged you in line with our legitimate interests in providing our services
- In any case, we’ll use your personal data for our legitimate interests in complying with our legal and professional obligations, reviewing and improving the quality of the services we provide and how we provide them, sharing know-how internally and training our team and ensuring the security and stability of our systems
Who will we share your personal data with?
In addition to our staff (which may include self-employed consultants) and those providing technical services to us (such as cloud service providers that host our business systems), we may share your personal data with:
- Our third-party identity verification provider (where you’ve agreed that we may check your identity with them)
- Other parties and professional advisers involved in a matter, as necessary
- Government agencies such as HMRC, courts, tribunals, and law enforcement agencies, as appropriate
- Our regulator, the Solicitors Regulation Authority
- Our outsourced regulatory compliance consultant
- Debt collection agencies, where necessary
- Legal directories such as Chambers or Legal 500, where you’ve agreed to be a referee
How long will we keep your personal data for?
We retain invoices, credit notes and supporting records for 6 years from the relevant invoice or credit note date.
We retain client files for 7 years from the date we close them (or 7 years from the date of initial contact if a matter is aborted). We may retain files for longer periods if requested by you or where we’ve a good reason to retain them for longer.
We retain identity documents for 5 years from the date on which our relationship ends or 5-10 years from the date that any related transaction completed, unless we’ve a good reason to retain them for longer.