Statham Gill Davies Solicitors (“SGD”) is a commercial law firm located in London’s West End that provides a range of leading legal services in music, media and entertainment, company commercial, dispute resolution, property, family, employment, sport, immigration and wills and probate.
It is fundamental to our business that we collect and manage data about our clients and others. We are committed to the safe keeping of your information and, of course, compliance with data protection laws. As such, we therefore act as a “Data Controller”.
This privacy notice details how we collect, manage, process, store and share information about you as a result of you visiting our website, as a client or prospective client or in connection with a client matter or for other activities, such as marketing and hospitality. We also explain how you can control use of your data.
If you have any feedback or questions about our use of your data, please contact our Data Privacy Manager, John Statham at John.Statham@sgdlaw.com or you can write to him at Statham Gill Davies, 38 Wigmore Street, London W1U 2RU.
General
If you are a client or prospective client of SGD, please read this notice alongside our general terms and conditions, as they provide further information on confidentiality, data privacy and related matters.
This notice does not apply to any websites or web services linked to our website or any website or web services that we provide you with links to at any time, as we do not have control over them. See below for our Cookie Policy.
About Us
SGD is a partnership, authorised and regulated by the Solicitors Regulation Authority under number 417602.
Children
Our website and services are not aimed at children. If you are a child and need further advice or explanation about how we would use your data, please email John.Statham@sgdlaw.com
Provided information
The classes of information that we will obtain from or about you will depend on what you or others have asked us to do
You and others may provide personal data (personal information) that is classed as:
- Personal data: general information that you supply about yourself or others – such as name, address, date of birth, gender, other contact details, financial information etc.
- ‘Special category’ or sensitive personal data: information about your or others’ racial or ethnic origin, religion, sexual orientation, political opinions, health data, trade union membership, philosophical views, biometric and genetic data.
- Criminal conviction and offences data.
In most circumstances, the personal data we obtain from or about you will be limited to general information, including the information we need for the identification checks that we are required by law to complete. We may need to request or obtain more sensitive information for some of the work we do.
Any personal data that we receive from you for the specific purpose of preventing money laundering or criminal financing will only be used for that purpose.
By signing our Terms and Conditions of Business, you expressly consent to us keeping (for more than five years) your personal data relating to anti money laundering verification checks and searches. Your personal data will be destroyed when the file relating to your matter is destroyed (in accordance with our data retention periods).
Sources of information
We may be given or obtain personal information from a number of sources, such as:
- Information you give us about yourself
- Information you give us about others
- Information others give us about you to allow us to do our work, typically:
- Professional managers and agents
- Clients
- Banks and building societies
- Employers, if you are (or may become) an employee, worker or contractor
- Lawyers and accountants, in connection with contracts, transactions and consultations
- Doctors
- Expert witnesses
- Insurers
- Organisations that have referred work to us
Why do we need personal information?
The main reason for asking you to provide us with or give us permission to obtain your personal data from other sources, is to allow us to carry out your instructions – which will normally be to represent you and carry out your legal work or to enable us to carry out our contractual obligations to others.
The following are some examples of what we may use your information for:
- Establishing your identity
- Considering our ability to do legal work for you
- Verifying the source of any funds
- Communicating with you, including delivering details about our services
- Setting up funding for a matter or transaction
- Ensuring billing for our services and obtaining payment
- Obtaining insurance policies on your behalf
- Fulfilling legal work requirements, including providing advice to you and others; carrying out litigation and attending hearings on your behalf; pursuing and agreeing settlements; preparing for and attending mediation meetings; preparing documents, letters and other correspondence; completing transactions; keeping financial records of your and others’ transactions; requesting and obtaining advice from third parties; obtaining reports from legal and non-legal experts; responding to complaints or allegations involving us
- Processing applications for employment
- Fulfilling our regulatory and statutory obligations
Who can access personal information?
Our data protection regime has been established to ensure secure and lawful processing of your personal data. We will not sell or rent your information to any other person or organisation or share your information with third parties for marketing purposes.
As a general rule, we will only use your information within SGD, but in carrying out your legal work (whether directly or in the administration of our systems), we may need to disclose some information to third parties e.g. to:
- HM Land Registry to register a property
- HM Revenue & Customs; e.g. for Stamp Duty Liability
- Courts or Tribunals
- Other solicitors (acting on the other side)
- Seeking advice or representation from a barrister or other regulated professional
- Non-legal experts to obtain advice or assistance
- Professional support, including process servers, legal funders, translators and translation agencies
- Contracted suppliers, such as information technology providers and services
- External accountants and auditors
- Regulators e.g. Solicitors Regulation Authority and Information Commissioners Office
- Bank or Building Society, mortgage brokers or other financial institutions
- Insurance brokers and companies
- Providers of identity verification
- Statutory bodies or actors involved in law enforcement or regulation e.g. for the prevention of financial crime and terrorism, where there is an emergency and we think you or others are at risk.
We may also share your personal data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.
In the event that any of your information is shared with third parties, we will require them to maintain strict confidentiality, to operate according to our instructions where appropriate and not to use your personal information for their own purposes, unless you have expressly consented to them doing so.
Some uses of your personal data may require your specific consent, in particular if we are processing special category or sensitive personal data. If so, we will contact you separately to ask for your consent, which you will be free to withdraw at any time.
How do we protect your personal data?
We recognise that your information is valuable and we will take all reasonable steps to protect it while it is in our care.
We have systems in place to protect personally identifiable data from loss, misuse, alteration or destruction. We also impose confidentiality obligations on internal and external parties to protect the confidentiality of all personal information and to ensure compliance with data protection laws.
We employ computer and digital data safeguards such as firewalls and data encryption and we enforce physical access controls to our offices and files to keep data safe.
How long will we keep information for?
Your personal information will be retained, in computer and/or manual files, for as long as necessary to fulfil the purpose for which the information was collected; or as required by law; or as long as detailed in any contract you may have with us (of which this privacy statement may form part). e.g.
- As long as necessary to carry out your legal work
- For a minimum of 7 years from the conclusion or closure of your legal work; in case you, or we, need to re-open your case for the purpose of defending complaints or claims
- Some information or matters may need to be kept for longer, such as for property transactions and matrimonial matters
- For the duration of a trust
- Probate matters where there is a surviving spouse or civil partner may be retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance
- Wills and related documents may be kept indefinitely
- Deeds related to unregistered property may be kept indefinitely as they evidence ownership
- Personal injury matters which involve lifetime awards or PI Trusts may be kept indefinitely
What are your rights?
Under the General Data Protection Regulations (GDPRs), you are entitled to access your personal data (this is the ‘right to access’). If you want to make an information request, please apply in writing to our Data Privacy Manager, or contact the person dealing with the matter.
If you request access to your personal data, you are entitled to a copy of the data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc. You are not necessarily entitled to the documents that contain the data.
We will endeavor to provide you with the personal information to which you are entitled within 30 days, unless there are legitimate reasons for doing so and unless your request is exceptional in some way, there will be no cost to you.
In addition to the entitlement to access your data, you may have the following rights:
- The right to be informed: this is fulfilled through this privacy notice and our explanation about how we use your personal data.
- The right to rectification: you are entitled to have your personal data amended if it is inaccurate or incomplete.
- The right to erasure / ‘right to be forgotten’. note that this is not an absolute right and requests will be dealt with on a case by case basis. From 25 May 2018 you have the right to request the deletion or removal of your personal data where:
- The use or storage of personal data is no longer necessary for the purpose for which it was originally collected;
- Consent is the lawful basis for holding your data and you withdraw your consent;
- You object to the processing and there is no overriding legitimate interest for it to continue;
- The personal data was unlawfully processed; or
- You object to the processing for direct marketing purposes
- The right to object: you have the right to object to processing based on legitimate interests and direct marketing.
- Otherwise your objection must be based on grounds relating to your particular situation
- We must stop processing personal data for direct marketing purposes if you object
- We must stop processing your personal data unless:
- We can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms; or
- The processing is for the establishment, exercise or defence of legal claims.
- The right to restrict processing: you have the right to request us to restrict or suppress your data. When processing is restricted, we can store your data but we cannot use it. This right only applies where:
- You contest the accuracy of the personal data and we must restrict the processing until we have verified the accuracy of the data;
- You object to the processing (if necessary for the performance of a public interest or purpose of legitimate interests), and we are in the process of considering whether our legitimate grounds override your right;
- Processing is unlawful and you request restriction; or
- If we no longer need the personal data but you need it to establish, exercise or defend a legal claim
- Rights to data portability: If you want to move, copy or transfer the electronic personal data that we hold about you to another organisation, please contact our Data Privacy Manager (as above).
- Rights to object to automated decision-making: If you want to object to any automated decision making without any individual involvement that we undertake, and to the profiling of your data, please contact our Data Privacy Manager (as above).
Likelihood of objection to processing of information
SGD is not aware of any justifiable reasons that would constitute a legitimate reason for objecting or complaining about the way we process or control information.
Complaints about the use of personal data
If you want to complain about how we have dealt with your personal data, please contact our Data Privacy Manager (as above) and we will investigate.
If you are not satisfied with our response or believe we are unlawfully processing your personal data, you can complain to the Information Commissioner’s Office (ICO) via the official website.
Overseas Transfers
None of the information that we collect, process or store is transferred outside of the European Economic Area (EEA) unless necessary for the purposes of fulfilling our contractual or professional obligations to our clients and in circumstances where our clients have a legitimate expectation of our sharing such information in the manner it is shared.
Marketing data
We may contact you with direct marketing using social media channels, email or post. We may therefore use your personal information to contact you about products, services or events which we feel may interest you, but we will never send marketing communications via SMS or call you without your specific consent and we will never pass on or sell your details to anyone else.
How we collect personal data
The following are examples of how we collect your personal information:
- Asking you to provide it when we engage you as a client
- Signing-up to receive one of our newsletters
- Submitting an online enquiry
- Following/liking/subscribing to our social media channels
- Taking part in a promotion on our website or on our social media channels
- Agree to fill in a questionnaire or survey on our website or at an event
- Ask us a question or submit any queries or concerns you have via email or on social media channels
- Post information to our website or social media channels, for example when we offer the option for you to comment on, or join, discussions
- When you leave an online review about us
SGD handles enquiries at different stages and we group those enquiries in two main ways. We will take the following steps in each instance:
- Prospects and leads: We will record consent before adding you to our marketing database.
- Clients and business contacts: Legitimate interest will be the legal basis. Relevant marketing communications may be sent to you by post or email while you are a client. As a client, you will have the option to exclude yourself from marketing by clicking on the unsubscribe link on all of our emails, on the telephone when speaking to an advisor or contacting SGD through email or on social media.
If our systems allow, contacts who have not engaged by opening a marketing email over a period of 6 months will be removed from our marketing database.
How we may use your details
The following are examples of how we might use your personal information for our legitimate business interests:
- Fraud prevention
- Direct email marketing
- Network and information systems security
- Modifying or improving our services
- Identifying systems and communications usage trends
- Determining the effectiveness of any promotional campaigns and advertising
We may use your personal information for legitimate interests such as direct marketing or under a reasonable expectation that we can provide you with information you would expect to receive or that would benefit and enhance our relationship. This information will help us review and improve our services.
Your rights
You have the right to object to this processing. If you wish to do so, please email our Data Privacy Manager (as above).
How we protect your personal information
We will only use non-sensitive personal information in relation to marketing; such as name, address, telephone, email, job description and previously expressed interests and requests. We may collect analytical information against your information to ensure that we do not send you irrelevant information.
If you want to ‘unsubscribe’ from our marketing database, you can either follow the unsubscribe instructions on any of our communications to you that include them or you contact us by emailing the Data Privacy Manager (as above) with your name and email address, or reply to the person who sent you the email, clearly stating that you wish to “unsubscribe”. We will remove your details from our marketing database as soon as we reasonably can. Unsubscribing will not affect our professional relationship with you and we will continue to retain and process your information in connection with our legal services in the normal way.
Cookies and links to other websites
We may use cookies to store and help track information about you to offer and provide a personal service through our website (www.sgdlaw.com)? A cookie is a small text file sent to your device that we use to store limited information about your use of the website. We may use cookies to provide you with certain functionality (such as to enable access to secure log-in areas and to save you having to re-enter information into product or website forms) and to personalise our website content. Without cookies, this functionality would be unavailable.
By using our website you agree that we can place these cookies on your device.
We may also use analytics tools provided by Google. or other similar providers. The data collected enables us to understand aggregated user or visitor activity and how we might improve our website. This data is collected and used on an anonymised, aggregated basis only and does not enable any user or visitor to be personally identified.
In addition, we may also use marketing automation tools. These companies serve cookies to profile users or visitors’ interests and activity. We may use data collected through these cookies to serve users or visitors with information, new articles and advertising tailored to their specific needs and requirements.
You have the right to refuse or disable cookies served through our website although, if you choose to do so, some functionality might become unavailable to you. As the methods to do this vary from browser to browser, we suggest that you access your browser’s help menu for further information. We respect your right to choose whether or not to accept cookies.
Note: If you do not set your browser and e-mail settings to disable cookies, you will be indicating your consent to receive them.
If you want to find out more about cookies and clear gifs, you can visit www.allaboutcookies.org, an independent resource that explains what cookies and clear gifs are and how you might manage them. We are not responsible for, and have no control over, the content of this third-party website.
Our website might contain links to other websites or web services. Once you have used any link to leave our site, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information that you provide while visiting any other sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Enquiries
If you have any questions about this notice or our privacy arrangements, please email our Data Privacy Manager (as above).
This document may be subject to amendment.Go to http://sgdlaw.com/page/privacy for the most up to date version.
Statham Gill Davies, 38 Wigmore Street, London W1U 2RU
Telephone 020 7317 3210
DX 42724 Oxford Circus North
Statham Gill Davies is authorised and regulated by the Solicitors Regulation Authority (SRA No: 417602) and its solicitors are subject to the professional rules of the SRA Code of Conduct 2011.
Statham Gill Davies does not accept service of proceedings by email. A list of partners is available for inspection at the above address.