Privacy Notice – GDPR compliant
This privacy notice contains information about what data we collect and store about you and why. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.
Who we are?
S.Satha & Co Solicitors, main office at 358, High Street North, Manor Park, London E12 6PH,collects, uses and is responsible for personal information about you. When we do this we are the “controller” of this information for the purposes of the General Data Protection Regulations (GDPR) and other applicable data protection laws.
Our Data Control Officer is Selvanayagam Sathananthan (Partner) assisted by Shaun Neville (Partner).
When carrying out our legal services to you we collect the following personal information that you provide to us:
- Telephone Number
- Email Address
- National Insuarnce Number
- Medical Information (where appropriate)
- All information that will assist us in the processing of the work we are carrying out for you and such other information to enable us to carry out anti-money laundering checks.
We collect the following information from other sources:
- Personal information relating to anti-money laundering checks.
- Personal information required in connection with the legal services being provided.
This personal information (name, address, email address etc.…) must be provided by you to us, to enable us to provide our legal services and related activities. It is also used to provide you with information about our services.
Legal basis for collecting and using your personal information
We rely on the following as the legal bases for processing your information:
(i) The performance of our contract to provide legal services to you, (ii) compliance with legal obligations, and (iii) legitimate interests. We will only rely on legitimate interests where it does not negatively impact on your interests, rights or freedoms.
Who will we share your personal information with?
We will share personal information with law enforcement agencies if required by applicable law. We will not share your personal information with any other third parties without your consent unless required to do so by law, or where it is altogether necessary to do so.
Transfer of your information outside the European Economic Area (EEA)
It may be necessary to transfer your personal information outside the EEA or to an international organisation in order to check and discuss information. If so, you will be advised in advance to give your consent.
These countries do not have same data protection laws as the United Kingdom and EEA. The European Commission has not given a formal decision that these countries provide data protection that is substantially similar to those in the United Kingdom and EEA, however any transfer will be subject to safeguards as permitted under Article 46 of the General Data Protection Regulation. These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused.
How long will we store your personal data for?
We will retain your personal data for the following time periods:
- Compliance with Anti Money Laundering Regulations – 5 years
- Subject to the legal service provided – 6 to 12 years
- Wills and other original documents – indefinitely unless otherwise agreed by you in writing.
If you would like further details on the retention period for your specific matter please contact the lawyer dealing with your matter or our Data Control Officer. Your data will be destroyed/deleted at the appropriate time.
We are relying on your explicit consent to provide our services. You provided this consent when you signed our client care letter. As stated above, we use a number of lawful bases for processing your personal data and therefore will not require your explicit consent to do this. You have the right to withdraw this consent at any time, but this will not affect the lawfulness of any processing activity we have carried out prior to you withdrawing your consent. You can opt-out here or contact us at email@example.com or on 0208 471 9484.
The data subject is entitled to the following rights:
(i) The right to be informed (ii) the right to obtain copies (iii) the right to access their personal data (iv) the right to have inaccurate personal data rectified (v) the right to request the restriction or suppression of their personal data and (vi) the right to be forgotten.
Under the General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are:
- Transparency over how we use your personal data and fair processing of your information;
- Access to your personal information and other supplementary information;
- Require us to correct any mistakes or complete missing information we hold on you;
- Require us to erase your personal information in certain circumstances;
- Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine readable format;
- Object at any time to processing of your personal information for direct marketing;
- Object in certain other situations to the continued processing of your personal information;
- Restrict our processing of your personal information in certain circumstances.
- Request not to be subject to automated decision making which produce legal effects that concern you or affect you in a significantly similar way;
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioner’s Office on Individual’s rights under the GDPR.
If you want to exercise any of these rights, please:
- Email, call or write to us [Email: firstname.lastname@example.org; 020 8471 9484, Address: 358, High Street North, Manor Park, London E12 6PH]
- Provide another piece of information so that we can identify you. We may need to contact you to request further information to verify your identity;
- Let us have proof of your identity and address;
- State the right or rights that you wish to exercise;
We will respond to you within one month from when we receive your request. Please note if you wish to unsubscribe from any email you can do so by following the instructions on any communication we send to you. It may take five days for this to become effective.
How to make a complaint?
We hope that you are happy with our service and that our Data Control Officer can resolve any issues or complaints that arise. Please get in touch if you have any concerns (see “Get in touch” below).
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where the alleged infringement of data protection laws occurred. The UK supervisory authority of the Information Commissioner’s Office who can be contacted at the following website address: https://ico.orguk/concerns/.
Automated Decision Making
We do not use automated decision making in relation to the legal services we provide.
We protect your personal data using all reasonable and proportionate means, including computer security systems, staff training, compliance with all appropriate data protection legislation and professional conduct rules.
We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will inform you.
Changes to this privacy notice
This privacy was published in May 2018 and will be reviewed in May 2019. We constantly review our internal privacy practices and may change this policy from time to time. When we do we will inform you.
Get in touch
If you have any questions about this privacy notice or the information we hold about you, please contact our Data Control Officer. The best way to reach us is to email or alternatively, please write to us or call us.
If it would be helpful to have this notice provided in another format (for example: in another language, audio, braille) please contact us (see “Get in touch” above).