Finn Gledhill is required to comply with the law governing the management and storage of personal data and sensitive personal data, which is outlined in the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act.
For this reason, protection of personal data and respect for individual privacy is fundamental to the day-to-day operations of Finn Gledhill. We have the appropriate security measure in place which ensures that your data will always be secure and cannot be used or accessed unlawfully.
This policy will set out
What information we collect
We will collect and process the following data about you in the course of advising/and acting for you. We will only collect data that is relevant to the service we are performing
Personal data and sensitive personal data we collect can include
How we collect, process, store and share your information
The majority of the information we collect on you comes directly from you but we may also collect further information from
Uses made of the personal data we collect
We are only allowed to use your personal (and sensitive personal) data if have a proper and lawful reason to do so and under the strict guidelines set out in the GDPR.
The lawful basis is that the processing is necessary in relation to a contract which the data subject has entered into with us (either directly or through an intermediary), or because the data subject has asked for something to be done so they can enter into a contract.
If we are instructed to act in a case where the data subject is not our client (for example if we prosecute the case) the legal basis is that the processing is necessary for administering justice, or for exercising statutory, governmental, or other public functions.
In relation to the legal basis for promotional communications (please see below) the processing is in accordance with the “legitimate interests” condition
We will use this data to
We will process data in those ways for the following reasons:
We will only process special category personal data with your explicit consent.
Who we share your personal data with
During the course of providing our legal services we will have to share your data with your instructed Solicitor, as well as contacting other organisations about you which would include
How long your data will be stored
We will retain your personal data after we have finished providing our legal services and do so for the following reasons
When it is no longer necessary to retain your personal data, we will delete or ensure that any personal or sensitive personal data is anonymised.
Your rights in relation to any information we store.
The GDPR gives rights to individuals in respect of the personal data that any organisations hold about them. Everybody working for Finn Gledhill must be familiar with these rights and adhere to Finn Gledhill’ procedures to uphold these rights.
These rights include
If you wish to exercise any of these rights or would like a data subject request please contact Marc gledhill (Information Security Manager) and provide sufficient information for us to identify you. You will also need to let us have proof of your identity (driving licence, passport, utility bills etc.) and inform us of which right you would like to exercise.
Even with the security measure we have in place to protect your data, we also have procedures in place to deal with any suspected data security breaches. It we suspect that there is a breach, We will notify you and any applicable regulator (ICO) of a suspected data security breach in accordance with the regulations set out by the GDPR
How to Complain
We would hope that any issues you may have in regards to our handling of your secure data could be resolved between ourselves, with In the event that this is not possible, The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.
How to Contact us
If you wish to contact Finn Gledhill in regards to the GDPR and the data we hold on you, your first point of contact should be the Information Security Manager, Marc Gledhill. In the event he is not available then one of the other Partners in finn gledhill should be contacted.
Marc Gledhill – 01422 330000 – firstname.lastname@example.org
Carol Stevenson - 01422 330000 – email@example.com
Stephen Mattock – 01422 330000 = firstname.lastname@example.org
Malcolm Nowell – 01422 330000 – email@example.com
Amanda Palfreman – 01422 330000 – firstname.lastname@example.org