Privacy Statement

At Sherrey and Associates Solicitors we are committed to ensuring that your privacy is protected. The following statement explains how we will use any personal data that we have collected from you.

Where we ask you to provide information that means you could be identified when using our services, you can be assured that it will only be used in line with this privacy statement.

Please note, this policy may change from time to time, however the latest version will be found on our website, or you can request a copy directly from us.

1. Data controller / who we are

Where data is collected, processed and stored by Sherrey and Associates Solicitors we are what is known as the ‘data controller’ of the personal information you provide to us.

Sherrey and Associates Solicitors is authorised and regulated by the Solicitors Regulation Authority under number 629346. The firm is also registered with the Information Commissioner (Reg. ZA186326)

For any questions with regards to this policy or the way that we manage your data please contact our Principal Robert Sherrey.

2. Children

As part of working with our clients and dealing with family matters we may hold data on children. Generally they are represented by their parents or guardians who have been requested to provide consent to use a child’s personal data.

If you are a child and are concerned or would like to understand about how we would use your data please ask the person in the firm who is working with your family. We will then arrange to speak to you to answer any questions that you may have.

3. What we need

Any information that we ask you to provide will be dependent on what you have asked, or instructed, us to address on your behalf.

Under the GDPR (General Data Protection Regulations) 2018 there are two types of personal data (personal information) that you may provide to us:

• Personal data: is the general information that you supply about yourself – such as your name, address, gender, date of birth & contact details.
• Sensitive personal data: is, by its nature, more sensitive information. It may include your racial or ethnic origin, religion, health or criminal convictions. It may also include other personal and financial details relevant to your matter.

The nature of the services that we provide regularly require us to hold and use sensitive personal data in the furtherance of your matter. We ask for your specific permission to do so in our letter of engagement.

Information is stored on our case management system on our servers.  While acting for clients, certain information may be sent to third parties via a secure electronic file transfer system.

4. Sources of information

We may obtain information about you from a range of sources. These would include:

1. Information provided by you (or by a named representative)
2. Information provided by third parties to allow us to undertake legal work on your behalf, such as
   1. 
      
      1. Banks / building societies
      2. Experts and independent financial advisors
      3. Solicitors acting for the other side
      4. Medical or financial institutions

5. Why we need your data

The central reason for us asking you to provide us with your personal data is so that we can deliver our services to you in accordance with your instructions and our regulatory duties.

Examples of what we use your information for include:

1. Verifying your identity and the source of funds (including anti money laundering checks)
2. Liaising and communicating with you
3. Delivering our services to you, including providing advice, preparing documentation and representation in proceedings
4. Keeping financial records of transactions
5. Obtaining advice from third parties including both legal and non-legal experts
6. Responding to any complaint or allegation of negligence

This list is not exhaustive and is intended to be indicative only.

6. Who has access to your data

We will not sell or rent your information to third parties. Nor will we share your information with third parties for marketing purposes.

Typically your information will only be used within our firm for delivering our services to you, staff training and development.

We may also have occasions where, in the course of delivering our legal services to you, we are required to disclose information to third parties. Examples of this would include:

1. HM Land Registry to register a property
2. Courts or other alternative dispute resolution process providers
3. Communications with the solicitor for the other side
4. Instructing a Barrister or Counsel on your behalf
5. Dealings with other legal and non-legal third parties in the furtherance of your matter
6. If disclosure is required by law or regulation, for instance the prevention of financial crime and terrorism
7. If there is an emergency and we believe that you, or others, may be at risk

Where we do need to share your information with third parties we do so on the basis that they comply strictly and confidentially with our instructions and that they do not use your personal information for their own purposes (unless you have specifically consented to them doing so).

Occasionally, some uses of personal data may require your specific consent. If this is the case we will contact you separately to ask for your consent that you are free to withdraw at any time.

We also have Information Management and Data Protection policies aimed at ensuring safe processing of all data.

7. How do we protect your personal data

We appreciate how important your personal information is and it is critical to us that your data is protected while in our care.

We closely manage our IT and operational security to protect personally identifiable data from loss, misuse, alteration or unplanned destruction. We use a range of IT security solutions to support this including off site backups, data encryption, log in protection and anti malware or phishing software.

We manage as far as possible physical access to our offices and ensure hard copy files are kept in private areas of the office. We take our obligations seriously and staff are trained and aware of their confidentiality and data protection responsibilities. Both internal and external parties that we work with have agreed to confidentiality of all information either within their contracts or through the use of Non Disclosure Agreements.

8. How long will we keep your data for

Personal information is held both in computer and manual files. It will be retained only for as long as is necessary, or as required by law, or as will be set out in any relevant contract with you.

We may hold personal data for differing lengths of time depending on the reason for doing so. For example:

1. As long as is necessary to deliver our services to you and to avoid potential conflicts of interest in the future.
2. Typically for a minimum of ten years from the conclusion of your legal work in the event that we need to re-open your matter for any reason. In some matters certain documents and information may be kept for significantly longer (16+ years), for instance on some financial orders and maintenance agreements.

9. Marketing data:

We may contact you for the purposes of marketing and updating you on latest developments.

This means that we may use your personal data to send you updates about legal developments that might be of interest and relevant to your case, or to invite you to events we are running.

We will never send marketing communications via SMS or call you without your specific consent; nor do we ever pass on or sell your details to a third party for marketing purposes.

10. How we may use your details for legitimate business interests

Under the GDPR 2018 regulations we have the right to use your personal data for legitimate business interests. This might include:

1. Anti money laundering and fraud prevention
2. Direct marketing and updates
3. Managing network in IT security
4. Data analysis and to improve our services
5. Understanding trends in our sector

You have the right to object to this processing. Should you wish to do so please contact our Principal via our main office number and email.

11. What are your rights?

The GDPR (General Data Protection Regulations) 2018 entitle you to request a copy of your personal data. This is known as a “Subject Access Request”. If you wish to make such a request please do so in writing, or speak directly to the person in our firm who is dealing with your matter.

A request for access to your personal data means you are entitled to a copy of the personal data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc. This means that a Subject Access Request will not normally result in you getting a copy of your file because you are only entitled to your personal data – not the documents that contain that data.

You have the right to request that personal data that we hold on you is deleted or transferred to a third party and we have a duty to acknowledge these requests. They should be submitted in writing. However please note that our response will be subject to our other legal and regulatory duties and this may impact on our ability to comply fully with such requests.

12. Complaints about the use of personal data

If you wish to raise a complaint with regards to the way that we have handled your personal data please contact our Principal. We will investigate any complaint or potential complaint in line with our Complaints Policy and will respond to you with the results of our investigation, along with any proposed remedial action, if appropriate.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).

13. Cookies

A 'cookie' is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

14. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.