Burton Copeland LLP of Madison Place, Northampton Road, Manchester, M40 5AG is a limited liability partnership incorporated in England and Wales and is a ‘data controller’ under the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA) and is registered with the Information Commissioner’s Office under number Z6077445.
This privacy notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Our use of your personal data is subject to your instructions, the GDPR, DPA, other relevant UK and EU legislation and our professional duty of confidentiality. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
The information we collect from you
We will only collect information from you that is relevant to the matter that we are dealing with. We may collect additional information about you from emails or other correspondence that you send to us. In particular we may collect the following information from you which is defined as ‘personal data’.
- Personal details
- Family, lifestyle and social circumstances
- Financial details
- Business activities
- Criminal convictions
We may also collect information that is referred to as being in a ‘special category’. This could include:
- Physical or mental health details
- Racial or ethnic origin
- Religious beliefs or other beliefs of a similar nature
- Sexual orientation
which we will only process with your explicit consent
How we use your information
Under data protection law, we can only use your personal data if we have a proper reason for doing so, eg: to comply with our legal and regulatory obligations; for the performance of our contract with you or to take steps at your request before entering into a contract; for our legitimate interests or those of a third party; or where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
We will use your information for the provision of legal advice or for personnel, administrative and management purposes which is necessary for the performance of the contract between us. We may also use it for:
- Administering any accounts
- Processing your bank/credit card details in order to obtain payment
- The prevention and detection of fraud
- Market research
- Reference checks
We may use your personal data to send you updates (by email, text message, telephone or post) about legal developments that might be of interest to you and/or information about our services.
We have a legitimate interest in processing your personal data for promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by contacting us by email at [email protected].
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
Who we share your information with
We limit the sharing of your information to those people who will assist with your matter or employment. This may include the following, but the list is not exhaustive:
- Medical experts
- Private investigators
- Defence forensic experts
- Healthcare professionals, social and welfare organisations
- Courts and Tribunals
- Employment lawyers
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
Where you authorise us we may also disclose your information to your family, associates or representative. In the event that you do not pay our invoices, we may also disclose your information to debt collection agencies..
Storage of Information
We will keep your information throughout the period of time that we do work for you or you are employed by the firm and afterwards for a period of six years or as we are required to do by law.
When it is no longer necessary to retain your personal data, we will delete or anonymise it.
You have a number of rights under the GDPR which include:
- Transparency/right to be informed
- Right to Access
- Right to Erasure
- Restrict processing
- Data portability
- Right to object
- Not to be subjected to automated decision-making/profiling
Any access request may in the first instance be free of charge but may be subject to a reasonable fee if requests are found to be excessive. Proof of ID will be requested where an access request is made. Further information on this issue can be obtained from the Information Commissioner’s Office, www.ico.org.uk or from our Data Protection Officer, Daniel Weed, [email protected].
Keeping your personal data secure
The data we collect from you will be stored within the European Economic Area and we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice. We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you are unhappy about how we are using your information then initially you should contact the Data Protection Officer and if your complaint remains unresolved then you can contact the Information Commissioner’s Office, details available at www.ico.org.uk.
Changes to our privacy notice
We may revise this privacy notice at any time by amending this page.