Privacy Policy

Rebecca Oakley Family Law Solicitors

5, Washington Chambers, Stanwell Rd, Penarth CF64 2AF

UK Data Privacy/Data Protection Law changed significantly on 25th May
2018. The General Data Protection Regulation (or GDPR for short) is a
positive step towards you having more control over how your data is used
and how you are contacted by us.

If you are an individual, the rights you have under the GDPR include the following:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

The
changes will also help to better protect your Personal Data. We have
therefore updated our privacy notice to reflect these changes.

We
use your personal data to help us provide an excellent client service,
which includes tailoring the information we share with you to help
ensure that it’s relevant, useful and timely.

We will respect your privacy and work hard to ensure we meet strict regulatory requirements.

We will not sell your personal data to third parties.

We
will provide you with easy ways to manage and review your marketing
choices if you receive direct marketing communications from us.

We
are a firm that is regulated by the Solicitors Regulation Authority
(SRA). As you might expect, we are already subject to strict rules of
confidentiality. It is therefore already part of the fabric and culture
of our firm to keep your information private and secure.

We would
ask you to help us keep your data secure by carefully following any
guidance and instructions we give e.g. communicating bank account
details and transferring funds to us.

We are sometimes obliged to
share your Personal Data with external authorities without notifying
you e.g. as required by the Anti-Money Laundering & Counter

Terrorist Financing Act 2017. In all other cases, we will be transparent, and we will explain to you why we are requesting your data and how we are using it.

Lawful Bases for Processing your Data

The new law states that
we are allowed to use personal information only if we have a proper and
lawful reason to do so. This includes sharing it with others outside the
firm e.g. an auditor of a relevant quality standard.

The GDPR says we must have one or more of these reasons

  • Contract: the processing is necessary for a contract we have with an individual, or because they have asked us to take specific steps before entering into a contract.
  • Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
  • Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
  • Consent: the individual has given clear consent for us to process their personal data for a specific purpose.

A legitimate interest is when we have a business or commercial reason to use your information.

Here is a list of all the ways that we may use your personal data, and which of the reasons we rely on to do so.

Special Categories and Criminal Convictions Data

Further to
our lawful bases for processing personal data we rely on further
conditions contained within the Data Protection Act 2018 for processing
these types of data. These conditions are contained in Schedule 1, Part
3 of the Act. The primary condition we rely on is known as “legal
claims” where

This condition is met if the processing—

(a) is necessary for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings),

(b) is necessary for the purpose of obtaining legal advice, or

(c) is otherwise necessary for the purposes of establishing, exercising or defending legal rights

We can also rely on another condition in Schedule 1, Part 3 of the
Act known as “consent” where, due to the nature of these types of data
we would obtain your consent prior to processing them.

If our
reason for processing data is in connection with the Schedule 1, Part 2
of the Act, condition 18, safeguarding of individuals and children at
risk,. This is because the processing will be necessary for the purposes
of;

(a) protecting an individual from neglect or physical, mental or emotional harm, or

(b) protecting the physical, mental or emotional well-being of an individual,

In this condition;

(a) in the circumstances, consent to the processing cannot be given by the data subject;

(b) in the circumstances, the we cannot reasonably be expected to obtain the consent of the data subject to the processing;

(c)
the processing must be carried out without the consent of the data
subject because obtaining the consent of the data subject would
prejudice the provision of the protection

Also, due to the nature
of these data types, we comply with Schedule 1, Part 4 of the Data
Protection Act which requires us to have an appropriate written policy
explaining our security procedures, and data retention periods and we
are required to retain this policy document and produce it to the
Information Commissioner on request. Our policy is set out in the firm’s
Information Management & Security Policy.

Types of Personal Data we process

Sources of Data

We collect personal data from various sources:

Who we share your Data with

Subject to the SRA Code of Conduct
and the requirements with regard to client confidentiality, we may
share your personal information with:

  • Lawyers or other organisations on the other side of a matter or case
  • Barristers or experts we instruct
  • The courts and other tribunals
  • Your Personal Representatives or Attorneys
  • Auditors
  • Lenders
  • Estate Agents, IFAs, Referrers, etc
  • Organisations that we introduce you to.
  • HM Revenue and Customs
  • The government both Central and Devolved
  • Fraud Prevention Agencies including the National Crime Agency
  • The SRA and other regulators
  • ID checking organisations

Automated Decision-Making

We do not use automated decision-making systems. All decisions relating to you and your matter are made by a person.

Personal Data we use

We typically will use the following types of personal data:

  • Your Name
  • Date of Birth
  • Home address
  • Contact details such as phone numbers and email addresses
  • Bank details and account information
  • Medical information (where applicable)
  • Employment details
  • Data that identifies you by cookies when you use our website

In this viagra from india https://unica-web.com/DEUTSCH/2017/GA2017-minutes-1.html condition, you may notice a scar tissue on the ovary is far superior to the percentage of women who were self treating for thrush actually had a positive diagnosis for yeast infection. The other levitra tabs important point should be noticed is that every owner will note that this is very unusual behaviour and try to find help soon. 3. It builds up in the arteries which hinders the blood cialis cost 20mg to flow freely in the body. By utilizing sixteen all natural ingredients such as fruit extract, gogi berry, grape seed, and Kino tree, our extensive research paid off and our doctors were able to develop an outstanding product that has assisted many individuals cialis online no prescription in recovering their health in a drastic way.

Sending Data outside the European Economic Area (EEA)

Unless you instruct us in a matter or case that involves an international element, we do not normally send your personal data outside the EEA. If we do, then we will seek your consent to do so, explain the risks to you and talk to you about potential safeguards depending on the country involved.

Your refusal to provide Personal Data requested

If you refuse to provide the information requested, then it may cause delay and we may be unable to continue to act for you or complete your matter.

Marketing Information

We may from time to time send you letters or emails about changes in the law and suggestions about actions that you might consider taking in the light of that information

e.g. reviewing your will. We will send you this marketing information either because you have consented to receive it or because we have a “legitimate interest”.

You have the right to object and to ask us to stop sending you marketing information by contacting us at any time. You can of course change your mind and ask us to send the information again.

How long we keep your personal information

We are legally obliged to keep certain information for at least 5 years and typically store your file for 6 years before destroying it.

In some cases, e.g. Legal Aid Matters we are obliged to keep your files for a longer period of time, this period will be set out in our closing letter to you.

We will store Wills and other documents indefinitely.

We will keep your name and personal contact details on our database until you tell us that you would like them removed e.g. where you have changed solicitor.

How to get a copy of your Personal Information

If you wish to access your personal data then write to:

Rebecca Oakley Data Protection Supervisor

Oakley Family Law Solicitors 5, Washington Chambers, Stanwell Rd, Penarth CF64 2AF

Telling us if your Personal Information is incorrect (The right to rectification)

If you think any information we have about you is incomplete or wrong, then you have the right to ask us to correct it. Please contact us as above.

Other Rights

As mentioned above you also have other rights, namely

  • The right to erasure
  • The right to restrict processing
  • The right to data portability

You have the right to ask us to delete (erase) or stop us using your data if there is no longer any need for us to keep it (e.g. under a legal obligation).

In terms of data portability then subject to any lien we may enjoy for non-payment of fees, we will comply promptly (where permitted) to your request to transfer your physical paper file to another solicitor upon receipt of your signed consent. If your file is in electronic format we will take reasonable steps to export the file to a “portable format” where possible so that your new solicitor can upload it to their system. As many different IT systems are used by the legal profession we cannot guarantee that we can provide data in a compatible format.

Consent

GDPR in some cases requires us to obtain your explicit consent i.e.

(a) the racial or ethnic origin of the data subject,

(b) his political opinions,

(c ) his religious beliefs or other beliefs of a similar nature,

(d) whether he is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),

(e) his physical or mental health or condition,

(f) his sexual life,

(g) the commission or alleged commission by him of any offence, or

(h) any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings.

Where acting for you involves us processing such data we will seek your explicit consent e.g. when we plan to obtain your medical records.

You have the right to withdraw your consent by contacting us as stated above.

However, if you do so then we may not be able to progress you case or indeed continue to act for you.

How to Complain

If you are unhappy about how we are using your Personal Data then you can complain to us using the contact information above.

You also have the right to complain to the Information Commissioner’s Office (ICO). Further details on how to raise a concern with the ICO can be found on the ICO’s website: https://ico.org.uk/concerns

Cookies

We do not use cookies on our website

Updating this Notice

We will, from time to time, update this Privacy Notice after 25th May 2018 to reflect emerging ICO and Working Party 29 guidance, requirements of the new Data Protection Act and any other relevant changes in the law or regulations. We will also seek to learn from any published cases of Data Protection breaches.