Privacy Policy

Gadsby Wicks is registered as a Data Controller with the Information Commissioner's Office. In the course of providing legal services to our clients and running our business, we gather and use personal information about a number of different categories of people.

This policy applies to information we collect about:

• Clients
• People who make enquiries about our services
• Applicants to work at Gadsby Wicks
• Service providers and others connected to our work
• People who visit our website or who follow us on our various social media channels

Personal data is any information about an individual from which that person can be directly or indirectly identified. It doesn’t include anonymised data i.e. where all identifying particulars have been removed. There are also “special categories” of personal information which require a higher level of protection because they are of a more sensitive nature.

The personal data that we may collect and hold on you may include the following: your name, address, telephone and/or mobile number, e-mail address, date of birth, national insurance number, family details, employment records, performance information, financial information and bank details, Some of the data we collect may contain special categories of personal data about you such as details about your race or ethnicity, religious beliefs, sexual orientation, your health and information about criminal convictions and offences.

We normally collect your data when you provide it to us or when it is provided to us by others such as relatives, your employer, other parties involved in the services we are providing, regulators and authorities. You may give us your data by email; through an online web form; over the telephone; face to face; or by post.

As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our cookies policy for further details. We may receive personal data about you from various third parties including analytics providers such as Google and our CRM provider (HubSpot), from referral organisations and opponents and from publically available sources such as directories.

Where we need to collect personal data by law, or under the terms of a contract and you fail to provide that data when requested, we may not be able to perform the contract we have entered into or are trying to enter into with you.

We only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you. If you are a client we may also need to process your data to meet our contractual obligations to the Legal Aid Agency where you receive legal aid to fund your case or advice.
• Where it is necessary in order to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. This may include to satisfy our external quality auditors or our Regulators.
• Where we need to comply with a legal or regulatory obligation. For example, we can pass on details of people involved in fraud or other criminal activity.

We will only use “special category” personal data about you when processing is necessary for the establishment, exercise or defence of a legal claim or processing is required by the courts acting in their judicial capacity. Generally, we do not rely on consent as a legal basis for processing your personal data.

We take protecting your data very seriously. The data you give us may be subject to Legal Professional Privilege and is often extremely sensitive and confidential.

We will treat your personal data with the utmost care and take all appropriate steps to protect it. We have clear data protection and information security policies and procedures in place (along with Regulatory and other legal obligations to keep your data safe) and these are regularly assessed as part of our Quality Standards and compliance processes.

We only keep your data for as long as is necessary for the purpose(s) for which it was provided. We have a data retention policy that sets out retention periods for all of the personal information that we hold based on why we need the information. The policy takes into account any statutory or regulatory obligations we have to keep the information, our ability to defend legal claims, our legitimate business interests and best practice.

We delete or destroy personal information securely in accordance with our data retention policy. We are required to keep client files for 6 years after the client’s claim ends and, in the case of children we are required to keep the file until 6 years after the child reaches the age of 18.

Information provided in relation to enquiries where we do not take on the case is kept for 6 months. Information regarding unsuccessful job applicants is kept for 12 months. In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

We sometimes share your personal data with trusted third parties. We only do this where it is necessary for performance of a contract with you or for the effective operation of our legal practice.

For example, we may share data with paginators that collate and store medical records; medical experts and other expert witnesses; barristers; costs draftsmen; process servers; auditors and other professional advisers and service providers including the company that provides our IT support.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Your data is stored and processed within the European Economic Area (EEA). If we ever have to share your personal data with third parties and suppliers outside the EEA we will seek your specific consent to do so.

The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

You have a number of rights under the General Data Protection Regulation in relation to the personal data that we hold about you and those rights are set out below.

• You have a right of access to the personal information that we hold about you, free of charge in most cases and in a format that can easily be re-used
• You have the right to ask us to correct any information that we hold about you if it is inaccurate, out of date or incomplete
• You have the right to object to any processing of your personal information after you have withdrawn consent, or object and where we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end

If we choose not to action your request, we will explain to you the reasons for our refusal.

Whenever you have given us your consent to use personal data, you have the right to change your mind at any time and withdraw that consent.

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

For information on how your information is used, how we maintain the security of our information, and to exercise your rights to access information we hold on you, please contact us. Similarly, if you believe that the information we hold is wrong or out of date, please let us know and we will update it. The person in this firm responsible for data protection is Gillian Gadsby and enquiries and requests can be sent to her by telephone 0808 115 8537, by emailing [email protected] or in writing to Gadsby Wicks, Priory Place, New London Road, Chelmsford, Essex CM2 0PP.

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office. You can contact them by calling 0303 123 1113. Or go online to www.ico.org.uk

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this policy. You should exercise caution and look at the privacy statement or policy applicable to the website in question.

We keep this privacy notice under regular review and may change it from time to time by updating this page in order to reflect changes in the law and/or our privacy policies. We would encourage you to check this privacy notice for any changes on a regular basis. Last updated February 2019.