Kaizen Law Solicitors Ltd Privacy Statement
This document sets out how we will use personal data collected from you.
Kaizen Law Solicitors Ltd is committed to ensuring that your privacy is protected.
Should we ask you to provide certain information by which you can be identified when using our services, you can be assured that it will only be used in accordance with this privacy statement.
Kaizen Law Solicitors Ltd may change this policy from time to time. The latest copy can be found on our website or by asking our compliance officer for a copy to be sent to you.
All clients are provided with a copy the privacy statement as part of our client introduction pack.
Who we are:
Data is collected, processed and stored by Kaizen Law Solicitors Ltd; and we are what is known as the ‘data controller’ of the personal information you provide to us.
Kaizen Law Solicitors Ltd is a Limited Company (Co. Reg.: 09687699), authorised and regulated by the Solicitors Regulation Authority under number 624539.
Kaizen Law Solicitors Ltd is registered with the Information Commissioner’s Office under registration reference ZA152812.
Our Compliance Officer is Saif Khan who can be contacted via our main office number 01204 867 556 or email email@example.com .
Our website and services are not aimed specifically at children because in legal work children are generally represented by their parent or guardians, who are requested to provide consent to the use of a child’s personal data.
If you are a child and need further advice or explanation about how we would use your data, please ask the person at our firm who is working with you, or you can ask to speak to Saif Khan who will answer any questions you may have.
What we need:
The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you. This notice is intended for clients and prospective clients only.
Under the GDPR (General Data Protection Regulations) 2018 there are two types of personal data (personal information) that you may provide to us:
Sensitive personal data: is, by its nature, more sensitive information and may include your racial or ethnic origin, religion, health or criminal convictions.
In the majority of cases personal data will be restricted to basic information and information needed to complete ID checks. However some of the work we do may require us to ask for more sensitive information, in which case we request consent to use sensitive data.
Sources of information:
Information about you may be obtained from a number of sources, including:
- Information provided by yourself and/or your named representative.
- You may provide information relating to someone else – if you have the authority to do so
- Third parties may pass information to us in order that we can undertake your legal work on your behalf. Typically these organisations can be:
- Banks or building societies
- Panel providers who allocate legal work to law firms
- Organisations that have referred work to us
- Medical or financial institutions – who provide your personal records / information
- Insurance or motoring oganisations – who provide your personal records / information.
Why we need your data:
The main reason for asking you to provide us with your personal data is to allow us to carry out your requests – which will ordinarily be to represent you and carry out your legal work.
The following are some examples, although not exhaustive, of what we may use your information for:
- Verifying your identity
- Verifying source of funds
- Communicating with you
- To establish funding for your matter or transaction
- Obtaining insurance policies on your behalf
- Processing your legal transaction including:
- Providing you with advice; carrying out litigation on your behalf; attending hearings on your behalf; preparing documents or to complete transactions
- Keeping financial records of your transactions and the transactions we make on your behalf
- Seeking advice from third parties; such as legal and non-legal experts
- Responding to any complaint or allegation of negligence against us
Who has access to your data:
We have an Information Management and Data Protection Policy in place to oversee the effective and secure processing of your personal data.
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Generally, we will only use your information within Kaizen Law Solicitors Ltd, for progressing your case, keeping you up to date with progress, staff training and development.
There may be circumstances, in carrying out your legal work, where we may need to disclose some information to third parties; for example:
- HM Land Registry to register a property
- HM Revenue & Customs; e.g. for Stamp Duty Liability
- Court or Tribunal
- Solicitors acting on the other side
- Asking an independent Barrister or Counsel for advice; or to represent you
- Non legal experts to obtain advice or assistance
- Translation Agencies
- Contracted Suppliers
- External auditors or our Regulator; e.g. Lexcel, SRA, ICO etc.
- Bank or Building Society; or other financial institutions
- Insurance Companies
- Providers of identity verification
- Any disclosure required by law or regulation; such as the prevention of financial crime and terrorism
- If there is an emergency and we think you or others are at risk
In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.
There may be some uses of personal data that may require your specific consent. If this is the case we will contact you separately to ask for your consent that you are free to withdraw at any time.
How do we protect your personal data:
We understand how important your personal data is and make it a priority to protect that data whilst it is in our care.
We have high standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction.
We use computer safeguards such as regular backups, off site back ups, firewalls and data encryption and have anti malware and anti phishing software in place.
We enforce, where possible, physical access controls to our buildings and files to keep data safe, as well as ensuring physical records are stored in a fireproof cabinets.
We take our client confidentiality obligations very seriously. All our staff are trained in client care, confidentiality and personal data protection. Both internal and external parties have agreed to protect confidentiality of all information, either within the contracts agreed with them, by adopting our policies in full, or through the use of Non Disclosure Agreements (NDAs)
How long will we keep your data for:
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us.
- As long as necessary to carry out your legal work
- For a minimum of 6 years from the conclusion or closure of your legal work; in the event that you, or we, need to re-open your case for the purpose of defending complaints or claims against us
- For the duration of a trust
- Some information or matters may be kept for 16 years – such as commercial transactions, sales of leasehold purchases, matrimonial matters (financial orders or maintenance agreements etc.)
- Probate matters where there is a surviving spouse or civil partner may be retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance
- Wills and related documents may be kept indefinitely
- Deeds related to unregistered property may be kept indefinitely as they evidence ownership
- Personal injury matters which involve lifetime awards or PI Trusts may be kept indefinitely
What are your rights:
Under the GDPR 2018, you are entitled to request a copy of your personal data (otherwise known as a Subject Access Request).
If you wish to make a request, please do so in writing addressed to our Compliance Officer Saif Khan; or contact the person dealing with your matter.
A request for access to your personal data means you are entitled to a copy of the personal data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc. This means that a Subject Access Request will not normally result in you getting a copy of your file because you are only entitled to your personal data – not the documents that contain that data.
Complaints about the use of personal data:
If you wish to raise a complaint on how we have handled your personal data, you can contact our Compliance Officer who will investigate further.
Our Compliance Officer is Saif Khan; and you can contact them via our main office number 01204 867 556 or email firstname.lastname@example.org .
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
The direct marketing channels that we use include social media channels, email or post.
We will never send marketing communications via SMS or call you without your specific consent; nor do we ever pass on or sell your details to a third party.
How we collect personal data for marketing
The following are examples, although not exhaustive, of how we collect your personal information:
- Sign-up to receive one of our newsletters
- Submitting an online enquiry
- Following/liking/subscribing to our social media channels
- Take part in one of the competitions or promotions we run on our website or on our social media channels
- Agree to fill in a questionnaire or survey
- Ask us a question or submit any queries or concerns you have via email or on social media channels
- Post information to our website or social media channels, for example when we offer the option for you to comment on, or join, discussions
- When you leave a review about us
- Whenever we collect your personal data, you will be provided the opportunity to ‘opt in’ to receiving marketing communications from us.
We hope you will provide this information and that you find our communications useful, but if you choose not to, this will have no effect on accessing our legal services.
How we may use your details for legitimate business interests:
The following are examples, although not exhaustive, of how we may use your personal information for our legitimate business interests:
- fraud prevention
- direct marketing
- network and information systems security
- data /analytics /enhancing, modifying or improving our services
- identifying usage trends
- determining the effectiveness of promotional campaigns and advertising.
You have the right to object to this processing. Should you wish to do so please contact Compliance Officer Saif Khan via our main office number and email.
How we protect your personal information:
We will only ever use non sensitive personal information to target individuals with marketing materials; such as name, address, telephone, email, job description and previous buying behaviours.
Sensitive information or specific details will never be used to target marketing communications. We may use personalisation to collect analytics to inform marketing and produce relevant content for the marketing strategy to enable it to enhance and personalise the “consumer experience”.
If you do not wish us to continue to contact you in this way, you can either follow the unsubscribe instructions on our website, contact your case handler or contact our I.T Manager by email on email@example.com . Your details will be removed immediately.
Once unsubscribed, you may still receive transactional emails from us regarding your legal case.
Any questions regarding this notice and our privacy practices should be sent by email to our Compliance Officer Saif Khan who can be contacted via our main office number 01204 867 556 or email firstname.lastname@example.org