Privacy statement on behalf of Blackfords LLP
Blackfords LLP is committed to respecting and protecting your privacy.
In this notice, we will tell you in detail how we use and share your personal information and explain your rights in relation to that.
Who we are
Blackfords LLP is a national law firm with offices in London, Croydon, Woking and Cardiff. We control the collection and processing of any personal data that you provide to us in relation to this website and where legal services are provided to you by all of our offices
Personal data that we collect
“Personal data” is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that we have access to. The personal data that we collect and how we collect it, depends upon how you interact with us. Categories of personal data that we collect include:
- Contact information such as name, email address and telephone number
- Biographical information such as job title, employer, photograph and video or audio content including you
- Billing and financial information such as billing address, bank account and payment information
- Services information such as details of services that we have purchased from you
- Special categories of data such as race and ethnicity, trade union membership, information about health or information, political opinions or religious beliefs
- Information relating to children or regarding criminal matters
Personal data we collect from you
We collect personal data directly from you as follows:
- When you use our website, we collect information about your visit and how you interact with our website.
- When a client uses our legal services, we will ask for the information that we need to provide those services; this information includes contact details, billing information, information necessary to conduct pre-clearance checks and information relevant to the services we provide. Information provided by a client may include personal data that relates to persons whose information is relevant to the instruction; for example, when we advise on a regulatory investigation or represent a client in a legal dispute.
- When you apply for a job with us we will ask you for information relevant to your application. We ask all applicants to apply via our recruitment webpage where a specific privacy notice is available.
- If you visit one of our offices, we may collect information that we need in order to identify you and complete necessary security checks. We may also collect your image on CCTV.
- If you provide information to us about another person, you must ensure that you comply with any legal obligations that may apply to your provision of the information to us and to allow us, where necessary, to share that information with our service providers.
Information that we collect from third parties
Most of the personal data that we collect about you will be information that you provide to us voluntarily. In some circumstances we may also receive information from:
- Our clients, when we handle personal data on their behalf
- The police or other investigative authorities
- The Crown Prosecution Service or other prosecuting authorities
- Her Majesty’s Court and Tribunal Service
- The Legal Aid Agency
- Other legal professionals
- Regulatory bodies
- Other parties to the legal cases that we deal with
- Other companies providing services to us.
- Some of these third party sources may include publicly available sources of information.
Data we collect automatically – “Cookies”
When you visit one of our websites, we automatically collect, store and use technical information about your equipment and interaction with our website. This information is sent from your computer to us using a variety of Cookies.
All Cookies used by this website are used in accordance with current UK and EU Cookie Law.
Before the website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling Blackfords LLP to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the website may not function fully or as intended.
This Website may place the following Cookies:
- Strictly necessary Cookies– These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance Cookies– They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
How we use your personal data
We will only use your personal data fairly and where we have a lawful reason to do so.
We are allowed to use your personal data if we have your consent or another legally permitted reason applies. These include to fulfil a contract with you, when we have a legal duty to comply with, or when it is in our legitimate business interest to use your personal data. We can only rely on our legitimate business interest, if it is fair and reasonable to do so.
Our use of your personal data depends on how and where you interact with us. Listed below are the ways that we use your personal data and which of the reasons we rely on to do so:
|Uses of Personal Data||The lawful basis for the use of your Personal Data|
|To operate suppression lists to ensure that you do not receive communications if you object or unsubscribe||To respect your rights and comply with our legal obligations.|
|To collect insights into how you interact with our services so that we can personalise our communications with you and improve our websites and services.||Where we have your consent or where it is necessary so that we can deliver our websites and online services effectively.|
|To conduct client due diligence and conflict checks when taking on a new client.||To comply with our legal and regulatory obligations including compliance with anti-money laundering legislation, fraud and crime prevention.|
|To provide legal advice and related relevant services, to manage and administer our business relationships, including to communicate with our clients, their employees and representatives, to manage billing and payments and to keep records.||To fulfil our contract with our client(s) and to comply with legal and regulatory obligations including accounting, tax and data privacy.|
|To maintain security and manage access to our offices, systems and our websites.||To comply with legal obligations, and because we have a legitimate interest in maintaining the security of our buildings, websites and networks|
|Sharing personal data in connection with acquisitions and transfers of our business||To comply with legal obligations and to facilitate the transaction.|
|To manage our supply chain including identifying and maintaining contact with service providers.||Where necessary for the efficient running of our business.|
|Other purposes that we have identified at the point of collection.||Where we have your consent.|
We will only process special category data where the processing is necessary for the purposes of providing our client with advice regarding obligations or an individual with advice regarding their rights in the field of employment or social security; or where it is necessary to do so in order to establish, exercise or defend legal claims.
Sharing and transferring your data
We treat your personal data with respect and do not share it with third parties except as described below.
- We may disclose personal data relating to our clients, their employees and agents to other legal specialists including barristers, mediators, arbitrators, consultants or experts engaged in a matter. We may also disclose personal data to third party law firms for the purpose of obtaining foreign legal advice.
- We may share personal information when necessary with law enforcement and regulatory authorities
- We may also share your personal data when you have consented to us doing so.
- We will only transfer your personal data outside of the European region under the following circumstances:
- where the transfer is to a country or other territory which has been assessed by the European Commission (or an equivalent UK body) as ensuring an adequate level of protection for personal data
- with your consent or
- on the basis that the transfer is compliant with the GDPR and other applicable laws.
How we protect your personal data
We have appropriate security measures in place to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We hold data electronically in our secure document management system and on our on-site file servers. Network infrastructure is protected using firewalls and anti-malware software. We also have off-site back-up servers in secure locations. We encrypt data leaving the firm on removable media and email, using industry standard encryption method that encrypts the data in transit. We regularly back up and encrypt all of the data we hold.
We store papers in lockable cabinets in our offices when not being actively used and we have a secure off-site document storage facility for archived papers. Our offices are secure and only personnel holding appropriate security passes can access areas where personal data are stored.
When necessary, we dispose of or delete your data securely.
We ensure that our employees, agents and contractors are aware of their privacy and data security obligations and we take reasonable steps to ensure that employees of third parties working on our behalf are aware of their privacy and data security obligations.
We limit access to your personal information to those employees, agents, contractors and other third parties who have a need to know. Access to client data is restricted to the instructing team within the firm. The firm’s business support teams may also have access to personal data (for example, to provide IT and document management support).
We may give third parties access to the personal information we hold about you in order to comply with our regulatory obligations (for example, the Solicitors Regulation Authority, our auditors or our professional indemnity insurers).
The transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your electronic information transmitted to us and any transmission is at your own risk.
We have put in place procedures to deal with any suspected data security breach and will notify you without undue delay and any applicable regulator of a suspected breach where we are legally required to do so.
Keeping your personal data
We do not keep your personal data for any longer than is necessary to fulfil the purpose for which we collected it, or to comply with any legal, regulatory or reporting obligations or to assert or defend against legal claims.
Your rights regarding your personal data
You have certain rights regarding how we use and keep your personal data. These are:
- you can require us, to update or correct any inaccurate personal data, or to complete any incomplete personal data, concerning you. If you do, we will take reasonable steps to check the accuracy of and correct the information. Please let us know if any of your information changes so that we can keep it accurate and up to date;
- you can require us to stop processing your information for direct marketing purposes; if you withdraw your consent, we may not be able to provide certain products or services to you; and
- you have the right to object to our use of your personal data more generally.
- you have the right to make a complaint to the Information Commissioner if you suspect that there has been any breach in relation to your personal data. Details of the Information Commissioner can be found by clicking here.
You may also have the right, in certain circumstances to:
- be provided with a copy of any personal data that we hold about you, with certain related information. There are exceptions to this right; for example, where information is legally privileged or if providing you with the information would reveal personal data about another person
- to require us, without undue delay, to delete your personal data
- to “restrict” our use of your information, so that it can only continue subject to restrictions; and
- to require personal data which you have provided to us and which are processed by using automated means, based on your consent or the performance of a contract with you, to be provided to you in machine readable format so that they can be “ported” to a replacement service provider.
You can exercise the above rights, where applicable by contacting the Managing Partner. We will require you to provide satisfactory proof of your identity in order to ensure that your rights are respected and protected. This is to ensure that your personal data is disclosed only to you.