This document sets out our policy and practices on use and protection of any information that you give Williamsons when you use our services.
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, you can be assured that it will only be used in accordance with this statement of policy.
Please read the information in this policy carefully to ensure you understand our views on your personal data and how we deal with it.
Williamsons may make minor changes to this policy from time to time in which case we will update this page. You may want to check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25 May 2018.
What we collect
Personal data collected, used, stored and transferred by us may include:-
- Identity data which includes your full name, any former name, gender, date of birth, marital status, and job title;
- Contact information including your home address, email address, fax numbers and telephone numbers;
- Financial data including bank statements and your bank account details.
- Special category data – including specifically medical records
- Technical data including IP address, browser type, operating system, platform & other technology on devices used to access our website
- Demographic information such as postcode, preferences and interests;
- Other information relevant to customer surveys and/or offers.
If you contact us we may keep a copy of any correspondence.
What we do with it
We collect this information not only for compliance with regulatory and professional standards but also to help us understand your needs and the services you might require and to optimise our own performance and service delivery. Specific activities include:-
- Improvement of our services;
- Providing you with information in particular of new services, special offers or other information which we think you may find interesting;
- Market research, making use of information obtained to customise and adapt the website and our services according to your feedback;
- Contact with you by e-mail, fax, telephone or mail for some or all of these purposes.
We do not use your personal data for any reasons other than those of which you are aware. We do not collect extra information about visitors to our website.
How, when and why we collect, use and allow access to your personal data
Type of data
Lawful basis for processing
How long do we hold your data
When you first contact us to ask if we can assist you with our service
12 months from the date you last contacted us in connection with the initial request
To comply with a legal obligation
Necessary for our legitimate interests (to ensure we meet our regulators’ requirements)
A minimum of 6 years. There are occasions where a file will be kept indefinitely (for example a will file may be kept until after the date of death of the testator).
Allowing IT suppliers to administer and protect our business and website
Necessary for our legitimate interests (to provide a safe and efficient service)
Access will remain until your file is permanently removed from our system.
To distribute newsletters
Until you advise us you wish to unsubscribe via the link in the newsletter
Necessary for our legitimate interests (to deal with our suppliers)
Ongoing suppliers’ details are kept up to date on file. Former suppliers’ details will be retained for a minimum of 6 years.
12 months for any unsuccessful candidate unless the applicant authorises us to retain the information indefinitely (in case further vacancies arise),
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have in place physical, electronic and managerial systems to safeguard and secure the information we collect from you. We will not disclose your personal data to other organisations unless it is required in the course of your transaction, when providing our services or if you have consented to its release.
A cookie is a small file sent to your computer's hard drive to help analyse web traffic or let you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to better meet our clients’ needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Follow the link here if you want more information about Google Analytics.
You can accept or decline cookies. Most web browsers accept them by default, but you can usually modify your browser setting to decline cookies if you prefer but this may prevent you from taking full advantage of the website functionality.
Links to other websites
Our website may contain links to other websites of potential interest to our clients and visitors. You should note that once you have used any such links to leave our site, we no longer have any control over the data passing between you and the third party.
Consequently, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites which are not governed by our privacy statement. If in doubt, you should exercise caution and read the privacy statement relating to the third party website.
Sharing of personal data outside of the European Economic Area
Some of our external suppliers are based outside the European Economic Area (EEA) so their processing of your data will involve a transfer of data outside the EEA. The suppliers we use based in the US are participants in the Privacy Shield program which requires them to provide protection of personal data in a similar way to European regulations.
We have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way. We limit access to your data to only those employees or consultants appointed by the firm to handle your transaction/case and suppliers who have a business need to know.
Be alert to the fact that information passed over the internet is not secure and we do not give visitors to our site the option of using a secure transmission method to send us their personal data. We have put in place procedures to deal with any suspected personal data breach and will notify you and relevant regulators where we are legally required to do so.
Controlling your data
You may choose to restrict the collection or use of your personal information.
If you have previously agreed to use of your personal data for direct marketing purposes, you may change your mind at any time by writing to us. You can e-mail or fax us. Our newsletter gives you the option to unsubscribe.
We will not sell, distribute or lease your personal information to third parties unless we have your consent or are required by law to do so.
Right of access - subject access requests (SARs)
You may request details of personal information which we hold about you under the European General Data Protection Regulation.
Right for mistakes to be corrected
If you believe that any information we hold about you is incorrect or incomplete, please contact us as soon as possible. We will promptly correct any material errors.
Right to be forgotten
You can request that the personal data we hold is removed from our system. This enables you to ask us to delete personal data where there is no good reason for us to continue processing it.
You can also ask us to remove the personal data where you have successfully objected to the processing, where we have processed your personal information unlawfully.
We may not be able to delete the data for specific legal reasons which will be explained to you, if appropriate, when we respond to the request.
Right for processing to be suspended
Processing of your personal data can or will be suspended:
- by us, where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
- where we no longer need data for processing, but you require us to hold it as you need to establish, exercise or defend legal claims;
- where you have objected to our processing of your data and a decision is awaited as to whether the data is held on legitimate grounds
- where processing is found to be unlawful but you oppose the erasure of the personal data until the matter is rectified
Right for third parties to be advised
We shall communicate any amendment or erasure of personal data or restriction of processing carried out in accordance with the rights above to each third party to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those third parties if you request it.
Right to data portability
You have the right to request the transfer of your data to you or to a third party. We will provide to you or the third party you have chosen, your personal data in a structured, commonly used and machine-readable format. This right only applies to automated information which you consented for us to use or information provided to perform a contract with you.
Right to object
You can object to the processing of your personal data unless we can demonstrate compelling legitimate grounds for the processing which will override your rights and freedoms. You also have the right to object at any time to any direct marketing. Where your personal data is processed for scientific, historical research or statistical purposes you have the right to object to its processing, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
Right to object to automated decision making
You have the right not to be subject to a decision based solely on automated processing, which includes profiling, which produces legal effects concerning you or similarly significantly affects you. This right will not apply where the decision is necessary for entering into, or performance of, a contract between you and us, our regulator authorises or is based upon your specific consent.
If you have any queries or complaints relating to how we use your data please contact our Data Protection Officer, Hayley White, by emailing her at firstname.lastname@example.org or by writing to us at 2 Church Street, Crewkerne, Somerset, TA18 7HR. Any request will be dealt with as quickly as possible and a reply will in any event be provided within one month of the request.
MRW Law Ltd is a registered data controller, licensed by the Information Commissioner’s Office under number Z2951226. For further information visit the Information Commissioner’s Office website.