Privacy Policy

This privacy policy sets out how McGuinness Legal processes any personal data we collect from you and tells you about your privacy rights and how the law protects you. This notice relates to our processing of your personal data where you are our client, a prospective client or a third party who interacts with us (including by visiting our website)

We take your privacy very seriously. This policy contains important information on who we are and how and why we collect, store, use and share your personal data. It explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

When we use your personal data we are regulated under the general data Protection Regulation (GDPR) which applies across the European Union (including the United Kingdom) and we are responsible as ‘controller’ of that personal data for the purposes of the GDPR. Our use of your personal data is subject to your instructions, the GDPR, other relevant UK and EU legislation and our professional duty of confidentiality.

Key terms

We, us, our ;
McGuinness Legal

Data protection compliance officer ;
Joanne McGuinness

Personal data;
Any information relating to an identified or identifiable individual

Special category personal data:
Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs. Genetic and biometric data. Data concerning health, sex life or orientation

Personal data we collect about you

The list below sets out the personal data we will or may collect in the course of advising and/or acting for you

Your name address and telephone number
Your National Insurance and tax details
Information to enable us to check and verify your identity e.g. your date of birth or passport details
Electronic contact details e.g. e-mail address and mobile phone number
Your bank and/or building society details
Details of your spouse/partner and dependence or other family members
Your employment status including salary and benefit details
Your nationality and immigration status and information from related documents such as your passport or other identification and immigration information
Your employment records including where relevant records relating to sickness and attendance if employment records relevant to the matter upon which we are instructed
Your racial or ethnic origin, gender and sexual orientation, religious or similar beliefs
Your medical records
Your social services records
Police records

How your personal data is collected

We collect most of this information from you in direct communication in interviews, telephone calls, e-mails and post. We may also collect information from the following;

From publicly accessible sources
Directly from a third party
From a third party with your consent
Through our information technology (I T) systems e.g. case management, document management and time recording systems

How and why we use your personal data
We can only use your personal data if we have a proper reason for doing so e.g.
To comply with our legal and regulatory obligations
To facilitate the performance of our contract with you, to deal with your enquiry or to take steps at your request before entering into a contract
For our legitimate interests or those of a third party; or
Where you have given consent
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests
The list below explains what we use (process) your personal data for and our reasons for doing so;

To deal with your initial enquiry and provide legal advice to you. Our reason is for the performance of our contract with you all to take steps at your request before entering into a contract
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies. The reason is to comply with our legal and regulatory obligations
Processing necessary to comply with professional, legal and regulatory obligations that apply to our business e.g. under health and safety regulation or rules issued by our professional regulator. The reason is to comply with our legal and regulatory obligations
Ensuring business policies are geared to e.g. policies covering security and Internet use. The reason is for our legitimate interests or those of a third party i.e. to make sure we are following our own internal procedures so we can deliver the best service to you
Operational reasons such as improving efficiency, training and quality control. The reason is for our legitimate interests or those of a third party i.e. to be as efficient as we can so we can deliver the best service for you at the best price
Ensuring the confidentiality of commercially sensitive information. The reason is our legitimate interests or those of a third party i.e. to protect our intellectual property and other commercially valuable information and to comply with our legal and regulatory obligations
Statistical analysis to help cause manage our practice e.g. in relation to our financial performance, client base, work type or other efficiency measures. The reason is for our legitimate interests or those of a third party i.e. to be as efficient as we can so we can deliver the best service for you
Preventing unauthorised access and modification to systems. The reason is our legitimate interests or those of a third party i.e. to prevent and detect criminal activity that could be damaging for us and for you and to comply with our legal and regulatory obligations
Updating and enhancing client records. For the performance of our contract with you, to comply with legal and regulatory obligations and for our legitimate interests or those of a third party e.g. making sure we can keep in touch with our clients about existing and new services
Statutory returns. To comply with our legal and regulatory obligations
Ensuring safe working practices, staff administration and assessments. To comply with our legal and regulatory obligations and for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you
External audits and quality checks, e.g. for quality accreditation, such as but not limited to SQM and the audit of our accounts. To comply with our legal and regulatory obligations

The list below explains what, in addition to the above, we use (process) your special category personal data for and our reasons for doing so;

Where processing is necessary for the establishment, exercise or defence of legal actions. To comply with our legal and regulatory obligations and for our legitimate interests in the performance of our contract with you
Where processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent. To comply with our legal and regulatory obligations and for our legitimate interests in the performance of our contract with you

Promotional communications

We do not use your personal data for any form of promotional communication

Who we share your personal data with

We routinely share personal data with the following;

Professional advisers who we instruct on your behalf or refer you to, e.g. barristers, medical professionals or other experts
Other third parties when necessary to carry out your instructions e.g. external service suppliers, representatives and agents that we use to make our business more efficient.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring. Usually information will be a non-I missed that this is not always possible. The recipient of the information will be bound by confidentiality obligations.

Where your personal data is held

Information may be held at our office, third-party agencies, service providers, representatives and agents as described above. Some of these third parties may be based outside the European economic area (EEA A). These transfers are subject to special rules under European and UK data protection law.

Your rights

You have the following rights, which you can exercise free of charge;

Access – the right to be provided with a copy of your personal data (the right of access)
Rectification – the right to require us to correct any mistakes in your personal data
To be forgotten – the right to require us to delete your personal data – in certain situations
Restriction of processing – the right to require laws to restrict processing of your personal data – in certain circumstances
Data portability – the right to receive the personal data you provided to us, in a structured, commonly used and machine readable format and/or transmit that data to a third party – in certain situations
To object – the right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data, e.g. for the purpose of our legitimate interests
Not to be subject to automated individual decision making – the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

For further information on each of the rights set out above including the circumstances in which they apply, please contact us or see the guidance from the UK information Commissioner’s office (ICO) on individuals’ rights under the GDPR
If you would like to exercise any of the above rights, please make a written data subject request, e-mail, call or write to us ensuring you let us have enough information to identify you e.g. your full name, address and client or matter reference number, proof of your identity and address (a copy of your driving licence, passport and a recent utility or credit card bill/bank statement) and let us know what right you want to exercise and the information to which your request relates

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org.

How to complain

The GDPR also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area). State where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the information Commissioner who may be contacted at www.ico.org.uk or telephone 0303 123 1113

Changes to this privacy notice

This privacy notice is dated May 2018. We may change this notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version.

Please contact our data protection compliance manager if you have any questions about this notice or information we hold about you.

Contact details are as follows

Joanne McGuinness

By e-mail: jm@m-legal.co.uk

By letter: McGuinness legal, The Forecourt, 12 Albion Street, Stoke on Trent, ST1 1QH

Telephone (01782) 265200

How long your personal data will be kept

We will keep your personal data after we have finished dealing with your enquiry, advising or acting for you for one of the following reasons;

To respond to any questions, complaints or claims made by you or on your behalf

To show that we have treated you fairly

To keep records required by law

We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. Please refer to our records retention schedule

When it is no longer necessary to retain your personal data, we will delete or anonymise it.