This notice details of the types of information we collect about individuals. We use personal information in accordance with the terms of the UK GDPR. Legafit Solicitors is a responsible “controller” of personal data in compliance with the requirements of the UK GDPR. If you require any further information regarding our data protection policy, privacy notices and privacy practices, please do not hesitate to contact our Data Protection Officer.
The personal data we collect
Personal information or personal data means any information that relates to an identifiable natural person.
Legafit Solicitors (hereinafter referred to as “we”) collect personal data of our clients and those who engage with us in the course of enquiring about or acquiring our services.
We may also collect data, from our clients (where they are legally permitted expressly authorised to provide such data, relating to third party individuals in order to provide the contracted legal advice and representation.
Due to the nature and often the scope of our work, we obtain a wide variety of personal data to help us deliver the legal advice and representation we have been contracted to provide. The types of personal data we gather include, but is not limited to, the following:
- Identity and contact data – this category of personal data includes full name, date of birth, nationality, full postal address, telephone number, email address, passport details
- Personal data – this category of data includes information to the individual’s relationships (and where necessary, their details), their medical records, employment status and record, criminal history and immigration status
- Financial data- this category of personal data includes the individual’s and their partner’s income, sources of income, savings, financial support of third parties, company accounts, HMRC tax returns and details of investments
- Marketing data – this category of data includes the individual’s preferences relating to the type of the manner in which they receive marketing information from us
How we obtain personal data
We obtain personal information in a variety of ways including the following:
- Direct contact – we may obtain personal information directly from clients through via telephone, email or corresponding with them via post
- Clients – we may obtain personal information of third party individuals from our clients such as details of our clients’ family members or their employees to help us deliver professional legal advice and representation as per our contractual agreement
- Third parties or publicly available sources – we may obtain personal information, connected with the provision of our services and with the express authorisation of our clients, from public departments such as the HMRC, the Home Office, HM Land Registry or Companies House.
Access to personal data
Access to personal data, stored by Legafit solicitors, may only be provided to Legafit solicitors’ fee earners, consultants and employees, who may access our personal database from our registered office or from remote locations.
We will only use personal information relating to clients and third party individuals in a manner that is permitted by law. Commonly, we use personal data in the following set of circumstances:
- in the course of providing legal services for which we have been contracted by our clients
- in the course of complying with regulatory requirements such as carrying out anti-money laundering checks or audits
- in the course of instructing experts to assist with the preparation of expert reports relating to clients’ matters
- in the course of seeking advice, legal opinion, written or oral representation from Counsel
How we share personal data
In order to comply with statutory obligations and to aid our efforts to effectively discharge our contractual and professional obligations to clients, we may in certain circumstances share clients’ personal data with third parties, which include, but may not be limited to,
- Courts and Tribunals
- The Government Legal Department (GLD)
- The Home Office Presenting Officers (HOPO)
- The Home Office
- The Passport Office
- HM Revenue & Customs
- The Solicitors Regulation Authority (SRA)
- External Auditors
- Legal Counsel
- Professional experts
How we protect personal information
We have the necessary and appropriate security measures in place to ensure that personal information is not accidentally lost, used, accessed, altered or disclosed in an unauthorised manner. We also have measures in place to keep all staff informed on how we collect, access, use and maintain personal information secure.
We have policies in place that will help us adequately respond to suspected personal data breach including protocols for promptly informing the individuals affected by the breach and the information commissioner.
How we dispose of personal data
As required by the Solicitors Regulation Authority, we store clients’ personal information for 6 years from the date of closure of the client’s file, following which clients’ personal information will be permanently deleted from our databases.
If you wish to raise a complaint regarding our privacy notices, privacy policies or privacy practices, please contact our Data Protection Officer, Miss Mahshid Javaheri, at Mahshid@legafit.com.