We are hiring now!
Great opportunities in Cheshire.
DATA PRIVACY NOTICE
mosshaselhurst is committed to protecting your personal information. In this notice reference to “we” or “us” means mosshaselhurst Solicitors. This notice explains how we collect and use the personal information about you, purposes of running our website and informing you of our commitment to the General Data Protection Regulations (which replaced the Data Protection Act 1998 on 25 May 2018).
This Privacy Notice was published on 25 May 2018 and last updated on 24 May 2018. We constantly review our internal privacy practices and may change this policy from time to time. The most up to date Privacy Notice will always be available on our Website.
2. About us
mosshaselhurst was founded in 1906 and has offices in Northwich and Winsford. The Directors are Gerard Rooney, Joanne Charles and Robert Gore. The Firm was incorporated as Moss Law Ltd (trading as mosshaselhurst in 2012), Company registered office – 2 Castle Street, Northwich, Cheshire, CW8 1AB, registered in England and Wales, Company Number 7939100. We are authorised and regulated by the Solicitors Regulatory Authority.
mosshaselhurst Solicitors is a Data Controller under the Data Protection Rules and is registered with the Information Commissioner’s Office with registration number Z5510004. Our Data Protection Officer is Joanne Charles firstname.lastname@example.org. Our Deputy Protection Officer is Tracey Slater – email@example.com
3. Data Protection Principles
Personal data must be processed in accordance with the six ‘Data Protection Principles’ under the DPA and GDPR ie. it must :-
We are accountable for these principles. mosshaselhurst will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the principles of the DPA and GDPR.
Our website and services are not aimed specifically at children because in legal work children are generally represented by their parents or guardians. If you are a child and need further advice or explanation about how we would or do use your data, please contact our Data Protection Officer – Joanne Charles who may be able to assist.
5. Personal data
The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you.
This Data Privacy Notice is intended for clients and prospective clients only. Applicants for employment and employees have their own Data Privacy Notices.
Typically we will need your full name, address, date of birth, e-mail and telephone numbers and if a transaction is involved, your banking details will be needed too. In other cases we may need to ask you about medical or other information of a sensitive nature if this is required to carry out your work.
To comply with our legal obligations to verify your identity we are likely to require you to provide copies of certain documents and to respond to any queries we may have. If a transaction is involved we will be asking about the source of funds and requesting supporting documents. As part of this process we will carry out on-line searches to assist us in verifying your identity. Whilst we appreciate that such requests can be intrusive, we are unable to proceed with your work until these checks have been completed. Once your matter has been concluded the file will be archived for a minimum of six years, although you will be advised as to exact timescale once your matter has concluded.
6. Categories of personal data held
We always keep requests for information to the minimum level required to carry out your work.
In the majority of cases this personal data will be restricted to basic information such as name, address, contact details and information needed to complete ID checks.
However, some of the work we do may require us to ask for more sensitive personal data, including:
In certain cases we may need to share this information with third parties, such as medical professionals if you have had an accident. This is only done when there are safeguards in place to ensure that the information remains confidential and secure.
7. Sources of information
We may obtain information about you from a number of sources/Third Parties for example :-
8. Use of your personal data
The primary reason and the purpose of processing and for asking you to provide personal data is to allow us to carry out your requests, for example, to provide a quote or to carry out your contractual and/or statutory legal work.
We rely on the following legal basis for processing your information :-
Your information may be used for:
9. Disclosure of data
During the course of carrying out your legal work we are likely to need to disclose some information to parties outside mosshaselhurst but these disclosures are only made when required by your work. Examples might include providing your information to:
We do not intend to transfer your personal data to a third party country but if we do we will obtain your consent.
10. How long we keep your information for
Information may be held in computers or manual files. We only retain the information for as long as is necessary to:
Information obtained from prospective clients is kept for up to six months for the purpose of providing quotations and any subsequent follow up.
11. Sharing of Data
We do not share personal information with third parties unless we need to do so. Data may be shared to complete client’s legal work and as required by law.
As your information will be stored on computer, it could be shared with our system maintainers for fault diagnostics but we will take steps to protect your data should third party access be required. We never sell your personal information to third parties.
12. Data Protection and Security
We have technological and operational security policies and procedures in place to protect your data from loss, misuse, alteration or unintentional destruction. Our personnel who have access to the information have been trained to respect your confidentiality and to look after the data in our possession.
13. Inaccurate Information
If you think any information we hold about you is incorrect or incomplete or has been changed since your first told us please let us know as soon as possible so that we can update our records.
14. Access to your Personal Information
The General Data Protection Regulations replace the Data Protection Act 1998 on 25th May 2018.
Under both sets of regulations you are entitled to request a copy of your personal data but if your request is received prior to 25th May, then a fee of £10 is payable. If you wish to make a subject access request, please contact the person dealing with your matter initially.
A subject access request entitles you to a copy of the personal data we hold on you. The focus of the information we have to provide is you and will include such things as records of your name, address, contact details, date of birth etc. This means that a subject access request will not normally result in you getting a copy of a file because the focus of the documents it contains are likely to be the transaction or legal matter rather than your personal information.
15. Your Rights
Under the General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are:
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioners Office on Individual's rights under the GDPR.
If you want to exercise any of these rights, please:
We will respond to you within one month from when we receive your request.
16. Complaints about the use of your personal data
Please contact our Data Protection Officer or Deputy Data Protection Officer if you have any complaint or concern over how your data will be used who will acknowledge your complaint and reply to your concerns. If you are not satisfied with the response, the UK regulator on data protection issues is the Information Commissioner’s Office. Their telephone number is 0303 123 1113 and website which is www.ico.org.uk.