Delivering positive outcomes.
LGP SOLICITORS is committed to protecting your privacy.
What is the purpose of this document?
We are Land Graham Partnership LLP and trade as LGP Solicitors. We are registered in England with number OC331042 and our registered office address is Lacemaker House, 5-7 Chapel Street, Marlow, Buckinghamshire SL7 3HN. This is also our trading and contact address.
This policy is not contractual and we may update it at any time.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Data protection principles
LGP must comply with the principles relating to processing of personal data set out in the GDPR which, in summary, state that personal data shall:
- be processed fairly and lawfully in a transparent manner;
- be collected for specific, explicit and legitimate purposes and not be processed in any manner which is incompatible with those purposes;
- be adequate, relevant and limited to what is necessary for that purpose;
- be accurate and kept up to date where necessary, with every reasonable step being taken to ensure that personal data are accurate, having regard to the processing purpose, and are erased or rectified without undue delay;
- be kept in a form which permits identification of data subjects for no longer than is necessary for that purpose;
- be kept secure, safe from unauthorised access, accidental loss, damage or destruction; and
- be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Your data: Clients only
In order to provide our services, we need to collect, store, review and transfer data relating to our clients. Most of this information is provided by you but some might be obtained from other parties or their solicitors, other advisers or public database holders such as Companies House or the Land Registry.
The type of data we hold about clients depends on what type of work we are doing for them. It usually includes name, address, e-mail address, telephone numbers, fax number, dates of birth and passport number, and may also include national insurance number, bank details and information about the source of transactional funds, as well as additional personal data relevant to the matter. In relation to family matters, for example, we may obtain personal data about other family members including children, to the extent necessary to understand your situation, advise you on your options and act in your best interest.
Depending on which service we are providing, we are likely to transfer personal data about you to other people as well. This will only be in connection with your instructions to us and ancillary activities, but general examples include other parties or their representatives, the Land Registry, Companies House, Counsel, courts, CAFCASS, the Office of Public Guardian, the Probate Registry, search, insurance and assurance providers, your (and the other parties’) agents and other advisers (e.g. financial advisers, accountants, auditors and brokers), share registrars, employers, relevant banks and building societies, landlords, tenants and management companies. We need to process your data in this way in order to comply with our contract with you to carry out your instructions properly.
In order to ensure that we provide a quality assured service, we may also use programs such as Conveyancing Quality Scheme or Completion Monitor (operated by Lexsure) for legitimate interests, both of which relate to conveyancing services only and which involve the input of data which the scheme providers can access.
In order to comply with our own legal obligations, we might also need to provide personal data to the Solicitors Regulation Authority or Legal Ombudsman.
Our banks, accountants, auditors and insurers are also entitled to obtain specific data on request as part of our compliance checks and legal obligations, although they rarely need specific personal data.
“Special categories” of particularly sensitive personal information, such as information about a person’s health or sexual orientation, require higher levels of protection. We may collect, store and use this information if you provide it to us and consent to us using it for a specific purpose, where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public. This is more likely to apply in relation to wills, powers of attorney and family matters, or employment litigation relating to ill-health. We may also collect, store and use information about your health where it is useful to ensure your safety whilst you are in our offices.
Your data: Non-clients only
We collect non-client information as well, mainly in the form of personal data about other parties involved in transactions or settlements, which is provided by our client or the other party’s advisers and used solely for the legitimate purposes of that matter, and contact details (name, address, e-mail address and telephone number) of other advisers (whether solicitors, accountants, financial advisers, tax advisers, insolvency practitioners, planning consultants or others), agents, managers, people we meet through others or at networking events, potential clients and suppliers.
This information may be used for the legitimate interest of communicating with you in relation to specific matters that you are involved in, or matters that you might be able to assist with. We may also contact you to keep in touch or make introductions.
Your Data: Clients and Non-Clients
A CCTV system monitors the front door of our office building 24 hours a day. This data is recorded and may be used for the purpose of security for our employees, clients and other guests and may be provided to the Police if requested, all of which is a legitimate interest and in the public interests of safety.
We will not store or use information about any criminal convictions and offences unless you have provided your consent to it.
Any personal data may be held and used for establishing, exercising or defending legal claims.
Our IT support and office management system providers have access to all data on our systems to provide their services to us for legitimate interests. We use Office 365 for our e-mail exchange, which is provided by Microsoft. We only allow our third-party service providers to use your personal data for specified purposes and in accordance with our instructions.
We may share your personal information in the context of the possible sale or restructuring of the business. In this situation we will, so far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, we will share your personal data with the other parties if and to the extent required under the terms of the transaction.
Transferring information outside the EU
We do not transfer personal data outside the European Union unless our client is abroad or has asked us to do so.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Manager. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
We only send marketing correspondence to people who have opted into this. If you wish to opt-out at any time, please e-mail our Office Manager at firstname.lastname@example.org or call 01628 404620 and ask to speak to David Cogan.
If you fail to provide personal information
If clients fail to provide certain information when requested, we may not be able to perform the contract we have entered into with them, or we may be prevented from complying with our legal obligations (such as anti-money laundering verification). Depending on the specific data, why we need it and what risks the provision of it poses to your rights and freedoms, we may have to stop acting for it in this situation.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, where this is required or permitted by law.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so and we have notified you.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long will we use your information for?
We will hold your personal data until we are satisfied that there is no longer any purpose for retaining it. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Different types of files have different limitation periods and so our retention policy is as follows:
- Hardcopy deeds and wills: indefinitely although we prefer clients to store their own deeds (other than wills) as we have limited space
- Will files: 6 years after the death of the client if known, otherwise indefinitely
- Trust files: indefinitely
- Employment files: 6 years from closure
- All other files: 12 years from closure
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Rights of access, correction, erasure, and restriction
You have a number of rights under the GDPR:
- the right to access personal data we hold;
- the right to ask us to rectify or complete our records;
- the right to ask us to delete personal data;
- the right to object to us processing your personal data;
- the right to restrict our processing; and
- the right to ask us to transfer your personal data to another organisation.
These are not absolute rights and are subject to specific conditions and depend on our processing purposes. If you are interested in using any of these rights, please contact our Data Protection Manager for more information.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
If you are unhappy with any aspect of our processing of your personal data, we ask that you talk to us about it first and discuss your concerns with our Data Protection Manager. If you are not satisfied with the outcome, you may lodge a complaint with the Information Commissioner’s Office.