Privacy Policy

Cookies

The website uses some cookies when you browse it.

Cookies are small text files that are stored on your web browser when you visit the majority of websites on the internet. The text files contain information about you and the preferences you have for the website being visited. These cookies are stored so that a site can customise its pages for the next time you visit the website or return to a page previously visited. In this way, we use cookies to ensure proper running of this website, and also to help us improve your experience when browsing.

Like most websites, this site uses Google Analytics cookies to greater understand how people use this site, and to discover areas on this site which might have issues. The data it collects helps us see things like how many people visit our site, which country they are from, how many pages they visited, how fast our site loaded, and so on. All data collected is completely anonymous, it does not identify you as an individual in any way.

The website does not use any 3rd Party / Tracking / Advertising cookies.

Whilst this website does not collect your personal data, nor is there any place in which your personal data can be inputted by you, in order to comply with the rules on GDPR this website nevertheless contains a privacy policy were it hypothetically to collect data from you. Please see the privacy policy below.

 

Privacy Notice – General Data Protection Regulation (“GDPR”)

This notice is intended for all data subjects where I am collecting/accepting data on their behalf. As such it should be forwarded to the data subject in question by whomever has remitted/shared the data with me.

Please read the following information carefully. This privacy notice contains information about the information collected, stored and otherwise processed about you and the reasons for the processing. It also tells you who I share this information with, the security mechanisms I have put in place to protect your data and how to contact me in the event you need further information.

Who Am I?

When I act for you, I collect, use, and am responsible, for personal information about you. When I do this I am the ‘controller’ of this information for the purposes of the GDPR and the Data Protection Act 2018.

If you need to contact me about your data or the processing carried out you can use the contact details at the end of this document.

What do I do with your information?

Information collected

When carrying out the provision of legal services or providing a reference I collect some or all of the following personal information that you provide:

a. personal details
b. family details
c. lifestyle and social circumstances
d. goods and services
e. financial details
f. education, training and employment details
g. physical or mental health details
h. racial or ethnic origin
i. political opinions
j. religious, philosophical or other beliefs
k. trade union membership
l. sex life or sexual orientation
m. genetic data
n. biometric data for the purpose of uniquely identifying a natural person
o. criminal proceedings, outcomes and sentences, and related security measures
p. other personal data relevant to instructions to provide legal services, including data specific to the instructions in question.

Information collected from other sources

The same categories of information may also be obtained from third parties, such as other legal professionals or experts, members of the public, your family and friends, witnesses, courts and other tribunals, investigators, government departments, regulators, public records and registers.

How I use your personal information: Purposes

I may use your personal information for the following purposes:

i. to provide legal services to my clients, including the provision of legal advice and representation in courts, tribunals, arbitrations, and mediations
ii. to keep accounting records and carry out office administration
iii. to take or defend legal or regulatory proceedings or to exercise a lien
iv. to respond to potential complaints or make complaints
v. to check for potential conflicts of interest in relation to future potential cases
vi. to promote and market my services
vii. to carry out anti-money laundering and terrorist financing checks
viii. to train other barristers and when providing work-shadowing opportunities
ix. to respond to requests for references
x. when procuring goods and services
xi. to publish legal judgments and decisions of courts and tribunals
xii. as required or permitted by law.

Whether information has to be provided by you, and why

If I have been instructed by you or on your behalf on a case or if you have asked for a reference, your personal information has to be provided, to enable me to provide you with advice or representation or the reference, and to enable me to comply with my professional obligations, and to keep accounting records.

The legal basis for processing your personal information

I rely on the following as the lawful bases on which I collect and use your personal information:

  • If you have consented to the processing of your personal information, then I may process your information for the Purposes set out above to the extent to which you have consented to me doing so.
  • If you are a client, processing is necessary for the performance of a contract for legal services or in order to take steps at your request prior to entering into a contract.
  • In relation to information which is in categories (g) to (o) above (these being categories which are considered to include particularly sensitive information and which include information about criminal convictions or proceedings) I rely on your consent for any processing for the purposes set out in purposes (ii), (iv), (vi), (viii) and (ix) above. I need your consent to carry out processing of this data for these purposes. However, if you do not consent to processing for purposes (iv) and (ix) (responding to potential complaints and providing a reference) I will be unable to take your case or to provide a reference. This is because I need to be able to retain all the material about your case until there is no prospect of a complaint and to provide an informed and complete reference.
  • In relation to information in categories (g) to (o) above (these being categories which are considered to be particularly sensitive information and include information about criminal convictions or proceedings), I am entitled by law to process the information where the processing is necessary for legal proceedings, legal advice, or otherwise for establishing, exercising or defending legal rights.
  • In relation to information which is not in categories (g) to (o) above, I rely on my legitimate interest and/or the legitimate interests of a third party in carrying out the processing for the Purposes set out above.
  • In certain circumstances processing may be necessary in order that I can comply with a legal obligation to which I am subject (including carrying out anti-money laundering or terrorist financing checks).
  • The processing is necessary to publish judgments or other decisions of courts or tribunals.

Who will I share your personal information with?

If you are a client, some of the information you provide will be protected by legal professional privilege unless and until the information becomes public in the course of any proceedings or otherwise. As a barrister I have an obligation to keep your information confidential, except where it otherwise becomes public or is disclosed as part of the case or proceedings.

It may be necessary to share your information with the following:

  • data processors, such as my Chambers staff, IT support staff, email providers, data storage providers
  • other legal professionals
  • experts and other witnesses
  • prosecution authorities
  • courts and tribunals
  • the staff in my chambers
  • trainee barristers
  • lay clients
  • family and associates of the person whose personal information I am processing
  • in the event of complaints, the Head of Chambers, other members of Chambers who deal with complaints, the Bar Standards Board, and the Legal Ombudsman
  • other regulatory authorities
  • current, past or prospective employers
  • education and examining bodies
  • business associates, professional advisers and trade bodies, e.g. the Bar Council
  • the intended recipient, where you have asked me to provide a reference.
  • the general public in relation to the publication of legal judgments and decisions of courts and tribunals [this requires the production of a policy document to comply with this obligation – DPA Bill sch. 1 Part 2. para. 5(1)].

I may be required to provide your information to regulators, such as the Bar Standards Board, the Financial Conduct Authority or the Information Commissioner’s Office. In the case of the Information Commissioner’s Office, there is a risk that your information may lawfully be disclosed by them for the purpose of any other civil or criminal proceedings, without my consent or yours, which includes privileged information. I may also be required to disclose your information to the police or intelligence services, where required or permitted by law.

Sources of information

The personal information I obtain may include information which has been obtained from:

  • other legal professionals
  • experts and other witnesses
  • prosecution authorities
  • courts and tribunals
  • trainee barristers
  • lay clients
  • family and associates of the person whose personal information I am processing
  • in the event of complaints, the Head of Chambers, other members of Chambers who deal with complaints, the Bar Standards Board, and the Legal Ombudsman
  • other regulatory authorities
  • current, past or prospective employers
  • education and examining bodies
  • business associates, professional advisers and trade bodies, e.g. the Bar Council
  • the intended recipient, where you have asked me to provide a reference.
  • the general public in relation to the publication of legal judgments and decisions of courts and tribunals [this requires the production of a policy document to comply with this obligation – DPA Bill sch. 1 Part 2. para. 5(1)].
  • data processors, such as my Chambers staff, IT support staff, email providers, data storage providers [FILL IN ANY OTHERS]
  • public sources, such as the press, public registers and law reports.

Transfer of your information outside the European Economic Area (EEA)

This privacy notice is of general application and as such it is not possible to state whether it will be necessary to transfer your information out of the EEA in any particular case or for a reference. However, if you reside outside the EEA or your case or the role for which you require a reference involves persons or organisations or courts and tribunals outside the EEA then it may be necessary to transfer some of your data to that country outside of the EEA for that purpose. If you are in a country outside the EEA or if the instructions you provide come from outside the EEA then it is inevitable that information will be transferred to those countries. If this applies to you and you wish additional precautions to be taken in respect of your information please indicate this when providing initial instructions.

Some countries and organisations outside the EEA have been assessed by the European Commission and their data protection laws and procedures found to show adequate protection.Most do not. If your information has to be transferred outside the EEA, then it may not have the same protections and you may not have the same rights as you would within the EEA.

I may transfer your personal information to the following which are located outside the European Economic Area (EEA):

  • cloud data storage services based in the USA who have agreed to comply with the EU-U.S. Privacy Shield, in order to enable me to store your data and/or backup copies of your data so that I may access your data when they need to. The USA does not have the same data protection laws as the EU but the EU-U.S. Privacy Shield has been recognised by the European Commission as providing adequate protection. To obtain further details of that protection see https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en.
  • cloud data storage services based in Switzerland, in order to enable me to store your data and/or backup copies of your data so that I may access your data when I need to. Switzerland does not have the same data protection laws as the EU but has been recognised by the European Commission as providing adequate protection; see https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.

If I decide to publish a judgment or other decision of a Court or Tribunal containing your information then this will be published to the world.

I will not [otherwise] transfer personal information outside the EEA [except as necessary for providing legal services or for any legal proceedings].

If you would like any further information please use the contact details at the end of this document.

How long will I store your personal data?

I will normally store all your information:

Fifteen years –
This is the under advisement from my professional indemnity insurers, The Bar Mutual Indemnity Fund, who state:

“Our preference is for documents to be retained for 15 years as this is the long-stop period under the Limitation Act. There is an argument for retaining documents beyond this period (for those under a disability or where deliberate concealment is alleged), but taking a proportionate view, it seem to us that 15 years strikes the right balance”.

  • At this point any further retention will be reviewed and the data will be marked for deletion or marked for retention for a further period. The latter retention period is likely to occur only where the information is needed for legal proceedings, regulatory matters or active complaints. Deletion will be carried out (without further notice to you) as soon as reasonably practicable after the data is marked for deletion.
  • I will store some of your information which I need to carry out conflict checks for the rest of my career. However, this is likely to be limited to [your name and contact details/ the name of the case/anything else]. This will not include any information within categories (g) to (o) above.
  • Information related to anti-money laundering checks will be retained until five years after the completion of the transaction or the end of the business relationship, whichever is the later;
  • Names and contact details held for marketing purposes will be stored indefinitely or until I [or my clerks] become[s] aware or am[/are] informed that the individual has ceased to be a potential client.

Consent

As explained above, I am relying on your explicit consent to process your information in categories (g) to (o) above. You provided this consent when [you agreed that I would provide legal services/you asked me to provide a reference].

You have the right to withdraw this consent at any time, but this will not affect the lawfulness of any processing activity I have carried out prior to you withdrawing your consent. However, where I also rely on other bases for processing your information, you may not be able to prevent processing of your data. For example, if you have asked me to work for you and I have spent time on your case, you may owe me money which I will be entitled to claim.

If there is an issue with the processing of your information, please contact my clerks using the contact details below.

Your Rights

Under the GDPR, you have a number of rights that you can exercise in certain circumstances. These are free of charge. In summary, you may have the right to:

  • Ask for access to your personal information and other supplementary information;
  • Ask for correction of mistakes in your data or to complete missing information I hold on you;
  • Ask for your personal information to be erased, in certain circumstances;
  • Receive a copy of the personal information you have provided to me or have this information sent to a third party. This will be provided to you or the third party in a structured, commonly used and machine readable format, e.g. a Word file;
  • Object at any time to processing of your personal information for direct marketing;
  • Object in certain other situations to the continued processing of your personal information;
  • Restrict my processing of your personal information in certain circumstances;
  • Request not to be the subject to automated decision-making which produces legal effects that concern you or affects you in a significant way.

If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioners Office on Individual’s rights under the GDPR.

If you want to exercise any of these rights, please:

  • Use the contact details at the end of this document;
  • I may need to ask you to provide other information so that you can be identified;
  • Please provide a contact address so that you can be contacted to request further information to verify your identity;
  • Provide proof of your identity and address;
  • State the right or rights that you wish to exercise.

I will respond to you within one month from when I receive your request.

Marketing Emails

Please note if you wish to unsubscribe from any marketing emails that you have signed up for, you can do so by informing me at the contact details given at the end of this notice.

How to make a complaint?

The GDPR also gives you the right to lodge a complaint with the Information Commissioners’ Office if you are in the UK, or with the supervisory authority of the Member State where you work, normally live or where the alleged infringement of data protection laws occurred. The Information Commissioner’s Office can be contacted at http://ico.org.uk/concerns/.

Future Processing

I do not intend to process your personal information except for the reasons stated within this privacy notice. If this changes, this privacy notice will be amended and placed on our website and will be inserted in all acknowledgements and electronic communications from me.

Changes to this privacy notice

This privacy notice was published in May 2018.

I continually review my privacy practices and may change this policy from time to time. When I do it will be placed on our website and will be inserted in all acknowledgements and electronic communications from me.

Contact Details

If you have any questions about this privacy notice or the information I hold about you, please contact me, my clerks, or my appointed Data Protection Manager.

The best way to contact me is to write to me at my Chambers address or contact my clerks by email at email address DP@42br.com, or by phone at 020 7831 0222.

At present my appointed Data Protection Manager is the Commercial Manger, Tony Charlick, who can be contacted at DP@42br.com.

Chambers privacy

Please also see the Chambers privacy policy.