Privacy Policy

Website Terms and Data Privacy Policy

 

Thank you for visiting www.caserichardson.co.uk

This is ‘the website’ of Case Richardson Law.  We are regulated by The Solicitors Regulation Authority as Case Richardson Law SRA Number 8004015.

By browsing this website, you are agreeing to comply with and be bound by the terms and conditions of use therein. Please do not use the website if you do not agree with these terms and conditions.

Our policy relating to the capture and use of personal data (‘Data Privacy Policy’) as detailed below forms a part of these terms and conditions. Please feel free to print and keep a copy for your reference.

Using Our Website

Please use our website whenever you wish, however, we are not liable if it is unavailable at any time for any period. Our website content is for general information and whilst we aim to update it regularly, if any of the information is out of date at any time, we are not obliged to update the information. We are not liable for the accuracy, timelines, completeness, or suitability of the website contents. You use our website, entirely at your own risk as we do not make any representations or warranties of any kind. The content of our website does not represent legal and/or financial advice on which reliance should be placed. We will not be liable for any loss or damage. You access our website entirely at your own risk.

Our website includes links to other sites. Case Richardson Law does not have control over these other sites and our links do not imply recommendations or endorsements. Prior written consent is required to link to any pages within our website.

Do not introduce viruses, trojans, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware connected to our website. You must not attempt to gain unauthorised access. Unauthorised use may lead to a claim for damages or be a criminal offence which we will report to law enforcement authorities and your right to access our website will cease.

Your use of our website and any dispute arising out of such use are governed by, and will be construed in accordance with, with the law of England and Wales. Any rights not expressly granted in these terms and conditions are reserved.

Data Privacy Policy

 Case Richardson Law understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits our website and uses our services.  We will only collect and use personal data as described here, and in a way that is consistent with our obligations and your rights under the law. Please read this Data Privacy Policy carefully and ensure that you understand it.

 What does our Data Privacy Policy Cover?

Our Data Privacy Policy applies to your use of our website and personal data that we collect from you in any other interactions that you have with us outside of our website in the use of our services or visiting our office.

Personal Data

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

Your Rights

Under the Data Protection Legislation, you have the following eight rights, which we will always work to uphold:

1) The right to be informed about our collection and use of your personal data. Our Data Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the contact details section of this Data Privacy Policy.

2) The right to access the personal data we hold about you. The section of this Data Privacy Policy titled “Personal Data Access” will advise you how to do this.

3) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the contact details section of this Data Privacy Policy.

4) The right to be forgotten, i.e., the right to ask us to delete or otherwise dispose of any of your personal data that we hold.

5) The right to restrict (i.e., prevent) the processing of your personal data. The right to object to us using your personal data for a particular purpose or purposes.

6) The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.

7) The right to data portability. This means that, if you have provided personal data to us directly, and we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

8) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the contact details section of this Data Privacy Policy. Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

It is important that your personal data is kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed if we hold that data.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. However, we would welcome the opportunity to resolve your concerns ourselves, so please contact us in the first instance, using the contact details section of this Data Privacy Policy.

Complaints to the Information Commissioners Office

You can complain to the ICO if you have a concern about how we handle your data, how we have used your data, or you would like to lodge a complaint.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Helpline number: 0303 123 1113

 Data we Collect

Depending upon your use of our website and other interactions that you have with us, we may collect and hold some or all the personal and non-personal data set out below:

•   Identity Information including but not limited to, name, title, date of birth, gender etc.

•   Contact information including but not limited to, address, email address, telephone number.

•   Business information including but not limited to, business name, job title, profession.

•   Payment information including but not limited to, card details, bank account numbers.

•   Technical information including but not limited to, IP address, browser type and version and your operating system.

•   Details of your consultancy matter, including but not limited to, the history, circumstances, facts, and the persons involved in and related to your matter to the extent that we need this information to progress your matter acting in your best interests and or according to your client instructions as your Management & Compliance Consultants.

 CCTV

If you ever visit us at our office in Newcastle, we advise that there is CCTV systems installed on the outside of the building and personal data in the form of images or CCTV footage may be recorded.

We operate CCTV in line with the ICO CCTV Code of Practice and are processing CCTV data to pursue our legitimate interests of:

·       promoting a safe working environment and monitoring health and safety at our premises.

·       monitoring the safety and security of our premises.

·       deterring and assisting in the prevention, investigation, and detection of crime and/or serious breaches of policies and procedures.

CCTV is never used for any automated decision taking. Images captured by CCTV will not be kept for longer than is necessary and ordinarily, will not be retained for more than 30 days. However, on occasions, there may be a need to keep images for longer such as where a crime is being investigated.

We will only disclose images and audio to other authorised bodies such as the police or other law enforcement agencies for the purposes set out above.

Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive.  Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

By law, we may not place cookies on your computer without your consent, unless they are strictly necessary to the operation of the service that we provide on the website. We use Google Analytics to monitor how our website is being used so we can make improvements.

Our use of Google Analytics requires us to pass to Google your IP address (but no other information) – Google uses this information to prepare site usage reports for us, but Google may also share this information with other Google services. Google may use the data collected to contextualize and personalise the ads of its own advertising network.

    Google’s privacy policy

·    How Google uses this information

If you have any queries about the cookies that we use, or would like more information, please contact Wadzanai Richardson at wadzi@caserichardson.co.uk

Use of Your Personal Data

Under the Data Protection Legislation, we must always have a lawful basis for using or processing personal data. Our Lawful basis for using your personal data is based on the grounds that, you have made an enquiry about our services, asked for a quote, or we have been instructed by you to act as your management and compliance consultants to carry out your client instructions. The specific details of those instructions will have been confirmed to you in writing and stored in your client file. Depending on the circumstances of your instructions, and how and why we are processing your data, this will usually fall under the lawful basis of “Contract”, although there are circumstances where it could fall under the lawful bases of “Legitimate Interests”, “Legal Obligation”, “Consent” and even more rarely “Vital Interests”. If the lawful basis is other than the lawful basis of Contract, this will be documented in our records and where necessary communicated to you in writing.

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone and/or text message and/or post with information, news, and offers on our products and or services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will have the opportunity to opt-out.

We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that, or those original purpose(s) and we need to use your personal data for that purpose. If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using the details provided in the section of this privacy policy titled “Contact Details”.

If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.

In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

Storage of Personal Data

We will not keep your personal data for any longer than is necessary considering the reason(s) for which it was first collected. Where we are acting as your management and compliance consultants, depending on the nature of your matter, your personal data will usually be kept for a period of no longer than 8-years after your matter has concluded. The exact period for which your client file and your personal data will be kept and the information on storage and retrieval can be given to you in a closing letter at the conclusion of your matter.

However, where you do not have a client matter with us then your data may be held for no more than 6 years after your enquiry or quote has been received. In practice however, we will not keep your personal data for any longer than is necessary considering the reason(s) for which it was first collected. This means that your data could be deleted within mere weeks of it being collected but the exact retention period will vary depending on the nature of the data and the reasons for which it was collected and the lawful basis under which it was collected. Data held on our contact list for marketing will continue to be held unless you opt out of or unsubscribe from our information updates.

Storage and Transfer of Personal Data

We will usually only store or transfer your personal data within the UK. This means that it will be fully protected under the Data Protection Legislation. Where it is necessary to store or transfer your data within the European Economic Area, your personal data will also be fully protected under the Data Protection Legislation.

Where it is necessary for us to store or transfer your data in countries who may not have data protection laws that are as strong as those in the UK and/or the EEA, we will take additional steps to ensure that your personal data is treated just as safely and securely as it would be within the UK under the Data Protection Legislation.

The security of your personal data is essential to us, and to protect your data, we take several important measures, including the following:

•   limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality.

•   procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.

Sharing of Personal Data

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:

·      In some limited circumstances, our practice may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

·      In circumstances where we need to instruct Barristers, experts or other third parties to progress your case in your best interests.

·      In circumstances where we need to use approved outsourced providers to carry out work on your matter such client file auditors, IT experts, staff trainers, other collaborating consultants etc., these will be found in our list of approved outsourced providers, and we will have taken appropriate precautions to ensure that your personal data will be protected.

Withholding Information

You may access certain areas of our website without providing any personal data at all. However, to use all features and functions available on website you may be required to submit or allow for the collection of certain data.

Personal Data Access

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

Subject access requests can be made verbally or in writing and sent to the email or postal addresses shown in the section of this Data Privacy Policy titled “Contact Details”. To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request as soon as reasonably possible and, in any case, not more than one month after receiving it. Normally, we aim to provide a complete response, including a copy of your personal data where appropriate within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three-months from the date we receive your request. You will be kept fully informed of our progress.

Links to other websites

Our website contains links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over other websites.  Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this data privacy policy. You should exercise caution and look at the privacy statement or policy applicable to the website in question.

 Contact Details

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Data Protection Officer: Wadzanai Richardson

Email address: wadzi@caserichardson.co.uk

Telephone number: 074 3261 7971

Postal address:   Q16, Quorum Business Park, Benton Lane, Newcastle upon Tyne, NE12 8BX

Changes to this policy

The internet and data privacy best practice are both developing, especially considering the introduction of the GDPR. We therefore reserve the right to revise this Policy at any time. If this Policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties. Continued use of the Website will signify that you agree to any such changes.

Version 1.0 May 2023