Privacy Notice for Service Providers

Kitson & Trotman LLP takes your privacy very seriously and is committed to collecting only the minimum information necessary and processing1 it securely. We want you to know and be in control of how and why your personal information is used by us. If you have any queries or would like further information just ask. Please note we are not responsible for any third parties with whom your data is shared. You should receive a similar privacy notice from them which will tell you how they handle your data.

This particular Privacy Notice tells you this information, in general terms, when we communicate about the possibility of providing services or products to us under contract or for the actual provision of them. It also tells you your Data Protection Rights and how you can exercise them.

As well as collecting personal information from you, we may receive information about you direct from another party too. In such cases, and where it is lawful, appropriate, practicable, and proportionate to do so, we will make you aware that such information has been provided and give you the relevant details including the source. If you provide us with personal information about another person, in some cases, we may have to tell them we hold this information, and provide them with a Privacy Notice too. Please let us know, at the time, if informing them in this way is likely to cause you any problems or difficulties.

If you want more specific information about how your personal data has been processed including with whom it has been shared, then please let us know using the contact details below. Our full privacy notice will be on our website which can be found at https://kitsonandtrotman.co.uk or https://ktlaw.co.uk.

1: 'processing' means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1. Our Contact Details for Data Protection Matters

Kitson & Trotman is the Controller, under data protection law, for all the personal information about you that it processes, unless otherwise stated.  Data protection and privacy matters are handled by our Compliance Officer for Legal Practice (COLP) who can be contacted in the following ways: 

2. What Personal Information We Collect and Why

Type of personal information obtainedReason for collectionLegal basis for collectingWhy it may be sharedComment
Your name and address and contact details

 To be able to: -

  • conclude the contract particulars and documents;
  • contact you about the matter in hand or other matters where it is necessary to get in touch with you;
  • open your file and ensure efficient office procedures, record keeping, payments tracking etc.;
  • to verify and check ID and that we hold accurate details or can gather other important information about you as necessary
  • Necessary for our contract with you or to take steps at your request before you entered a contract with us;
  • Legitimate interest of our business as a legal practice in ensuring accurate records, billing, to prevent fraud, auditing, good governance, marketing, research etc.;
  • To meet any legal obligations placed on us as a controller of data such as to counter fraud and to meet professional standards etc.;
  • To comply with the requirements of agencies such as HM Revenue and Customs (HMRC).

Details shared, as necessary for the effective management of our business and contractual relationship with you, such as to our clients or other service providers who need to know who you are as part of the service or product you provide.

 

This is both in relation to the business (where sole trader or partnership or the direct contact where it is a company as well as the details of specific staff with whom we will have contact during the contractual relationship (and perhaps afterwards).

 
Financial information such as bank details and also, where appropriate financial information so we can assess your financial viability where such is relevant to the decision whether to use your services Necessary to allow secure payments from/to you, to identify payments/receipts in our records; for audit purposes; to carry out required checks and screening for financial reasons and other sanctions or embargoes; 
  • Necessary for the performance of our contract with you.
  • As required by law or legal obligation.
  • In the legitimate interests of the firm for example auditing and anti-fraud purposes.
For the effective management of our business and relationship with you or required by law, such as our bankers and administrative staff or other service providers. The degree of information required will depend upon the value of the contract; the past experience of using the service provider and any other matter where a higher level of checks are considered sensible 

Details of the services or products provided (where this amounts to personal information) e.g. we may require evidence of qualifications of individuals or may only accept named individuals

Necessary so we can check the provision of services or products meets our business needs and any legal requirements.

In some services where the basis is an on-going personal relationship with our staff, such a support desk for IT, it will be important that staff know with whom they are dealing and can build a positive relationship.

As above As necessary within the firm to monitor delivery of the services (and deal with issues in performance); to make payments; to deal with issues and in the provision of references to others The records held will usually be minimal and likely to amount to names, email addresses and perhaps location however the nature of the contract will determine the extent of the information held 
Other personal information not listed above but relevant to the services or products provided The reasons will be explained at the time if necessary providing it is lawful and reasonable to do so As above but may also be another legal basis which would be provided at the time if it is lawful to do so As above To complete Form E and Form D81 and generally deal with the Family Procedure Rules relevant to your case
Other personal information not listed above but relevant to your case The reasons will be explained at the time if necessary providing it is lawful and reasonable to do so As above, but may also be another legal basis which would be provided at the time if it is lawful to do so As above but may also be shared with someone outside the list provided below where necessary and appropriate. Details to be provided at the time if it is lawful to do so  

We will tell you if providing some personal data is optional including if we need your consent to use it. Where the legal basis for processing your personal information is, solely, your consent then you may withdraw that consent at any time by letting us know. Where providing personal information is a statutory or contractual requirement, or essential to progress the matter in hand, then, we will explain the consequence of failing to provide the information requested, so you can make an informed decision. Please note that any actions we may have taken before your consent was withdrawn will remain valid.

We will not use sensitive personal information which is classed as Special Category Data such as information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, any trade union membership, health or sex life or sexual orientation unless it is lawful to do so and necessary to the matter with which we are dealing. We do not expect this type of information to be required as part of our service provision relationship but, if it is, we will make you aware of this fact and the legal basis for its use e.g. for our equality and diversity monitoring.

Please see our general privacy policy, which is on our website, for general information about our use of personal data (including that entered on our website) and why our website uses 'cookies'2.

2: Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.

3. Sharing your personal data

Your information may be shared, internally, as necessary, so we can manage the matter in question efficiently and for our own legitimate business purposes. We will never sell your personal data to a third party but it is often necessary to disclose your personal data to others, such as other professional, regulatory or statutory bodies, when we:

Where we use another service provider to provide services to us, such as IT or internet providers, and that involves the processing of your personal data, we take reasonable steps to ensure that such data is processed in line with the relevant law; and, where necessary, is subject to a legal agreement containing suitable security measures.

The list below should not be seen as definitive but will give a flavour of the sharing that normally occurs for the provision of services or products:

4. Overseas Transfers

In the normal course of business, we do not transfer your personal data overseas unless it is at your request; it is necessary to carry out your instructions; for any legal reasons such as a court order; to combat crime etc.; or where the internet or other IT service provider such as Microsoft is based or stores information overseas. We take reasonable care to ensure that such transfers are secure and that there are adequate safeguards in place to protect your rights and freedoms, where possible, such as contracts with service providers based overseas.

Our computer backups are stored ‘in the cloud’ which is based in the European Economic Area (EEA) and conforms to the required security standards or otherwise meets EU adequacy requirements.

Where we become aware that any information has been or is to be transferred overseas, other than as is set out above, we will inform you and give you more details of the security measures in place to protect it, provided it is lawful and proportionate to do so.

5. Retention of your Personal Data

We will retain your personal data while you are providing services or products to us, for the fulfilment of the contract we have with you and for the effective management of our relationship and our business.

Once our business relationship with you ends, we will retain it for 6 years after the closure of your file. We may, then, destroy, securely, such personal information. We may be required, or wish, to keep your personal data for a longer period such as in the event of legal proceedings or claims.

6. Your Data Protection Rights

Your rights in law are listed below. Please let us know - see section 1 above - if you want more information or if you wish to exercise any of your rights. Please note that not all the rights apply in all circumstances.

Please see the UK Information Commissioner’s Office website at www.ico.org.uk for more details. We do hope if you are unhappy about our service that you will let us know first so we have a chance to investigate and put things right.

7. Marketing

If you are an existing service provider we may contact you about products, services or special events we think might be of interest to you. Please let us know if you would rather not receive such information or if you wish to express a preference as to the type of information we send or how it is sent by contacting us as shown above in Section 1.

If you register with us through our website or become a new provider, then, at that point, we will invite you to ‘opt into’ such marketing and ask you about your preferences and let you know the choices available. You can change your mind at any point by just letting us know and we will make the change as soon as possible; or if you change your mind at a later date just follow the same procedure to let us know.

8. How we protect your information

We use reasonable and proportionate measures to safeguard your personal information such as raising staff awareness to the risks of holding data/information and encryption of the information where appropriate. You should be aware, however, that the use of the Internet such as via email or a website, is not secure and, for this reason, although we take reasonable steps to protect the information we send you, we cannot guarantee its security. Any information you choose to send to us via the Internet is at your own risk.

In addition, we have no control over the privacy practices of any of the persons, companies or bodies etc. with whom it is necessary to share your information. We will take reasonable steps, however, to ensure any transfer of data from us is reasonably secure.

In line with good practice, we back up the data that we hold electronically, to prevent its inadvertent loss such asthrough a power outage during thunder storms. The store is ‘in the cloud’ however the ‘cloud’ is based in the European Economic Area (EEA) and conforms to the required security standards or otherwise meets EU adequacy requirements.

9. Complaints about how we handle your information

If you are unhappy about any other aspect of our service, please let us know. If you believe that we have breached your privacy rights, please tell us contacting Compliance Officer using the details set out in section 1 above.

If you are not happy with our response, or you want to contact the Information Commissioner’s Office, which regulates and enforces data protection and privacy law in the UK, you can find details about how to do this at www.ico.org.uk.

10. Changes to this privacy notice

We will amend this privacy notice from time to time to make sure it is up to date and accurately reflects how and why we use your personal information. Please let us know if you have any queries or spot any mistakes.

 
The Champions
Beaminster, Dorset DT8 3AN
Mon-Thurs 9am - 5:30pm / Fri 9am - 5pm
t: 01308 862313
f: 01308 862033
e: beaminster@ktlaw.co.uk
9 Chancery Lane
Bridport, Dorset DT6 3PX
Mon-Thurs 9am - 5:30pm / Fri 9am - 5pm
t: 01308 427436
f: 01308 420335
e: bridport@ktlaw.co.uk
57/58 Broad Street
Lyme Regis, Dorset DT7 3QF
Mon-Thurs 9am - 5:30pm / Fri 9am - 5pm
t: 01297 442580
f: 01297 444810
e: lymeregis@ktlaw.co.uk
5 St Albans Chambers
St Alban Street, Weymouth, Dorset DT4 8PY
Mon-Thurs 9am - 5:30pm / Fri 9am - 5pm
t: 01305 341400
f: 01305 767644
e: s.jones@ktlaw.co.uk / jjudkins@ktlaw.co.uk
 


Authorised and regulated by the Solicitors Regulation Authority (SRA number 634822)
Kitson & Trotman Est. 1756