Call for an initial consultation

  • Sheffield 0114 272 9184
  • Chesterfield 01246 229 393
  • Hathersage 01433650718

Privacy and Security Policy

Graysons is a law firm in the UK offering a range of legal services to private individuals and businesses. As an essential part of our business, we collect and manage client and non-client data. In doing this, we observe the UK data protection legislation (DPA 2018)alongside the EU GDPR, and are committed to protecting and respecting clients’ and non-clients’ privacy and rights. We act as a Data Controller and Data Processor in respect of the information gathered and processed by us.

Last updated on December 16th, 2020 at 03:47 pm

In order that you are reliably informed about how we operate, we have developed this privacy notice which details the ways in which we collect, manage, process, store and share information about you as a result of you visiting this site. This privacy notice also provides you with information about how you can have control over the use of your data.

If you have any comments or queries regarding our use of your data, please contact our Data Manager at

Alternatively, you can write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD.

What Information Do We Collect About You?

In general terms, we require to collect information about you so that we can:

  • Provide services and respond to enquiries, and manage our relationship with you.
  • Enable business development including sending legal updates, publications and details for events.
  • Deliver requested information to you about our products and services.
  • Ensure the billing of any procured services and obtain payment.
  • Process and respond to any complaints.
  • Enable us to meet our legal and other regulatory obligations imposed on us.
  • Audit usage of our websites.
  • Process applications for employment.

The information that we need for these purposes is known as your “Personal Data”. This could include your name, address, email address, telephone and other contact numbers and financial information. It is possible for us to collect this in a variety of ways. For example, you may provide this data to us directly online, over the telephone, or when corresponding with us by letter.

We may also process sensitive classes of information such as:

  • Physical or mental health details.
  • Racial or ethnic origin.

If it is necessary to store your sensitive personal data on our systems, we will inform you.

Where appropriate we record our client telephone interactions. These calls will automatically be stored, for training and monitoring purposes.

This website uses cookies to collect information about you such as your Internet Protocol (IP) address (a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication), and information about your visit such as the pages you visited or searched for, page response times, and page errors. We do this so that we can measure our website’s performance and make improvements to it. Cookies are also used to enhance the website’s functionality and personalisation, which includes sharing data with third party organisations. You can control cookie behaviour by adjusting your cookies settings as described in our Cookie Policy.

How Will We Use The Information?

The table below outlines the purposes of processing your data, the legal basis for doing so, and where relevant any third parties that the data is shared with.

Purpose for processing data Legal basis for processing data Third party organisations with whom data is shared
To manage our relationship with you, provide products or services and respond to enquiries. To meet the requirements of a contract.

Third parties necessary to progress your client matter. Examples of these parties are:-

Medical Experts
Expert Witnesses
Government Bodies
Mortgage Companies


To ensure the billing of any procured services or products and obtain payment for such. To meet the requirements of a contract. Government VAT and tax inspectors, and external auditors
To communicate with you about our legal updates, any breaking news, newsletters and event invitations which are relevant to your interests and in line with your preferences. Explicit consent prior to sending individuals the information and in line with preferences. None.
To provide enquirers with help and support by telephone – to include recording conversations for monitoring and training purposes. To fulfil contractual obligations including taking action before entering into a contract. None.
To process and respond to complaints about our products or services. To meet a legal obligation. None.
To monitor and record information relating to the use of our services, to include our website. To meet a legitimate interest in order to improve our services and the website experience for individuals. Web service providers and cookie providers.

Your Rights

Under the terms of Data Protection legislation, you have the following rights as a result of using this website:

Right To Be Informed

This privacy notice, in conjunction with our Cookies Policy, fulfils our obligation to tell you about the ways in which we use your information as a result of you using this website.

Right To Access

You have the right to ask us for a copy of any personal data that we hold about you, which  is known as a “Subject Access Request”. Other than in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information free of charge. We will send you a copy of the information within 30 days of your request.

To make a Subject Access Request, please write to our  Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield S1 2DD.

Right To Rectification

To inform us if any of the information that we hold about you is inaccurate or incomplete, you can either:

  • Contact our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield S1 2DD.
  • Email

Right To Be Forgotten

From 25 May 2018, you can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply with such a request, we will fully action this within 30 days.

Right To Object

You have the right to object to:

  • The continued use of your data for any purpose listed above for which consent is identified as the lawful basis for processing.
  • The continued use of your data for any purpose listed above for which legitimate interest has been identified as the lawful basis for processing.

Right To Restrict Processing

If you wish us to restrict the use of your data because:-

  1. You think it is inaccurate but this will take time to validate.
  2. You believe our data processing is unlawful but you do not want your data erased.
  3. You want us to retain your data in order to establish, exercise or defend a legal claim.
  4. You wish to object to the processing of your data, but we have yet to determine whether this is appropriate, please write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD or email

Right To Data Portability

If you would like to move, copy or transfer the electronic personal data that we hold about you to another organisation, please write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD or email

How Long Will We Retain Personal Information For?

We will typically retain information for a period of seven years. This is to satisfy regulatory requirements and to ensure our records are adequate to discharge our obligations to protect our clients.

Overseas Transfers

None of the information that we collect process or store as a result of this website is transferred outside of the European Economic Area (EEA). This includes information that is exchanged with any third party organisation as described above.

Data Privacy And Security

Here at Graysons we maintain a comprehensive data management plan, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.

We also maintain an active information security policy which seeks to protect the availability, confidentiality and integrity of all physical and information assets. These plans and policies helps us to:

  • Protect your data against potential breaches of confidentiality;
  • Ensure all IT resources are protected against damage, loss or misuse;
  • Through training, increase the awareness and understanding of the requirements of information security, and the responsibility of our staff to protect the confidentiality and integrity of the information that they handle.
  • Ensure the optimum security of this website.


Our website may contain links to other websites. Please note that we are not responsible for the privacy and security practices of other websites. This privacy notice applies solely to the information collected by this website.

Information Commissioners Office

You have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow SK9 5AF or

scroll to top