In order that you are reliably informed about how we operate, we have developed this privacy notice which details the ways in which we collect, manage, process, store and share information about you as a result of you visiting this site. This privacy notice also provides you with information about how you can have control over the use of your data.
If you have any comments or queries regarding our use of your data, please contact our Data Manager at firstname.lastname@example.org.
Alternatively, you can write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD.
What Information Do We Collect About You?
In general terms, we require to collect information about you so that we can:
- Provide services and respond to enquiries, and manage our relationship with you.
- Enable business development including sending legal updates, publications and details for events.
- Deliver requested information to you about our products and services.
- Ensure the billing of any procured services and obtain payment.
- Process and respond to any complaints.
- Enable us to meet our legal and other regulatory obligations imposed on us.
- Audit usage of our websites.
- Process applications for employment.
The information that we need for these purposes is known as your “Personal Data”. This could include your name, address, email address, telephone and other contact numbers and financial information. It is possible for us to collect this in a variety of ways. For example, you may provide this data to us directly online, over the telephone, or when corresponding with us by letter.
We may also process sensitive classes of information such as:
- Physical or mental health details.
- Racial or ethnic origin.
If it is necessary to store your sensitive personal data on our systems, we will inform you.
Where appropriate we record our client telephone interactions. These calls will automatically be stored, for training and monitoring purposes.
How Will We Use The Information?
The table below outlines the purposes of processing your data, the legal basis for doing so, and where relevant any third parties that the data is shared with.
|Purpose for processing data||Legal basis for processing data||Third party organisations with whom data is shared|
|To manage our relationship with you, provide products or services and respond to enquiries.||To meet the requirements of a contract.||
Third parties necessary to progress your client matter. Examples of these parties are:-
|To ensure the billing of any procured services or products and obtain payment for such.||To meet the requirements of a contract.||Government VAT and tax inspectors, and external auditors|
|To communicate with you about our legal updates, any breaking news, newsletters and event invitations which are relevant to your interests and in line with your preferences.||Explicit consent prior to sending individuals the information and in line with preferences.||None.|
|To provide enquirers with help and support by telephone – to include recording conversations for monitoring and training purposes.||To fulfil contractual obligations including taking action before entering into a contract.||None.|
|To process and respond to complaints about our products or services.||To meet a legal obligation.||None.|
|To monitor and record information relating to the use of our services, to include our website.||To meet a legitimate interest in order to improve our services and the website experience for individuals.||Web service providers and cookie providers.|
Under the terms of Data Protection legislation, you have the following rights as a result of using this website:
Right To Be Informed
This privacy notice, in conjunction with our Cookies Policy, fulfils our obligation to tell you about the ways in which we use your information as a result of you using this website.
Right To Access
You have the right to ask us for a copy of any personal data that we hold about you, which is known as a “Subject Access Request”. Other than in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information free of charge. We will send you a copy of the information within 30 days of your request.
To make a Subject Access Request, please write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield S1 2DD.
Right To Rectification
To inform us if any of the information that we hold about you is inaccurate or incomplete, you can either:
- Contact our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield S1 2DD.
- Email email@example.com
Right To Be Forgotten
From 25 May 2018, you can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply with such a request, we will fully action this within 30 days.
Right To Object
You have the right to object to:
- The continued use of your data for any purpose listed above for which consent is identified as the lawful basis for processing.
- The continued use of your data for any purpose listed above for which legitimate interest has been identified as the lawful basis for processing.
Right To Restrict Processing
If you wish us to restrict the use of your data because:-
- You think it is inaccurate but this will take time to validate.
- You believe our data processing is unlawful but you do not want your data erased.
- You want us to retain your data in order to establish, exercise or defend a legal claim.
- You wish to object to the processing of your data, but we have yet to determine whether this is appropriate, please write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD or email firstname.lastname@example.org
Right To Data Portability
If you would like to move, copy or transfer the electronic personal data that we hold about you to another organisation, please write to our Data Manager at Graysons, Courtwood House, Silver Street Head, Sheffield, S1 2DD or email email@example.com
How Long Will We Retain Personal Information For?
We will typically retain information for a period of seven years. This is to satisfy regulatory requirements and to ensure our records are adequate to discharge our obligations to protect our clients.
None of the information that we collect process or store as a result of this website is transferred outside of the European Economic Area (EEA). This includes information that is exchanged with any third party organisation as described above.
Data Privacy And Security
Here at Graysons we maintain a comprehensive data management plan, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.
We also maintain an active information security policy which seeks to protect the availability, confidentiality and integrity of all physical and information assets. These plans and policies helps us to:
- Protect your data against potential breaches of confidentiality;
- Ensure all IT resources are protected against damage, loss or misuse;
- Through training, increase the awareness and understanding of the requirements of information security, and the responsibility of our staff to protect the confidentiality and integrity of the information that they handle.
- Ensure the optimum security of this website.
Our website may contain links to other websites. Please note that we are not responsible for the privacy and security practices of other websites. This privacy notice applies solely to the information collected by this website.
Information Commissioners Office
You have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow SK9 5AF or https://ico.org.uk.