This privacy notice is split into four sections: PART A deals with personal information we gather and use from a website visit; PART B deals with personal information on our clients and others related to a client matter and how it is used in respect of the legal services we provide; PART C deals with other individual’s (non client) information; and PART D sets out general provisions relating to information referred to in Parts A to C.
We take your privacy seriously. Please read this privacy notice carefully as it contains important information on how and why Lamb Brooks LLP (‘Lamb Brooks’) collects, stores, uses and shares personal information, your rights in relation to your personal information and how to contact us and supervisory authorities in the event you have a complaint.
When we use your personal data we are regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal data for the purposes of the GDPR. Our use of your personal data is subject to your instructions, the GDPR, other relevant UK and EU legislation and our professional duty of confidentiality.
Who We Are
Our full details are:
Full name of legal entity: Lamb Brooks LLP (company number OC363909)
Contact title: Data Protection Partner
Email address: email@example.com headed ‘GDPR’
Postal address: Victoria House 39 Winchester Street Basingstoke Hampshire RG21 7EQ
Telephone number: 01256 844888
By visiting lambbrooks.com you are accepting and consenting to the practices described in this notice.
Information we collect from you
We will collect and process the following data about you:
Information you give us – This is information about you that you give us by filling in forms on lambbrooks.com (our site). It includes information you provide when you search for a service, submit an enquiry, use the online livechat facility, use the online payment function, and report a problem with our site. The information you provide may include your name, address, e-mail address and phone number, information in relation to why you have contacted us, and financial and credit card information, as applicable.
Information we collect about you – With regard to each of your visits to our site we will automatically collect the following information:
As this information is collected automatically, please see the Cookies section below.
Information we receive from other sources – This is information we receive about you if:-
Uses made of the information
We use information held about you in the following ways:
Information you give to us. We will use this information:
Information we collect about you. We will use this information:
Information we receive from other sources – We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Disclosure of your information
You agree that we have the right to share your personal information with:
We will disclose your personal information to third parties:
How long your personal information will be kept
Please refer to PART B for client information, information posted on our website which becomes a client matter and for other individuals’ information that we have as part of a client matter (eg. where parents gift deposit monies towards a house purchase).
Please refer to PART C for other individuals’ (non client/matter) information – this includes general enquiries (other than via our website) that do not become a client matter, individuals located within organisations who supply goods and services to us, business contacts and referrers).
Any enquires made on this website which do not result in a client matter will be held for up to 12 months, unless you indicate you may contact us at a later date, in which case they will be held for a reasonable time.
This section covers personal information relating to individuals who are clients in their own capacity, as well as those who represent our client (for example a director of a client company, trustee of a trust, personal representatives, guardians etc) together with any individuals who are integral to assisting our client in a relevant matter such as a guarantor, beneficial owner(s), parents and people linked to clients’ ongoing legal services.
How we collect your personal information
We collect most of this information from you (in person, by telephone, email and/or via our website). However, we may also collect information:
The personal information we collect and use and why
In order to fulfill our contractual obligations to you, we generally require the following from you, depending upon the services we provide:-
Statutory / legal obligations
In order to comply with statutory, regulatory or lender’s requirements, depending upon the services we provide, we may require:-
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We may process your personal data where it is necessary for legitimate interests pursued by us as a legal practice seeking to engage with and provide services to prospective and current clients, in order to:-
We may use your personal information to market our similar services via eg. e-newsletters or invites to seminars or social events that we arrange from time to time, unless you advise us that you do not wish to receive any such communications.
We have a legitimate interest in processing your personal data for direct marketing purposes (see above, ‘Legitimate Interests’). This means we do not usually need your consent to send you direct marketing materials. However, where consent is needed, we will ask for this separately and clearly.
We will never sell or share your personal information with other organisations for marketing purposes.
You have the right to opt out of receiving marketing communications at any time. Any communications we do send will allow you to opt-out of receiving any future marketing communications from us, or you may amend your preferences going forward. You can also opt-out or change your preferences at any time by emailing us at firstname.lastname@example.org headed ‘unsubscribe’ or ‘change preferences’ confirming what your new preferences are or by post to ‘Head of Marketing’ Lamb Brooks, Victoria House, 39 Winchester Street, Basingstoke, RG21 7EQ, ensuring you provide your name so we can identify you.
We may use third parties such as MailChimp to process or administer the data on our behalf, for example, for the purposes of mail merge and sending out event initiations – such third parties are not permitted to use the data for their own purposes.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
How we use your personal information
Who has access to your personal information
Members of Lamb Brooks staff and its authorised consultants where needed or necessary for carrying out the purposes for which this personal information is provided, as mentioned in this notice. We may also, where necessary, allow access by third parties as mentioned below.
Who we may share your personal information with
We may share your personal information with:-
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal information.
Where your personal data is held
Information may be held at our offices, third party agencies, service providers, representatives and agents as described above (see ‘Who we may share your personal information with’)
Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below: ‘Transferring your data out of the European Economic Area (EEA)’
We will not retain your personal information for longer than necessary for the purposes set out in this notice. Different retention periods apply for different types of personal information. The majority of client files are retained for a minimum of 6 years after the matter concludes, but you will be informed of the relevant retention period at the end of your matter.
Transferring your data out of the European Economic Area (EEA)
To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), eg:
These transfers are subject to special rules under European and UK data protection law.
We do not routinely share personal information to any organisation located outside of the EEA. These non-EEA countries do not generally have the same data protection laws as the United Kingdom and EEA. Where the matter requires us to do so, we will either only do so if:
We may also use organisations such as MailChimp (who are based in the USA) for marketing related e-mails. We will check that any such organisations have security processes and controls in place.
For more information please contact us, where relevant.
OTHER INDIVIDUALS (NON CLIENT) INFORMATION
This section deals with personal information we may collect and use relating to individuals located within organisations who supply goods and services to us, business contacts, referrers, people who contact us with a general enquiry (other than via our website) and other parties to a client matter.
We collect most of this information from you. However, we may also collect information:
We may share your personal information with, where relevant:
Where you make an enquiry which does not result in a client matter (ie where we do not provide you with any advice), we will hold your information for up to 12 months, unless you indicate you may contact us at a later date, in which case it will be held for a reasonable time. If we do provide you with any advice, please see the ‘How long your personal information will be kept’ section in Part B of this notice.
In relation to suppliers, referrers and business contacts, we shall keep the personal information for so long as is necessary for the purposes set out in the table above.
Where services have been provided as part of a client matter, or the personal information relates to the client matter, your relevant personal information may be kept with the client file.
We do not routinely share personal information to any organisation located outside of the EEA. However, we may use organisations such as MailChimp (who are based in the USA) for marketing related e-mails. We will check that any such organisations have security processes and controls in place.
PART D GENERAL
Under GDPR you have a number of important rights, free of charge. In summary, they include the following rights:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please see the ‘How to contact us’ section below, letting us have sufficient information to identify you (eg name, file number and names of any fee earners involved with your matter), proof of your identity and address (eg. a copy of your driving licence or passport and a recent utility or credit card bill) as well as letting us know the information to which your request relates.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Help us to help you by heeding any cybersecurity/fraud warning notices we send you by post or email, including those referenced beneath our email sign off details.
How to complain
We hope that we can resolve any query or concern you may raise about our use of your information, but you may also contact the Information Commissioner’s Office at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information, advice or to make a complaint.
Changes to this privacy notice
This privacy notice was published on 23 May 2018 and last updated on 22 May 2019.
How to contact us
Please contact us if you have any questions about this privacy notice, or the information we hold about you.
If you wish to contact us, please send an email to email@example.com headed ‘GDPR, write to us at ‘GDPR’ Lamb Brooks, Victoria House, 39 Winchester Street, Basingstoke, RG21 7EQ or call 01256 844888
Do you need extra help?
If you would like this notice in another format, please contact us (see ‘How to contact us’ above), and where possible, we will try to help.
Lamb Brooks LLP
39 Winchester Street
f: 01256 330 933
© Lamb Brooks is authorised and regulated by the Solicitors Regulation Authority - SRA No 559661.
Lamb Brooks LLP (registered at Companies House OC363909) whose registered office address is: Victoria House, 39 Winchester Street, Basingstoke, Hampshire, RG21 7EQ
Website by Muze
Client Care Policy |
Privacy Notice |
Cookies Policy |