This Privacy Notice explains what personal information I collect from you and how I use it, the conditions under which I may disclose it to others and how I will keep it secure. It will also tell you about your privacy rights and how the law protects you.
I am a solicitor and sole director of Whitworth Law Limited. Whitworth Law Limited is regulated and authorised by the Solicitors Regulation Authority under SRA number 822109.
My practice specialises in wills, probate, trusts, inheritance tax and capital gains tax advice, Lasting Powers of Attorney and Court of Protection matters.
Whitworth Law Limited will be the ‘data controller’ for the purpose of data protection law in relation to any personal information I hold about you. Personal information is any data from which an individual can be identified.
I am committed to maintaining high standards of confidentiality in relation to the information provided to me in the course of my business. I will not disclose your personal details to any third parties unless it is necessary or I am legally obliged to do so. When I do need to disclose your personal information, such as proceeding with your instructions or obtaining compliance or regulatory advice, I will do so in accordance with the General Data Protection Regulations (GDPR).
Please read this Privacy Notice carefully and contact me if you have any queries. My contact details are given at the end of this Notice.
- What personal information I may need from you
In the course of dealing with my instructions on a matter, I will need to collect and process personal information for various purposes. I will only collect and process personal information when it is necessary and where I have a legal basis to do so. I most commonly collect and process:
- Contact information for individuals (such as full name, date of birth, address, email address and telephone number). I may collect additional information to enable the identity of individuals to be verified;
- Details of your bank account;
- Information regarding an individual’s financial position and pension arrangements;
- Your national insurance number and tax references.
The type of information I require will vary depending on the nature of the instructions and the work I am undertaking.
Your personal information will be securely stored confidentially on my computer systems and, for some matters, in paper files.
I may also need to obtain some sensitive personal information from you and may include racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, information concerning health or sex life and sexual orientation, genetic information or biometric information. In many cases I will not need to request or hold sensitive personal information but there may be occasions when this is necessary, for example:
- Religious beliefs for the purposes of funeral arrangements;
- To assess the mental capacity of an individual wishing to make a will or Lasting Power of Attorney.
- Why I need it
I need to know your personal information in order to carry out my contract with you for the provision of legal services. I will not collect any personal information from you which I do not need. The following are some examples of what I may use your personal information for:
- Verifying your identity;
- Communicating with you;
- Obtaining insurance policies on your behalf;
- Processing your legal transaction, including providing you with advice, preparing documents or to complete transactions;
- Keeping financial records of your transactions and the transactions I make on your behalf;
- Making payments of any funds due to you from an estate.
- How I use your personal information
Data protection law requires me to have a legal basis for processing your information. In most cases I will only process your personal information:
- So I can carry out my contract with you or take any steps you ask me to before entering into a contract with you;
- As necessary to comply with any legal obligations I have, such as under money laundering requirements;
- Where necessary for my legitimate purposes in providing legal services and/or for the legitimate purposes of my clients in receiving those services.
- Who has access to it?
When processing personal data I will comply with the data protection principles and I am also bound by professional obligations of confidentiality when providing legal services. I will keep your personal information confidential except where:
- I am under a legal, regulatory or professional obligation to disclose it (for example to comply with anti-money laundering regulations)
- I engage other professional advisers on your behalf, such as barristers and experts for the provision of specialist advice;
- I am required to do so for the purpose of my business (this includes my regulator and my professional indemnity insurer).
Examples of third parties whom I may disclose your personal information to:
- HM Revenue & Customs for probate and inheritance tax purposes;
- The Court of Protection;
- Department for Work and Pensions;
- Social Services;
- Solicitors acting for other parties involved on a matter;
- Asking for an independent barrister for advice or opinion or to represent you;
- Non-legal experts to obtain advice, opinion or assistance, such as accountants or estate agents;
- The SRA or the Information Commissioner’s Office;
- Bank or Building Society or other financial institutions;
- Insurance companies, if I need to arrange an indemnity insurance policy.
I do not intend that any of your personal information held by me will be either held or transferred outside of the EU.
- How I protect personal information
Your personal information is valuable and I will take all reasonable measures in order to protect your information from loss, misuse, alteration or destruction. I have put in place physical and electronic procedures to safeguard and secure personal information.
- How long I will keep it for
I will only retain your personal information for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
Once my final bill has been settled, I will retain the file in a physical and digital format for between 7 and 15 years dependent upon the nature of the matter. Some files I will retain indefinitely such as wills and trusts.
These periods are set due to regulatory reasons and to ensure my business records are adequate to maintain the requisite levels of insurance. If you would like more information on my file retention policy relating to your specific matter then please contact me.
- Your rights
Request access to your personal information
GDPR gives you the right to see a copy of the personal information that I hold about you. You can ask me to supply you with copies of both paper and/or computer records and related information. This is called a ‘Subject Access Request’. Your request can be in writing or you can telephone me and I will respond within one month from receipt of your request. Further information on Subject Access Requests can be obtained from the ICO at www.ico.org.uk
You can also:
- Require me to correct any mistakes in your information which I hold;
- Require the erasure of personal information concerning you in certain situations;
- Receive the personal information concerning you which you have provided to me, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- Object in certain other situations to my continued processing of your personal information;
- Otherwise restrict my processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, I would refer you to the guidance from ICO on individuals’ rights under the GDPR.
My firm is registered with the ICO under registration number 00017508443.
If you have any concerns about the way in which I process or have processed your personal data or of you wish to exercise your rights under GDPR, then you can contact me in the following ways:
In writing at: Whitworth Law Limited, Foxhill Lodge, Perrymead, Bath, BA2 5AT
By telephone: 07704 178662
By email: email@example.com