Privacy and Cookies Notice
For the purpose of the Data Protection Act 2018 (the Act) and the provisions of Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR), Walker Morris LLP is the data controller of your personal information and is entered in the Information Commissioner’s Office (ICO) Register of Data Controllers with registration number Z3377061.
This Notice explains how we may collect and process personal data about:
- clients and prospective clients
- visitors to our Website and subscribers to our online services
- job and work experience applicants and current employees
Depending on our relationship with you this notice may be supplemented with additional information relating to our use of your personal data included for example in our Terms of Business and Terms of Engagement letter (for clients) and our applicant form and employment contract (for job applicants and employees).
What personal information do we collect and why do we collect it?
We may collect and process the personal information about you including information:
- that you provide by filling in forms on our Website, posting material, requesting further services or reporting a problem with our Website
- that you provide when you use our professional services as a client
- received in correspondence that you send to us
- provided to us as part of a job or student placement application you make
- received during certain calls to and from us (see under ‘Call Recording’ below)
- concerning your visits to our Website (including but not limited to traffic data) and the resources that you access
We may also collect information about you in other ways, for example:
- if you are a customer of one of our clients, and we are undertaking legal services on our client’s behalf
- if you have any other dealings with one or more of our clients which are related to legal services which we are providing to our client or on our client’s behalf
- indirectly, through one of our people, a client or a third party
- if you are a supplier of ours, from that supplier relationship
- from publicly available sources, for example the electoral roll or Companies House
How we use your personal data
The way we process your personal data we collect as set out above varies depending on our relationship with you. In each case the purposes for which we request the information will be clear from the context in which it is acquired. These include:
- providing our services to you or an entity for which you work
- verifying your identity
- keeping a record of the services you have subscribed to and deliver services you may have requested
- administration, billing and record-keeping purposes
- communicating with you by telephone, email, fax or post
- meeting our legal, regulatory and contractual obligations arising from any our relationship with you (for example under anti-money laundering legislation)
- providing and improving customer service and support
- administering our Website, enhancing operational capabilities and for internal operations
- verifying or enforcing compliance with this Notice and applicable laws
- to inform you of legal developments that may affect you or to inform you of other products, services or events which we think may be of interest to you (unless you have opted out of receiving such marketing communications)
Disclosure of your personal data
We will only disclose your personal information to another person or organisation where we:
- need to share the information to provide a product or service you have requested
- need to send the information to persons or organisations who engage us to conduct legal services on their behalf, including where you are that third party’s customer
- need to send the information to persons or organisations that work on our behalf to provide a product or service to you. Where such a person or organisation does work on our behalf we will ensure that they are contractually required to take appropriate technical and organisational measures to protect your personal information against unauthorised or unlawful processing and against accidental loss or destruction of, or damage to, personal information and only use the information in order to provide a product or service on our behalf
- are required to disclose the information in order to comply with the law or the requirements of a regulatory authority
Our legal basis for using your personal data
Our use of your personal data as outlined above is subject to different legal bases for processing, including where necessary for:
- the purposes of the performance of any contract we enter into with you or to take steps at your request prior to entering into a contract with you
- our legitimate interests, for example in providing legal services to an entity you work for, managing and monitoring our website operation, preventing fraud and for our business compliance purposes
- compliance with our legal and regulatory responsibilities.
If you do not agree to provide your personal data to us we may not be able to provide you with legal services or process your application for other services or employment. Where our use of your data is not necessary for one of the purposes outlined above we may use it in a particular way with your consent (for example if you have registered to attend an event we are hosting or to receive legal updates). Where we ask for your consent you are free to refuse our use of your personal data for those purposes and you may withdraw your consent at any time by contacting us using the details set out below. This shall not affect the lawfulness of any processing that was based on your consent before you withdrew it.
As a law firm our work is largely regulated by the Solicitors Regulation Authority. We are often engaged by businesses that provide financial services that are in turn themselves regulated by the Financial Conduct Authority (the FCA). As part of our legal work on their behalf, we are required to follow certain FCA rules, including recording telephone calls in respect of certain customer transactions that we deal with. We may share any customer call recordings with the relevant financial services business of which you are, or may previously have been, a customer. This recording is undertaken for regulatory compliance, training and quality purposes.
Storage and transfer of your personal data
The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers or in circumstances where your instruction has international considerations and/or parties related to your matter are located overseas. Before we transfer your personal data outside the EEA we will take all steps reasonably necessary to ensure that any such transfer is made securely and that there is adequate protection in place in order to protect your personal data, as required by the Act and Chapter V of the GDPR. Please contact us if you wish to obtain more information regarding relevant safeguards. By submitting your personal information you agree to this transfer, storing or processing outside the EEA.
Retention of your personal data
We will retain your personal information for a minimum of six years and so long as is reasonably necessary for the purpose for which it was obtained and in accordance with our legal obligations and follow our data destruction policy and processes thereafter.
Links to other websites
This Notice only extends to our Website and does not, therefore, extend to your use of, provision of information to and collection of information on any website not connected to Walker Morris LLP to which you may link by using the hypertext links within our Website.
Your personal information is protected under data protection law and you have a number of rights (see below) which you can seek to exercise. Please contact us in writing, by email or telephone using the details shown under ‘Contact and Complaints’ below if you wish to do so, or if you have any queries in relation to your rights. Please note these rights do not apply in all circumstances.
Right of access – subject to certain exceptions, you have the right of access to your personal data that we hold.
Right to rectify your personal information – if you discover that the information we hold about you is inaccurate or incomplete, you have the right to have this information rectified (i.e. corrected).
Right to be forgotten – you may ask us to delete information we hold about you in certain circumstances. This right is not absolute and it may not be possible for us to delete the information we hold about you, for example, if we have an ongoing contractual relationship or are required to retain information to comply with our legal obligations.
Right to restriction of processing – in some cases you may have the right to have the processing of your personal information restricted. For example, where you contest the accuracy of your personal information, its use may be restricted until the accuracy is verified.
Right to object to processing – you may object to the processing of your personal information (including profiling) when it is based upon our legitimate interests. You may also object to the processing of your personal information for the purposes of direct marketing and for the purposes of statistical analysis.
Right to data portability – you have the right to receive, move, copy or transfer your personal information to another controller when we are processing your personal information based on consent or on a contract and the processing is carried out by automated means.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to collect aggregate information for us to use. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
What are cookies and why do we use them?
Cookies are small text files that are created and stored on your browser or the hard drive of your computer by websites that you visit to enable the website to operate properly to ‘remember’ who you are and to monitor website traffic. Cookies are generally only visible to the website that serves them and not to other websites.
Cookies are used on our Website to ‘remember’ information so that it can be passed from page to page and to collect website statistics. This statistical data collected may be used to help improve our Website and the services that we offer to you. Some of our cookies will also recognise you as a previous visitor the next time you visit our Website to improve your experience.
How to manage cookies
Most internet browsers accept cookies automatically however, you can accept, delete or disable cookies if you wish; the process for which can usually be found in your internet browser’s ‘Help’ menu.
For more information about cookies and instructions on how to adjust your browsers settings to accept, delete or reject cookies, see the IAB website. The relevant page for adjusting your browser settings is available here.
We use five types of cookie on this Website. None of them stores any information that identifies you personally, such as a name or postal address.
Cookies we use
Essential site cookie: ASP.NET_SessionId: This cookie is set upon arrival to our Website, and collects anonymous information which is used to enhance the user experience. This cookie is deleted when you close your browser. Visit the Microsoft website.
Google Analytics: _utma; _utmb; _utmc; _utmt; _utmz: These cookies are used to collect anonymous information about how visitors use our Website, including the number of visitors, where they came from and the pages they visited. We use this information to compile reports and to help us improve our Website. Click here for an overview of privacy at Google. Google Analytics’ terms require us to disclose that we use Google Analytics and how it collects and processes data. Please see the site “How Google uses data when you use our partners’ sites or apps” at www.google.com/policies/privacy/partners for more information.
Extranet branding cookie: SystemID: This cookie is set upon arrival to our Website’s extranet sites and it is used to ensure that appropriate Walker Morris LLP branding is displayed on the relevant extranet site depending on what service is accessed by you. This cookie is deleted when you close your browser.
Extranet logon cookie: LogonSettings: This cookie is used for remembering the your chosen logon preference (i.e. “Remember my username and password”, “Remember my username”, or “Always ask for my username and password”). This cookie remains persistent for a period of six months from your last logon.
Siteimprove cookie: nmstat: This cookie is used to collect anonymous information about how our visitors use our Website, including the number of visitors, where they came from and the pages they visited. We use this information to compile reports and to help us improve our Website.
Policy read cookie: Cookie_policy_read: This cookie is used to track whether the user has visited the site before so the cookie notification panel is not shown in future sessions.
Walker Morris LLP takes great care to ensure the security of our Website and your personal information. Only authorised personnel and contractors have access to your information. We will keep your information secure by taking appropriate technical and organisational measures against unauthorised or unlawful processing, accidental loss, destruction and damage. We are also Information Security ISO27001 certified.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information we cannot guarantee the security of your personal information transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Changes to this Notice
We may change this Notice at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we have made, as they are binding on you. If we make any substantial changes in the way we use your personal information we will notify you by posting a prominent notice on our Website.
If you have any questions about how we treat your personal data and protect your privacy, if you have any comments or wish to seek to exercise any of your rights as outlined above, to opt-out of receiving marketing communications from us or to complain about our use of your personal data, please write to Tracy Foley at Walker Morris LLP, Kings Court, 12 King Street, Leeds LS1 2HL, by email at email@example.com or by telephone on +44 (0)113 283 2500.
You may also lodge a complaint with the ICO by writing to the Information Commissioner’s Office, Water Lane, Wilmslow, SK9 5AF telephone 0303 123 1113. www.ico.org.uk/.
This website, www.walkermorris.co.uk (our Website) is provided by Walker Morris LLP, a limited liability partnership registered in England and Wales.
All rights reserved. Design and content © Walker Morris LLP 2005-2017.
Last updated: 18 April 2018