Eric Smith Law Limited
This notice explains when and why we collect personal information about you; how we use it, the conditions under which we may disclose it to others and how we keep it secure.
For clients of this firm, you should read this notice alongside our general terms and conditions which provide further information on confidentiality, data privacy etc.
This notice does not apply to any websites that may have a link to ours.
Data is collected, processed and stored by Eric Smith Law Ltd.; and we are what is known as the ‘data controller’ of the personal information you provide to us.
Eric Smith Law Ltd. is authorised and regulated by the Solicitors Regulation Authority under number 647825
Our Data Protection Officer can be contacted by email on firstname.lastname@example.org
The exact information we will request from you will depend on what you have asked us to do or what we are contracted to do for you.
There are two types of personal data (personal information) that you may provide to us:
In the majority of cases personal data will be restricted to basic information and information needed to complete ID checks. However, some of the work we do may require us to ask for more sensitive information.
Information about you may be obtained from a number of sources; including:
The primary reason for asking you to provide us with your personal data, is to allow us to carry out your requests – which will ordinarily be to represent you and carry out your legal work.
The following are some examples, although not exhaustive, of what we may use your information for:
We have a data protection regime in place to oversee the effective and secure processing of your personal data. We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Generally, we will only use your information within Eric Smith Law Ltd. However, there may be circumstances, in carrying out your legal work, where we may need to disclose some information to third parties; for example:
In the event any of your information is shared with the aforementioned third parties, we ensure that they comply, strictly and confidentially, with our instructions and they do not use your personal information for their own purposes unless you have explicitly consented to them doing so.
There may be some uses of personal data that may require your specific consent. If this is the case, we will contact you separately to ask for your consent which you are free to withdraw at any time.
We recognise that your information is valuable and we take all reasonable measures to protect it whilst it is in our care.
We have exceptional standards of technology and operational security in order to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.
We use computer safeguards such as firewalls and data encryption and annual penetration testing; and we enforce, where possible, physical access controls to our buildings and files to keep data safe.
Your personal information will be retained, usually in computer or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us. For example:
Under GDPR, you are entitled to access your personal data (otherwise known as a 'right to access'). If you wish to make a request, please do so in writing or contact the person dealing with your matter.
A request for access to your personal data means you are entitled to a copy of the data we hold on you – such as your name, address, contact details, date of birth, information regarding your health etc.- but it does not mean you are entitled to the documents that contain this data.
Under certain circumstances, in addition to the entitlement to ‘access your data’, you have the following rights:
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate further. you can contact them at email@example.com
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
The following are examples, although not exhaustive, of how we collect your personal information:
Whenever we collect your personal data, you will be provided the opportunity to ‘opt in’ to receiving marketing communications from us. We hope you will provide this information so you find our communications useful but if you choose not to this will have no effect on accessing our legal services.
Eric Smith Law Ltd. handles enquires at different stages and we group those enquiries in three main ways. We will take the following steps in each instance:
Prospects: Consent will need to be recorded before being added to marketing campaigns.
Fixed fee clients: Legitimate interest will be the legal basis. Relevant marketing communication by email will be sent during the case and once the case has been closed. Clients have the option to exclude themselves from marketing by clicking on the unsubscribe link on all of our emails, on the telephone when speaking to an advisor or contacting Eric Smith Law Ltd, through email or on social media.
Retainer clients: Legitimate interest will be the legal basis. Relevant marketing communication by email will be sent during the case and once the case has been closed. Clients have the option to exclude themselves from marketing by clicking on the unsubscribe link on all of our emails, on the telephone when speaking to an advisor.
Any contacts who have not engaged by opening an email over a period of 6 months will be removed from marketing communications.
The following are examples, although not exhaustive, of how we may use your personal information for our legitimate business interests:
We may use your personal information for legitimate interests such as direct marketing or under reasonable expectation to provide you with information you would expect to receive or that would benefit and enhance our relationship. This information will help us review and improve our products, services and offers.
You have the right to object to this processing. Should you wish to do so please email firstname.lastname@example.org
We will only ever use non sensitive personal information to target individuals with marketing materials; such as name, address, telephone, email, job description and previous buying behaviours. Sensitive information or specific details will never be used to target marketing communications. We may use personalisation to collect analytics to inform marketing and produce relevant content for the marketing strategy to enable it to enhance and personalise the “consumer experience”.
If you do not wish us to continue to contact you in this way, you can either follow the unsubscribe instructions on any of our communications to you or contact us by emailing email@example.com with your name and email address. Your details will be removed immediately. Once unsubscribed, you may still receive transactional emails from us regarding your legal case.