1.2. Your privacy is important to us and we are committed to keeping your information secure and managing it in accordance with our legal responsibilities under applicable data protection laws. We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZB391000.
1.3. Please read this Privacy Statement carefully as it contains important information to help you understand how and why we process any personal information that you give to us.
2. What we information we collect
2.1. We process personal information which you give us:
(a) As a client to provide you with legal services.
(b) Whilst servicing your account through our website, in writing or over the phone.
(c) If you request information or assistance from us.
3. What personal information we process
3.1. This includes:
(a) Personal details such as your date of birth, address, National Insurance Number, telephone number and email address.
(b) Identity information such as your passport, driving licence, utility bills or national identity card.
(c) Credit history and records relating to you, your partner or anyone else you are financially linked with (we obtain this information from credit reference and fraud prevention agencies).
(d) Family, lifestyle, financial and social circumstances.
(e) Financial details such as your income and information about your bank accounts.
(f) Employment/self-employment details.
4. Special categories of personal data
4.1. Special categories of personal data include information about an individual’s health and other categories of personal information which are closely protected.
4.2. We do not generally process such information unless you have voluntarily provided this to us, or it is relevant to the legal service you have asked us to provide you with. For example, where you have advised us of an issue, such as your health, which could mean that you may be classed as a “vulnerable client” i.e. due to your personal circumstances or personal characteristics you are particularly vulnerable to financial detriment. We will process sensitive information where you have provided this information to us and have agreed that we can use this information to deliver products and services to you. Where possible we shall seek to minimise the collection and use of such special categories of personal data.
5. How we use your information
5.1. We use your information to:
(a) Provide legal services to you.
(b) Provide and service your relationship with us.
(c) Comply with legal obligations for the prevention of financial crime and money laundering.
5.2. We will process your information in order to meet our contractual obligations to you, were have a legitimate interest to do so, where we are permitted by law or to comply with applicable laws and regulation.
Providing a service and internal processing
To assess your needs and provide you with suitable products and services
Contractual obligation to provide you with, or a proposal including a costs estimate
Where special categories of personal data are processed, these are necessary to assess your needs
To service and administer your matter including billing
Legitimate interests to provide and manage the service
To verify the identity of our clients
To comply with legal obligations to prevent money laundering
To confirm, update and improve our client records
To comply with legal obligations in the Data Protection legislation
To provide you with any information on the services that you have requested
To meet our contractual obligation to provide information on the services you have requested
To manage and develop our relationship with you
Legitimate interest to service your matter and improve our service to you
To inform you of products and services that may be of interest to you, where you have chosen to be made aware of this
With your consent
Training and development
For training purposes and to improve our service to you
Legitimate interests to improve our services and develop our employees
Complying with Legal Obligations
To prevent, investigate and prosecute crime, fraud and money laundering
To comply with legal obligations for prevention of financial crime and money laundering
For auditing purposes
To comply with our legitimate interest to conduct audits
If we are obliged to disclose information by reason of any law, regulation or court order
To comply with legal obligations
To transfer information to any entity which may acquire rights in us
Legitimate interests for commercial interests
For any other purpose to which you agree.
With your consent
6. How we retain your personal information
6.1. We will retain your personal information in accordance with applicable laws. We will take reasonable steps to destroy or anonymise personal information we no longer need for the purposes we have set out above.
6.2. Our retention periods are:
Types of personal information
General personal data which includes your normal personal data, personal identity and personal financial data
6 years after the end of our business relationship with you, or the end of your matter whichever comes later
Conveyancing Purchase Files will be retained for 15 years
Client Due Diligence Material which includes copies of your Passport, Drivers Licence, Bank Statements and any associated documents and explanations you have given to us to prevent fraud, financial crime and money laundering
6 years after the end of our business relationship with you, or the end of your matter whichever comes later Conveyancing Purchase Files will be retained for 15 years
Special categories of personal data
6 years after the end of our relationship with you
CCTV – digital images if you visit our offices
7. How we share your information
7.1. Where necessary or required we share information with:
(a) Regulatory authorities to comply with our legal obligations.
(b) Credit reference agencies to check your identity in accordance with our legal obligations.
(c) Property Search Companies to identify any issues that might influence your decision to buy or sell a property.
(d) Insurers for the purpose of providing you with appropriate financial cover for an identified insurable risk, or in connection with any claim made by you against us.
(e) Property Agents, Brokers, Lenders, other Solicitors involved in your transaction representing other party(ies) in your matter to enable them and us to fulfil our obligations to you.
(f) Other Government Departments such as HMRC, Companies House, Probate Registry, Court of Protection or HM Land Registry to fulfil your and our legal obligations.
(g) HM Treasury:
i. If you are purchasing a property through the Help to Buy ISA Scheme, HM Treasury will be the Data Controller of any relevant personal data that is given, via the Eligible Conveyancer, to HM Treasury and to the Administrator and / or any sub-contractor of HM Treasury or of the Administrator, for the purposes of the Help to Buy: ISA Scheme.
ii. The information will be disclosed to HM Treasury and the Administrator for the purposes of verifying the eligibility of a Help to Buy: ISA Bonus payment and payment of Bonus funds, carrying out audits of Eligible Conveyancers and any investigations or compliance work in accordance with the Scheme Rules.
iii. We serve your legitimate interests in disclosing your relevant personal data to HM Treasury, the Administrator and / or to any sub-contractor of HM Treasury for the purposes of verifying the eligibility of a Help to Buy, ISA Bonus payment and payment of Bonus funds; carrying out audits of Eligible Conveyancers; and any investigations or compliance work in accordance with the Scheme Rules.
(h) Experts and Barristers required to work on your matter.
(i) Our Auditors and external assessment bodies to achieve and maintain any Regulatory or Quality Assurance Standards and accreditations which meet our legal obligations and enable us to provide quality legal services to you.
(j) Companies within the Gen H group where you are utilising services from more than one company within the group, for the purposes of minimising duplication of data collection and enhancing the services we provide to you.
8. Information security
8.1. We invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.
11. Your rights
11.1. You have the right to request copies of your personal information and where we have requested your permission to process your personal information, or you have provided us with information for the purposes of entering into a contract with us, to receive the personal information you
provided to us in a portable format, if technically feasible. If you think any of the personal information we hold about you is inaccurate, you may also request it is corrected or erased. You also have a right, in certain circumstances, to object to our processing of your personal information, to require us to stop processing your personal information and/or to withdraw your agreement to processing based on 'consent', but this does not apply where we have other legal justifications to continue processing your data or an overriding legitimate interest.
11.2. In relation to all of these rights, please write to us at the address below.
12. Complaints process
12.1. If you have a complaint about how we have handled your personal information you may contact us using the details below and we will investigate your complaint. You also have the right to complain to the Information Commissioner’s Office - (www.ico.org.uk).
13. Contact us
13.1. You can contact us by writing to us at:
Gen H Legal
3 – 11 Pine Street
13.2. Telephone queries can be made to 020 8396 7220
14. Annual review
14.1. Ultimate responsibility for this policy rests with Fiona Lumsden, Head of Legal Practice who will have the operational responsibility for implementing, communicating, monitoring, evaluating and updating this policy. An annual review of the policy will take place to verify it is in effective operation across the organisation.