What information do we collect about you?
How will we use the information?
With whom do we share your information
Whether information has to be provided by you, and if so why
How long we retain information
Data privacy and security
How to contact us
As an essential part of our business, we collect and manage client and non-client data. In doing so, we observe UK data protection legislation, and are committed to protecting and respecting clients’ and non-clients’ privacy and rights. We act as a ‘Data Controller’ in respect of the information gathered and processed by us.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our Senior Partner (details below).
Data Controller: Miller Evans & Co LLP (t/a Miller Evans & Co)
First Floor, 19 Pepper Street, London E14 9RP
Tel: 0207 987 2515
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
In general terms, we seek to collect information about you so that we can:
- administer our relationship with you, provide services and respond to enquiries
- enable business development including sending legal updates
- process applications for employment
- deliver requested information to you about our services
- ensure the billing of any procured services and obtain payment
- process and respond to any complaints
- enable us to meet our legal and other regulatory obligations
- audit usage of our website
- maintain our practice management standards and accreditation with recognised bodies
The “personal data” we collect includes your name, home address, email address, telephone and other contact numbers and financial information. We collect this in a number of different ways. For example, you may provide this data to us directly in our offices, online, over the telephone or when corresponding with us by letter.
We do not process sensitive classes of information such as physical or mental health details or racial or ethnic origin.
When you visit this website, cookies will be used to collect information about you such as your Internet Protocol (IP) address which connects your computer or mobile device to the Internet, and information about your visit such as the pages you viewed or searched for, pages response times, download errors etc. We do this so that we can measure our website’s performance and make improvements in the future.
Please see below the purpose for processing the data collected from you, the legal basis for doing so, and any third party with whom it may be shared.
|Purpose for processing data||Legal basis for processing data||Third parties with whom data is shared|
|To administer our relationship with you, and act for you as lawyers including:
Register you as a new client and verify your ID
If instructed, process your instructions and provide required legal services to you
Respond to enquiries
Manage payments, fees and charges
Collect and recover money owed to us
|To meet the requirements of our contract and to comply with the Proceeds of Crime and Anti-Money Laundering legislation
Where necessary for our legitimate interests (to recover debts due to us)
|The solicitors on the other side, the bank, building society or other lender or brokers providing mortgage finance, agents, intermediaries, insurance companies, Government VAT and tax inspectors, external auditors, internal auditors. Official bodies such as Companies House, HM Land Registry, HM Revenue & Customs, The Probate Registry, the Information Commissioner’s Office, the Solicitors Regulatory Authority, the Law Society, the Legal Ombudsman, the Legal Services Board, the National Crime Agency, the Serious Fraud Office and any other regulators and other authorities who require reporting of processing activities in certain circumstances, credit-reference and fraud prevention agencies.|
|To ensure the billing of any procured services by you and obtain payment.||To meet the requirements of a contract.||Government VAT and tax inspectors, external auditors, internal auditors.|
|To inform you of legal updates in line with your preferences and interests.||To seek explicit consent prior to sending individuals the information and in line with preferences.||None|
|To provide enquirers support by telephone||To fulfil contractual obligations this includes taking action before entering into a contract.||None|
|To process and respond to complaints.||To meet a legal obligation.||Insurers, SRA|
|To monitor and record information relating to the use of our services, to include our website.||To meet a legitimate interest in order to improve the services and experience and website for individuals.||Web service providers and cookie providers.|
|Human Resources administration including assessing suitability, eligibility and/or fitness to work.||To fulfil contractual obligations this includes taking action before entering into a contract.||Disclosure and barring service, payroll service provider, accountant, HMRC, pension providers|
|To maintain the firm’s accreditation with recognised bodies and practice management standards||To meet the requirements of a contract/comply with a legal obligation||Law Society CQS|
We may share personal data with: HM Land Registry, HMRC, IT and telephone providers, storage providers, other solicitors, accountants, bank, auditors, third parties to whom we may choose to sell, transfer, or merge parts of our business, other organisations that are linked to the services you have requested from us. This data sharing enables us to act for you. Some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
We will share personal information with law enforcement or other authorities if required by applicable law. We will not share your personal information with any third party for marketing purposes.
The provision of your personal information is required from you to enable us to provide services to you. We will inform you at the point of collecting information from you, whether you are required to provide the information to us. If you refuse to provide this information to us we may not be able to act for you.
Under the terms of data protection legislation, you have the following rights as a client or user of this website:
Right to be informed: This privacy notice, together with our Cookies Policy, fulfils our obligation to tell you about the ways in which we use your information.
Right to access: You have the right to ask us for a copy of any personal data that we hold about you by way of a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), and dependent on your having provided satisfactory proof of identity, we will send you a copy of the information within 30 days of your request for which we are legally entitled to charge you a reasonable fee to meet our costs.
To make a Subject Access Request, please contact our Data Controller Officer Charlotte Miller at firstname.lastname@example.org.
Right to rectification: If any of the information that we hold about you is inaccurate, you can contact our Data Protection Officer in writing. Before we can do this it will be necessary for us to investigate this with you and obtain proof of your identity.
Right to be forgotten: You can ask us to erase all personal information that we hold about you. Where it is appropriate that we comply, your request will be fully actioned within 30 days. Please note that there may be very good reasons why we cannot comply, for instance where we need to hold your file of papers electronically after conclusion of your matter for a statutory period e.g. limitation period. For further information please contact our Data Protection Officer who will be able to advise you on your case.
You have the right to object to:
- the continued use of your data for any purpose listed above for which consent is identified as the lawful basis for processing i.e. you have the right to withdraw your consent at any time
- the continued use of your data for any purpose listed above for which the lawful basis of processing is that it has been deemed legitimate.
Right to restrict processing: If you wish us to restrict the use of your data because (i) you think it is inaccurate but this will take time to validate, (ii) you believe our data processing is unlawful but you do not want your data erased, (iii) you want us to retain your data in order to establish, exercise or defend a legal claim, or (iv) you wish to object to the processing of your data, but we have yet to determine whether this is appropriate, please contact our Data Protection Officer. As solicitors, we only work at the request of our clients and where we are required to do so by law. Where you no longer wish for your personal data to be processed we will attempt to comply with this request to the fullest extent possible. Please be aware that this may mean we are unable to continue to act for you and work on your file. We would attempt to stop working for you at the earliest point possible but you would still be liable for the fees and disbursements incurred up to that point.
Right to data portability: If you would like to move, copy or transfer the electronic personal data that we hold about you to another organisation, please contact our Senior Partner (details at top).
Rights related to automated decision-making: If you would like to object to automated decision making without any individual involvement, and to the profiling of your data, please contact our Senior Partner (details at top).
Information may be held in electronically or manual files. We only retain the information for as long as necessary:
- to carry out the work on your behalf
- as is required to be kept by law
- until the period that you could make a claim against us has elapsed, which in conveyancing can be up to 12 years after completion
- for the duration of a trust, plus six years
- Wills and related documents can be kept for 75 years from the date the will was signed
- Probate matters where there is a surviving spouse or civil partner, are retained until the survivor has died in order to deal with the transferable Inheritance Tax allowance
- Deeds related to unregistered property are kept indefinitely as they evidence ownership and
- To comply with any client instructions to extend the retention period in relation to their documents
More information is available on request from our Senior Partner (details at top).
We do not generally transfer your personal data outside the European Economic Area (EEA). If we ever will transfer your personal data out of the EEA, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield. Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We take all steps reasonably necessary to ensure that your data is treated securely:
- Client data location: All client data is stored internally, and on our password protected case management system as well as paper files.
- Entry controls. Access to our offices is secured by means of electronic entry controls within a highly secure Docklands .
- Secure lockable desks and cupboards. Desks and cupboards are kept locked when not in use if they hold confidential information of any kind.
- Methods of disposal. Paper documents are disposed of by shredding in a manner that ensures confidentiality.
- Off-site storage. We use a third-party off-site storage facility for archived files. Access to the facility is secured.
- Equipment. Our internal policies require that users lock or log-off from their computer when unattended.
- Firewalls and encryption. We apply industry-standard firewall protection and encryption technology.
- Training. We ensure our employees are trained in the importance of data security.
- Electronic access. All data stored electronically is password-protected. Where we have provided an authorised user with a password, that user is responsible for keeping this password confidential and is not permitted to share the password with anyone.
- Payment details. We confirm and agree payment and banking details at the outset of any instruction to minimise the risk of subsequent fraudulent interception of funds.
- Employee confidentiality: Confidentiality agreements exist for all Miller Evans & Co solicitors’ employees and third-party suppliers that can potentially access sensitive personal data.
If you have any questions, comments or complaints about the ways in which your personal data is being handled please contact:
Senior Partner: Charlotte Miller Email email@example.com First Floor, 19 Pepper Street, London E14 9RP Tel: 0207 987 2515
If we have not managed to resolve your concerns to your satisfaction, you have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow SK9 5A ico.org.uk/