We are committed to safeguarding the privacy of visitors to our website. This notice only relates to the processing of personal data directly provided by you or collected as a result of visiting this website. Should we process your personal data in a different context or circumstances (for instance if you instruct us and become our client), we will provide you with a separate notice. This notice will help you understand how we collect and use the personal information you provide to us via our website, and the rights you have in relation to that information. However, this notice does not apply to any websites that may have a link to ours.
Who are we?
We are FWJ Legal Limited, registered in England and Wales with company registration number 08582930, and authorised and regulated by the Solicitors Regulation Authority under SRA number 599151 in England and 643637 in Wales. We are also registered with the Information Commissioner’s Office as a fee-paying controller under registration number ZA051623.
In respect of personal data processed when you use this website, we are the controller. “Personal data”, “processing” and “controller” are all used in this notice according to their definitions in the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (DPA 2018).
What personal information do we collect?
You are not required to provide any personal information on the public areas of this website, although you may choose to do so. The purpose of providing that information is apparent at the point where you are invited to do so, and we will use the information only for that purpose. You may provide information relating to someone else, if you have the authority to do so. We will not use the information for automated processing and/or profiling purposes. The information may be disclosed to third parties to the extent necessary in connection with delivering the service requested.
What is our basis for processing your personal data?
We may use the personal information you provide to us on the following bases:
- to communicate with you
- to perform a contract to provide legal advice or other similar services
- for the establishment, exercise or defence of legal claims or proceedings
- to comply with our legal and regulatory obligations, including verifying your identity
- for our legitimate business purposes
Using your information for marketing purposes
We may use your personal information for legitimate interests such as direct marketing or under reasonable expectation to provide you with information you would expect to receive or that would benefit and enhance our relationship. This means that we may use your personal data to contact you about our products or services, events etc. which we feel may be of interest to you. The direct marketing communications may be provided to you by social media channels, email, text, telephone call or post. We will never pass on or sell your details to a third party.
We will only ever use non-sensitive personal information to target individuals with marketing materials, such as name, address, email, job description etc. Sensitive information or specific details will never be used to target marketing communications.
If you do not wish us to continue to contact you in this way, you can either follow the unsubscribe instructions in any of our communications to you, or contact us by emailing firstname.lastname@example.org with your name and email address and your details will be removed forthwith from our marketing database. Once unsubscribed, you may still receive transactional emails from us regarding your legal case.
How long we keep your personal information
All personal information you enter in the Debt Upload Form, Request a Callback, Send us an Enquiry, Contact and Booklet Download (or similar) online forms on this website will be either erased or anonymised after 180 days. All personal information collected via Ruler Analytics (our use of which is explained in our Cookies notice) will be erased after one year. Otherwise, your personal information will be retained in accordance with our Data Retention and Erasure Policy, which specifies appropriate retention periods. A copy of the Policy is available from our Practice Director upon request. The periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.
Who we share your personal information with
We may share your personal information with certain trusted third parties in accordance with the contractual arrangements we have in place with them, including:
- our professional advisers and auditors
- suppliers to which we outsource certain support services
- our IT and website service providers
- other third parties engaged in providing services to our clients
We have taken steps to ensure that all trusted third parties keep your personal information confidential and secure and use it only for the purposes that we have specified. In relation to any other third parties we would only disclose your information where we are required to do so by law or with your consent.
We may use social media sites such as Facebook, LinkedIn and Twitter. If you use these services you should review their privacy policies for more information on how they deal with your personal information.
We do not sell, rent or otherwise make personal information commercially available to any third party, except with your prior permission.
How we protect your personal information
We use a variety of technical and organisational measures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction. However, the transmission of information via the internet is not completely secure and, although we will do our best to try and protect your information, we cannot guarantee the security of your information transmitted via our website and any such transmission is at your own risk.
We have achieved accreditation for the Cyber Essentials information security scheme, a government-backed standard intended to verify that an organisation’s IT is suitably secure. Verification was undertaken by an independent certification body.
Which countries we transfer your personal information to
We will not transfer your personal information to locations outside the European Economic Area.
Your rights regarding your personal information
The European Union’s General Data Protection Regulation (GDPR), the UK GDPR, the DPA 2018 and other applicable data protection laws, provide certain rights for data subjects. You are entitled to request details of the information we hold about you and how we process it. A request for access to your personal data means you are entitled to a copy of the data we hold on you – such as your name, address, contact details, date-of-birth, information regarding your health etc.- but it does not mean you are entitled to the documents that contain this data. You may also have a right to have the information rectified or deleted, to restrict our processing of it, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personal information relating to you transferred to another organisation.
If you wish to raise a complaint on how we have handled your personal data, you can contact our Practice Director who will investigate further. You may also have the right to lodge a complaint in relation to our processing of your personal information with the local supervisory authority, the Information Commissioner’s Office, www.ico.org.uk.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
We must ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information by emailing us at email@example.com.
If you have any questions or concerns regarding your personal data or how it is used please contact our Practice Director, who will be happy to assist with your enquiry:
Telephone: 020 7841 0390
Explanatory note: this Privacy Notice is in place to inform you, in line with our general obligations and, in particular, in line with Article 13 of the UK GDPR, of the processing by us of your personal data. It is not a contractual document, so we don’t ask you to agree to it.
Kindly note, where we are offering services to individuals in the European Union we will also be subject to the GDPR, and not just the UK GDPR. In such instances you may also have the right to make a complaint to another GDPR supervisory authority.