To describe how we collect and use personal data about you in accordance with the General Data Protection Regulation (GDPR).
Hayes + Storr Limited is committed to protecting and respecting your privacy in relation to the information provided to us in the course of our business. We will only use personal information as set out in this Privacy Notice.
Hayes + Storr Limited is what is known as the “Controller” of the personal data you provide to us.
Hayes + Storr Limited
Director responsible for data protection: Alex Findlay
Address: 18/19 Market Place, Fakenham, Norfolk, NR21 9BH
If you have any concerns, or wish to make a complaint, about the processing of your data please contact us in the first instance. You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) and their full details can be found at www.ico.org.uk.
Changes to your personal data
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. If you wish to update your personal data, please contact the lawyer dealing with your matter or us the contact details above.
The data we collect
In order to carry out our business we need to collect and process various types of personal data, or personal information. The types of personal data we may collect and process are as follows:-
- Identity data – this includes details of your name(and previous names), marital status, title, date of birth, photographic identification and gender.
- Contact data – this includes address information, email addresses and telephone numbers.
- Financial data – this will include information such as bank account details.
- Transaction data – this will include information relating to client’s legal requirements and information required in order to conduct Court or other legal proceedings.
- Technical data – this includes things such as IP address, browser type and version, time zone settings and location, browser plug-in types and versions, operating system and platform and other technology on devices you are using and other information relating to the devices you have used to access our website.
- Usage Data – this includes information about your use of our website. Marketing data – this will include preferences you have expressed when subscribing to our mailing lists or when you have opted to receive marketing material from us.
- Special categories of personal data – we do not routinely collect this type of data. We will however process it in limited circumstances, for example, where required to do so for legal or regulatory purposes or where you have provided us with such information as it is necessary for a specific service we are providing to you.
If you fail to provide personal data
There are occasions where we are obliged to collect personal data by law (for instance, in relation to anti-money laundering) or under the terms of a contract we have with you. If you fail to provide the personal data in these situations we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with legal services). In this case, we may have to decline to provide or receive the relevant services. If this is the case we will advise you at the time the personal data is collected.
How your data is collected
We use a variety of methods to collect data from and about you, including:
Direct interactions: You provide us with personal data in your correspondence with us. This may be provided when you:
- enquire about or apply for our services;
- market or provide your supplier services to us;
- subscribe to our publications or otherwise ask for our marketing;
- participate in our marketing, recruitment or other promotional events;
- participate in our client seminars and similar events; or
- give us feedback.
Website, cookies and marketing: You give us your personal data, which includes Profile Data, Usage Data, Technical Data, Professional Information and/or Marketing Data, when you use our website or review the publications or marketing we send you.
Third-party or publicly available sources: We will also obtain personal data from other sources such as, but not limited to; financial institutions, other professional service providers (such as law firms), Government agencies, regulatory bodies public registers of individuals or companies.
How we use your data
We will only use your personal data when the law allows us to and we, therefore, have a legal basis for processing. The main reasons for using your personal data are likely to be:
- where we need to perform a contract which we are about to enter into or have entered into with you;
- where we need to comply with a legal or regulatory obligation;
- where necessary for our legitimate interests, provided that your fundamental rights do not override those interests. This can mean, for instance, that it is in our interest, to monitor how you are using any client portals or access to systems to ensure that the security of such portals or systems is maintained. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests; and
- “consent and explicit consent”: where you have provided your consent or explicit consent to processing your personal data.
We do not generally rely on consent as the legal basis for processing your personal data with the exception of electronic marketing. You can withdraw your consent to receipt of marketing at any time by contacting firstname.lastname@example.org.
Purposes for which we use your data
We have set out below a description of the ways in which we use your personal data and the legal bases we rely on to do so. Where appropriate, we have also identified our legitimate interests in processing your personal data.
There may be more than one legal ground under which we use your personal data depending on the specific purpose for which we are using your data.
|Purpose and/or activity||Type of data||Legal basis for processing|
|To set you up as a client on our system, including performing anti-money laundering, fraud and other background checks.||
|To deliver client services to you and to manage our relationship with you.
Also to verify the source of any funding or funds in a matter we on which are acting
|To manage payments, fees and charges and to collect and recover money owed to us.||
|To manage and protect our business, including improving data security, troubleshooting data and systems, system maintenance and testing, data hosting, managing our offices and other facilities.||
|To invite you to take part in marketing or other promotional events, or client seminars or similar events, and to manage your participation in them .||
|To send you marketing or to contact you by other means to offer recommendations about any of our services which may be of interest to you.||
|To ask you for feedback about our client services||