Privacy Policy

Introduction

Legal Risk LLP is a law firm offering legal services to businesses and individuals.

In order to provide our services and manage our business we collect and manage data from clients and others. This is likely to include personal data as we could be dealing with individuals as clients or obtain information relating to individuals within client businesses. We are committed to protecting the privacy rights of individuals.

This Privacy Notice describes the ways in which we collect, manage, store and dispose of data relating to individuals. We may update it from time to time.

Our contact details

What information do we collect?

Why do we collect the information?

How will we use your information?

Information provided by you

Sharing and disclosing data

International transfers

Your rights

How long will we retain your information?

Data security

Cookies

Changes to this policy

Questions and problems

Our contact details

Our main office is at 28 Bixteth Street, Liverpool L3 9UH.

Telephone 0345 330 6791

Website address www.legalrisk.co.uk

Our Privacy Officer is Frank Maher, email: [email protected]

What information do we collect?

The information which we collect may include –

  • Name;
  • Home address;
  • Telephone numbers;
  • Email address;
  • Other contact details;
  • Documentation confirming your identity, such as a passport or driving licence;
  • Your status as a director of a company or member of an LLP;
  • Your status as a beneficial owner of a company or LLP;
  • Financial information including bank account details;
  • Details of your communications with us and attendances upon us;
  • Publicly available information and
  • Any information which you provide to us.

We may also collect sensitive information, including, where relevant –

  • Health data (relating to both physical and mental conditions and any disability); and
  • Racial or ethnic origin.

Our website uses cookies. Further information appears below.

Why do we collect the information?

We collect data in order to –

  • Incept you or your organisation as a client, including client due diligence checks;
  • Provide legal services and respond to requests for legal services;
  • Manage our business relationship with you or your organisation, including billing, accounting, collection and support services;
  • Provide information relating to our services either in response to specific requests or generally in order to develop our business;
  • Process employment applications;
  • Bill for our services and obtain payment;
  • Respond to complaints;
  • Meet our legal and regulatory obligations;
  • Make appropriate business development plans to better support our clients’ needs for legal services;
  • Prevent, detect and respond to fraud or potential fraud or other illegal activities;
  • Improve the functionality of our website and other IT requirements;
  • Fulfil purposes ancillary to any of the above.

We may collect and process health data if it is relevant and necessary for the establishment, exercise or defence of legal claims.

We may collect and process data relating to racial or ethnic origin either because it is necessary for the establishment, exercise or defence of legal claims or, subject to explicit consent, in order to respond to requests from our regulators for statistical information.

How will we use your information?

The following table sets out the information we collect and the legal basis upon which we collect it.

Purpose for obtaining the information Legal basis for using the information
Providing legal services and responding to requests for legal services Performance of a contract, including steps taken in anticipation of entering a contract;

In the case of an individual, where appropriate, our legitimate interests in entering into and performing a contract with an organisation with which you are connected.

Provide information relating to our services either in response to specific requests or generally in order to develop our business Our legitimate interest in developing our business.  We will note the rights of individuals to unsubscribe from mailings and/or manage their preferences in our mailings and requests to unsubscribe may be made by using a link in the email or by contacting our Privacy Officer at the contact details above.
Providing legal updates and information in relation to events which we believe may interest you Our legitimate interest in developing our business.  We will note the rights of individuals to unsubscribe from mailings and/or manage their preferences in our mailings and requests to unsubscribe may be made by using a link in the email or by contacting our Privacy Officer at the contact details above.
Processing employment applications Performance of a contract, including steps taken in anticipation of entering a contract, and, in the case of information which we are required to provide for tax or social security purposes, compliance with our legal obligations.  We may also seek the explicit consent of applicants for employment to us obtaining further information.  We may seek explicit consent to the collection of data relating to racial or ethnic origin for the purposes of complying with requests for information from our regulators.
Billing for our services and obtaining payment Performance of a contract and, in relation to tax and VAT, for complying with our legal obligations
Responding to complaints Compliance with a legal obligation
Meeting our legal and regulatory obligations Compliance with a legal obligation
Make appropriate business development plans to better support our clients’ needs for legal services;

 

Our legitimate interest in developing our business and improving our ability to assist our clients.  We will note the rights of individuals to unsubscribe from mailings and/or manage their preferences in our mailings and requests to unsubscribe may be made by using a link in the email or by contacting our Privacy Officer at the contact details above.
Improving the functionality of our website and other IT requirements. Our legitimate interests in improving the content and performance of our website and use of IT to support our provision of legal services.

 

When we rely upon our legitimate interests we will balance any impact on you and your privacy rights and will not use your personal data where the impact on you would override our rights, unless we are otherwise permitted by law to process your personal data, for example, where you consent.

Information provided by you

In certain circumstances we are required to collect information from you or individuals within your organisation in order to comply with our legal or regulatory obligations. This may, for example, include information relating to identity and source of funds. We may also be required to collect information from you, individuals within your organisation or from others on your behalf in order to perform a contract with you. If you do not provide us with the information which we require we may be unable to act for you. Where information is required in the context of, for an example, an application for employment, if you do not provide the information we need, we may be unable to offer you employment.

Sharing and disclosing data

In some limited circumstances we may share data which we collect from you with certain trusted third parties in accordance with contractual arrangements which we have in place or as required by law. These may include –

  • Third parties, such as barristers, foreign lawyers, expert witnesses, consultants;
  • IT service providers;
  • Providers of data services such as email hosting, telephone answering, website hosting and online surveys;
  • Our auditors and professional advisers;
  • Our insurers;
  • Other people in your organisation;
  • Regulators and public bodies, including in connection with tax, VAT and compliance with obligations relating to the prevention and reporting of financial crime.

Where we share data with a third party, the data may be stored outside the United Kingdom. Please see our section below on International transfers.

International transfers

We may use IT applications which are hosted outside the United Kingdom. We only transfer your Personal Data where regulations made under section 17A of the Data Protection Act 2018 provide that the third country in question ensures an adequate level of protection in line with United Kingdom data protection standards, or where there are appropriate safeguards in place to protect your Personal Data.

Your rights

The data protection legislation provides individuals with whom we are dealing with the following rights. This includes relationships between us and individual clients or others with whom we deal, or induvial within client organisations or third-party organisations. All of those individuals are referred to as ‘you’ below:

Right to be informed

This Privacy Notice is provided to fulfil our obligation to tell individuals how we use their information.

Right of access

Individuals are entitled to ask us for a copy of any personal data which we hold relating to them. This right is known as a ‘Subject Access Request’. If you wish to make a Subject Access Request you should contact our Privacy Officer in writing or by email or verbally. If possible, and to make sure we identify your request as soon as possible, we would ask you to try to include the term ‘Subject access request’ in the heading. Failure to do so does not affect your request, but it means that it will be flagged up at the first opportunity–

Frank Maher

28 Bixteth Street

Liverpool

L3 9UH

Telephone 0345 330 6792

Email: [email protected]

We will normally send you a copy of the information within one month of your request. However that period may be extended by two further months where necessary, taking into account the complexity and number of the requests. There is usually no charge; in exceptional circumstances we may charge but will discuss this with you if that applies.

Right to rectification

If the information we hold about you is inaccurate you may contact our Privacy Officer using the contact details above. The information will be checked and, where appropriate any inaccuracy rectified.

Right to erasure

In certain circumstances you may be entitled to ask us to erase your personal data. for further information, please contact our Privacy Officer using the contact details above.

Right to data portability

If you wish to move, copy or transfer the electronic personal data that we hold about you to another organisation, please contact our Privacy Officer using the contact details above.

Right to object

You may also object to your data being used for direct marketing.

You may also object to the continued use of your data in any circumstances where we rely upon consent as the legal basis for processing it.

Where we rely upon legitimate interests as the legal basis for processing your personal data, you may object to us continuing to process your personal data but you must give us specific reasons for objecting. We shall consider the reasons you give us but if we consider that there are compelling legitimate grounds for us to continue to process your data we may continue to do so. In that event we shall let you know the reasons for our decision.

If you wish to exercise your right to object to the use of your data under this section of our Privacy Policy, please contact our Privacy Officer using the contact details above.

Rights related to automated decision making including profiling

You may object to automated decision making, including profiling, by contacting our Privacy Officer using the contact details above.

How long will we retain your information?

We will usually retain your information as follows.

Type of data Retention period
Client files We will keep these for a minimum of seven years from the conclusion of your instruction in accordance with our policy on document retention.

We need to keep records for this period for regulatory compliance and to ensure our records are adequate for the purposes of obtaining insurance to protect our clients and other parties.

Health records We will destroy these securely at the conclusion of the contract: further copies can be obtained if necessary from the original source.
Employment applications 3 months from the date of conclusion of the application for non successful applications.

2 years if you become employed by us.

Human resources 6 years from conclusion of the period of employment.  6 months from conclusion of an application for employment which does not result in a contract of employment.
Website data 1 year

 

Data security

We implement a range of technical and organisational measures to protect your information and ensure confidentiality. We keep these under regular review.

Cookies

Our website uses the following cookies

_ga

_gat

_gid

These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.

JSESSIONID

This is used to monitor user session counts.

To see our full cookie policy, click here.

Changes to this Policy

We may amend this policy and any changes will take effect immediately and be binding on you. If we make any change which will significantly change our use of your data, we will notify you. Otherwise you should check our policy from time to time to ensure that it meets your expectations.

Questions and problems

If you have any questions about this privacy policy and how it affects you, please contact our Privacy Officer whose details are above. You can also contact our Privacy Officer if you have any complaints or concerns about the way in which we handle your data. You also have the right to lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/.

 

24 May 2018

Back to top

Latest