Privacy Policy

Introduction

Hartnell Chanot & Partners trading as The Family Law Company understands that the information you trust us with is important to you, and we are committed to protecting and respecting your privacy.  This Policy explains how we protect and manage any personal data your share with us and that we hold about you, including how we collect, process, protect and share that data.  It also explains your rights.

Whenever you provide personal data, we are legally obliged to use your information in line with all applicable laws concerning the protection of such information; including the Data Protection Act 1998 and 2018 (DPA), and The General Data Protection Regulation 2016 (GDPR) together, and with other subsequent laws passed to bring the GDPR in to effect in England and Wales after 31 December 2020 “Data Protection Laws”.

Personal data means any information that may be used to identify an individual, including, but not limited to, your full name, address, e mail address or addresses, telephone numbers including work, home and mobile and bank and other account details.  We process both Personal and Sensitive (Special) categories of data.

Please read the following carefully to understand our practices regarding your personal data.

Summary

• We only collect personal information about you where it is completely necessary or you have consented, and we ensure that we only collect information that we need to represent you.
• We will not send you marketing material.
• We will not sell your personal information to third parties.
• We use third party suppliers such as Barristers and other experts and services to help us provide an excellent service. Where we share personal information with those suppliers, we have the appropriate controls in place which will assess the security of their processing arrangements.
• We will protect your personal information with a combination of technical and organisational measures to ensure as far as possible, the confidentiality, integrity and availability of your information at all times.
• We retain your data for as long as is necessary normally for six years after the conclusion of your case, but this may be longer in certain children matters and where there has been a pension sharing order. You will be advised regarding storage at the conclusion of your case.

Information provided by you

Your provide us with personal data about you and your family in a variety of ways, these may include by completing forms, online, verbally during meetings and telephone calls, in statements, other documents such as Bank statements, information regarding children and photographs.  We use this information to properly represent you.  Due to the nature of the work we undertake for you we also process Sensitive (Special) categories of date such as medical/criminal records  information directly from you or third parties which may be used during the conduct of your case.  The provision of this information is subject to you giving us express consent.  The provision of this personal data is essential for us to be able to conduct your case.  This means that the legal basis of our holding your personal data is for the performance of a contract.

Information we get from other sources

We only obtain information from third parties if this is permitted by law.  We may also use legal public sources to obtain information about you, for example to verify your identity.  This information which is relevant to us will only be obtained from reputable third party companies that operate in accordance with the General Data Protection Policy (GDPR).  You will already have submitted your personal data to these companies and specifically given permission to allow them to pass this information on.

Why we use your Personal Data

We collect your personal information so that we may represent you as you have instructed us in your family case.  To process your information we mainly rely on the following legal reasons:-

• Performance of a Contract. The use of your information is necessary to perform our contract with you.
• Legitimate Interests. We may use your information for our legitimate interests, such as to provide you with an excellent legal service, website experience and emails and for administrative, compliance, regulatory, insurance and legal purposes.

How we use your Personal Data

We use your personal data to manage and conduct your legal case as instructed by you.  We act as controller and processor in relation to the information we hold about you including processing of Direct Debit instructions.  We undertake at all times to protect your personal data in a manner which is consistent with our duty of professional conduct and the requirements of the General Data Protection Regulations.

Marketing

The Personal Data we hold will not be used for Marketing purposes.

Information we may share

We will from time to time have to share your personal data for example for the purposes of audits, regulatory and compliance matters, in insurance matter and fraud prevention and the provision of services to progress your matter.  We will only disclose your information with other third parties with your express consent with the exception of the following:-

• Our insurers.
• Regulatory authorities for example the Solicitors Regulation Authority and the Legal Aid Agency.
• Fraud and crime prevention agencies.
• Third party service providers such as telephones, mailing, printing and copying to whom we may need to outsource work.
• Third parties that provide a service to us or act as our agents.

Transferring your Personal Data outside of the European Economic Area (EEA)

In order to progress your case the information you give us may be transferred to countries outside the EEA.  These countries may not have similar data protection laws to the UK.  When we do transfer your personal data outside the EEA we ensure that any party with access to your information has implemented the necessary security and privacy measures, to ensure that your personal data is kept secure and confidential as outlined in this policy.

Retaining your Data

The personal data and information we collect and hold about you is subject to various regulatory,  legislative and indemnity and other insurance requirements.  We will endeavour not to keep your personal information for any longer than is necessary.  Files are normally retained for 6 years, however in some children and pension sharing cases they may be retained for longer.  You will be advised of this at the conclusion of your case.  Where it is not possible for us to delete your data which is held electronically, for example in our Case Management system we will ensure that the appropriate security and organisational measures are put in place to protect the use of your data.  Retention of data will be re-assessed on a regular basis and information which is no longer required will be disposed of securely.

Where we store your personal data

The Personal Data that we collect from you will be stored in the UK.  We will take all steps to ensure that your data is treated securely.  All information you provide to us is stored on our own secure servers or on secure servers operated by a third party.

Information we collect through your use of our website

We collect information through the use of cookies and similar technologies.  Please refer to our separate Cookie Policy on the website.

Your Rights

Subject Access Requests

GDPR grants you the right to access particular personal data that we hold about you.  This is referred to as a “subject access request”.  We must respond to this within one month from the time we receive the request and we have all relevant information from you.  We can request an extension to this timescale.  Our response will include details of the personal data we hold about you, which includes the following:

• Sources from which we acquired the information.
• The purposes for processing the information.
• With whom we are sharing the information.

Under the GDPR you also have the following rights:

• Right to be informed. This privacy notice is available on our website and a hard copy will be sent upon request.
• Right of access. You have a right to ask what details we hold about you and why we hold those details – see “subject access request” above.
• Right to rectification. You have to obtain from us, without undue delay, the rectification of inaccurate personal data we hold about you.
• Right to erasure. Also known as “the right to be forgotten”. You have the right to request that personal data be erased in particular circumstances.
• Right to Restrict Processing.  You have the right to block or suppress us from processing your data.  We would retain the data but not do anything with it.
• Right to Data Portability. You have the right to receive your personal data, which you have provided us with in a structured, commonly used and machine-readable format.
• Right to Object. You have the right to object to data being processed based on legitimate interests or the performance of tasks in the public interest/exercise of official authority, in relation to direct marketing (we do not directly market services) and in relation to research and statistics.
• Right to not be subject to decisions based solely on automated processing. We do not carry out any automated processing which may lead to an automated decision based on your personal data.

IMPORTANT INFORMATION

Queries

If you have any questions which are not answered by this Privacy Policy, you wish to invoke any of your rights outlined above, or you have any concerns about how we may use the personal data we hold please write to the  Jane Chanot Data Protection Director at Oriel House, Southernhay Gardens, Exeter, Devon.  EX1 1NP.

Changes to our Privacy Policy

We review our Privacy Policy regularly and will place any updates on our website.  We suggest you review the Policy periodically to ensure you are aware of any changes to it.  We will not however significantly change how we use information you have already provided to us without your prior agreement.

If you have a complaint

We work hard to ensure that your personal and sensitive information is treated safely and securely.  However if you have a complaint please write to the Data Protection Director (details above) and we will endeavour to resolve matters.

If your complaint is not resolved to your satisfaction and you wish to make a formal complaint you should address this to the Information Commissioner’s Office (ICO).