Data protection & Policies
Privacy Notice
Lichfield Reynolds is committed to protecting the privacy and security of your personal information.
This privacy notice describes how and why we collect and use personal information about individuals within the following categories:
- Clients
- Individuals applying for a career at Lichfield Reynolds
- Website visitors
- Suppliers
- Contacts
- Office visitors
- Individuals who contact us
- Other individuals
If you are a current or former employee, consultant, worker or contractor, we may hold further personal information about you. For more information, please refer to the privacy notice for employees via the Employee handbook or contact Nicholas@lrsolicitors.co.uk.
Sometimes we receive personal information directly from individuals but sometimes we receive it via third parties.
The purpose of this privacy notice is to explain:
- how and why we collect and use your information;
- where we obtained your information;
- how you can tell us if you prefer to limit the use of that information; and
- the procedures that we have in place to safeguard your privacy.
Some of the information we collect may include your “personal data”. Personal data includes your contact details. In this privacy notice, and for the purposes of the Data Protection Act 2018 (‘DPA’), the data controller is Lichfield Reynolds Solicitors LLP of 7-9 Commerce Street, Longton, Stoke on Trent, Staffordshire, ST3 1TU (“Lichfield Reynolds”, “we” or “us”).
Lichfield Reynolds is a limited liability partnership registered in England and Wales under registration number OC368311. It is authorised and regulated (under SRA number 568414) by the Solicitors Regulation Authority. It has notified the Information Commissioner’s Office (ICO) that it processes personal data (under number ZA146534).
Clients
Legal basis for processing: necessary for the performance of a contract; consent; legitimate interests.
This section should be read in conjunction with the client care letter and terms of business, provided to you at the outset.
We may collect and use the following personal information about you:
- your name and contact information, including address, email address and telephone number(s);
- Information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin;
- your gender information;
- your billing information, transaction and payment card information;
- information about your business(es);
- details of your assets and financial position.
This personal information is required to provide legal services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing legal services to you.
We collect most of this personal information directly from you – in person, by telephone, text or email and/or via our website and any apps. However, we may also collect information from:
- publicly accessible sources, e.g. Companies House or HM Land Registry;
- a third party directly, e.g. a business such as an estate agency or claims management company that has introduced you to Lichfield Reynolds;
- sanctions screening providers;
- customer due diligence providers;
- a third party with your consent, e.g. your bank or building society.
We use the information you provide primarily for the provision of legal services to you, but also for the following reasons:
- compliance with our legal and regulatory obligations;
- fraud prevention;
- updating and enhancing client records;
- analysis to help us manage our practice;
- Statutory returns;
- Preventing unauthorised access and modifications to systems;
- External audits and quality checks, e.g. for SQM or CQS accreditation and the audit of our accounts.
Where it is practical, we will anonymise your personal information.
Where we have your consent, we may send you marketing material by e-mail.
We routinely share personal information with:
- third parties we use to help deliver our legal services to you, e.g. payment service providers, IT infrastructure providers, barristers, experts and delivery companies;
- other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
- due diligence providers;
- our insurers and brokers;
- our bank[s];
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
We will keep your personal information while we are providing legal services to you. Thereafter, we will keep your personal information for as long as is necessary to:
- respond to any questions, complaints or claims made by you or on your behalf;
- show that we treated you fairly;
- keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this notice. Different retention periods apply for different types of personal information. Further details on this aspect are available on request.
Individuals applying for a career at Lichfield Reynolds
Legal basis for processing: necessary for the performance of a contract; consent; legitimate interests; legal obligation.
As part of our recruitment processes, we collect information relating to candidates. Most information is collected from candidates directly, through their CV and other information included in any application. We may also receive information from third parties involved in screening checks, notably select recruitment agencies, regulatory bodies and any agencies involved in due diligence such as disclosure and barring service (DBS) checks. Sometimes we collect information from online sources such as social media, online profiles, press or other websites.
Applications for training contracts are managed through the Practice Manager and Partners and the information is retained in accordance with retention periods determined by us. Information received as part of applications is used primarily to process the application and also to analyse data for trends. Our reason for processing information regarding applicants is to support our legitimate business interests, but also for reasons of wider public interests. For instance, as part of our efforts to promote equality and diversity, we may collect and use personal information relating to race, ethnicity, religion and health. In addition, Successful applicants’ information is retained in accordance with our privacy notice for employees and other workers.
Unsuccessful applicants’ information is retained for a period of no longer than 12 months, mainly in case other opportunities arise but also as a record of recent applications. Certain Home Office requirements may also apply if we sponsor a worker from outside the EU and need to maintain records of applicants for auditing purposes.
Website visitors
This privacy notice forms part of and must be read in conjunction with our website terms of use. We may collect and process the following information about you:
- information we receive from you – you may give us information about you by filling in forms on our website or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our Website, subscribe to our service and/or when you report a problem with our Website. The information you give us may include your name, address, e-mail address and phone number and financial information;
- information we collect about you – each time you visit our website we may automatically collect technical information, including the IP address used to connect your device to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect information about your visit, including the full URL clickstream to, through and from our Website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages and methods used to browse away from the page.
- information we receive from other sources – we may receive information about you if you use any of the other websites we operate or other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.
Cookies
We use “cookies” as part of a normal business procedure. Cookies are small text files that are created by a web server and stored on your computer when you visit a website. The website that created the cookie can read the contents when you are at their website.
Many websites use cookies to improve your browsing experience e.g. remember your log-in details, record which items you have selected to purchase, or even tailor what content is displayed depending on your preferences. Cookies can also be used to record ‘analytics’ data i.e. which web pages you visit, whether or not you arrived at the web page by clicking on an advertisement or an affiliated website. Many websites find the collection of analytics data valuable in improving the quality and content of their web sites.
We use cookies for the following purposes:
- To anonymously assist with the function of our website.
- To anonymously collect information about how visitors use our website.
Here are details of the individual cookies used by our website:
All the major browsers allow you to block cookies and delete those that have already been created on your computer, usually within the ‘Tools’ section of the browser. These tools allow you to specify which cookies you will accept by type and often by specific websites using an exception list e.g. you can block all cookies and then list the website from which you will accept cookies.
Suppliers
We collect and process personal information about third parties who supply services to Lichfield Reynolds or its clients. The personal information collected is usually basic contact information relating to the individual(s) we deal with at the particular supplier and includes name, supplier’s business name, phone number(s), email, payment details and other business contact details.
We use any personal information primarily to contact the supplier – on behalf of Lichfield Reynolds or its clients – in order to manage the relationship and ensure that the services are delivered under the supply contract.
We will usually collect the information directly from the supplier, but sometimes we may find the information online or from a third party who recommends the supplier to us.
The legal basis for processing personal information about suppliers is that it is necessary to protect our legitimate business interests and, in some cases, to comply with our legal and regulatory obligations.
Contacts
We manage a database of contacts using a database. Each record on the database system contains the individual’s name, business (if applicable) and contact details.
Visitors to our offices
Various security measures are in place at our offices:
- Visitor records – all visitors to our offices are required to sign in and out. Basic information such as the visitor’s name and business is recorded. The sign-in sheets are locked away and destroyed after a short period of time. These records are only accessed if we need to investigate an incident.
- CCTV – our offices at 7-9 Commerce Street and 6 Pall Mall, have various CCTV cameras installed. The images are securely stored and the data is overwritten after a number of weeks. These records are only accessed if we need to investigate an incident and may be disclosed to the authorities. We consider CCTV necessary for the safety of our staff and visitors, as well as the detection and prevention of crime.
- WIFI – guest WIFI is not available.
Individuals who contact us
Where individuals contact us for information, we collect basic information such as name, contact details and the nature of their enquiry. Information will normally be used only for the purposes of responding to the enquiry.
Other individuals
In the course of delivering legal services to our clients, or otherwise operating our business, we collect information relating to individuals who do not fall into any of the categories listed above. The information collected depends on which area of our business is responsible for the processing, but it includes:
- your name and contact information, including address, email address and telephone number(s);
- Information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin;
- your gender information;
- your billing information, transaction and payment card information;
- information about your business(es) or employment;
- details of your assets and financial position.
Such processing is necessary in order to protect our legitimate business interests, deliver a proper standard of service to our clients and to comply with our legal and regulatory obligations.
Sometimes we share information with selected third parties if necessary to comply with our legal and regulatory obligations. For instance, we may as part of customer due diligence and fraud prevention measures carry out identity or screening checks in respect of third parties and require information regarding their financial circumstances.
In the vast majority of cases such information will be collected as part of a client matter and the information will therefore be held in accordance with the retention period that applies to that area of law. We will also, where practical, make efforts to redact and anonymise data where it is not necessary for individuals to be identified as part of any processing activities.
Use of your information
We use information held about you in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;
- to notify you about changes to our service;
- to ensure that content from our Website is presented in the most effective manner for you and for your device;
- to administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to allow you to participate in interactive features of our service, when you choose to do so:
- as part of our efforts to keep our Website safe and secure;
- to analyse information/data and assist us in the improvement and optimisation of our Website; and
- to make suggestions and recommendations to you and other users of our Website about services that may interest you or them.
Where your personal information is held
Information may be held at our offices, or on backup servers maintained by our IT consultants. Alternatively, it may be held by any of the third parties listed above.
Some of these third parties may be based outside the European Economic Area (EEA). Territories outside the EEA countries generally do not have the same data protection laws as the UK and EEA. We will, however, take reasonable steps to ensure the transfer complies with data protection law and all personal information will be secure.
Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Your rights
You have the following rights, which you can exercise free of charge:
If you would like to exercise any of those rights, please send an e-mail to Nicholas@lrsolicitors.co.uk. Please note that before discussing any request we may require you to provide information in order to verify your identity.
How to complain
We always aim to resolve any query or concern you may raise about our use of your information. Please send details of any concerns to Nicholas@lrsolicitors.co.uk.
The DPA also gives you right to lodge a complaint with the data protection regulator, the ICO. For more information, please visit https://ico.org.uk/concerns or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice is kept under regular review to ensure it is meaningful and accurate.
Last updated: 7 March 2022
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you. You can write to our Head of Compliance at our head office or send an email to Nicholas@lrsolicitors.co.uk.
Do you need extra help?
If you would like this notice in another format (for example: audio, large print, braille) please contact us using one of the methods above.