Privacy Notice
We want you to know that when you use our organisation you can trust us with your information. We are determined to do nothing that would infringe your rights or undermine your trust. This Privacy Notice describes the information we collect about you, how it is used and shared, and your rights regarding it.
Data Controller
We are registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that we hold and process. Our registered address is New Court, Temple, London EC4Y 9BE, our registration number is A8219069, and our Data Protection Manager is Paul Bloomfield. Our Data Protection Manager can be contacted at 0203 582 7123 and pbloomfield@newcourtchambers.com
Data Collection
All the information that we hold about you is provided to us by you when you seek to use our services. We will tell you why we need the information and how we will use it.
Our Lawful Basis for processing your information
The General Data Protection Regulation (GDPR) requires all organisations that process personal data to have a Lawful Basis for doing so. The Lawful Bases identified in the GDPR are:
· Consent of the data subject (you) |
· Performance of a contract to which you, the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract |
· Compliance with a legal obligation |
· To protect the vital interests of a data subject or another person |
· Performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. |
· The legitimate interests of ourselves, or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject. |
Examples of legitimate interests include:
- Where the data subject is a client, member, pupil, student, employee or otherwise in the service of the controller;
- Transmission within a group of undertakings for internal administrative purposes;
- Processing necessary to ensure network and information security, including preventing unauthorised access;
- Processing for direct marketing purposes, or to prevent fraud; and
- Reporting possible criminal acts or threats to public security.
Our Lawful Basis is your consent and our Legitimate Interest is that you are either a client, member, pupil, student, employee or otherwise in the service of the controller.
We use your information to:
- Process or support payments for goods and services;
- Investigate and address your concerns;
- Communicate with you about services, studies, news, updates and events;
Where any part of our processing includes automated decision-making, we ensure that the proposed decisions are reviewed by a member of staff before being applied. You will always be able to get an explanation for the decision and to challenge it if you are unhappy with it.
We collect and process both personal data and special categories of personal data as defined in the GDPR. This includes:
Member/pupil/student data
- Name;
- Email;
- Phone number;
- Address;
- Payment or bank details;
- Date of birth;
- Location details;
- Family & next of kin details
Employee Data
- Name;
- Email;
- Phone number;
- Address;
- Payment or bank details;
- Date of birth;
- Location details
- Family & next-of-kin details
- Medical information
Client
- Name;
- Email;
- Phone number;
- Address;
- Personal information pertaining to money laundering for direct access clients
We may share your personal data with:
- Our legal advisors in the event of a dispute or other legal matter;
- Law enforcement officials, government authorities, or other third parties to meet our legal obligations;
- In connection with, or during negotiations of, any merger, consolidation or restructuring, financing, refinancing, of chambers
- Any other party where we ask you and you consent to the sharing.
Transfers to third countries and international organisations
We do not transfer any information outside of the EEA.
We retain your personal data while you remain a client, member, pupil, student, employee, unless you ask us to delete it. Our Retention and Disposal Policy (copy available on request) details how long we hold data for and how we dispose of it when it no longer needs to be held. We will delete or anonymise your information at your request unless:
- There is an unresolved issue, such as a claim or dispute;
- We are legally required to; or
- There are overriding legitimate business interests, including but not limited to fraud prevention and protecting service users’ safety and security.
Your Rights
The General Data Protection Regulation gives you specific rights regarding your personal data. For example, you have to be informed about the information we hold and what we use it for, you can ask for a copy of the personal information we hold about you, you can ask us to correct any inaccuracies in the personal data we hold, you can ask us to stop sending you direct mail, or emails, or in some circumstances ask us to stop processing your details. Finally, if we do something irregular or improper with your personal data you can seek compensation for any distress you are caused or loss you have incurred. You can find out more information from the ICO’s website http://ico.org.uk/for_the_public/personal_information and this is the organisation that you can complain to if you are unhappy with how we deal with you.
Accessing and Correcting Your Information
You may request access to, correction of, or a copy of your information by contacting us at pbloomfield@newcourtchambers.com
Marketing Opt-Outs
You may opt out of receiving emails and other messages from our organisation by following the instructions in those messages.
We will occasionally update our Privacy Notice. When we make significant changes, we will notify you of these through either mail or email. We will also publish the updated Notice on our website.