Privacy Notice

We will update this Notice from time to time and you should review it whenever you visit our website or before providing us with any personal data about yourself. The date of the last update will be specified above.

 

Overview

 

PDT Solicitors LLP (“PDT”, “we”, “us”) respects the privacy and legal rights of the individuals and organisations we deal with.

 

This Privacy Notice (“the Notice”) provides information about how we collect and use data from visitors to our website and the persons and organisations we deal with when providing services and administering our business. It should be read in conjunction with our website and with the information contained in the Register of Fee Payers published electronically by the Office of the Information Commissioner (“ICO”).

 

Whats in the notice

 

This Notice (together with our Website Terms (“Website Terms”) and any other documents referred to in it) explains how we make use of personal data we collect from or about you or which you provide to us.

 

To use our website, you must consent to the practices described in this Notice which relate to the use of the website, as well as the Website Terms. This will include the processing of your data as set out in this notice where you get in touch with us via our website. If you or your organisation is one of our clients, further information will be found in our engagement letter.

 

Who we are

 

For the purpose of the Data Protection Act 2018 (“DPA”) and the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”), the data controller in respect of any personal data controlled by the firm is PDT Solicitors LLP. PDT is a limited liability partnership under the laws of England and Wales, registered under number OC403260. Our registered address is Premier House 36-48 Queen Street, Horsham, West Sussex, RH13 5AD.

 

We are authorised and regulated by the Solicitors Regulation Authority (under registered number 636166) and are subject to the Solicitors' Code of Conduct 2011 (“Code”). Further information about our expertise, services and staff is provided on our website.

 

Personal data you give us

 

When we refer to “personal data” in this Notice, we mean information about living individuals which, alone or in conjunction with other information held by us, is capable of identifying them. The DPA and the GDPR regulate our use of your personal data.

 

In dealing with clients, other legal professionals and other parties in the course of our business, we most commonly obtain personal data consisting of names, physical and electronic addresses and telephone numbers.

 

We may obtain personal data from you when you contact us or visit our offices, including when you call us, get in touch with us via our website, or when you or your organisation corresponds with us using any means of communication. This includes personal data you provide to us when you:

• Contact us with a question or enquiry;
• Contact us or authorise anyone to contact us about employment with PDT;
• Register for a seminar, event, or to receive legal updates or newsletters;
• Attend events or provide our staff with business cards or contact details;
• Deal with us when we are providing services to one of our clients (which may be you, your organisation or a third party);
• Make a complaint; or
• Deal with us in order to provide us with goods or services.

 

We may also collect and retain personal data:

• Obtained from public sources about you or your organisation;
• Obtained from monitoring and recording equipment (including CCTV) at our offices which we use to secure our premises and protect the people who use them;
• Obtained from third parties, who may include our clients, legal and accountancy professionals and their firms, insolvency practitioners, courts, professional regulators, public bodies, and other entities, including credit reference agencies and providers of analysis, screening and database services who have a right to disclose this information to us; and
• Relating to whether our contacts read electronic correspondence from us or click on links we send them.

 

We can use any personal data we obtain for a number of purposes, as set out below. We will not retain personal data for longer than is necessary for the purpose or purposes for which we use it and we also explain below generally how long we will retain personal data for a given purpose. We store this data on a secure UK based data server. We may of course hold the same pieces of personal data and use them for multiple purposes. If you or your organisation are a client of PDT, our engagement letter has further information about our file retention policy.

 

• To provide you or your organisation or our clients with information or services (we will keep this until you tell us to remove your personal data from our records for these purposes, or until we have reason to believe that you may no longer have any need for this information and our services) and to improve and to tailor how we provide those services and that information;
• To perform a contract with the person about whom we hold data (we will keep your data for so long as is necessary for the contract and then as required for legal and compliance purposes);
• To deal with enquiries or requests or to contact people on behalf of our clients (we’ll keep your data for so long as is necessary to deal with the enquiry or request);
• To protect or pursue PDT’s legitimate interests or those of our clients, the courts or anyone else we provide personal data to, after taking into account the legitimate interests of the person the data is about;
• To conduct data analysis, matching and screening techniques and services – more information about this is set out below;
• To comply with the law – for example, when performing background, know-your-client or money laundering checks (we’ll keep your data for so long as is necessary to document our compliance with the law and our regulator’s requirements);
• To protect the personal and organisational security and the financial resources of our firm and our clients (we’ll keep your data for so long as we reasonably think necessary to protect those interests);
• To assess the credit-worthiness of a person or organisation we’re considering doing business with (we’ll keep your data until we make a decision about doing business with them);
• To assess the financial resources of an individual or organisation in relation to legal rights, claims and defences as part of our work as legal professionals (we’ll keep your data for so long as is necessary to make those assessments, to conduct legal proceedings and then to document to our clients, courts and regulators that we’ve complied with our legal and regulatory obligations to them);
• To promote the services we provide and obtain new business (we’ll keep your data unless you ask us to remove it from our records or we decide you’re not likely to be interested in our services);
• To pay our debts (we’ll keep your data until we’ve paid our debts and then as necessary for our tax affairs and to prove we’ve made the payment – this may be up to 6 years);
• To offer our business contacts the opportunity to attend events and seminars and to receive information about the firm, legal updates and topics we think might interest them (where you have opted in to receive this information from us or if the law permits us to provide it without an explicit opt-in, we’ll keep your data unless you ask us to remove it from our records or we decide you’re not likely to be interested in our events, seminars and information);
• To promote the administration of justice, comply with the Code and comply with our solicitors’ duties as officers of the court (we’ll keep your data for so long as is necessary to achieve this – in some cases this may be up to 12 years); and
• In any other way which we consider necessary and appropriate in order to conduct our business as a law firm, including to fulfil our professional, regulatory and legal obligations to our clients, the courts or other persons (we’ll keep your data for as long as we need to in order to achieve this, but for no longer than is necessary).

 

As a business, we want to better understand current and prospective clients and people we do business with in order to communicate more effectively, provide better services and increase our efficiency. To do this, we may from time to time use data analysis, screening and matching techniques, either internally or in conjunction with independent contractors and service providers who process personal data for us. Contractors and service providers who process personal data on our behalf may provide us from time to time with additional, matching or supplementary data (where they have a legal right to do so), including personal data, about persons we already have some information on.

 

This may mean, for example, that from time to time we use internal or external resources to (1) obtain additional contact information about individuals which they have not shared with us; (2) estimate the financial resources of our contacts; or (3) profile contacts on the basis of geographic, financial or biographical information, affiliations or interests to estimate how likely they are to be interested in particular services.

 

We don’t currently use any of these analysis, screening and matching techniques, but if we do we’ll provide this information in an updated Notice.

Where we have obtained personal data for any of the purposes set out in this Notice, we may use it in connection with data analysis, screening and matching for the specific purposes set out in the paragraphs above, but also for any of the other purposes set out in this Notice. This does not affect your legal right to object to the use of your data for direct marketing purposes.

 

Personal data we may obtain from our website about our web visitors

 

We may automatically collect the following information, which may or may not be personal data, on anyone visiting the website:

• IP addresses (static or dynamic) and other technical information relating to the virtual or physical location of a visitor and their means of access, including browser information, time zone settings and hardware information;
• How visitors use the website, including dates and times and any details of how and for what duration particular resources are viewed or used; and
• Clickstream data, including where users navigate to our site to and from and any searches you have made on or relating to our site.

 

We will use this data to:

• run our website and ensure it works properly;
• improve how we present the information on it and make browsing easier and more productive;
• maintain the site’s security and that of our visitors

 

Cookies

 

An HTTP cookie is a piece of data sent on behalf of a website (such as PDT’s website) and stored on the user's computer by the user's web browser while the user is browsing.

 

We may use internal resources or third party analysis services which use cookies to collect information on site usage and behaviour patterns. We do this to find out things such as the number of visitors to the various parts of our website and improve it. We may also share website usage data with service providers for benchmarking and site rating purposes.

 

We don’t use cookies in a way which allows PDT to identify site users.

 

Currently, the PDT website attempts to set the following cookies:

• Necessary Cookies: Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences
• Analytical Cookies: Analytical cookies help us to improve our website by collecting and reporting information on its usage.

You can block cookies via your web browser and can screen out certain cookies using browser add-ons or other software. This may prevent you from accessing all of our website.

 

Click here to alter your cookie preferences.

 

How we share your data with other people and organisations

 

We may provide access to your personal data to our employees, contractors and agents and to our clients and their employees, contractors and agents.

 

Where we supply personal data to our own employees, contractors and agents, this will be for the performance of their duties or contractual responsibilities to us and to be used only in a manner which isn’t incompatible with the purposes for which we obtained it.

 

Where we supply other people and organisations with personal data for purposes other than their processing this data for us according to our instructions, we will consider (where allowed by law or our duties to the courts and our clients) the security and privacy of that data in the hands of the recipient. However, we won’t be responsible for the security and privacy of data held by third parties where we don’t control their policies and practices.

 

We may share personal data with other people and organisations for these reasons:

• providing you or others with legal services or information
• to enforce and protect our own legal rights or those of our clients and other persons (including by supplying information to our insurers);
• to prepare for, anticipate or conduct legal proceedings of any kind;
• if we’re required to by law or by our professional regulators;
• maintaining and improving our website, including the use of web analytics and search engine optimisation;
• to help administer seminars, courses, lectures and other events you have asked to attend or which we think may be of interest to you;
• to get our clients’ feedback on our work;
• to market and promote our services; or
• in the event that we sell or transfer all or part of our business or our limited partners sell any or all of the interests in the limited liability partnership through which our business trades.

 

For convenience or as a matter of necessity, where we share personal data for the above reasons, we may transfer it to countries or territories outside the European Economic Area (“EEA”). We may also do so if we decide to use a third party to process personal data for us who is located outside or conducts processing outside the EEA.

 

We do not make these transfers as a matter of course, but may do so when we deem it appropriate for the administration of our business, to provide our services (for example, a client, a party in relation to whom we are conducting proceedings or dealing with, or an asset that is the subject of legal proceedings is located outside the EEA), or to obtain goods and services from third parties.

 

Where we transfer personal data outside of the EEA, we will use a method specified in the GDPR which provides an adequate level of protection for the rights and freedoms of affected persons.

 

Your rights to object to direct marketing

 

Like other businesses, we will sometimes use your personal data to provide you with information about the services we offer, developments in the law which might affect you and other topics we think might interest our clients and business contacts. If you ask us to provide legal services to you, the terms of business and engagement letter we provide you will have additional information about how we can use your personal data.

 

We appreciate that you may decide that you don’t want us to use your personal data in this way and we will respect that choice. We also have a legal obligation under the DPA and GDPR to stop sending you marketing communications if you object, so if you don’t want us to use your personal data in this way, just let us know. We suggest sending an e-mail to us at dpm@pdt.co.uk or newsletter@pdt.co.uk, or writing to us care of:

The Data Protection Manager
PDT Solicitors LLP
Premier House
36-48 Queen Street
Horsham, West Sussex
RH13 5AD

 

We’ll give you the opportunity to opt out of future marketing whenever we send you marketing material.

 

Your rights to the personal data we process

 

Under the DPA, you have the following rights in relation to your own personal data:

• to prevent us using your data for direct marketing;
• to have (in certain circumstances) inaccurate personal data corrected, blocked or destroyed;
• to access a copy of the information comprised in your personal data that is undergoing processing (“subject access rights”);
• to object to automated decisions (PDT do not, however, use automated decision making);
• to obtain compensation through legal proceedings for damage caused by a breach of the DPA; and
• a right to object to processing that is likely to cause or is causing damage or distress.

If you want to (1) tell us to stop using your data for direct marketing; (2) exercise your subject access rights; (3) tell us about inaccurate personal data you think we hold on you; or (4) object to a use you believe we’re making of your data which is causing, or is likely to cause, damage or distress, please contact our Data Protection Manager at dpm@pdt.co.uk, tel: 01403 262 333, or write to us at this address:

 

The Data Protection Manager
PDT Solicitors LLP
Premier House
36-48 Queen Street
Horsham, West Sussex
RH13 5AD

 

Unless the law permits us to do so, we will not charge you to exercise your subject access rights, but may make charge a reasonable fee reflecting our administrative costs should you request further copies of the personal data. When you contact us to exercise any of the above rights, we will first ensure that the person requesting the data is the person whose data is being sought (or that it is being requested on that person’s behalf). This may involve providing us with proof of your identity or your authority to act for the data subject. We can also ask you for any information we need to help us find the personal data you’re enquiring about.

We will also provide you with the following information relating to your personal data:

• the purpose for which we’re processing it;
• what categories of data about you we process;
• the recipients of your data, if any, including specifically international or foreign organisations;
• our expected retention period or how we’ll calculate this, if we don’t know yet;
• your rights in relation to the data; and
• the source of the data, if we didn’t get it from you.

 

Other websites

 

Our website may contain hypertext links to websites operated by other people or organisations. If you use these links, be aware that these other sites will not operate as set out in this Notice and that PDT don’t have any responsibility or liability for how they are operated or what data they may collect on their visitors. Please browse carefully.

 

The Solicitors Regulation Authority (“SRA”) badge

As of the 25^th November 2019, we are required to display the Solicitors Regulation Authority (“SRA”) “badge” on our website, allowing visitors to confirm, by clicking on the badge that we are SRA-regulated.   The SRA badge you see on your browser operates via an iframe placed on PDT’s website, which displays data directly from - and allows you to interact directly with - the SRA’s service provider, Yoshiki Limited. 

 

Clicking on the badge is intended to link you to an SRA-hosted webpage which confirms that our site is operated by PDT Solicitors LLP, that we are SRA-regulated is regulated and outlines what protections this regulated status provides.  Please note that PDT does not control the data collection or data processing policies of Yoshiki or the SRA, including but not limited to the “cookies” that Yoshiki or the SRA may set or attempt to set on your browser when you mouse-over the iframe or click on the badge.

 

Contacting us and complaints

 

Please get in touch if you have any questions about our website or what’s in this Notice or believe we’ve done something which may violate your rights under the DPA or any related law. Where you have concerns regarding our use of your personal data or wish to complain about it, you have the right to contact the ICO.