Last Updated: June 2019
PDT Solicitors LLP (“PDT”, “we”, “us”) respects the privacy and legal rights of the individuals and organisations we deal with.
This Privacy Notice (“the Notice”) provides information about how we collect and use data from visitors to our website and the persons and organisations we deal with when providing services and administering our business. It should be read in conjunction with our website and with the information contained in the Register of Fee Payers published electronically by the Office of the Information Commissioner (“ICO”).
This Notice (together with our Website Terms (“Website Terms”) and any other documents referred to in it) explains how we make use of personal data we collect from or about you or which you provide to us.
To use our website, you must consent to the practices described in this Notice which relate to the use of the website, as well as the Website Terms. This will include the processing of your data as set out in this notice where you get in touch with us via our website. If you or your organisation is one of our clients, further information will be found in our engagement letter.
For the purpose of the Data Protection Act 2018 (“DPA”) and the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”), the data controller in respect of any personal data controlled by the firm is PDT Solicitors LLP. PDT is a limited liability partnership under the laws of England and Wales, registered under number OC403260. Our registered address is Premier House 36-48 Queen Street, Horsham, West Sussex, RH13 5AD.
We are authorised and regulated by the Solicitors Regulation Authority (under registered number 636166) and are subject to the Solicitors' Code of Conduct 2011 (“Code”). Further information about our expertise, services and staff is provided on our website.
When we refer to “personal data” in this Notice, we mean information about living individuals which, alone or in conjunction with other information held by us, is capable of identifying them. The DPA and the GDPR regulate our use of your personal data.
In dealing with clients, other legal professionals and other parties in the course of our business, we most commonly obtain personal data consisting of names, physical and electronic addresses and telephone numbers.
We may obtain personal data from you when you contact us or visit our offices, including when you call us, get in touch with us via our website, or when you or your organisation corresponds with us using any means of communication. This includes personal data you provide to us when you:
We may also collect and retain personal data:
We can use any personal data we obtain for a number of purposes, as set out below. We will not retain personal data for longer than is necessary for the purpose or purposes for which we use it and we also explain below generally how long we will retain personal data for a given purpose. We store this data on a secure UK based data server. We may of course hold the same pieces of personal data and use them for multiple purposes. If you or your organisation are a client of PDT, our engagement letter has further information about our file retention policy.
As a business, we want to better understand current and prospective clients and people we do business with in order to communicate more effectively, provide better services and increase our efficiency. To do this, we may from time to time use data analysis, screening and matching techniques, either internally or in conjunction with independent contractors and service providers who process personal data for us. Contractors and service providers who process personal data on our behalf may provide us from time to time with additional, matching or supplementary data (where they have a legal right to do so), including personal data, about persons we already have some information on.
This may mean, for example, that from time to time we use internal or external resources to (1) obtain additional contact information about individuals which they have not shared with us; (2) estimate the financial resources of our contacts; or (3) profile contacts on the basis of geographic, financial or biographical information, affiliations or interests to estimate how likely they are to be interested in particular services.
We don’t currently use any of these analysis, screening and matching techniques, but if we do we’ll provide this information in an updated Notice.
Where we have obtained personal data for any of the purposes set out in this Notice, we may use it in connection with data analysis, screening and matching for the specific purposes set out in the paragraphs above, but also for any of the other purposes set out in this Notice. This does not affect your legal right to object to the use of your data for direct marketing purposes.
We may automatically collect the following information, which may or may not be personal data, on anyone visiting the website:
We will use this data to:
An HTTP cookie is a piece of data sent on behalf of a website (such as PDT’s website) and stored on the user's computer by the user's web browser while the user is browsing.
Currently, the PDT website attempts to set the following cookies:
You can block cookies via your web browser and can screen out certain cookies using browser add-ons or other software. This may prevent you from accessing all of our website.
We may provide access to your personal data to our employees, contractors and agents and to our clients and their employees, contractors and agents.
Where we supply personal data to our own employees, contractors and agents, this will be for the performance of their duties or contractual responsibilities to us and to be used only in a manner which isn’t incompatible with the purposes for which we obtained it.
Where we supply other people and organisations with personal data for purposes other than their processing this data for us according to our instructions, we will consider (where allowed by law or our duties to the courts and our clients) the security and privacy of that data in the hands of the recipient. However, we won’t be responsible for the security and privacy of data held by third parties where we don’t control their policies and practices.
We may share personal data with other people and organisations for these reasons:
For convenience or as a matter of necessity, where we share personal data for the above reasons, we may transfer it to countries or territories outside the European Economic Area (“EEA”). We may also do so if we decide to use a third party to process personal data for us who is located outside or conducts processing outside the EEA.
We do not make these transfers as a matter of course, but may do so when we deem it appropriate for the administration of our business, to provide our services (for example, a client, a party in relation to whom we are conducting proceedings or dealing with, or an asset that is the subject of legal proceedings is located outside the EEA), or to obtain goods and services from third parties.
Where we transfer personal data outside of the EEA, we will use a method specified in the GDPR which provides an adequate level of protection for the rights and freedoms of affected persons.
Like other businesses, we will sometimes use your personal data to provide you with information about the services we offer, developments in the law which might affect you and other topics we think might interest our clients and business contacts. If you ask us to provide legal services to you, the terms of business and engagement letter we provide you will have additional information about how we can use your personal data.
We appreciate that you may decide that you don’t want us to use your personal data in this way and we will respect that choice. We also have a legal obligation under the DPA and GDPR to stop sending you marketing communications if you object, so if you don’t want us to use your personal data in this way, just let us know. We suggest sending an e-mail to us at firstname.lastname@example.org or email@example.com, or writing to us care of:
The Data Protection Manager
PDT Solicitors LLP
36-48 Queen Street
Horsham, West Sussex
We’ll give you the opportunity to opt out of future marketing whenever we send you marketing material.
Under the DPA, you have the following rights in relation to your own personal data:
If you want to (1) tell us to stop using your data for direct marketing; (2) exercise your subject access rights; (3) tell us about inaccurate personal data you think we hold on you; or (4) object to a use you believe we’re making of your data which is causing, or is likely to cause, damage or distress, please contact our Data Protection Manager at firstname.lastname@example.org, tel: 01403 262 333, or write to us at this address:
The Data Protection Manager
PDT Solicitors LLP
36-48 Queen Street
Horsham, West Sussex
Unless the law permits us to do so, we will not charge you to exercise your subject access rights, but may make charge a reasonable fee reflecting our administrative costs should you request further copies of the personal data. When you contact us to exercise any of the above rights, we will first ensure that the person requesting the data is the person whose data is being sought (or that it is being requested on that person’s behalf). This may involve providing us with proof of your identity or your authority to act for the data subject. We can also ask you for any information we need to help us find the personal data you’re enquiring about.
We will also provide you with the following information relating to your personal data:
Our website may contain hypertext links to websites operated by other people or organisations. If you use these links, be aware that these other sites will not operate as set out in this Notice and that PDT don’t have any responsibility or liability for how they are operated or what data they may collect on their visitors. Please browse carefully.
As of the 25th November 2019, we are required to display the Solicitors Regulation Authority (“SRA”) “badge” on our website, allowing visitors to confirm, by clicking on the badge that we are SRA-regulated. The SRA badge you see on your browser operates via an iframe placed on PDT’s website, which displays data directly from - and allows you to interact directly with - the SRA’s service provider, Yoshiki Limited.
Clicking on the badge is intended to link you to an SRA-hosted webpage which confirms that our site is operated by PDT Solicitors LLP, that we are SRA-regulated is regulated and outlines what protections this regulated status provides. Please note that PDT does not control the data collection or data processing policies of Yoshiki or the SRA, including but not limited to the “cookies” that Yoshiki or the SRA may set or attempt to set on your browser when you mouse-over the iframe or click on the badge.
Please get in touch if you have any questions about our website or what’s in this Notice or believe we’ve done something which may violate your rights under the DPA or any related law. Where you have concerns regarding our use of your personal data or wish to complain about it, you have the right to contact the ICO.