Privacy notice

Introduction

TLT LLP is a law firm and limited liability partnership registered in England under number OC308658 and regulated by the Solicitors Regulation Authority under number 406297. Its registered office is 1 Redcliff Street, Bristol, BS1 6TP. Its data protection registration number is Z5378293.

TLT (NI) LLP is a law firm and limited liability partnership registered in Northern Ireland under number NC000856 and regulated by the Law Society of Northern Ireland. Its registered office is River House, 48-60 High St, Belfast, BT1 2BE. Its data protection registration number is Z3336501.

TLT LLP and TLT NI LLP may share data between themselves when providing services. This privacy notice sets out how TLT LLP and TLT NI LLP (who operate under the TLT brand and are collectively known as "TLT") will process personal data we collect from or about you, or which you provide to us.

Please read this Privacy Notice carefully to understand why data is being collected and what we do with that data once in our possession.

We may change the privacy notice or the terms of business from time to time by amending this page. Further information about data privacy may be found in our engagement letter with you.

TLT Data Protection Officer is Gladys Ombu who can be contacted on 0333 006 0778 or gladys.ombu@TLTsolicitors.com

What type of information will we collect from you?

The personal information we collect will depend on the nature of the services we are providing and what we are contracted to do for you. Typically this might include the following:

• Contact details (including your name, address, date of birth, and email address)
• Photographic identification and proof of address documents (to carry out due diligence)
• A recorded digital video showing your face to compare it your photographic identification (to carry out due diligence)
• Professional information (such as job title, previous positions, and professional experience)
• Banking and financial details (to establish the source of funds where a transaction is involved)
• Details of visits to our website (which enable our website to remember information about you and your preferences). Please read our 'Cookies Policy' for further details.

Where necessary to act in your best interests, and for the establishment, exercise, or defence of your legal matter, we may need to process information which is very sensitive in nature such as diversity and health related details. In some circumstances we may need to share this information with third parties, for example a court or tribunal. If you volunteer sensitive personal data, you will be allowing us to process it as part of engaging our services.

Voice recordings

We voice record certain customer interactions when they relate to discussions around arrears.  Any voice recording of telephone conversations will be held, for regulatory and monitoring purposes, for a period of three years after the call has taken place.

On what basis can we process your information?

The legal grounds for processing your personal data are as follows:

• It is necessary for the performance of a contract to which you are a party, or to take steps prior to entering into a contract with you. The retainer between you and TLT, which is made up of our terms of business and engagement letter, sets out the terms of the contract and the services we will provide.
• It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this we shall consider a number of factors, such as what you were told at the time you provided your data, what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
• It is necessary in order to comply with mandatory legal obligations to which we are subject under EU or UK law.

Information collected from you about other people

In commercial matters, in the course of providing our legal, financial and other professional services to you we will hold and use personal information about you, your officers and/or your employees.  When you provide personal information to us relating to your officers or employees, you confirm that you are allowed to do so. You should ensure that those individuals understand how their data will be used by us.

In personal matters you may be providing other third party data to us, for example details about your family members, in which case we will use such data as a data controller in our own right and will comply with data protection legislation in relation to use of that data.  You must have the authority to disclose personal data if it relates to someone else and all data disclosed should be complete, accurate and up to date.

Children

Our services are not aimed at children and in private client matters involving children, the children will be represented by their parents or guardians.  Where we act for you in private matters involving children, we shall explain to you why we need the information and how it will be used, both when we initially collect the data and as your matter progresses.

What we are going to do with your information?

We will hold and use personal information about you in the following ways:

• Provide you with information about our seminars, events and legal topics that might be of interest to you. If you are an existing client or a business contact we will do this on the basis that we are pursuing legitimate interests in trying to provide you with information and updates. If you are not an existing client or a corporate contact and have requested this information from us, we will do this in order to fulfil your request.
• Verify your identity and establish the source of funding in any transaction.
• Carry out appropriate anti-fraud checks (by conducting online searches using a third party identity provider).  Please note that this will not affect your credit rating.
• Communicate with you during the course of providing our services, for example providing you with advice and dealing with your enquiries and requests.
• Prepare documentation to complete transactions and commence legal proceedings on your behalf.
• Carry out obligations arising from any contract entered into between you and third parties as part of your legal matter.
• Refer you to another department within TLT about additional legal services which may benefit you.
• Statistical purposes so we can analyse figures to help us manage our business and plan strategically for the future.
• Seek advice from third parties in connection with your matter, such as legal Counsel.
• Respond to any complaint or allegation of negligence against us.
• Prevent money laundering or terrorist financing in accordance with financial crime regulations.

Information we collect about you from others

Information may be passed to us by third parties in the course of providing our legal services. The processing of this information will be necessary for the progression of your legal matter and to enable us to act in your best interests as your legal representative.

As a law firm we have an obligation to make you aware of anything that is relevant to your matter. When we obtain information about you from a third party rather than from you directly, we will notify you of any relevant information within a reasonable period, and provide you with details including the type of data and source it came from. Typically these sources may include:

• Other parties involved in the legal proceedings (such as the solicitor acting on the other side).
• Financial institutions (such as banks involved in financing the transaction).
• Other professional services firms (such as accountants and tax specialists).
• Government bodies (such as HM Land Registry for details of your property).
• Public sources where this relates to you or your organisation (for example Companies House).

How long we keep your data for

We will only retain your information for as long as is necessary to:

• Carry out the legal work
• Establish or defend legal claims (for example negligence claims) that could be made against us.
• Comply with legal obligations under EU/UK law (anti-money laundering regulations say your identification and source of funds information must be kept for a minimum period from conclusion of the matter).

Typically we will store the information for fifteen years from the date of your final bill.

Who your information will be shared with

Based upon the services you need we may pass your details to selected people or organisations (data processors) to carry out certain activities on our behalf. For example, personal information you provide may be disclosed to our agents, who may keep a record of that information.

We may pass your information to any third parties where required to do so in the course of providing legal services, or where we are obliged by law.  This will include, but is not limited to:

• A court or tribunal where we are acting for you in a dispute or litigation.
• Government bodies (such as HM Land Registry or HM Revenue and Customs for property related work).
• The solicitors acting on the other side of your matter.
• Legal counsel or other experts to obtain advice or assistance on your matter.
• Other professionals and service providers (such as insurance brokers, where you wish to take out an insurance policy as part of a transaction).
• Organisations involved in any merger or business reorganisation we are dealing with.
• Any disclosures to law enforcement agencies where required by law (in particular the prevention of financial crime and terrorism).
• Our regulators including the SRA, Law Society of Scotland, and Law Society of Northern Ireland in connection with any ongoing regulatory investigation.
• Our professional indemnity insurer in the event a claim is made against us in order to defend ourselves.
• The bank or building society or other lender providing finance in the transaction.
• External auditors who may carry out independent checks of your file as part of our accreditations.
• A UK-based marketing service provider to enable us to send you legal insights and event information by email.

At the outset of your matter we may not be aware of all the other parties involved as this will depend on the specific nature of the work.

We will not disclose (or sell) your personal information to any other third parties for marketing purposes.

Security of your data

Your data will be held on secure servers within the EU with all reasonable technological and operation measures put in place to safeguard it from unauthorised access.  Where possible any identifiable information will be encrypted or minimised.

If we have given you a username and password which enables you to access certain parts of your matter on our systems, you are responsible for keeping it confidential. Please do not share it with anyone.

Measures when transferring your data to others

There may be occasions where we need to send your data outside the EU. This would cover situations where we need to deal with international aspects of your matter and instruct overseas organisations to assist.

Some organisations may be located in countries outside of Europe where data protection laws are not as strict as they are in the UK. Where your personal data is being transferred outside the EU, we will undertake an assessment of the level of protection in light of the circumstances surrounding the transfer. We will make sure that any transfers are not repetitive and only limited to the minimum amount of information possible. In certain circumstances we may need to seek your consent unless there is an overriding legal need to transfer the information.

How you can access and update your information

You have a right to request a copy of the personal information we hold about you, known as a data subject access request. You also have the right to request that information we hold about you which may be incorrect, or which has been changed since you first told us, is updated or removed. These requests are free of charge and can be sent to Risk Manager, TLT LLP, 1 Redcliff Street, Bristol, BS1 6TP, or to GDPR@tltsolicitors.com.

How you can object to us using your data

You can ask us to limit the way in which we are using your information or object to certain types of processing. We will do our best to comply with your request unless we have to use the information for legitimate business or legal purposes.

Please note that if you want us to restrict or stop processing your data this may impact on our ability to provide our services. Depending on the extent of your request we may be unable to continue acting for you and be forced to immediately cease acting. In these situations you would remain liable for the fees and disbursements incurred to date.

Any queries or concerns about the way in which your data is being used can be sent to GDPR@tltsolicitors.com.

Moving your information to another organisation

You have the right to request that we send a copy of the personal data we hold about you to another organisation for your own purposes, for example when you are dealing with a different service provider. If you would like us to move, copy, or transfer your information to another organisation please let us know. We will respond to you within one month after assessing whether or not this is possible, taking into account the technical compatibility with the other organisation in question.

Automated decision making

We do not use your information for automated decision making.

Complaints about the use of your personal data

If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated by writing to David Sanders, Risk Manager, TLT LLP, 1 Redcliff Street, Bristol, BS1 6TP, or emailing GDPR@tltsolicitors.com.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the UK data protection regulator, the Information Commissioner’s Office.  Further details can be found at www.ico.org.uk or 0303 123 1113.

If you are not our client

If you are not our client your personal data may be processed to enable us to provide legal advice to our client and may also be used in legal proceedings on behalf of our client. We are allowed to use your information because it is in the legitimate interests of our client (for example under the terms and conditions of a loan agreement) to do so. We may also have to use your personal data to comply with our own legal and regulatory obligations. If you have any questions about how your personal data is being used, please contact David Sanders, Risk Manager, TLT LLP, 1 Redcliff Street, Bristol, BS1 6TP, or email GDPR@tltsolicitors.com
 

Version 3 - updated September 2018