This policy sets out the basis on which personal data will be processed by us. For the purpose of the Data Protection Act 1998, the data controller is Cannings Connolly of 16 St Martin’s-le-Grand, London, EC1A 4EE, and our registration number is Z7830297.
Types of personal data that we collect
How we use personal data
We will obtain, store and process personal data for the following purposes:
(a) to provide individual clients (or the organisation on behalf of which an individual client instructs us) with legal advice and assistance, or other information that is requested from us;
(b) to keep records of the work that we have carried out for clients, including related email and other correspondence;
(c) to keep records of the anti-money laundering documentation that we have collected from clients for the purposes of preventing money laundering or terrorist financing, and as required by applicable anti-money laundering legislation– this documentation may include copy passports, utility bills, driving licences, names of company directors, and other identifying information;
(d) to send to clients and contacts information on legal updates that may be of interest to them, invitations to firm events, and other marketing materials related to our services, unless they have told us that they do not want to receive this information;
(e) to keep records of applicants for training contract, qualified solicitor, Partner and support staff roles in our firm;
(f) to keep records of the work that our suppliers and third party professional service providers (e.g. tax advisors, overseas counsel) have carried out for us and our clients, including related email and other correspondence; and
(g) to keep human resources records of our personnel, including employees, consultants and Partners.
Sharing personal data
We will not share personal data with third parties without the relevant individual’s consent unless we are required to do so in order to comply with a legal, regulatory or professional obligation or in connection with any legal proceedings.
Where personal data is stored
The personal data that we collect will be stored within the European Economic Area.
We have information security systems in place and use appropriate technical and organisational measures in order to prevent unauthorised access to or disclosure of personal data.
Individuals have the right to ask us at any time not to send marketing information to them, by emailing us on firstname.lastname@example.org or by writing to the Partners at our office address.
Data subjects’ rights
Under the Data Protection Act, individuals are entitled to request details about the information held about them. All requests for access to personal information that is held about a particular individual should be directed to the Practice Manager.