Data Protection Policy

Jeffreys Solicitors will need to collect and use certain types of information about staff, clients and other individuals in order to operate the services we provide. In addition, it may be required by law to collect and use certain types of information to comply with statutory obligations of Local Authorities, government agencies and other bodies.

We regard the lawful and correct treatment of personal information as very important to successful operations, and to maintaining confidence between those with whom we deal and ourselves. We ensure that our organisation treats personal information lawfully and correctly.

The General Data Protection Regulation 2016 replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. Its purpose is to protect the “rights and freedoms” of living individuals, and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.

The partners and staff at Jeffreys Solicitors are strongly committed to the rights of individuals whose data they collect and process and will comply with UK and EU laws related to personal information in- line with the EU General Data Protection Regulation (GDPR).

To comply with the requirements of GDPR Jeffreys Solicitors will:

• process personal information only where this is strictly necessary for legitimate organisational purposes, such as confirming your identity and being able to carry out your
• instructions;
• collect only the minimum personal information required for these purposes and not process excessive amounts of personal information;
• provide clear information to individuals about how their personal information will be used and who will be using the information;
• only process relevant and adequate personal information;
• process personal information fairly and lawfully;
• keep all personal information secure;
• maintain an inventory of the categories of personal information that is processed;
• ensure they keep personal information accurate and up to date;
• retain personal information only for as long as is necessary for legal or regulatory reasons or, for legitimate organisational purposes;
• respect individuals’ rights in relation to their personal information as defined in the GDPR;
• only transferring personal information outside the EU Member States in circumstances where it can be adequately protected and aligned with EU GDPR Regulations;
• only apply exemptions permitted by data protection legislation.

The type of information will we collect from you

• Contact details, such as your name, address, date of birth, and email address
• Photographic identification and proof of address documents
• Professional information, such as job title, previous positions, and professional experience
• Banking and financial details to be able to establish the source of funds where a transaction is involved or in certain types of litigation

Where necessary, and only to the extent that it is in your best interests in the progression or defence of your legal matter, we may need to process information which is very sensitive in nature such as diversity and health related details. In some circumstances we may need to share this information with third parties, for example a court or tribunal. If you volunteer sensitive personal data, you will be allowing us to process it as part of engaging our services.

Information you provide about other people

In certain cases, it might be necessary to hold and use personal information about you, your officers and/or your employees or family.  When you provide personal information to us relating to your officers or employees or family, you should ensure that those individuals understand how their data will be used by us.  You must have the authority to disclose personal data if it relates to someone else and all data disclosed should be complete, accurate and up to date.

Information we collect about you from others

Information may be passed to us by third parties in the course of providing our legal services. The processing of this information will be necessary for the progression of your legal matter and to enable us to act in your best interests as your legal representative.

These sources may include:

• Other parties involved in the legal proceedings, such as the solicitor acting on the other side.
• Financial institutions, such as banks.
• Other professional services firms, such as accountants and tax specialists.
• Government bodies and organisations such as HM Land Registry or Companies House.

The length of time we hold your data

We will only retain your information for as long as is necessary to:

• Carry out the legal work
• Comply with legal obligations under EU/UK law.

Who your information will be shared with

We may pass your information to any third parties where required to do so in the course of providing legal services, or where we are obliged by law.  This will include, but is not limited to:

• A court or tribunal where we are acting for you in a dispute or litigation.
• Government bodies, such as HM Land Registry or HM Revenue and Customs.
• The solicitors acting on the other side of your matter.
• Legal counsel or other experts to obtain advice or assistance on your matter.
• Law enforcement agencies where required by law for the prevention of financial crime and terrorism.
• Our regulators including the SRA and Law Society
• Our professional indemnity insurer in the event a claim is made against us in order to defend ourselves.

We will not disclose or sell your personal information to any other third parties for marketing purposes.

Security of your data

Your data will be securely held with all reasonable measures put in place to safeguard it from unauthorised access and where possible any identifiable information will be encrypted.

If you are not our client

If you are not our client your personal data may be processed to enable us to provide legal advice to our client and may also be used in legal proceedings on behalf of our client. We are allowed to use your information because it is in the legitimate interests of our client (for example under the terms and conditions of an agreement/contract) to do so. We may also have to use your personal data to comply with our own legal and regulatory obligations.

Complaints about the use of your personal data

If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated by writing to Keith Jeffreys, Jeffreys Solicitors, 81 St Teilo Street, Pontardulais, Swansea, SA4 8SS.

If you are not satisfied with our response you can complain to the UK data protection regulator, namely the Information Commissioner’s Office. Details can be found at www.ico.org.uk