privacypolicy
GDPR Introduction
Kenneth Jones Solicitors, the trading name of Kenneth Jones Legal Limited, is authorised and regulated by the Solicitors Regulation Authority (‘SRA’), SRA number 612600, registered in England under Company Number 08796562.
We take the privacy and confidentiality of our clients, potential clients, ex-clients, and their affiliates very seriously and we are committed to protecting it. This Privacy Policy explains the type of information we collect, why we collect it, how we use it, who we might share it with and how to correct or modify it.
What Is Personal Data?
Personal data is defined by the General Data Protection Regulation (UK GDPR) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
Personal data is in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
How do we collect Your Personal Data?
Most of the personal information we process is provided to us directly by you in relation to legal advice. We might collect this information from you in a number of ways, including via our website (e.g. our online inquiry form or chat box), over the telephone, or via email. The personal information you supply to us may include your name, address, contact details, date of birth, details of the circumstances of your legal case, and personal information relating to your case.
We may also receive personal information indirectly, for example:
• By contacting third parties in connection with the services we provide to you, for example, medical or other experts;
• If a claimant or a third party refers to you in correspondence or documentation relating to a legal matter;
• From our suppliers, including introducers or referrers;
• From public authorities, regulators, or law enforcement bodies; or
• An employee of ours gives your contact details as an emergency contact or a referee.
Please note that if you are a third party and we are processing your information in connection with legal proceedings, and/or if legal professional privilege applies, then it is likely we are exempt from any requirement to inform you that we are processing your information.
We may use your Personal Information:
• To provide legal services;
• To engage the services of a third party (where instructed);
• For the purposes of operating our business (such as management information);
• To comply with legal and regulatory obligations.
• To contact you in relation to customer surveys or market research; or
• To send you legal updates, or information in relation to products and services that may be of interest to you from DV Solicitors.
What Are My Rights?
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
• The right to be informed about our collection and use of your personal data. Our Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.
• The right to access the personal data we hold about you.
• The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
• The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. The right to restrict (i.e. prevent) the processing of your personal data.
• The right to object to us using your personal data for a particular purpose or purposes.
• The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
• The right to data portability. This means that, if you have provided personal data to us directly and we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
• Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
Further information about your rights and how we process your data can also be obtained by requesting a copy of our privacy notice or accessing a copy directly from our website at https://kenneth-jones.co.uk. Information on your rights and the GDPR, in general, can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to complain to the Information Commissioner’s Office. We welcome the opportunity to resolve your concerns ourselves first and we will do our very best to resolve the matter with you. In the first instance, please contact the person responsible for data protection at our firm, Ajaz Ali. He is our Data Protection Officer (DPO) and contactable at ajaz@kenneth-jones.co.uk or via the postal address shown in this letter.
Sharing your personal information
We may need to communicate your personal information to other individuals or organisations to facilitate our legal services. For example:
1. medical experts for the purpose of obtaining medical reports or acting as expert witnesses;
[what other third parties would we need to work with?]
We may also transfer your information to third parties providing us with support and administrative services in connection with the legitimate business purposes associated with the operating of a law firm.
If after providing us with your personal information it becomes apparent we are unable to offer our service to you, we may, with your consent, pass your details to another legal services provider who may be able to assist you.
Other Websites
This website may contain links to other websites. This Privacy Policy only applies to this website, so please ensure you also read the privacy policy of the other website provider. We bear no responsibility for the operation, content, or policies of other websites.
Complaints
For more information about this policy, or if you would like to make a complaint in relation to the way we process your personal information, please contact our DPO at ajaz@kenneth-jones.co.uk
We will endeavour to resolve any issues as soon as possible, however, if we are unable to do so to your satisfaction, you can contact the Information Commissioner’s Office (ICO) (www.ico.org.uk, Tel: 0303 123 1113).
Changes to this Privacy Notice
We may amend this policy at any time by notifying you or posting a revised version on our website.
If we make a change to this policy, we will take your continued use of our services after that date as your acceptance of the change.
Lawful Basis
The lawful basis on which we rely when processing your data is Article 6(1)(f) of the General Data Protection Regulation (GDPR), which allows us to process personal data for the purposes of the legitimate interests pursued either by us or by a third party. From time to time, we might also rely on Article 6(1)(a) of the GDPR, which allows us to process your personal data if we have obtained your consent (for example, when we require your consent for the optional cookies we use). Where we process special categories of personal information, we rely on Article 9(f) of the GDPR if the processing is connected to a legal claim. At times, we may also depend on alternative legal bases for processing special category personal information. For example, Article 9(b) if you are an employee.
Retention periods
We will retain your personal information in accordance with applicable law. This is usually in accordance with the statutory limitation period. If you contact us but don’t proceed with a claim, we may retain your personal information for a short period to ensure we can effectively track and monitor attempted fraud and to help us differentiate between service and new inquiry calls.
Automated decision-making
We may use the personal information you provide to carry out any automated decision-making process as to the validity of your identity, as well as to carry out other checks as required by law and regulation (for example, a credit history check or the applicability of any sanctions). If a query arises in relation to any of these checks (i.e. if your identity cannot be validated or other checks raise issues that might prevent the continuance of our legal services to you), a human-led forensic analysis will be undertaken and any decision on our part not to act on your behalf will not be solely automated.
Transferring personal information overseas
In order to provide our services, we may need to transfer your personal information to locations outside the UK for the purposes set out in this privacy policy. This may entail a transfer of your information from a location within the European Economic Area (the “EEA”) to outside the EEA, or from outside the EEA to a location within the EEA. The level of information protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we will implement appropriate measures to ensure that your personal information remains protected and secure in accordance with applicable data protection laws. Where our third-party service providers process personal data outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures, usually standard contractual clauses.
If you need further information or have any questions about our privacy policy or practices, please contact:
Security
Please be assured that we will keep your personal information confidential and take appropriate measures to protect it against loss, theft, or misuse and to safeguard your privacy.
Where you are provided with any confidential information (including a user ID or password), you must not disclose such information to any third party.