Data Protection Privacy Notice

We use the information you provide primarily for the purpose of provision of legal services to you and for related purposes including:

  • updating and enhancing client records
  • analysis to help us manage our practice
  • statutory returns
  • legal and regulatory compliance.

Under the data protection regulations, we rely on the following lawful bases for processing your data/personal information:

  • our contract/retainer with you
  • legitimate interests.


We are a ‘data controller’. We are responsible for deciding how we hold and use personal information about you. Our Data Protection Officer is Ian Kettridge. He can be contacted at or by post to 10 Market Place, Saffron Walden, Essex CB10 1HR.


Our use of your data is subject to your instructions, data protection law and our duty of confidentiality.


Personal data processed may include, but not limited to, personal details, family details, good and services, financial details, business details and education and employment details.

We will ensure that we comply with data protection law. This says that the personal information we hold about you must be:

  • used lawfully, fairly and in a transparent way;
  • accurate and kept up to date;
  • relevant to the purposes we have told you about and limited only to those purposes;
  • collected only for valid purposes which we have clearly explained and not used in any way that is incompatible with those purposes;
  • kept only as long as necessary for the purposes we have told you about; and
  • kept securely.


Please note that our work for you may require us to pass on such information to third parties such as expert witnesses and other professional advisers, including sometimes advisers appointed by another party to your matter.


The data may be shared with, but not limited to, family, associates or representatives of our client, current, past or prospective employers, healthcare professionals, social and welfare organisations, business associates, trade associations, professional bodies, suppliers and service providers, regulatory authorities, complainants, financial organisations, debt collection and tracing agents, credit reference agencies and courts and tribunals.

We may also give such information to others who perform services for us, such as typing or photocopying.


Our practice may also be audited or checked by our accountants or our regulator, or by other organisations, for example our Lexcel accreditation assessor.


We do not normally copy such information to anyone outside the European Economic Area, however we may do so when the particular circumstances of your matter so require. All such third parties are required to maintain confidentiality in relation to your files.


The personal data you provide will be retained in accordance with our file retention periods, according to our regulatory obligations. Please also see our Terms of Business.

You have a right of access under data protection law to the personal data that we hold about you. We seek to keep that personal data correct and up to date. You should let us know if you believe the information we hold about you needs to be corrected or updated. In addition, you have the following rights:

  • to request from us access to and erasure of personal data or to restrict processing of your data or to object to processing;
  • the right to data portability;
  • the right to withdraw consent at any time to your file being audited by external third parties;
  • the right to lodge a complaint with the Information Commissioner’s Office –


Provision of your personal data will be a contractual requirement, as this is necessary to enable us to provide legal services to you. In the event that you refuse to provide such data, as required, this may impact upon our ability to act for you or we may be prevented from complying with out legal obligations, for example our anti-money laundering obligations.


Last updated April 2019