When you engage our professional services you supply us with a range of information about yourself. This Privacy Notice explains the types of personal data we may collect about you when you have contact with us and use our services. It explains how we will store and handle your personal information data, and how we will keep it safe.
We will update this Privacy Notice from time to time. We will notify you of any significant changes, but you can visit our website and check the most up-to-date version whenever you wish.
Who are we?
Charterhouse Chambers is a barristers chambers whose members are independent self-employed legal practitioners. When we collect, store and process personal data we are a ‘data controller’.
We must obtain your consent to collect and process information (data) about you.
Whenever we collect your personal data, we will always make clear to you which data is necessary so that we may make our professional services available to you.
We collect and process your data in order to further our legitimate interests in ways which are reasonable and necessary to conduct our business. For example, we may use post or electronic means to remain in contact with you. To do this, we need to know your physical address or your electronic address. We would not collect, store or process personal data would in any way which would be detrimental to your rights, freedom or interests.
We may collect and process your personal data to meet contractual obligations.
The law may require that we collect and process your data. For example, we may have to do this to comply with regulations on money laundering or to prevent fraud or other criminal activity. In such circumstances we may be bound by law to pass your data to legitimate authorities.
When you engage our professional services and/or supply your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf.
When you use our services, you are giving your consent to us to transfer and disclose your personal data outside the UK (or outside your country of residence, if that is not the UK) for normal legitimate professional purposes.
Third parties may be subject to different data protection laws from those which apply in the UK or in your country of residence.
What types of personal data do we collect and process?
We record information which allows us to identify you: your name, date of birth, gender, home and work/business addresses, email addresses and telephone numbers.
We keep details of your professional dealings with us. For example, we would make a record of our interviews, conversations and briefings with you, in writing or electronically, as well as any complaints lodged by you.
We make and keep copies of documents provided by you to prove your age, identity, nationality, immigration status in the UK or other countries, where the law requires this. Such documents would include passports and drivers’ licences.
We may need to record bank account, debit and credit card information when clients are paying for our services.
Your image may be recorded by still photography or video by CCTV security systems when you visit our place of business.
We may record your social media username, if you interact with us through such media channels.
We may combine any personal data that we collect directly from you with other data that we obtain from third parties to whom you have given your consent to pass that data onto us.
When do we collect your personal data?
Whenever you contact us for information and/or to engage our professional services whether by telephone, post, email, or through our website or on social media.
When you contact us by any means with an enquiry or a complaint.
When you make any kind of appointment to meet with us.
When you fill in any of our forms, we may collect your personal data.
When you comment on or review our professional services. Any individual may access personal data related to them, including opinions. If your comment or review is about a barrister who provided a service, it may be passed on to them if requested.
When you have given permission to a third party to share with us the information they hold about you.
We collect data from publicly available sources when you have given your consent to share information or where the information is made public as a matter of law.
When you enter our premises we may operate CCTV systems. These systems may record your image during your visit.
Protecting your data
Charterhouse Chambers takes its responsibility for the security of your personal data very seriously. We take measures to ensure the physical security of our information technology equipment, such as computers, against theft. We protect data on such devices from unauthorized access by using passwords and encryption and security software. We follow recommended protocols for good online security and we review these on a regular basis.
Sharing your data
We may share your personal data with trusted third parties. For example, when we use delivery services; to prevent fraud and other crimes; to deal with your comments or complaints.
We apply strict policies of compliance with those trusted third parties to keep your data safe and protect your privacy:
We ensure that your privacy is respected and protected at all times.
We provide only the information they need to perform their specific services.
Third parties may use your data solely for the precise purposes we specify in our contract with them.
If we stop using their services, your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work include:
IT companies who support our business systems.
Operational companies such as delivery couriers.
If we share your data with third parties for their own purposes, we will only do this in very specific circumstances, for example, to prevent fraud, we may share information about potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our clients into consideration.
Transfer of data
Where we need to share your personal data with third parties, such as authorities outside the European Economic Area (EEA), we will take all reasonable steps, as required by UK data protection laws, to ensure your data is accorded the same protection as if it were being processed inside the EEA.
How long do we retain personal data?
We retain personal data only as long as it is needed by us either (a) to serve our clients or (b) to meet regulatory requirements. Once data is no longer needed it is securely destroyed.
You may withdraw your consent to our processing of your personal data at any time.
You can correct your personal information when it is found to be wrong, when it has become out of date or if it is incomplete.
You have the right to be supplied with a copy of all personal information about you, held by us. To keep your personal data safe, we will ask you to verify your identity. If a third party requests data on your behalf, we will require proof that they are acting with your permission. The data will be supplied within a reasonable time following your request for the information. You will be charged for the copy of your data only in those cases where Charterhouse Chambers or a barrister member incurs legitimate costs in supplying the information.
To ask for a copy of your personal information held by us, please contact our Data Protection Officer, Nick Roberts on 0151 705 9345 or Nick@CharterhouseChambers.co.uk
If, for any reason, we decline your request we will explain to you our reasons.
If you are unhappy about any aspect of our use of your personal data, you have the right to complain to the Information Commissioner’s Office (ICO). The telephone number is 0303 123 1113. The ICO website is at www.ico.org.uk
If your country of normal residence is not the UK, you may be able to complain to the data protection authorities in that country.