Firm’s Compliance Officer for Legal Practice: Joanne Major
Please read the following information carefully. This privacy notice contains information about what data Major Family Law (MFL hereafter) collects and stores about you and why. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.
What information do we collect?
MFL collects, uses and is responsible for personal information about you. When we do this, we are the ‘controller’ of this information for the purposes of the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.
MFL collects and processes a range of information about you. This may include:
- your name, address and contact details, including email address and telephone number;
- your date of birth and gender;
- information about your marital status, next of kin, dependants and emergency contacts;
- details of your bank account and national insurance number;
- information about your remuneration, tax, and entitlement to benefits such as pensions;
- information about your assets including those of your spouse / partner
- information about your nationality and entitlement to work in the UK;
- the terms and conditions of your engagement of MFL;
- information about medical or health conditions, including whether or not you have a disability for which MFL needs to make reasonable adjustments; and
- (in some cases) information about your ethnic origin, sexual orientation and religion or belief.
- CCTV images of you outside of the MFL offices
MFL may collect this information in a variety of ways. For example, data might be collected through the questionnaire you have completed; obtained from your passport or other identity documents such as your driving licence; from forms completed by you (such as benefit nomination forms); from correspondence with you; or through interviews and meetings that we have.
MFL only seeks personal information about you from third parties (such as employers, doctors, HMRC, and benefits offices) with your consent.
Why do we process personal data?
MFL needs to process data to enter into a legal services contract with you and to provide you with the appropriate range of legal services.
In some cases, MFL needs to process data to ensure that it is complying with its legal obligations. For example, it is required to meet its obligations under anti money laundering legislation and to comply with the requirements of its regulator (currently the SRA).
In other cases, MFL has a legitimate interest in processing personal data before, during and after the end of the client relationship. Processing client data allows MFL to:
- Ensure the right parties are engaged to provide you with the optimal legal services through the court system and to provide you with advice most appropriate to your case.
- Liaise effectively with government agencies such as the child protection agency or child maintenance enforcement agency.
- Effectively represent you when dealing with other solicitors and third parties eg expert witnesses and counsel.
- Ensure the options for your case direction are presented in full eg mediation and collaborative law.
- Respond to any complaints by you.
Where we process other special categories of personal data, such as information about ethnic origin, sexual orientation, religion or belief, details about your health (where relevant) this is done not only for the purposes of equal opportunities monitoring, but also to fulfil the terms of engagement with you.
Who will we share your personal information with?
Your information may be shared internally, including with company directors, support and IT staff if access to the data is necessary for the performance of their roles.
MFL also shares your data with third parties that process data on its behalf in connection with their IT and case management systems.
We will share personal information with law enforcement agencies if required by applicable law.
We will not share your personal information with any other third parties (such as barristers or other law firms) without your consent.
MFL will not transfer your data to countries outside the European Economic Area.
What if you do not provide personal data?
You have some obligations under your legal services contract to provide MFL with data under the implied duty of good faith. Failing to provide the data may mean that you are unable to exercise your statutory rights during and at the end of your case.
Certain information, such as contact details, identity documents for anti-money laundering checks and payment details are required as part of our entering into a legal services contract with you. If you do not provide other information as required, this will hinder MFL’s ability to administer your case efficiently.
How do we protect data?
Data will be stored in a range of different places, including in your case matter file, in MFL’s case management systems, and in other IT systems (including the MFL email system).
MFL takes the security of your data seriously. MFL has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
Where MFL engages third parties to process personal data on its behalf, they do so on the basis of written instructions. The third party will be under a duty of confidentiality and obliged to implement appropriate technical and organisational measures to ensure the security of data.
For how long will we store your data?
MFL will retain your personal data only for as long as is necessary to ensure we can fulfil our business requirements and to comply with our regulatory requirements. After that period we will confidentially destroy all data. MFL will typically hold all other personal data for the duration of your matter and for a further 7 years after your matter concludes. In some cases however we retain personal data for a longer period to enable us to adequately address and assist with any query or dispute that may arise in the future (such as a request to vary an existing order). This includes private children’s proceedings, cases involving a financial order for child maintenance, and cases involving a financial order for spousal maintenance payable beyond a 6 year period. We will notify you of the specific period for which your data will be retained by us in our file closure letter.
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 require us to keep client identification records and documents for 5 years from the end of our business relationship. At the end of the 5 year period the Regulations require us to delete this personal data unless certain exceptions apply. As stated above, in most instances we retain complete files, including personal identification documents, for over 5 years. We do this because the data may be required by us should we be sued, or should some other action be brought against us in relation to the matter for which we were instructed by you.
By ensuring our business records are adequate we can maintain the requisite levels of insurance to protect our clients.
Under the UK General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are to:
- Access to your personal information and other supplementary information;
- Require us to correct any mistakes or complete missing information we hold on you;
- Require us to erase your personal information in certain circumstances, for example where the data is no longer necessary for the purposes of processing;
- Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine readable format;
- Object at any time to processing of your personal information for direct marketing (note MFL does not currently engage in direct marketing);
- Object in certain other situations to the continued processing of your personal information;
- Restrict our processing of your personal information in certain circumstances;
If you want more information about your rights under the UK GDPR, please see the Guidance from the Information Commissioners Office on Individual’s rights under the UK GDPR.
If you would like to exercise any of these rights please contact Jane Henderson at MFL.
How to make a complaint
The UK General Data Protection Regulation also gives you the right to lodge a complaint with the Information Commissioner’s Office who can be contacted by calling 0303 123 1113.
We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will inform you by letter or email.
Changes to this privacy notice
We constantly review our internal privacy practices and may change our policy from time to time. When we do, we will update the notice on our website.
Get in touch
If you have any questions about this privacy notice or the information we hold about you please contact Jane Henderson at MFL.