MAJOR FAMILY LAW PRIVACY NOTICE FOR CLIENTS, POTENTIAL CLIENTS, OR PERSONS LOOKING FOR INFORMATION OR ASSISTANCE

Firm’s Compliance Officer for Legal Practice: Joanne Major

Major Family Law (MFL) is a “controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

This notice contains information about how MFL collects and processes your personal  data, and why. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.

Data protection principles

We will comply with data protection law, which says that the personal information we hold about you must be:

  1. Used lawfully, fairly and in a transparent way.
  2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  3. Relevant to the purposes we have told you about and limited only to those purposes.
  4. Accurate and kept up to date.
  5. Kept only as long as necessary for the purposes we have told you about.
  6. Kept securely.

What information do we collect?

MFL collects and processes a range of information about you. This may include:

  • Information required to prove your identity for the purposes of Money Laundering Regulations,
  • Your name, address and contact details, including email address and telephone number.
  • Your date of birth and gender.
  • Information about your marital status, next of kin, dependants and emergency contacts.
  • Details of your bank account and national insurance number.
  • Information about your remuneration, tax, and entitlement to benefits such as pensions.
  • Information about your assets including those of your spouse / partner
  • Information about your nationality and entitlement to work in the UK.
  • The terms and conditions of your engagement of MFL.
  • Information about medical or health conditions, including whether or not you have a disability for which MFL needs to make reasonable adjustments.
  • Information about your ethnic origin, sexual orientation and religion or belief.
  • CCTV images of you outside of the MFL offices.

We will only collect and use special categories of personal data (sensitive personal data) when we are entitled to do so. For example, when that is with your explicit consent or if you have manifestly made that information public. Sensitive personal data includes information about your race or ethnicity, religious beliefs, sexual orientation and political opinions, trade union membership, health and sickness records.

Where do we get your personal data?

MFL may collect this information in a variety of ways. For example, data might be collected through the questionnaire you have completed; obtained from your passport or other identity documents such as your driving licence; from forms completed by you (such as benefit nomination forms); from correspondence with you; or through interviews and meetings that we have.

MFL only seeks personal information about you from third parties (such as employers, doctors, HMRC, and benefits offices) with your consent.

How does MFL use your personal data?

MFL will only use your personal data when the law allows.

If you become a client of the firm MFL needs to process data to enter into a legal services contract with you and to provide you with the appropriate range of legal services.  If you make an enquiry with our firm but do not go on to enter into a legal services contract with us we still collect and process data. We rely on your consent as the legal basis for processing this information.

In some cases, MFL needs to process data to ensure that it is complying with its legal obligations. For example, it is required to meet its obligations under anti money laundering legislation and to comply with the requirements of its regulator (currently the SRA).  Note that personal information received from you for the purposes of complying with Money Laundering Regulations will only be processed for the purpose of preventing money laundering or terrorist financing unless such processing is permitted by law, or you consent to any alternative use of the data.

In other cases, processing your data is necessary for our legitimate interests, or those of a third party, and your interests and fundamental rights do not override those interests. This may be before, during and after the end of the client relationship. Processing client data allows MFL to:

  • Ensure the right parties are engaged to provide you with the optimal legal services through the court system and to provide you with advice most appropriate to your case.
  • Liaise effectively with government agencies such as the child protection agency or child maintenance enforcement agency.
  • Effectively represent you when dealing with other solicitors and third parties eg expert witnesses and counsel.
  • Ensure the options for your case direction are presented in full eg mediation and collaborative law.
  • Respond to any complaints by you.

We will only use your personal data for the purposes for which we collected it unless we consider that we need to use it for another reason and that reason is compatible with the original purpose.

The above are only examples of how we may use your data and is not exhaustive. We may also use your data in the following situations, although we would expect these instances to be rare:

  • Where we need to protect your interests (or someone else’s interests).
  • Where it is needed in the public interest or for official purposes.

We do not need your consent where the purpose of the processing is to protect you or another person from harm or to protect your well-being and if we reasonably believe that you need care and support, are at risk of harm and are unable to protect yourself.

Information about criminal convictions

We may collect information about criminal convictions if it is appropriate and necessary given the nature of the legal services contract we have with you. For example you or another party to the matter may provide us with this information and we may need to use it in order to effectively represent you and fulfil the terms of our engagement with you.

What if you do not provide personal data?

You have some obligations under your legal services contract to provide MFL with data under the implied duty of good faith. Failing to provide the data may mean that you are unable to exercise your statutory rights during and at the end of your case.

Certain information, such as contact details, identity documents for anti-money laundering checks and payment details are required as part of our entering into a legal services contract with you. If you do not provide other information as required, this will hinder MFL’s ability to administer your case efficiently.

Who will we share your personal information with?

Your information may be shared internally, including with company directors, support and IT staff, if access to the data is necessary for the performance of their roles.

MFL also shares your data with third parties that process data on its behalf in connection with their IT systems, case management systems, and our typing resources.  We may also share your personal data with third parties such as client onboarding service providers (currently Settify), barristers, other law firms and expert witnesses in order to carry out the service that you have instructed us to do.

Where MFL engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

We will share your personal information with third parties where required by law or where we have another legitimate interest in doing so. Such third parties will be required to maintain confidentiality in relation to your information, for example:

  • Law enforcement agencies such as The National Crime Agency, if required by applicable law.
  • Regulatory authorities such as the Solicitors regulation Authority in order to comply with our legal obligations.
  • Insurers in order to ensure you are provided with appropriate cover for identified risks, or in connection with any claim you make against MFL.

We use AI technologies to drive efficiencies within Major Family Law to provide our clients with better outcomes. We use AI in line with our internal policies and procedures (including human oversight where applicable). For example, we use LexisNexis Protégé for research purposes, when conducting client work.

Your personal data may be processed by providers of AI either directly sourced by us, or via third party AI tools, embedded in systems providing IT services to us. Any use of AI technologies by us will be in accordance with technical and operational safeguards appropriate for data types.

Your Personal Data may be processed outside of the UK. This is because some organisations we use, to provide our service to you, are based outside the UK. We have taken appropriate steps to ensure that when your Personal Data is processed in a country outside the UK, it does not have a materially lower level of protection than that guaranteed in the UK.

We do this by ensuring that:

  • Your Personal Data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation), or
  • We enter into an International Data Transfer Agreement (“IDTA”) with the receiving organisation and adopt supplementary measures, where necessary. (A copy of the IDTA can be found here: Standard Data Protection Clauses to be issued by the Commissioner under S119A(1) Data Protection Act 2018 ) , or
  • When transferring your Personal Data to America, we may rely on the UK-US Data Bridge, where appropriate.

How does MFL protect data?

Data will be stored in a range of different places, including in your case matter file, in MFL’s case management systems, and in other IT systems (including the MFL email system).

MFL takes the security of your data seriously. We will not sell your data to anyone and we have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.   We use firewalls and anti-virus software, our computers are encrypted and we use password protection access for all of our systems.

For how long will we store your data?

MFL will retain your personal data only for as long as is necessary to ensure we can fulfil our business requirements and to comply with our regulatory requirements. After that period, we will confidentially destroy all data.

By ensuring our business records are adequate we can maintain the requisite levels of insurance to protect our clients.  

Family Matters

If you become a client of ours in relation to a family matter, or If we provide you with any advice/assistance but you do not become a client, MFL will typically hold personal data for the duration of your matter and for a further 15 years after your matter concludes. In some cases, we retain client personal data for a longer period to enable us to adequately address and assist with any query or dispute that may arise in the future (such as a request to vary an existing order). This includes private children’s proceedings, cases involving a financial order for child maintenance, cases involving a financial order for spousal maintenance payable beyond a 15 year period, and cases where you choose to agree settlement terms against our firm’s advice. We will notify you of the specific period for which your data will be retained by us in our file closure letter.

Motoring/Driving Offences

If you become a client of ours in relation to a road traffic matter, or if we provide you with any advice/assistance, but you do not become a client of ours, MFL will typically hold personal data for the duration of your matter and for a further 7 years after your matter concludes. We will notify you of the specific period for which your data will be retained by us in our file closure letter.

Anti-Money Laundering

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 require us to keep client identification records and documents for 5 years from the end of our business relationship. At the end of the 5 year period the Regulations require us to delete this personal data unless certain exceptions apply. As stated above, in most instances we retain complete files, including personal identification documents, for over 5 years. We do this because the data may be required by us should we be sued, or should some other action be brought against us in relation to the matter for which we were instructed by you.

Conflict Search Information

A very limited amount of your data, namely your name and the nature of your enquiry (“divorce, children etc”) is retained on our Conflicts Search Register for 30 years. We are under a professional duty not to act in circumstances where a conflict of interest arises and retaining this data allows us to search for any potential conflict before we offer advice to a potential new client.

Your rights

Under the UK General Data Protection Regulation, you have a number of important rights that you can exercise free of charge. In summary, these rights are to:

  • Access to your personal information and other supplementary information;
  • Require us to correct any mistakes or complete missing information we hold on you;
  • Require us to erase your personal information in certain circumstances, for example where the data is no longer necessary for the purposes of processing;
  • Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine readable format;
  • Object at any time to processing of your personal information for direct marketing (note MFL does not currently engage in direct marketing);
  • Object in certain other situations to the continued processing of your personal information;
  • Restrict our processing of your personal information in certain circumstances;

If you want more information about your rights under the UK GDPR, please see the Guidance from the Information Commissioners Office on Individual’s rights under the UK GDPR.

If you would like to exercise any of these rights please contact Jane Henderson at MFL.

How to make a complaint

The UK General Data Protection Regulation also gives you the right to lodge a complaint with the Information Commissioner’s Office who can be contacted by calling 0303 123 1113.

Future processing

We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will inform you by letter or email.

Changes to this privacy notice

This privacy notice was last updated on the date shown in the header.

We constantly review our internal privacy practices and may change our policy from time to time. When we do, we will update the notice on our website.

Get in touch

If you have any questions about this privacy notice or the information we hold about you please contact Jane Henderson at MFL.