1. What is this policy?
Darton Law Limited takes privacy seriously and we are committed to protecting it.
This policy explains when and why we collect personal information about you. How this information is used, kept secure or when we might disclose it to others.
This policy may change from time to time so please check this page whenever you visit our website at www.dartonlaw.co.uk.
Darton Law Limited is the data controller in relation to the processing activities described below. This means that we decide why and how your personal information is processed. Our registered address is 20-22 St Dunstans Road, Feltham, Middlesex TW13 4JU. Darton Law Limited is registered with companies house under company number 07111457.
Our Data protection officer is responsible for updating this policy.
When you use our website, our services, interact with us online, or by phone, email or otherwise, the categories of information that we collect about you are as follows:
This is information about you that you give to us by entering information via:
- our website i.e. dartonlaw.co.uk, www.dartonlawsolicitors.co.uk or www.dartonmotoringaw.co.uk
- our social media accounts, e.g. via Facebook, LinkedIn or Twitter
- corresponding with us by phone, email or otherwise,
and is provided entirely voluntarily.
The basic personal information we may ask for, or you may choose to give us, includes your name, your address, email address and phone number.
We also ask for ‘special category data’ such as ethnic origin, date of birth, age, gender. We do this in order to fulfil our obligations under other contracts such as the Criminal Legal Aid contract. We collect this information for this purpose only and in some instances to assist us in representing you.
We might keep details of enquiries you make with us and any correspondence with us.
We will seek to minimise the information we ask for to that which is needed to perform the relevant function or service at the time.
We automatically collect the following information when you interact with us: e.g. details of transactions you carry out through the site, and your visits to our site, including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources you access.
The Legal Aid Agency (LAA)/Ministry of Justice (MoJ) via the Duty Solicitor Call Centre (DSCC)
We obtain certain personal information about our clients from the legal aid agency. The LAA is part of the MoJ who contract with firms of Solicitors to provide advice and assistance in Criminal litigation.
This information is collected by the LAA in the exercise of their statutory functions and is shared with us to allow us to fulfil our contractual role with the MoJ.
Other sources, for example the Police, Courts and other law enforcements agency.
We are given information from the above agencies in connection, but not limited to, the investigation and prosecution of criminal offences, family and Court proceedings. In all cases we will not pass your personal details onto these agencies without your specific consent. We are still bound by client confidentiality except in exceptional circumstances.
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are explained below.
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, or those of a third party, for the following purposes:
To carry out marketing
- for marketing and advertising activities (other than where we rely on your consent to contact you by email or text with information about our products and services or share your details with third parties to do the same, as explained below);
- for analysis to inform our marketing strategy, and to enhance and personalise your customer experience when you buy services from us (including to improve the recommendations we make to you on our website);
To fulfil online delivery and security
- to ensure that our online content is presented in the most effective manner for you and your computer;
- to allow you to participate in interactive features of our services, when you choose to do so;
- for network and information security for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- for prevention of fraud and other criminal activities;
- to assess and improve our service through recordings of any calls
- operating and managing contracts with our suppliers; and
- for the establishment and defence of our legal rights.
We will use your personal information to comply with our legal obligations: (i) to assist any public authority or criminal investigation body as required; (ii) to identify you when you contact us; (iii) to verify the accuracy of data we hold about you; and/or (iv) to comply with a request from you in connection with the exercise of your rights.
We may use and process your personal information where we have supplied you (or continue to supply you) with any services; where you (contracting as an individual) are supplying us with products and services; where we have arranged for the supply of another company/agent’s services to you; or where you are in discussions with us about any new service. We will use this information in connection with the contract for the supply of services when it is needed to carry out that contract with you or for you to enter into it.
We may use and process your personal information where you have consented for us to do so for the following purposes:
- for marketing activities, in order to contact you by email or text with marketing information about our products and services, (except where we may rely on Legitimate Interests as described above); or to share your details with our recommended third-party partners for them to do the same. Please see the Marketing section (section 11) below in this policy.
You may withdraw your consent for us to use your information in any of these ways at any time. Please see section 12 on withdrawing your consent for further details.
People who make a complaint to us
When we receive a complaint from a person we create a file which will contain the details of the person complaining and other relevant details (including details of other people) that are relevant to the complaint.
We only use this information for the purposes of investigating and responding to the complaint. We do compile and review statistics showing information about the number of complaints we receive. Apart from reports that we provide to our regulators, the Legal Aid Agency or other auditors engaged in quality control of our business, none of these reports are published externally and, if they were, would not include information that would enable any individual to be identified.
We will keep personal information contained in complaint files in line with our retention policy for client files. This means that information relating to a complaint will be retained at least six years from closure.
Job applicants, current and former employees
Darton law limited is a data controller for the information you provide during the process of applying for a role within the firm.
If you apply for a job with Darton law, information you provide will only be used for the purpose of processing your application. We will use the contact details you provide to us to contact you to progress your application.
We will use the other information you provide to assess your suitability for the role you have applied for.
We will ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and may also ask you for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team in a way which can identify you. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.
Offer of employment
If we make an offer of employment we may ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks before you will be able to commence work with us. We ask for this information as we are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
- Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
- Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies.
- We may contact your referees, using the details you provide in your application, directly to obtain references
- We may also ask you to complete a questionnaire about your health. This is to establish your fitness to work and make sure any allergies are recorded in case of an emergency.
If you are able to commence employment with us, we will also ask you for the following:
- Bank details and other information to process salary payments and enrol you for your pension entitlements
- Emergency contact details – so we know who to contact in case you have an emergency at work
Your employee file
If you are employed by Darton Law or are a Consultant providing services through Darton law, your personnel records will be held on our case management system. Only senior management and HR staff have access to the HR files and they are additionally kept in a secure location.
How long is the information retained for?
If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment.
If you are unsuccessful at any stage of the process, the information you have provided will be deleted from our systems within 12 months.
Your information may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. We may use this data for analytical and research purposes.
We may disclose your information to our third-party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf.
Such third parties may include cloud service providers; hosting, email and content providers; marketing agencies; barristers; court and police station representatives or administrative services providers; assessors for our accreditations and payment processing companies (who will process your debit/credit card securely if you purchase services from us).
When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
We may transfer your personal information to a third party if we’re under a duty to disclose or share it to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or our legal rights or to protect the rights, property or safety of our visitors and customers. We will always take steps with the aim of ensuring that your privacy rights continue to be protected.
Your personal information will not be transferred to countries outside the European Economic Area (EEA).
All data that is held by us or those on our behalf is encrypted, backed up on at least a daily basis, and stored on servers or computers based in the EU.
Where data is held on, or capable of being accessed by desktop, laptop or tablet computers, that equipment is (a) password protected, (b) encrypted and (c) secured by two-factor authentication.
Darton law Limited is registered with the Information Commissioner’s Office. We have satisfied ourselves that all third-parties who hold your data on our behalf will comply with GDPR from the date of commencement, at the latest.
We keep personal information for as long as necessary to ensure we can deliver our services. We may also keep your personal data for longer to reflect legal requirements, our compliance functions and other applicable considerations to determine the appropriate retention period.
We do not retain personal information for longer than is necessary.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website and any transmission is at your own risk. Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Where we collect any sensitive personal information about your ethnic background, sexual orientation, political opinions, religion, trade union membership or criminal record, we will apply additional security controls to protect that data.
Our website may contain links to other websites operated by other organisations. This policy does not apply to those websites. We cannot be held responsible for the privacy policies on any other website.
We may collect and process your preferences to receive marketing information directly from us by email and text.
From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you want to continue receiving marketing information from us.
We may contact you with marketing information by post and telephone by using your personal information or with targeted advertising delivered online through social media and platforms operated by other companies using their profiling tools, or use your personal information to tailor marketing to improve its relevance to you, unless you object.
You can amend your marketing preferences at any time by contacting us by phone 020 8751 5115 or e-mail firstname.lastname@example.org
You have many rights under the data protection law, in relation to your personal information.
We may ask you for information to confirm your identity and help us search for your personal information.
We will respond to you within one month (except in rare cases) from either the date we have confirmed your identity or if we already have this information the date we received your request.
You have a legal right to ask to see a copy of the personal information that we hold about you. Such requests are called ‘subject access requests’.
If you would like to make a subject access request, please send an e-mail email@example.com with the information you require. Please make sure you provide as much information as possible to help us identify your information.
You will also need to provide one form of identification and proof of your address, for example, driving licence or passport.
Further information about subject access requests can be found on the Information Commissioner’s website https://ico.org.uk
We may not provide you with a copy of your personal information if this concerns other individuals or if we have another lawful reason to withhold that information.
The accuracy of your information is important to us. If you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the ways described at the end of this policy.
Where we rely on your consent as the legal basis for processing your personal information, as set out under section 4 on how we use your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this policy.
If you would like to withdraw your consent or object to receiving any direct marketing to which you previously opted-in, you can do so using the unsubscribe tool in that communication (if it is an email), or by writing to us or calling us using the contact details at the end of this policy. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
If you have provided consent for your details to be shared with a third party, and wish to withdraw this consent, please also contact the relevant third party in order to amend your preferences.
You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please email or write to us at the address at the end of this policy.
In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
You may also ask us to restrict processing your personal information where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with a contract we’ve entered into with you, as set out under section 4 on how we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide, where possible, this to you electronically in a structured, commonly used and machine readable form, such as a CSV file. Otherwise, we will provide it in PDF format.
You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
We would like to resolve any concerns you have. However, you have the right to complain to the Information Commissioner’s Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details: https://ico.org.uk.
Please direct any queries about this policy or about the way we process your personal information to the Data Protection officer using the post and email details below.
If you wish to write to us, please write to us at:
Data Protection Officer
Darton Law Limited
20-22 St Dunstans Road
Our email address for data protection queries is firstname.lastname@example.org
If you wish to update your preferences by e-mail, please send a message to email@example.com
If you would prefer to speak to us by phone, please call us on 0208 751 5115