Privacy Policy
London Law Collective Limited (“We”) are committed to protecting and respecting your privacy.
This policy (together with our terms of use, as set out on our website www.londonlawcollective.com) and any engagement letter or terms of service entered into with you as a client) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the UK Data Protection Act 2018 (UK GDPR), the controller of your data is London Law Collective Limited, a company registered in England and Wales under company number 12504173 whose registered office is at 71-75 Shelton Street, London, Greater London, United Kingdom, WC2H 9JQ.
Information We may Collect from You
We may collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our website www.londonlawcollective.com (our site), or by corresponding with us by phone, e-mail, SMS, WhatsApp, LinkedIn or otherwise. This includes information you provide when you register to use our site, onboard as a client to our services, participate in discussions or other social media functions on our site, enter a competition, promotion or survey, make an enquiry, provide feedback and when you report a problem with our site. The information you give us may include your name; address; e-mail address; phone number; financial and credit card information; personal identification (such as passports, driving licenses and other information required for us to carry out client background checks); personal descriptions and photographs; or other personally identifiable information in documents that you send us in the course of us providing legal services.
- Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties (including, for example, clients, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them, this include utilising the services of a credit reference agency (https://www.transunion.co.uk/legal-information/bureau-privacy-notice).
Uses made of the Information
We use information held about you in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to perform analytics on our clients and community members to ensure we are providing the best possible client service;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased;
- to provide you, or permit selected third parties (further details of whom are set out in the ‘Disclosure of your Information’ section below) to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail, SMS, WhatsApp or social media) with information about goods and services similar to those which were the subject of a previous sale to you, and you will be given an option to unsubscribe with each communication. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
- Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive). Where we receive personally identifiable information about you from our clients in the course of us providing legal services to our clients, we will only use it to the extent necessary for us to fulfil these legal services.
- Aggregated Data. We may also collect, use and share Aggregated Data (such as statistical or demographic data) for industry and market analysis, or for our marketing purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate information about how you use our website, products and services to calculate the percentage of users accessing a specific feature of our website, provided that such data do not directly or indirectly identify you. However, if we combine or connect Aggregated Data with your personal data so that your identify can be somehow tracked, we treat the combined data as personal data and this will be used in accordance with this privacy policy.
The Legal Basis for Processing your Information
In accordance with UK GDPR, the main grounds that we rely upon in order to process your information are as follows:
- Necessary for entering into or performing a contract. In order to perform obligations which arise under any contract we are about to enter into or have entered into with you, it will be necessary for us to process your information.
- Necessary for compliance with a legal obligation. We are subject to certain legal requirements which may require us to process your information. We may also be obliged by law to disclose your information to a regulatory body or law enforcement agency.
- Necessary for the purposes of legitimate interests. Either we or a third party will need to process your information for the purposes of our (or a third party’s) legitimate interests, provided that we have established that those interests are not overridden by your rights and freedoms (including your right to have your information protected). Our legitimate interests include responding to requests and enquiries from you or a third party, optimising our website and user experience, informing you about our services and ensuring that our operations are conducted in an appropriate and efficient manner.
- Consent. In some circumstances, we may ask for your consent to process your information in a particular way (for example, we will get your consent before sending you direct marketing communications via email or text message, or any third-party marketing. You have the right to withdraw consent to marketing at any time by contacting us).
Cookies
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Policy here.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosure of your Information
We may share your information with selected third parties for the purposes set out in the “Uses made of the personal information” including:
- Business partners, suppliers, regulatory bodies, membership organisations and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site (i.e, Google Analytics, Plausible Analytics).
- Credit reference agencies or background checking service providers for the purpose of assessing your credit score where this is a condition of us entering a contract with you.
- Should it be reasonably necessary, professional advisors including debt recovery organisations.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If London Law Collective Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use (as set out on our site) or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of London Law Collective Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International Transfers
The data that we collect about you may be transferred to, and stored at, a destination outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your services, the processing of your payment details and the provision of support services, such as technical and administrative functions. By submitting or otherwise providing your personal data, you agree to this transfer, storing or processing.
Whenever we transfer your personal data out of the UK, we will take all steps reasonably necessary to ensure that a similar degree of protection is afforded to your personal data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data. For example, countries within the European Economic Area (EEA).
- Where we use certain service providers, we may use specific contracts/ mechanisms approved for use in the UK which give personal data the same level of protection it has in the UK. For example, adoption of European Commission’s Standard Contractual Clauses with the UK Addendum incorporated to it.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed (this includes, for example, two-factor authentication tools and paper shredder to ensure the safe discard of documents/ information no longer necessary for the provision of the services). In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
How long will you use my personal data for?
We will only retain your information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
The criteria that we use to determine retention periods will be determined by the amount and nature of the data and the purposes for which it is kept, the sensitivity of the data and the potential risk of harm from unauthorised use or disclosure.
Your Legal Rights
You have certain rights in relation to the personal data that we hold about you. Details of these rights and how to exercise them are set out below. Please note we will require evidence of your identity before we are able to respond to your request.
- Right of Access. You have the right at any time to ask us for a copy of the personal information that we hold about you and to check that we are lawfully processing it. Where we have good reason, and if the UK GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
- Right of Correction or Completion. If personal information we hold about you is not accurate or is out of date and requires amendment or correction you have a right to have the data rectified or completed.
- Right of Erasure (“right to be forgotten”). In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent and there are no other legal grounds on which we may process the information.
- Right to Object to or Restrict Processing. In certain circumstances, you have the right to object to our processing of your personal information. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.
- Right of Data Portability. In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format, but note this will only apply to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. In such circumstances, you can ask us to transmit that information to you or directly to a third party organisation. While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organisation’s systems. We are also unable to comply with requests that relate to personal information of others without their consent.
- Right to Withdraw Consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can do this by contacting us using the details in the ‘Contact’ section below. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
You can exercise any of these rights at any time by contacting us using the details in the ‘Contact’ section below.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Link to third party websites
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Complaints
If you are unhappy about our use of your information, you can contact us using the details in the Contact section below. You are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods:
Telephone: 0303 123 11113
Website: https://ico.org.uk/make-a-complaint/
Post: Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
If you live or work outside of the UK or you have a complaint concerning our activities outside of the UK, you may prefer to lodge a complaint with a different supervisory authority. A list of relevant authorities in the EEA can be accessed here.
Changes to our Privacy Policy
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to our data protection manager at hello@londonlawcollective.