Who are we?
For the purposes of the General Data Protection Regulations, Sharmans is a data controller and data processor.
The information we will collect from you
We will only collect information from you that is relevant to the matter that we are dealing with. In particular we may collect the following information from you which is defined as ‘personal data’
- Personal Details
- Family, lifestyle and social circumstances
- Financial Details
- Business activities of the person whose details we are processing.
We may also collect information that is referred to as being on a ‘special category’. We will however only collect this data if it is relevant to the matter in which you have instructed us. This could include:
- Physical or mental health details
- Racial or ethnic origin
- Religious beliefs or other beliefs of a similar nature
- Sexual orientation.
How will we use your information?
We will use your information for the provision of legal advice as the collection of the data is necessary for the performance of the contract between us. We may also use it for:
- Administering any accounts
- Processing your bank/credit card details in order to obtain payment
- Internal auditing processes
- Prevention and detection of fraud
- Online identity verification
If you have authorised us to do so then we may provide you with relevant marketing information.
Who do we share this information with?
Under our Code of Conduct there are very strict rules about whom we can share your information with and this will normally be limited to third parties that are directly relevant to your matter, this would include Courts, Land Registry, barristers or expert witnesses if appropriate. However before any information was sent it would of course be discussed with you, and if appropriate copies of forms sent to you for approval or signature before these were sent to third parties.
At the start of the matter we will ask you to provide us with identification documentation. This is a legal requirement. To enable us to check this documentation we will perform a credit reference agency check. This will be completed through Trans Union. A copy of their privacy notice can be found here: https://www.transunion.co.uk/legal-information/bureau-privacy-notice
We also outsource certain activities such as file destruction and have agreements with these third parties in place to ensure that your data is kept confidential. If you wish to know the identity of these third parties please contact our data protection supervisor as referred to below. Every care is taken to ensure that personal data is held securely.
If during the course of your matter we have to transfer your data outside of the EEAwe will take extra steps to ensure that your data is given the fullest of protection at the time that it is sent.
How long will your information be kept?
The data will be held for the duration of your matter, or for a longer period necessary to comply with our obligations to the Solicitors Regulation Authority. Attached is a copy of our file retention sheet to show you how long your data will be held once your matter is concluded.
We will keep very basic data such as name and address on our computer system indefinitely. This is to enable us to perform checks against your name to make sure that we are not conflicted in future matters. We are legally obliged by our governing body to do this.
If you have agreed to receive our marketing then that data will also be held indefinitely. You can at any time ask to be removed from the list by pressing the unsubscribe button on our emails.
If your personal details change (i.e. your name, postal address, email address or contact telephone number) whilst we are dealing with your case, please let us know as soon as possible to ensure that the information we hold remains accurate.
What rights do you have?
You have a series of rights under the GDPR, these are:
- Right of access and rectification
- Right to erasure or “right to be forgotten”
- Right to restriction
- Right to data portability
- Right to object to processing
If you require any further information about any of these rights, please click on this link to be taken to the website of the Information Commissioner’s Office.
If you have any complaints with regard to your data security then please contact our Data Protection Supervisor, Philip Elliott. He is a partner in the firm and can be contacted at or on 01234 220140. If, however, you believe your complaint remains unresolved then you can contact the Information Commissioner’s Office, whose details are available at www.ico.org.uk