This policy will explain how we process, collect, manage and store those details and how your rights under the General Data Protection Regulation (EU) 2016/679 (the “GDPR”), the Data Protection Act (the “DPA”) and the Privacy and Electronic Communications Regulations ( the “PECR) are adhered to.
Who is responsible for your personal data?
Thamina solicitors are responsible for your personal data. For the purposes of applicable data protection law, your data will be controlled by Thamina solicitors undertaking that you have instructed or that is providing services to you or communicating to you and each such entity is regarded as an independent data controller of your personal data. We act as a “Data Controller” in respect of the information gathered and processed by this website.
The information we collect
Personal information (personal data) means any information relating to an identified or identifiable natural person
We collect and process the following personal data from you:
- Identity and Contact Data, including your name, address, telephone number, date of birth, marital status, passport number, employment history, educational or professional background, tax status, employee number, job title and function, and other personal data concerning your preferences relevant to our services;
- Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
- Business Information, including information provided in the course of the contractual or client relationship between you or your organisation and Thamina Solicitors, or otherwise voluntarily provided by you or your organisation;
- Profile and Usage Data, including passwords to Thamina Solicitors websites or password protected platforms or services, your preferences in receiving marketing information from us, your communication preferences and information about how you use our websites(s) including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs).
- Technical Data, including information collected during your visits to our website(s), the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform.
- Physical Access Data, relating to details of your visits to our premises;
- Sensitive personal data: In the course of our client services, we may represent you and/or your organisation in legal matters that require us to collect and use sensitive personal information relating to you (that is, information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life and sexual orientation or details of criminal offences, or genetic or biometric data).
If you fail to provide personal data
Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.
How we use this information
We use personal information in a variety of ways including:
- To fulfil a contract, or take steps linked to a contract, with you or your organisation. This includes:
- to register you as a client of Thamina Solicitors;
- to provide and administer legal services or other services or solutions, as instructed by you or your organisation;
- to process payments, billing and collection; and
- to process applications for employment.
- As required by Thamina Solicitors to conduct our business and pursue our legitimate interests, in particular:
- to administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship including identifying persons authorised to represent our clients, suppliers or service providers;
- to carry out background checks, where permitted;
- to analyse and improve our services and communications and to monitor compliance with our policies and standards;
- to manage access to our premises and for security purposes;
- to protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;
- for insurance purposes;
- to exercise or defend our legal rights or to comply with court orders; and
- to communicate with you to keep you up-to-date on the latest developments, announcements, and other information about our services and solutions (including briefings, newsletters and other information), events and initiatives; to send you details of client surveys, marketing campaigns, market analysis, or other promotional activities; and
- to collect information about your preferences to personalise and improve the quality of our communications with you.
- For purposes required by law, including maintaining records, compliance checks or screening and recording (e.g. anti-money laundering, financial and credit checks, fraud and crime prevention and detection, trade sanctions and embargo laws). This can include automated checks of personal data you provide about your identity against relevant databases and contacting you to confirm your identity, or making records of our communications with you for compliance purposes.
- Where you give us consent:
- to communicate with you to keep you up-to-date on the latest developments, announcements, and other information about our services and solutions (including briefings, newsletters and other information), events and initiatives; to send you details of client surveys, marketing campaigns, market analysis, or other promotional activities.
- to collect information about your preferences to personalise and improve the quality of our communications with you.
We will only provide you with marketing related information after you have, where legally required to do so, opted in to receive those communications and having provided the opportunity for you to opt out at any time. We will not use your personal data for taking any automated decisions affecting or creating profiles other than as described above.
Transfer of information and disclose to third parties
We will not transfer your personal details to any third party for the purpose of direct marketing without your permission. We use certain third party service providers who may have access to your personal data so that they can provide services to us. When this occurs, we have a data protection compliant contract in place with these third parties.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
We will share specific and relevant information with law enforcement and government agencies or public bodies where we are legally obliged to do so and where this obligation over-rides our professional duties of confidentiality.
Examples may include
- The prevention or detection of crime and fraud
- The apprehension or prosecution of offenders
- The assessment or collection of tax or duty owed to customs and excise
- Sharing in connection with legal proceedings
- Sharing in relation to the physical or mental health of an individual, where disclosure is required to protect them or others from serious harm
Confidentiality and security
We are committed to ensuring that your information is secure. For this purpose, we will not hold your personal data for any longer than is reasonable. Further, we have taken reasonable steps to protect your information against unauthorised access and against unlawful processing, accidental loss, damage and destruction. Nevertheless, any personal data submitted by you is at your own risk.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Updating personal data about you
If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to firstname.lastname@example.org or use our contact form. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Under the terms of data protection legislation, you have various rights with respect to our use of your personal data:
- Right to Access: You have the right to request a copy of the personal data that we hold about you. This is known as a “Subject Access Request”. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. If you wish to do this, please contact us using the contact details provided below. We will send you a copy of the information within 40 days of your request.To make Subject Access Request, please write to our Data Protection Officer at Thamina Solicitors, 135 Commercial Road, First Floor, London E1 1PX.
- Right to Accuracy: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us using our contact form to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
- Right to Object: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please contact us using our contact form.
- Right to Data Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
- Right to Erasure: You have the right to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
- Right to Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority, or to seek a remedy through the courts.
You may, at any time, exercise any of the above rights, by contacting email@example.com or using our contact form together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.
Right to withdraw consent
If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact firstname.lastname@example.org or use our contact form.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is no other legal ground for the processing. Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our legal services.
How long we keep your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for Thamina Solicitors to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.
If you want to learn more about our specific retention periods for your personal data established in our retention policy you may contact us at email@example.com.
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
Changes to our Privacy Notice
We reserve the right to update and change this Notice from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Notice.
Questions, comments and requests regarding this Notice are welcomed and should be addressed to Privacy Team, firstname.lastname@example.org, or send a letter to Thamina Solicitors, 135 Commercial Road, London E1 1PX.