Privacy Policy
Introduction
Mass Legal (“we”, “us” or “our” in this privacy policy) is committed to protecting and respecting your privacy. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
This statement explains the basis on which we will control and process any personal information we collect from you or that you may provide to us through this website or otherwise. We are responsible for any such personal data in our capacity as a data controller or as a data processor, as determined in accordance with applicable data protection legislation.
Our Data Protection Officer is Ike Efobi, Director, and can be contacted at the following email address: ike@masslegal.co.uk or write to the Data Protection Officer at Mass Legal, Unit 131776, PO Box 7169, Poole, BH15 9EL Tel: 01244 301843.
Data we collect from you
It is very important that the information we hold about you is accurate and up-to-date.
Personal Data
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process the following categories of personal data about you:
Customer data – this includes data such as names, title, address, phone number, email address, financial details and circumstances and employment details.
Client data – this includes data such as names, title, address, email address for the purposes of carrying out know your client and anti-money laundering checks.
Third party data – this includes data such as names, title, address, email address, phone number, email address.
Communication data – this includes any communication that you send to us whether that be via email, telephone or any other method.
Technical data – this includes data about how you use our website such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details of the number of times you use our website. The source of this data Google Analytics.
Special Category Data
We will not normally collect any special category data (e.g. health data). The only circumstances in which we would do so is where this was necessary for us to carry out any legal work or assignment which we have been asked to handle. Where relevant, we will send you a further communication asking you to confirm your consent for this processing.
We do not carry out automated decision making or any type of automatic profiling.
How is your data collected?
We may collect data about you when you provide the data directly to us (for example, by sending us emails or through other forms of correspondence we have with you, such as phone calls).
We may automatically collect certain data from you as you use our website through our use of cookies and similar technologies. Please see our cookie policy for more details about this.
We may receive data from third parties such as analytics providers for example, Google, some of which may be based outside the European Economic Area.
How we use your information
We may use your information on any of the following lawful grounds:
For the performance of a contract with you; or
For compliance with a legal obligation to which we are subject; or
For the purposes of our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms.
Our legitimate interests include the following:
To conduct our business as a legal practice;
To communicate with you;
To provide, monitor and improve any service we offer to you;
To manage and maintain relationships with you and for ongoing customer service;
For record keeping;
To generate reports;
To monitor and record calls for quality, business analysis, training and related purposes to improve any service we offer you;
To protect our legal rights and interests including screening for fraud prevention and anti-money laundering purposes;
For the establishment, pursuance or defence of complaints, investigations and legal claims;
To operate and ensure the security of our website;
To maintain back-ups of our website or databases;
To analyse your use of our website and deliver relevant website content;
To grow our business and decide our marketing strategy;
To meet our regulatory, legal and / or compliance requirements.
Who do we share your information with?
We may share your information with our employees, directors, advocates and to our accountants, lawyers, auditors, insurers, professional advisors, or other third-party service providers who provide services to us. We may also disclose information we have a legal or regulatory right or obligation to report. Further, we may share your information with third parties to whom we sell, transfer or merge parts of our business or our assets.
It is our commitment that prior to disclosing any personal information about you to another organisation we have taken all reasonable steps to ensure that that organisation will hold and protect your information with adequate security measures and in accordance with relevant regulation.
Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have procedures in place to deal with suspected personal data breaches and will notify you and any applicable regulator of a breach if we are legally required to do so.
Data Retention: How Long Will You Use My Data for?
We will only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider its amount, nature and sensitivity, the potential risk of harm from unauthorised use or disclosure, the processing purposes, whether these can be achieved by other means and legal requirements.
In certain circumstances, the law requires us to keep information about customers, clients and third parties (including Contact, Identity, Financial and Transaction Data) for six years after the conclusion of the matter.
In some circumstances, we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your Legal Rights
You have explicit rights concerning your personal information and we will ensure that your rights are protected while your data is in our possession. Your rights include the following:
Right of Access – you may request a copy of all the personal information we hold about you and we will respond within one month. If your request is particularly complex or you have made several requests, we may extend this period by a further two calendar months and we shall explain our reasons.
Right of Deletion – You may wish to have certain data we hold deleted and we will comply with this right where, for example, it is no longer necessary for us to hold the data or if there is no lawful ground for processing.
Right of Rectification – You have a right to request that any incorrect, inaccurate or incomplete data is updated, corrected and/or completed.
Right of Restriction – You may wish to restrict us from using your data where, for example, you contest the accuracy of the data.
Right to Object – You have a right to object to us using your data where processing is carried out for direct marketing or for our legitimate interest. We will no longer process your data unless we can demonstrate compelling legitimate grounds.
Right to Data Portability – You have a right to request we share your data with another organisation and we will assist with that process where possible.
You will not have to pay a fee to access your personal data (or to access any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
Please note that we may ask you to provide us with additional documentation to verify your identity before we action your request. This is to ensure we are dealing with the correct individual and also for Anti-Money Laundering purposes. We will tell you when we ask for your information whether it is a statutory or contractual requirement to give us the information and the consequences of not providing the information.
Making a complaint
If you wish to make a complaint then you may do so in person, by telephone, in writing and/or by email. Please note that all complaints are dealt with according to our complaints policy and will be fully logged and investigated.
You can also contact the Information Commissioner’s Office (ICO), which is the UK supervisory authority for data protection issues (www.ico.org.uk).
Our ICO registration number is ZB576847.
General
We will not transfer your data to a country outside of the European Economic Area unless that country ensures an adequate level of data protection, has appropriate safeguards in place or relies on one of the derogations provided for under applicable law and regulation.
This site may contain links to other sites. We are not responsible for their privacy practices or content nor potential damage, loss or offence caused.