Paris Smith Privacy Policy | Personal Data Skip to content

Paris Smith Privacy Policy

Contact our team

GET IN TOUCH

1. Introduction

The Paris Smith Privacy Policy explains how we, Paris Smith LLP, collect and use your personal data.

If you have questions about accessing, correcting or deleting your personal data then please refer to section 7 (Your rights) below.

Please note, this Privacy Policy does not apply to the processing of personal data relating to job applicants or our staff. If you are a job applicant then please refer to our Job Applicant Privacy Notice. Our Employee Privacy Notice is available from the Intranet or on request from the DPO.

2. Our Details

The data controller with conduct of your personal information is Paris Smith LLP of 1 London Road, Southampton, SO15 2AE, 9 Parchment Street, Winchester, SO23 8AT and of No 2 Crown Walk, Winchester, SO23 8BB.

Our data protection officer is Crispin Dick, who can be contacted:

  • by email to: DPO@parissmith.co.uk; or
  • by post to: Data Protection Officer, Paris Smith LLP, 1 London Road, Southampton, SO15 2AE.

3. How we use your information

We process your personal data differently depending on our relationship to you. Please read through the list below and then read the lettered sections of this Privacy Policy which apply to you. Section 4 (Anti-money laundering procedures) onwards will apply to everybody whose personal data we process so please be sure to read those sections afterwards.

 

SECTION A – VISITORS TO OUR WEBSITE

This section applies to you if you visit our website (www.parissmith.co.uk)

How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You submit information to us through our website (including contact forms).

 

 

 

 

 

 

 

 

 

 

 

 

 

Name, email address, telephone number and (depending on the nature of your enquiry) other personal information about you.

Depending on the nature of your enquiry, we may also process sensitive personal information about you which could include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and (in rare circumstances) information about your genetic data, health, sex life or sexual orientation.

We may also process information about your personal finances.

 

We have a legitimate interest in:

  • passing the details of your enquiry to an appropriate person within the business so that we can respond to your enquiry;
  • conducting administrative and operational processes within our business, including keeping a record of enquiries we receive, the nature of those enquiries and the outcome of said enquiries;
  • analysing the operation and use of our website; and
  • administering any dispute or potential dispute which may arise between us.

If you are contacting us so that we can provide you with legal services then we process your personal information as part of our pre-contract processes.

In some situations we may process your sensitive personal data on the basis that you have manifestly made the information public. In other circumstances we rely on your explicit consent.

In some situations the processing is necessary for us to comply with our legal obligations, such as the prevention of fraud, detection and/or prevention of crime.

 

You agree to the use of cookies on our website

 

 

IP address, approximate location, technical information relating to your device and browser.

 

We process this information based on your consent.

 

 

 

You have asked to be added to our marketing list

 

Name, email address, marketing preferences

 

 

We rely on your opt-in consent to send you marketing communications based on your opt-in.

 

 

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. For visitors of our website, we typically keep your information for the following periods of time:

  • for an enquiry which does not result in you (or the organisation you work for or represent) becoming a client or supplier of ours, deletion from the back-end of the website within one year from the date of your enquiry. Correspondence with you may be kept for longer;
  • for occasions when you make an enquiry and you (or the organisation you work for or represent) subsequently become a client of ours, your information will be retained in accordance with our rules for current clients contained in section C (Clients) below; and
  • for occasions where you (or the organisation you work for or represent) are a supplier and a contract is entered into with this firm, your information will be retained in accordance with our rules for suppliers contained in section E (Suppliers, contractors and their employees and representatives) below.

Who is my information shared with?

Your personal information is not shared with anyone except where we are required to do so to process your enquiry, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
  • regulatory and government bodies, where we have a legal obligation to do so. These organisations have a legal duty to protect your information;
  • voluntary accreditation bodies such as Lexcel and the Law Society’s Conveyancing Quality Scheme (CQS). These organisations have a contractual duty to protect your information; and
  • any other person who you instruct us to share your personal information with or with whom we may reasonably be expected to share it with in order to deal with your enquiry.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

Third party website and payment processors

Our website may contain links to and from third party websites, including social media sites. If you follow a link to any of these websites, please note that these sites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check their privacy policy before you submit any personal data to those websites.

If you make a payment through the ‘Make a payment’ section of our website, then the information you enter into the payment form will be sent straight to our payment processor, WorldPay in an encrypted format. WorldPay operates its own privacy notice, accessible from its website, which you should read and consider before submitting your information.

 

SECTION B – PROSPECTIVE CLIENTS

This section applies to you if you have made an enquiry about our services and/or have begun the process of instructing us to advise you.

Once you become a client of ours then Section C (Clients) will also apply to you.

How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You make an enquiry about instructing us to provide legal services to your or your organisation.

Alternatively, we receive your personal information from a third party who has sent them to us so that you can potentially receive legal services from us. This includes referrals from:

  • your colleagues or business associates;
  • your (or your organisation’s) professional advisers;
  • the court; and
  • other third parties, such as family members.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Name, job title, place of employment, contact address, home address, telephone number and email address.

Where we obtain photographic identification from you for the purpose of verifying your identity in accordance with our anti-money laundering procedures (please see section 4 (Anti-money laundering procedures) below for further information) then, depending on the form of ID you provide to us, we will also store information relating to your date and place of birth, photograph, nationality and confirmation of your sex.

Depending on the nature of your enquiry, we may also process sensitive personal information about you which could include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and (in rare circumstances) information about your genetic data, health, sex life or sexual orientation. We may also process information about your personal finances.

In limited circumstances, we may also process information about criminal convictions you may have.

 

We have a legitimate interest in:

  • passing the details of your enquiry to an appropriate person within the business so that we can respond to your enquiry;
  • conducting administrative and operational processes within our business, including keeping a record of enquiries we receive, the nature of those enquiries and the outcome of said enquiries; and
  • administering any dispute or potential dispute which may arise between us.

The processing is necessary for the performance of the contract between us (including taking pre-contract steps such as quoting for work and undertaking conflict checks).

In some situations the processing is necessary for us to comply with our legal obligations, such as the prevention of fraud, detection and/or prevention of crime. For more information about the anti-money laundering checks we carry out, please see section 4 (Anti-money laundering procedures) below.

In some situations we may process your sensitive personal data on the basis that you have manifestly made the information public. In other circumstances we rely on your explicit consent.

(If applicable) we process your criminal conviction information:

  • in the context of legal claims where necessary for the performance of the contract for legal services between us; and/or
  • in circumstances whereby you’ve given your consent to the processing.

 

 

 

 

We send you marketing communications relating to our business and services.

 

 

 

 

 

 

Name, contact information.

 

 

 

 

 

 

 

Either:

  • You have asked us to send you marketing communications, in which case we do so based on your consent; or
  • in other circumstances we may send you marketing communications about services which are identical or similar to those which you have enquired about. This is known as the soft opt-in. In this situation we have a legitimate interest in keeping you informed about our services.

 

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. For prospective clients, we typically keep your information for the following periods of time:

  • for an enquiry which does not result in you becoming a client of ours, your case record will be deleted 2 years after it was created on our system. We will separately keep copies of emails with you in our email archive for 30 years from the date they were sent/received by us; and
  • for occasions when you make an enquiry and you subsequently become a client of ours, your information will be retained in accordance with our rules for existing clients set out in section  C (Clients) below.

Who is my information shared with?

Your personal information is not shared with anyone except where we are required to do so to process your enquiry, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • our external contractors and service providers. This includes software provides, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
  • regulatory and government bodies, where we have a legal obligation to do so. These organisations have a legal duty to protect your information;
  • voluntary accreditation bodies such as Lexcel and the Law Society’s Conveyancing Quality Scheme (CQS). These organisations have a contractual duty to protect your information; and
  • any other person who you instruct us to share your personal information with or with whom we may reasonably be expected to share it with in order to deal with your enquiry.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

 

SECTION C – CLIENTS

This section applies to you if you are personally a client of ours and/or if you are an employee, officer or representative of an organisation which is a client of ours. It also applies to former clients and their employees, officers and representatives.

How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You provide us with personal information so that we can provide legal services to you or your organisation.

Alternatively, we receive personal information about you from a third party who has sent them to us so that we can provide legal services to you or your organisation. This includes referrals from:

  • your colleagues or business associates;
  • your (or your organisation’s) professional advisers;
  • the court; and
  • other third parties, such as family members.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Name, job title, place of employment, contact address, home address, telephone number, email address, unique file reference.

Where we obtain photographic identification from you for the purpose of verifying your identity in accordance with our anti-money laundering procedures (please see section 4 (Anti-money laundering procedures) below for further information) then, depending on the form of ID you provide to us, we will also store information relating to your date and place of birth, photograph, nationality and confirmation of your sex.

In some circumstances we may collect your national insurance number.

Depending on the nature of your enquiry, we may also process sensitive personal information about you which could include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and (in rare circumstances) information about your genetic data, health, sex life or sexual orientation.

We may also process information about your personal finances.

If we administer an oath or statutory declaration for you by video call then we will record the audio and video of that call.

In limited circumstances, we may also process information about criminal convictions you may have.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

We have a legitimate interest in:

  • passing the details of your enquiry to an appropriate person within the business so that we can respond to your enquiry;
  • conducting administrative and operational processes within our business, including keeping a record of past and current instructions we receive from clients, billing and keeping records of correspondence with clients and third parties;
  • administering any dispute or potential dispute which may arise between us; or
  • making submissions to legal directories (such as Legal 500 and Chambers & Partners) to promote the breadth and quality of work we do.

The processing is necessary for the performance of the contract between you and us (or your organisation and us) for the provision of legal services.

In some situations the processing is necessary for us to comply with our legal obligations, such as the prevention of fraud, detection and/or prevention of crime or for us to comply with our professional duties as solicitors and legal professionals. For more information about the anti-money laundering checks we carry out, please see section 4 (Anti-money laundering procedures) below.

In some situations we may process your sensitive personal data on the basis that you have manifestly made the information public. In other circumstances we rely on your explicit consent.

(If applicable) we process your criminal conviction information:

  • in the context of legal claims where necessary for the performance of the contract for legal services between us; and/or
  • in circumstances whereby you’ve given your consent to the processing.

If you have asked us to send you marketing communications then we do so based on your consent.

In other circumstances we may send you marketing communications about services which are identical or similar to those which you have received from us. This is known as the soft opt-in. In this situation we have a legitimate interest in keeping you informed about our  services.

We send you a questionnaire after completion of your matter.

 

Name, contact information, unique file reference, any other personal information disclosed as part of your responses to our questions. We have a legitimate interest in sending questionnaires to clients to monitor our performance and client satisfaction.
You request for your file to be transferred to another law firm.

 

All personal information comprised in the records being transferred. You have consented to the transfer.

 

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. Generally:

  • in most cases we will keep a record of your personal information for 15 years from the date of closure of your file, at which point the contents of the file are destroyed;
  • unless a longer retention period applies, if a matter concerns a child then we will keep the file for eight years following the eighteenth birthday of the child (or the youngest child if the matter concerns more than one);
  • different retention periods apply to wills matters and matters concerning the administration of estates. We will be pleased to confirm the specific retention period that applies to your information if you contact us; and
  • if you are raising a complaint with the firm, the retention period of the complaint file is 15 years.

Please note that these retention periods are given as a general guide and may vary depending on the nature of your matter and the forms of documentation in which your personal information is recorded.

Who is my information shared with?

Over the course of our instruction, your personal information may be shared with a number of third parties. We only share your information insofar as is necessary to comply with your lawful instructions, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • in litigation, to the court, which is subject to its own legal duty to maintain the confidentiality and security of your personal information;
  • if you ask us to instruct counsel (including foreign counsel), mediators or other third party professional service providers on your behalf, or you instruct us to take pre-contractual steps (such as obtaining fee estimates) from them, then we will share your information with such persons and organisations as is necessary to comply with your instructions;
  • the persons identified in section 4 (Anti-money laundering procedures), below;
  • regulatory and government bodies, where we have a legal obligation to do so (including but not limited to Lexcel and the Law Society’s Conveyancing Quality Scheme (CQS);
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
  • if you are raising a complaint with the firm, the complaint will be shared with our insurers and insurance brokers, the legal ombudsman and (in anonymised form) the SRA;
  • legal directories (such as the Legal 500 and Chambers and Partners), who are subject to strict obligations of confidentiality unless we have received your permission for your information to be published;
  • where you have given us permission to use any comments for testimonial and marketing purposes, your name, organisation and job title may be shared on our website and other marketing material; and
  • any other person who you instruct us to share your personal information with or with whom we may reasonably be expected to share it with in order to deal with your enquiry.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried out with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

 

SECTION D – ATTENDEES TO OUR TRAINING SESSIONS, SEMINARS AND EVENTS

This section applies to you if you attend a training session, seminar or other event hosted by Paris Smith. This includes online webinars and remote training sessions. It also applies to members of our Charities Forum.

How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You, or somebody acting on your behalf, make a booking with us for a training session, seminar or event.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Name, job title, place of employment, contact address, telephone number, email address.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

We have a legitimate interest in:

  • passing the details of your enquiry to an appropriate person within the business so that we can respond to your booking;
  • conducting administrative and operational processes within our business, including keeping a record of past and current bookings we receive, billing and keeping records of correspondence with attendees and their organisations; or
  • administering any  dispute or potential dispute which may arise between us.

If you are paying to attend then the processing is necessary for the performance of the contract between you and us for the provision of legal services.

If you have asked us to send you marketing communications then we do so based on your consent.

In other circumstances we may send you marketing communications about services which are identical or similar to those which you have paid to receive from us. This is known as the soft opt-in. In this situation we have a legitimate interest in keeping you informed about our other services.

You attend an event which is being recorded. (Please note: we may occasionally record events and if attending, there is a possibility that you may feature in the recording. We will inform you in advance if we are recording the event and you will be given the opportunity to exclude yourself.)

 

Your likeness, details of any comments you make during the recorded session.

 

 

 

 

We have a legitimate interest in recording our events for internal review and for republication.

 

 

 

 

You provide us with details of your dietary requirements, accessibility requirements or any other medical information so that we can accommodate you at our event.

 

Health and medical information, information about your religion.

 

 

 

We process this information based on your explicit consent.

 

 

 

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. If you attend one of our events then we will typically keep your information for the following periods of time:

  • your personal information (such as name, contact details) will be retained for up to 6 years from the date of the event;
  • if you have consented to being added to our marketing database (including where you have consented to becoming a Charities Forum member) then we will retain your information for the duration of our relationship; and
  • for sensitive personal information relating to an allergy, dietary, health or mobility requirements, we keep this information for up to six years after the end of the event, unless we agree a longer period of retention with you. We may agree such a longer period with you if we expect you to attend our events in the future and we both agree that it would be sensible for us to keep a persistent record of your needs in order to ensure we similarly accommodate you in the future. If we do agree to a longer period then that consent will be kept under review and, if you do not attend an event of ours within that period then we will seek to refresh that consent with you or otherwise confidentially destroy the information.

Who is my information shared with?

Your personal information is not shared with anyone except where we are required to do so to process your enquiry, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • where we use outsourced caterers at an event, we will share details of your name, allergy and dietary requirements with them. The caterers may be able to identify you from the details provided to them. We may similarly share information about your health and mobility requirements on a need-to-know basis with our hospitality providers so that they can work with us to accommodate you. In each instance, we ensure that if you are identifiable from the information we share with the relevant third party that they keep such information confidential and that it is retained only for so long as necessary to carry out the services we have requested of them;
  • our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
  • regulatory and government bodies, where we have a legal obligation to do so; and
  • any other person who you instruct us to share your personal information with.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

 

SECTION E – SUPPLIERS, CONTRACTORS AND THEIR EMPLOYEES/REPRESENTATIVES

This section applies to you if you are a supplier or contractor of ours, or you work for or represent a supplier or contractor of ours.

How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You or your organisation supplies or offers to supply goods or services to us.

 

 

 

 

 

 

 

 

 

 

 

Name, contact information, payment details, details of staff involved in delivery of goods/services.

 

 

 

 

 

 

 

 

 

 

This processing is necessary for us to perform our contract with you. Otherwise, if the contract is with your organisation, then we have a legitimate interest in processing your personal information for the purpose of managing the contractual relationship between your organisation and us. In each case, this includes taking pre-contractual steps such as obtaining a fee quote from you.

We have a legitimate interest in keeping a record of the contract between us (or your organisation and us) for the administration of our business and to address any disputes which may arise between us.

 

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. We will typically keep your information for the following periods of time:

  • if you make an enquiry with us, or vice versa, but you (or your organisation) do not subsequently become a supplier or contractor of ours, then we keep your information for 18 months from the date of our discussions ending (or if we did not reply, the date of your enquiry);
  • if you respond to a tender process with us, or vice versa, but the tender application is unsuccessful, then we keep your information until the conclusion of any subsequent tender process; and
  • if a contract was entered into between you, or your organisation, and us, 8 years from the date that contract ended unless the retention of your personal information is not necessary for our purposes set out above, in which case we will confidentially destroy your information unless we have another lawful justification for retaining it.

Who is my information shared with?

Your personal information is not shared with anyone except where we are required to do so to process your enquiry, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality. They also operate their own Privacy Notices, which are available from their respective websites;
  • regulatory and government bodies, where we have a legal obligation to do so; and
  • any other person who you instruct us to share your personal information with.

Your information may be transferred outside the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

 

SECTION F – ALL OTHER PEOPLE, INCLUDING COUNTERPARTIES IN LEGAL DISPUTES, REFERRERS, POTENTIAL REFERRERS AND BUSINESS CONTACTS

For any other person for whom we process personal data, such processing is carried out only insofar as is necessary for us to provide our services, administer our business or comply with our legal obligations.

If you are a counterparty in a legal claim or dispute then we will typically receive personal information about you from your legal representation or from you directly.

 How do you process my personal data?

The following table explains how we process your personal data.

Scenario Categories of personal data we process Lawful basis
You are a beneficiary or a trustee we are settling or administering.

 

 

 

 

 

 

 

 

 

 

Name, address, date and country of birth, country of residence and national insurance number (or local equivalent).

In certain circumstances we may be required to share certain information about you with HMRC for tax reasons. This information would include your full name, date of birth, national insurance number, telephone number and email address. We will inform you where this is the case.

 

 

 

We have a legal obligation to keep a record of this information.

We are legally obliged to share the information with HMRC to comply with tax law and regulations.

Processing is necessary for us to comply with our legal obligations, including under the Common Reporting Standard (CRS) where we are instructed in respect to trusts.

We have a legitimate interest in processing your information in order to discharge our professional obligations to our client.

 

You are a counterparty in a legal claim or dispute.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Name, job title, place of employment, contact address, home address, telephone number and email address.

Depending on the nature of the claim/dispute, we may also process sensitive personal information about you which could include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and/or information about your genetic data, health, sex life or sexual orientation.

We may also process information about your personal finances.

We may also process information about criminal convictions you may have.

 

 

 

We have a legitimate interest in processing your information in order to discharge our professional obligations to our client.

Processing is necessary for the establishment, exercise or defence of legal claims.

Processing is necessary for the administration of justice.

 

 

 

 

 

 

 

 

 

If you are asked to introduce a client to us by video call in order for us to administer their oath or statutory declaration remotely then we will make a recording of the audio and video from that call.

 

 

 

 

 

 

 

 

 

 

Likeness, your name and other information confirmed during the recording.

 

 

 

 

 

 

 

 

 

 

 

 

We have a legitimate interest in conducting administrative and operational processes within our business, including keeping a record of past and current instructions we receive from clients and the source of those introductions, billing and keeping records of correspondence with clients and third parties.

In some situations the processing is necessary for us to comply with our legal obligations, such as the prevention of fraud, detection and/or prevention of crime or for us to comply with our professional duties as solicitors and legal professionals.

 

 

You are a professional adviser or intermediary and refer a potential instruction to us, or we refer a potential instruction to you. We keep a record of the referral on our internal referral register. Your name, job title and employer, details of the referral.

 

 

We have a legitimate interest in keeping records of referrals made or received in order to effectively operate our business, including to track sources of work.

 

How long do you keep my information for?

We only keep your information for so long as it is reasonably necessary. Broadly:

  • we typically keep this sort of information for a period of 8 years after the conclusion of the relationship under which your information was given to us;
  • if we received your information in the course of us providing legal services to one of our clients then the retention period will typically end 15 years form the date we close that client file;
  • for video call footage relating to the remote administration of oaths and statutory declarations, we will typically keep the footage for 15 years from the date our matter file is closed.

Who is my information shared with?

Your personal information is not shared with anyone except where we are required to do so to process your enquiry, to comply with the law, to protect our rights or to effectively operate our business.

In order to achieve these purposes, we will share your data with the following people or groups of people:

  • our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
  • our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
  • in litigation, to the court, which is subject to its own legal duty to maintain the confidentiality and security of your personal information;
  • in litigation, to counsel, who is subject to a professional duty of confidentiality;
  • regulatory and government bodes, where we have a legal obligation to do so; and
  • any other person who you instruct us to share your personal information with.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, all such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient agreeing to an international data transfer agreement which safeguards your personal data.

4. Anti-money laundering procedures

We have a legal obligation to comply with anti-money laundering laws and regulations. Broadly, money laundering can arise if a person acquires, retains, transfers, uses or controls the proceeds of a crime for the benefit of a criminal activity. In this section, references to money laundering include references to similar financial offences committing in relation to terrorism.

In order to fulfil our legal obligations, we must verify the identity of new clients, and in certain circumstances existing clients. Additionally, from time to time our internal procedures may also require us to conduct background checks on new and existing clients.

This means that, if you are an individual client or prospective individual client of ours then we will need to verify your identity using a secure and confidential ID checking service operated by an external service provider. For individual clients, these identity and background checks may require us to take a copy of your photographic identification and a recent utility bill.

For clients or prospective clients which are not individuals, such as companies, we may need to verify the identity of directors, other officers, shareholders, beneficial owners and instructing employees or representatives of the organisation. The checks conducted on these persons are broadly the same as those we conduct on individual clients. We will therefore typically require a copy of the person’s photographic identification and a recent utility bill in order to complete the verification process. In the case of organisations having a different corporate structure, equivalent requirements will apply and we will notify you of these where applicable.

For both individuals and corporate clients (including prospective clients) we may require evidence of source of funds at the outset of our instruction and possibly from time to time throughout our relationship. We may request and/or obtain this information from third party sources. The sources for such verification may comprise documentation which we request from the client (or prospective client) and/or through the use of online sources.

In some circumstances we may decline to, or may not be permitted to, proceed to act until such procedures have been completed. In other circumstances we may agree to commence acting whilst these procedures are carried out. We reserve the right to decline to act or, if appropriate, cease to act should these procedures not be completed to our satisfaction. We may also be required to make detailed enquiries for any unusual transactions such as the transfer of large amounts of cash and such enquiries may result in us processing additional personal information.

Grounds for processing your data for anti-money laundering purposes

We process your information in the manner set out above on the following legal grounds:

  • processing is necessary for the performance of a contract between you (as a private individual) and us, including where processing is necessary for us to take pre-contractual steps. This will be the case where we are legally prevented from acting for you until the relevant checks and procedures have been completed;
  • where we have a contractual relationship with the organisation you work for or represent, because we have a legitimate interest to process your information to ensure that we are not involved in or otherwise facilitate money laundering activity and such interests do not outweigh your rights and freedoms as a data subject;
  • processing is necessary for our compliance with our legal obligations under anti-money laundering laws and regulations; and/or
  • should the processing we conduct in line with our anti-money laundering procedures exceed the minimum level of processing required by the relevant law and regulations, because we have a legitimate business interest in taking additional precautions to ensure that we are not involved in or otherwise facilitate money laundering activity. In accordance with data protection law, we have considered your fundamental rights and interests as a data subject and are satisfied that our processing is lawfully justified.

Disclosure of your information to third parties for anti-money laundering purposes

For the purposes of carrying out our electronic ID checks, we may share your information with our external ID check providers. Such providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times.

Your information may be transferred outside of the UK depending on which of our internal systems your information is stored within. However, any such transfers are carried with appropriate safeguards in place. These safeguards will typically involve the recipient signing an international data transfer agreement which upholds the level of protection given by UK data protection law.

In certain circumstances, we may process your personal information without further notification to you. This applies, for example, where we make a report in good faith under the Terrorism Act 2000 or Proceeds of Crime Act 2002. Such processing is justified under data protection law on the basis that it is in the substantial public interest.

Retention of personal data for anti-money laundering purposes

We are legally obliged to retain your personal information for anti-money laundering purposes for 5 years from the end of the business relationship or transaction between us. Please refer to our retention periods set out in the appropriate sections of this Privacy Policy, above.

 

5 Automated decision making

We do not make automated decisions about you based on your information. Should this change then we will let you know.

 

6. Call recording

Occasionally we may need to record a telephone call we have with you. This may be in order to collect evidence, to protect our staff or otherwise to create a record of what is being said. We will inform you of our intention to record the call before we start recording. We process your personal information comprised in that call recording on the basis that we have a legitimate interest in doing so. Once recorded, your personal information will otherwise be processed in accordance with one or more of the preceding Sections A to F, depending on our relationship with you.

 

7. Your rights

Under data protection law you have the following rights:

  • the right to be informed as to what we do with your information. This includes but is not limited to the right to know what information we gather, process and store, what we do with it, who we share it with and how long we keep it for. This information is set out out in this privacy policy. Please note that, as set out in the above section 4 (Anti-money laundering procedures), in certain circumstances we are legally obliged not to disclose certain processing information to you. If you have any questions then please contact our Data Protection Officer using the details set out at section 11 (Contact) below;
  • if we are processing your data on the basis of your consent then you have the right to withdraw that consent at any time. Depending on the context of our processing, consent can be withdrawn by:
    • notifying us using the information set out at section 11 (Contact) below;
    • clicking the opt-out/unsubscribe link in our email marketing communications; or
    • speaking to the lawyer who is working on your matter, please note that the lawfulness of our historic processing based on your consent will not be retrospectively affected by your withdrawal of consent. Furthermore, we may have a legal obligation or right to retain your information on our files notwithstanding that you have withdrawn your consent to our processing. Should this be the case, we will notify you around the time we acknowledge your withdrawal of consent;
  • the right to access a copy of your information which we hold. This is sometimes called a ‘subject access request’. Additional details on how to exercise this right are set out in section 9 (Access to information), below;
  • the right to prevent us processing your information for direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by leaving unticked certain boxes on the forms we use to collect your data or by contacting us using the details set out in section 11 (Contact) below;
  • the right to object to decisions being made about you by automated means. We will inform you if your information is subject to automated processing;
  • the right to object to us processing your personal information in certain other situations;
  • the right, in certain circumstances, to have your information rectified, blocked, erased or destroyed if it is inaccurate;
  • the right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law;
  • enhanced rights to request that we erase, rectify cease processing and/or delete your information; and
  • in certain circumstances, the right to request the information we hold on you in a machine readable format so that you can transfer it to other services. This right is called ‘data portability’. Additional details on how to exercise this right are set out in section 9 (Access to information), below.

For further information on your rights under data protection law and how to exercise them, you can contact Citizens advice Bureau (www.citizensadvice.org.uk) or the Information Commissioner’s Office (www.ico.org.uk).

If you wish to complain about how we have handled your personal information then you have the general right to complain to us (in the first instance) and, if you are not satisfied by our response and depending on the nature of the complaint, to the Information Commissioner’s Office and/or the Legal Ombudsman (in the second instance). Our contact details are set out in section 11 (Contact) below and full details of our complaints procedure are available on request.

 

8 Cookies

Change Cookie Settings
For full information about how we use cookies on our website, please read our Cookies Policy.

 

9 Access to information

Under data protection law you can exercise your right of access by making a written request to receive copies of some of the information we hold on you. You may need to send us proof of your identity, or proof of authority if making the request on behalf of someone else, before we can supply the information to you.

Requests should be sent to your usual point of contact and copied to our Data Protection Officer by email to DPO@parissmith.co.uk or by post to The Data Protection Officer, Paris Smith LLP, 1 London Road, Southampton, SO15 2AE. We will initially respond to you to confirm the timeframe that is applicable to your request.

If you are requesting copies of documents you already possess, we may charge our reasonable administrative costs. We will also be allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you if your request is clearly unfounded or excessive. In very limited circumstances, we are also entitled to refuse to comply with your request if it is particularly onerous.

In certain circumstances, you may be entitled to receive the information in a structured, commonly used and machine readable form.

 

10. Changes to our privacy notice

This policy was last updated on 8 May 2024. Any material changes we may make to the Paris Smith Privacy Policy in the future will be posted on this page.

 

11. Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to FAO the Data Protection Officer, Paris Smith LLP, 1 London Road, Southampton, SO15 2AE, England or DPO@parissmith.co.uk.

Back to top

Introducing your key contact

Christie Blackburn
Head of Compliance – Compliance and Risk Training

Contact

KEY CONTACTS
AccreditationAccreditationAccreditationAccreditationAccreditation