Privacy policy
- Details
- Hits: 15051
Data Privacy Notice for Website Visitors and Clients
Introduction
We are committed to protecting personal data through appropriate controls and by being transparent about how we collect, hold, and use information.
This privacy notice applies to individuals who visit our website, make an enquiry, book a consultation, or become clients.
The rules on processing personal data come from the UK General Data Protection Regulation and the EU General Data Protection Regulation together referred to in this notice as GDPR.
The Data Controller is responsible for deciding how and why personal data is processed.
Contact Details for Data Protection
Data Protection Officer
All communications about privacy and data protection should be addressed to our Data Protection Officer.
You can contact the Data Protection Officer by writing to:
Warlies Park House, Horseshoe Hill, Upshire, Essex EN9 3SL
You can also contact us by email at helpline@cohendavis.co.uk.
How We Collect Personal Data
When you visit our website
When you visit our website, we may collect information about how you use it. We use cookies and similar tools to help us improve the website and the services we provide. Please see the Cookies section below for more detail.
When you make an enquiry
When you enquire about our services by submitting a form through our website, sending an email, or contacting us by telephone, we collect personal data such as your name, email address, telephone number, and any other information you provide.
Follow up communications and updates
To handle enquiries efficiently, we may add your contact details to an automated communication system. This helps us confirm receipt of your enquiry, provide call back information, and share relevant updates.
You can stop receiving these communications at any time. Every message includes an unsubscribe option.
Internal service and regulatory logging
We also log enquiry information into our internal case and project management systems. This helps us provide a consistent and timely service and meet our professional obligations.
As a regulated law firm, we must check conflicts of interest and keep accurate records of who we have advised. We may also use this information to improve service quality and handle complaints.
Telephone monitoring and recording
We may monitor and record telephone calls for training, quality control, ensuring instructions are properly understood, investigating complaints, and meeting legal and regulatory duties.
We encrypt recordings and store them securely. Access is controlled and monitored.
When You Instruct Us or Become a Client
Consultations and legal services
If you request a consultation or instruct us, we will ask for further information such as case details, identifying documents, and billing information.
We may take detailed written notes during consultations and may record calls. These records help us provide accurate advice, discuss your matter internally, and prepare documents such as witness statements where needed.
Client file retention
Once you become a client, we create a secure matter file within our case management systems. This may include identification documents, legal papers, financial details, and correspondence.
We normally retain client matter information for at least six years after the matter concludes to meet legal, regulatory, and professional obligations.
Lawful Basis for Processing
We only process personal data where GDPR allows. The lawful bases we rely on include the following.
Contract and pre contract steps
We process personal data to respond to enquiries, provide information requested by you, and take steps towards providing legal services.
Performance of a contract
When you become a client, we process personal data because it is necessary to provide legal services under our contract with you.
Legal and regulatory obligations
We process and retain personal data to comply with professional and legal duties, including solicitor regulatory requirements.
Legitimate interests
We process some personal data because it is in our legitimate interests to operate our business, improve our services, and ensure effective communication.
Consent
Where we rely on consent, you can withdraw it at any time.
Regulatory and Legal Obligations
We may use personal data to meet obligations including compliance with solicitor professional rules, maintaining business records, meeting HMRC duties, preventing fraud, and complying with anti money laundering requirements.
We keep this information only where necessary and proportionate.
How We Store and Protect Personal Data
Security measures
We use appropriate technical and organisational measures to keep personal data secure and to prevent unauthorised access, loss, misuse, alteration, or disclosure.
We take reasonable steps to keep data accurate and up to date and we correct inaccuracies without delay where we become aware of them.
International storage and safeguards
We aim to store personal data within the UK and the European Economic Area. However, we may use trusted third party providers such as Amazon Web Services, Microsoft, and Teamwork.
Some providers may store or access data outside the UK or EEA.
Where international transfers take place, we use safeguards required by UK and EU GDPR. These include adequacy decisions, approved standard contractual clauses, and contractual obligations that require providers to apply suitable confidentiality and security protections.
Sharing Personal Data
We may share personal data where necessary in the following situations.
Legal services and case handling
We may share information needed to progress your matter, including with courts, barristers, experts, or other professional parties where appropriate.
Regulators and law enforcement
We may share information where required by law, court order, or properly made requests from regulators or law enforcement agencies.
Service providers
We may share data with companies that provide services to us, such as IT systems, billing platforms, telecommunications providers, and secure customer management systems.
We require all service providers to keep information secure and to use it only for the services they provide to us.
Data Breaches
If we identify a personal data breach affecting your information, we will take urgent action in line with GDPR and guidance from the Information Commissioner’s Office.
If you become aware of a breach involving information we have shared with you, you should notify our Data Protection Officer immediately.
Cookies
What cookies are
Cookies are small files stored by your browser. They help websites function properly and help us understand how visitors use our website.
How we use cookies
We use performance cookies to understand visitor behaviour, including how often users return, which pages they view, and how long they remain on the site.
We also use functionality cookies to improve your experience and allow tools such as live chat.
Third party cookies and international transfers
Some cookie data, including IP address information, may be processed by third parties such as Google or email platform providers who may store information on servers outside the UK or EEA.
Managing cookies
You can control cookies through your browser settings. If you reject cookies, some parts of the website may not function fully.
Your Rights Under GDPR
You have rights under UK and EU GDPR. These include the right to request access to your personal data, correct inaccurate information, request deletion in certain cases, restrict processing, object to processing where we rely on legitimate interests, request data portability, and withdraw consent at any time where consent applies.
Requests for access
If you wish to request a copy of the personal data we hold about you, you should contact the Data Protection Officer in writing. We may ask for proof of identity.
Complaints
If you have concerns about how we use your personal data, please contact the Data Protection Officer first.
If you remain dissatisfied, you have the right to complain to the Information Commissioner’s Office in the UK or your local supervisory authority in the EU.
Changes to This Notice
We review this privacy notice regularly and may update it from time to time. We may notify you of significant changes through the website or by email where appropriate.
ICO Registration
We are registered with the Information Commissioner’s Office under registration number Z3462446.