At Ad Legal, your privacy is of utmost importance. We are dedicated to safeguarding your personal data. This privacy notice serves to educate you on how we manage your information, your privacy rights, and the legal protections in place.
1. About the Company
The Intention Behind This Privacy Notice
This privacy notice delineates the categories of personal data we gather, our methods for collection and processing, potential recipients involved in service provision, and your corresponding rights and choices.
Harper James assumes the role of data controller for your personal information. You can reach us at 43 – 45 North Street, Manchester M8 8RE and email us at firstname.lastname@example.org
2. Personal Information
Personal data, or personal information, refers to any details that can identify an individual. It excludes data from which identity has been anonymised, known as anonymous data.
We might gather, employ, retain, and convey various categories of your personal information, which we’ve categorised as:
- Identity Data encompasses given name, previous surname, family name, user handle or analogous label, marital status, honorific, birthdate, and gender.
- Contact Data comprises invoicing location, shipping address, email address, and phone numbers.
- Financial Data comprises bank account and payment card information.
- Transaction Data encompasses information pertaining to payments made by you, payments received by you, and other relevant details regarding the services you have availed from us.
- Technical Data comprises various details such as your internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technological information associated with the devices you utilise to access this website.
- Profile Data encompasses your username and password, as well as information regarding your interests, preferences, feedback, and survey responses.
- Usage Data comprises information pertaining to your utilisation of our website, products, and services.
- Communications Data encompasses your choices regarding marketing communications from us, as well as from third parties, and your communication preferences.
- Safeguarding Sensitive Personal Data: During our provision of client services, there may be instances where we need to gather and utilise sensitive personal information about you. This may include data relating to your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, details of criminal offences, or genetic and biometric data. We handle such sensitive personal information in order to aid you in establishing, exercising, or defending legal claims, or to assist you in fulfilling your rights and obligations under relevant employment or social security laws.
3. How do we gather your personal information?
We collect your personal information in different methods including:
You can provide your Identity, Contact, and Financial Data through form submissions or through communication by mail, phone, email, or other means. This includes the personal information you share when:
- Consult us for legal guidance.
- Apply for our services online via contact forms, inquiry forms, chat functions, and other interactive channels.
- Subscribe to our website publications, including newsletters.
- Request marketing materials.
- Provide feedback.
- Participate in our seminars, training programs, and presentation workshops.
- Enter competitions, prize draws, or promotions.
When you engage with our website, we automatically gather Technical Data concerning your device, browsing behaviour, and usage patterns. We employ cookies, server logs, and similar technologies to collect this information. Additionally, we may obtain Technical Data from other websites that use our cookies when you visit them.
Information from third parties and publicly accessible sources:
We might obtain your personal data from a range of third-party entities and publicly accessible outlets. This may include Technical Data from analytics providers like Google, which operates outside of the EU, as well as data from advertising networks and search information providers. Contact Data may also be acquired through publicly available online sources, such as corporate websites, corporate profile social media platforms and official government registers like Companies House.
4. How do we utilise your personal information?
We will utilise your personal data in compliance with applicable laws in the following situations:
- To fulfil the contract we are entering into or have entered into with you, such as providing our legal services.
- When it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override these interests. Our legitimate interests may encompass activities like market research, marketing, and ensuring the effective operation of our website and procedures. You can learn more about how we weigh our legitimate interests against potential impacts on you by reaching out to us.
- To comply with legal or regulatory obligations, which include record maintenance, compliance checks, and screening (e.g., anti-money laundering, financial and credit checks, fraud and crime prevention, detection, and trade sanctions and embargo laws). This may entail automated checks of the personal data you provide for identity verification against relevant databases and communication record-keeping for compliance purposes.
- Generally, we do not rely on consent as the legal basis for processing your personal data, except when it comes to sending you third-party direct marketing communications via email or text message. You have the right to withdraw your consent for marketing activities at any time by getting in touch with us.
Marketing by Third Parties
Prior to sharing your personal data with any external company for marketing purposes, we will obtain your explicit opt-in consent as a requirement.
We may utilise your Identity, Contact, Technical, Usage, and Profile Data to develop insights into your potential preferences, requirements, or areas of interest.
Opt Out Choices
You have full control over your marketing preferences. You can opt-out of receiving messages from us or third parties instantly by logging into your account and adjusting your preferences. Each message also includes simple opt-out links so you can stop communications with one click. You also have the option to contact us directly if you need any assistance updating your settings at any time. Your privacy and communication preferences are fully respected.
Modification of Intended Objective
We will only use your personal information for the original reasons you provided it. If we need to use your data for any new purpose, we will ensure that purpose remains compatible with the original intention. You have the right to request an explanation from us regarding any changes to how your personal information is used or processed. If you have any questions about the ongoing use of your data, please contact us and we will happily provide more details on our compliance with privacy and data protection laws.
5. Sharing of Your Personal Information
We may need to disclose your personal information to the following parties:
- Service providers, located both within and outside the EU, functioning as data processors, to deliver efficient IT and system administration services essential for the operation of our services.
- SaaS platform providers responsible for managing our case management system and other databases, allowing us to administer and deliver our services. Please note that some platform providers may utilise cloud services, potentially leading to the storage of personal data both within and outside the EU.
- Professional advisers, acting as data processors or joint controllers, including lawyers, bankers, auditors, and insurers. They offer consultancy, banking, legal, insurance, and accounting services to our organisation.
- HM Revenue & Customs, regulatory bodies, and other authorities, functioning as data processors or joint controllers, and based in the United Kingdom. These entities may necessitate reporting of processing activities under specific circumstances.
- Third parties to whom we may decide to sell, transfer, or merge segments of our business or assets. Alternatively, we may explore business acquisitions or mergers. In the event of any such changes to our business, new owners may handle your personal data in accordance with the terms outlined in this privacy notice.
6. Transfers Internationally
When we transmit your personal data outside of the EEA, we take measures to guarantee it receives a commensurate level of protection. This involves implementing one or more of the following safeguards:
- We will transfer your personal data to countries recognised by the European Commission as having an adequate level of data protection (known as an adequacy decision).
- We will employ Standard Contractual Clauses established by the European Commission or equivalent mechanisms authorised or certified by the European Commission.
- In cases where we engage service providers, such as SaaS providers located in the United States, to deliver our services to you, data transfers may occur. If these providers are participants in the Privacy Shield framework, they are obliged to provide comparable safeguards for personal data shared between Europe and the US. If a US provider is not part of the US Privacy Shield program, we will implement Standard Contractual Clauses established by the European Commission.
7. Security Of Data
We’ve implemented robust security measures to avert inadvertent loss, unauthorised use or access, alteration, or disclosure of your personal data. Furthermore, access to your personal data is restricted to individuals, including employees, agents, contractors, and third parties, with a legitimate business need. They are bound to process your data solely in accordance with our directives and are obligated to maintain confidentiality.
In the event of any suspected breach of personal data, we have established procedures to address the situation. If legal obligations are necessitated, we will notify you and the relevant regulatory authority of such breaches.
8. Retention Of Data
We will retain your personal data only as long as it is essential to fulfil the objectives for which it was gathered, encompassing meeting legal, accounting, or reporting obligations.
To determine the suitable retention period for personal data, we evaluate the data’s volume, nature, sensitivity, potential risks, purposes of the processing, alternative means to achieve those purposes and legal obligations. We are legally required to retain certain basic customer information, including Contact, Identity, Financial, and Transaction Data, for six years following the end of the customer relationship to fulfil tax and legal requirements. However, in specific situations, you can request data deletion.
Additionally, we may use your personal data for research or statistical purposes, rendering it unidentifiable. In such cases, we may retain and use this data indefinitely without prior notice.
9. Your rights to data protection
Subject to specific conditions, you possess rights according to data protection laws regarding your personal data. You have the following entitlements:
Request access to your personal data: This is commonly known as a “data subject access request”. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request the erasure of your personal data: This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
Object to the processing of your personal data, particularly when we rely on legitimate interests or those of a third party, and your specific circumstances warrant an objection due to potential implications on your fundamental rights and freedoms. You also have the right to object when we process your personal data for direct marketing
Seek a limitation on the processing of your personal data: You can request us to temporarily halt data processing in the following situations:
(a) when you want us to verify the data’s accuracy;
(b) when data usage is unlawful, but you prefer preservation over erasure;
(c) when data retention is necessary for you to establish, exercise, or defend legal claims; or
(d) when you have objected to our data usage, and we need to assess whether legitimate reasons allow us to continue processing.
Seek the transfer of your personal data: We will furnish your personal data, in a structured, widely accepted, machine-readable format, to you or a third party of your selection.
Right to revoke consent: In cases where we rely on your consent to process your personal data, you have the right to withdraw that consent. Please note that this does not impact the legality of processing performed prior to your withdrawal. It’s important to be aware that, upon withdrawal of consent, certain products or services may not be available to you, and we will inform you of such instances when you choose to revoke your consent.
We make every effort to address all valid requests within a month. However, if your request is exceptionally intricate or if multiple requests have been made, it might take longer. If this happens, we will inform you and provide regular updates.
10. Right to Lodge a Complaint
You retain the option to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority, at any time. We do, however, kindly request the opportunity to address your concerns prior to your ICO contact. You can reach us initially. The ICO’s website is available at https://ico.org.uk.