Privacy Notice

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

Andrew & Co LLP collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

The personal information we collect and use

In the course of providing legal services we collect the following personal information when you provide it to us:

Clients and prospective clients

Name, address, telephone number, date of birth, email, information provided in relation to the particular transaction on which the client has instructed us. This may, depending on the type of matter on which we have been instructed include sensitive personal information.

We use information provided by clients to:

  • Provide quotations or estimates for legal services.Act and advise on the matters on which we are instructed;Comply with our duties in relation to the Proceeds of Crime Act 2002 (POCA), the Terrorism Act 2000 and the Fraud Act 2006; andWith the consent of clients, provide the clients with information about other services provided by us and seminars and events in which are involved.

Our basis for processing information provided by clients and prospective clients is usually contractual, but may also be to fulfil our legal obligations.

Non-Clients

There are a number of circumstances in which we may have personal information relating to people who are not our clients. Our basis for processing this information is to fulfil our own or our clients' legitimate interests.

  • Families of clients and beneficiaries of clients

In matters where we are instructed to draft wills for clients, to act or advise in relation to an estate or to advise in relation to family matters we may be provided with names, addresses, telephone numbers, dates of birth, email, financial information. There may be circumstances relevant to the advice which we are providing when we are provided with sensitive personal information of all types.

We use the information to advise clients in relation to the effective estate planning, to draw up wills and trust documents, and advise clients on their rights and responsibilities in relation to family members. Information may be passed to other professional advisers of our clients in relation to the transaction in which we are instructed.

  • Employees, staff and consultants of clients

Where advising commercial clients in matters relating to their businesses and employment duties we may be provided with the names, addresses, dates of birth, financial information of their employees, staff and consultants. Where we are advising on duties as an employer there may be circumstances in which we are provided with sensitive personal information of all types.

We use the information to advise clients on their rights, duties and responsibilities as employers.

  • Other parties in a dispute

In matters where we are advising or acting on a dispute between our client and third parties we may be provided with names, addresses, telephone numbers, dates of birth, email, financial information. There may be circumstances relevant to the advice which we are providing when we are provided with sensitive personal information of all types.

We use the information to advise clients on their rights, duties and responsibilities in relation to defending or pursuing claims, and in relation to enforcement of claims and to contact parties in a dispute.

  • Tenants, landlords, assignees and sellers or purchasers

Where acting or advising on sales, purchases and leases of properties, assets and businesses we may be provided with names, addresses, telephone numbers, email addresses and sometimes financial information of other parties relating to the transaction.

We use the information to contact other parties in a transaction and to draw up the relevant documents to the transaction. Information may also be provided to us as part of the due diligence supplied to a buyer or seller of a company or business.

  • Professional advisers of clients

We may be provided with the names, addresses, telephone numbers and email addresses of the professional advisers of our client or third parties in a matter on which we are acting.

We use the information to contact the professional advisers of our clients.

  • Trustees of clients

We may be provided with the names, addresses, telephone numbers and email addresses of the trustees of our clients. Identification provided for compliance with Anti-money laundering regulations may contain financial information.

We use the information to advise client trusts, to draw up trust documents, and to comply with our duties in relation to the Proceeds of Crime Act 2002 (POCA), the Terrorism Act 2000 and the Fraud Act 2006.

  • Directors and shareholders of clients

We may be provided with the names, addresses, telephone numbers and email addresses of the directors and shareholders of our clients. Identification provided for compliance with Anti-money laundering regulations may contain financial information.

We use the information to advise our corporate clients on transactions and their rights and responsibilities, to contact the individuals with whom we are dealing in corporate clients, to draft documentation on transactions in which we are instructed and to comply with our duties in relation to the Proceeds of Crime Act 2002 (POCA), the Terrorism Act 2000 and the Fraud Act 2006.

  • Visitors to our offices

We collect names of those visiting our offices

  • Visitors to our website

A separate policy relating to cookies on our website is published on the website.

  • Job applicants and our current and former employees

The privacy notice is contained in our HR manual

 

Information collected from other sources

We also obtain personal information from other sources as follows:

  • As part of our due diligence exercise in relation to anti-money laundering procedures we carry out a electronic search with Smartcredit Limited;From third parties acting for clients or other parties in a matter in which we are or may be instructed;Our credit control procedures on behalf of ourselves and dispute resolution procedures may involve our instructing inquiry agents to obtain information to trace individuals.

Who we share your personal information with

There are some organisations with whom we routinely share information and who are therefore data processors on our behalf:-

  • Our electronic files and accounting system are held on a Citrix site hosted by our IT providers, Nasstar Group Limited;Our accounting and case management system, Liberate, is provided by Linetime Limited who may be granted access from time to time for maintenance and updates of the system;Archiving of physical hard copy files is carried out for us by Lincolnshire Archiving;Our accountants and Solicitors Accounts auditors have access to electronic and hard copy files for the purposes of verifying we are compliant with the Solicitors Accounts Rules;Our insurers, QBE, or professional advisers on their behalf may require access to client files for considering and negotiating in relation to a claim;In relation to a specific transaction for a client we may be instructed by the client to share personal information with other parties such as solicitors, professional advisers for the client or for other parties to a transaction, banks, mortgage advisers, estate agents and HMRC. We will agree with the client what personal information may be shared, and with whom.

We will share personal information with law enforcement or other authorities if required by applicable law.

How long your personal data will be kept

  • Our file retention period for client files is set out in the annexure. Clients may request their files from us at any time. Hard copy files are either destroyed at the end of the retention period or returned to the client.Information relating to suppliers and their staff contacts is kept for the duration of the contract plus one yearCCTV 14 daysAccident book – in respect of staff 6 years after the member of staff has left, otherwise 4 years for an adult and, in respect of a child, until the child is 21Visitor books are destroyed when the book is fullcontact details provided to us by you for business development purposes – retained unless you ask us to delete it or have not attended an event for one yearcopies of publicity following an event or transaction published with consent – three years
  •  

Transfer of your information out of the EEA

We may transfer your personal information to the following which are located outside the European Economic Area (EEA) as follows:

  • if transferring to you;if in accordance with the General Data Protection Regulations, which among other matters allow for this if you give informed consent and if necessary for the establishment, exercise or defence of legal claims.

We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Your rights

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • fair processing of information and transparency over how we use your personal informationaccess to your personal information and to certain other supplementary information that this Privacy Notice is already designed to addressrequire us to correct any mistakes in your information which we holdrequire the erasure of personal information concerning you in certain situationsreceive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situationsobject at any time to processing of personal information concerning you for direct marketingobject to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect youobject in certain other situations to our continued processing of your personal informationotherwise restrict our processing of your personal information in certain circumstancesclaim compensation for damages caused by our breach of any data protection laws

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

 

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

 

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

 

Changes to this privacy notice

This privacy notice was published with effect from 14th November Version number 2

We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version.

 

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us please contact Catriona Wheeler by sending an email to info@andrew-solicitors.co.uk, writing to St Swithin's Court 1 Flavian Road Lincoln LN2 4GR or call 01522 512 123

 

 

ANNEXURE

FILE RETENTION PERIODS

 

 

Type of Work

Type of Transaction

Period of Retention

Company

Where transaction made by deed

12 years

All other cases

7 years

Commercial Conveyancing

Sale

15 years

Purchase and Mortgages

15 years

Leases

3 years after the end of the contractual term, minimum 6 years

 

Option, pre-emptions, overage

3 years after the end of the contractual period

Gifts of land/transfer at undervalue

15 years

Others

12 years unless marked for review

General Commercial work

Substantial and complex matters

15 years

All others

Not less than 6 years

Dispute Resolution

In general

7 years

Employment

Contentious

7 years

Non-contentious, under hand

7 years

Non-contentious under seal

12 years

Planning

Application/appeal for planning permission

12 years

Certificates of Lawful Use

12 years

S106/278 Agreements

12 years

Objections to planning applications

6 years minimum

Planning prosecutions

6 years minimum

CPOs

7 years

Residential Conveyancing

Sale

6 years

Purchases and mortgages

15 years

Aborted Sale/Purchase

1 year

HIPs

6 years

First Registration

15 years

Leases

3 years after the end of the contractual term, minimum 6 years

Option, pre-emptions, overage

3 years after the end of the contractual period

Gifts of land/transfer at undervalue

15 years

Wills

Will files do not need a destroy date. A copy of the Will is stored on the archive file which is kept until the will maker dies. A facsimile copy of the Will is also kept on the computer system.

Trusts

15 years. Where he trust is ongoing or is a life or minority case this should be increased to 30 years

Probate

15 years

EPAs/LPAs, Court of Protection and personal affairs

10 years

Administration of estates

15 years

Family

Not until all children have ceased to be minors, files to be retained for a minimum of 6 years.

In files involving pension sharing

15 years

In files involving prenuptial agreements

15 years

Personal Injury

15 years (or, if later) 3 years after the injured party has attained the age of majority. If the injured party is suffering from mental disability then the file should be reviewed every 3 years after the initial 15 year period.

Overriding principles

As part of file procedures, the Partner responsible for the matter is to specify a longer period for retention if there are special circumstances.

Where acting for a person under a disability, retention period to be 15 years in any event.