Protecting Your Privacy
At House of Law we respect your privacy and we are committed to protecting your confidentilaity and personal data. The aim of this privacy notice is to inform you as to how we will guard your personal data when we work with you, when you contact us or when it has been agreed that we will remain in touch with you. It deals with how we will use your data when you visit our website and informs you of your privacy rights and how you are protected by the law. Should you have any questions about this, please do not hesitate to contact us.
Our Privacy Notice
This Notice sets out what you can expect from House of Law in relation to the collection and use of your personal data. Please be assured that House of Law will at all times respect your privacy and look after your personal data.
Who We Are
We are House of Law Limited, a limited company registered in England and Wales with registered number 09950284 whose registered office is at 3 Hardman Square, Spinningfields, Manchester, M3 3EB. We are the “data controller” of the personal information we hold for the purposes of the UK General Data Protection Regulation (the UK GDPR) and the Data Protection Act 2018 (the Data Protection Act) which supplements UK GDPR and extends its application in the UK. We are committed to respecting the information you entrust to us and ensure that we keep it safe.
In this notice, “we” and “us” refers to House of Law, “you” and “your” refers to those whose data is affected.
Adrian Ohio is responsible for the privacy of your data and is our data manager.
What is personal data?
Personal data is defined in the UK GDPR as any information relating to an identified or identifiable natural person, in other words an actual person as opposed to a company or organisation. Not only does it relate to everyday data such as your name, address and gender but also to less obvious data such as identification numbers, online identifiers and/or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. It also covers personal data about you even though the connection is one by your business – for example your personal email address at your business.
In addition, there is a further category of data referred to as special category data. This includes data such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and genetic data, biometric data, data concerning health or data concerning a person’s sex life or sexual orientation.
Why do we collect your personal information and how is it used?
The main use that we make of your information is in connection with the supply to you of our products and services, or where it's necessary as part of the management of your matter.
Under data protection law, we can only use your personal data if we have a proper reason for doing so, for example:
to comply with our legal and regulatory obligations;
for the performance of our contract with you or to take steps at your request before entering into a contract;
for our legitimate interests or those of a third party; or
where you have given consent.
A legitimate interest arises where we have a business or commercial reason for using your data, provided always that it is not overridden by your own rights and interests.
Specifically, we will use your data:
for providing legal services to you, for the performance of our contract with you or to take steps at your request before entering into a contract;
to comply with our legal and regulatory obligations including conducting checks to identify you and to verify your identity, screening for financial and other sanctions or embargos, complying with professional, legal and regulatory obligations that apply to our business, or in connection with regulations issued by the Solicitors Regulation Authority (SRA), our professional regulator;
for gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies such as the SRA;
in connection with our legitimate interests or those of a third party. This might include making sure we are following our own internal processes so we can deliver the best service to you or for operational reasons, such as improving efficiency, training and quality control;
for ensuring the confidentiality of commercially sensitive information and preventing unauthorised access and modifications to data and to systems;
in making sure that we can keep in touch with you about existing and new services;
for marketing our services to existing and former clients, third parties who have expressed an interest in our services and those with whom we have had no previous dealings;
for updating client records; and
in connection with external audits and quality checks, e.g. Lexcel and the audit of our accounts.
In general, data may also be processed in the necessary pursuit of our legitimate interests and/or the legitimate interests of others and there may also be a need to process data in compliance with legal obligations, for example in relation to legal proceedings and/or compliance with requests by law enforcement agencies. In general, you should note that we will not tend to rely on consent as a basis for processing personal data and in those rare circumstances when we do, we will specifically obtain such consent in the course of collecting the data.
Finally, please note that we on occasion use data to improve our levels of service for example by monitoring and/or recording calls for quality and accuracy purposes.
What type of information we may collect?
As a legal services firm, most of the personal data we process is data relating to our contractual functions, powers and duties. This may include:
personal data including names, addresses, telephone numbers, dates of birth, email addresses, bank account details, employment details, National Insurance numbers, qualifications and other relevant data;
personal financial data and tax data;
documents used in connection with personal identity verification – including copies of passports or identity documents to verify your identity;
special categories of personal data – for example we may need to process data concerning your health if you give this to us;
bank and/or building society details;
details of your professional online presence, e.g. LinkedIn profile;
details of your spouse/partner and dependants or other family members if relevant;
your employment status and details including salary and benefits;
personal identifying information, such as your eye colour or your parents’ names, e.g. if necessary as identifier information;
CCTV images or photos when attending our meetings or events;
preventing and detecting crime or anti-social behaviour by using CCTV in and around our premises,
responding to and generally dealing with legal claims, and
call recordings.
How your personal data is collected
We collect most of this information from you directly. You may give us your identity and contact details by filling in forms or by corresponding with us by post, telephone, email, social media or otherwise. This includes personal data you provide when you:
make an enquiry about our services or instruct us;
give us some feedback;
use automated technologies or interactions;
interact with our website and we automatically collect technical data about your equipment, browsing actions and patterns. (This personal data is collected by the use of cookies, and other similar technologies).
However, we may also collect information:
from publicly accessible sources, e.g. Companies House, HM Land Registry or the electoral register;
directly from a third party, e.g.:
sanctions screening providers;
credit reference agencies;
client due diligence providers;
referrers and opponents;
from a third party with your consent, e.g. your bank or building society, another financial institution or advisor;
consultants and other professionals we may engage in relation to your matter;
your employer and/or trade union, professional body or pension administrators;
your doctors, medical and occupational health professionals;
through the use of our website — for example we use cookies on our website (for more information on cookies, please see our cookies policy at the foot of our website;
by means of our information technology systems, e.g.:
case management,
document management,
time recording systems,
analytics providers such as Google,
providers of technical, payment and delivery services, and
enquiries made electronically or over the telephone.
Failure to provide personal data
Please be aware that where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. If, however, you choose not to give us your consent for our mailing list, there will be no effect on your legal contract with us although we may be hampered in the extent to which we can keep you up to date with developments in your sector.
With whom do we share your personal data?
We will routinely share your personal data with:
professional advisers who we instruct on your behalf or refer you to, e.g. barristers, medical professionals, accountants, tax advisors or other experts;
other third parties where necessary to carry out your instructions, e.g. Companies House;
credit reference agencies;
our insurers and brokers;
external auditors, e.g. in relation to ISO or Lexcel accreditation and the audit of our accounts;
our regulator the SRA;
our bank;
external service suppliers, representatives and agents that we use to make our business more efficient, e.g. typing services, marketing agencies, document collation or analysis suppliers.
We will only permit other service providers to deal with your personal data where we are satisfied that they take suitable measures to protect your personal data and in doing so we will impose contractual obligations upon them to ensure they can only use your personal data to provide services to us and to you in an agreed manner.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
There may also be a need to share personal data with other parties in connection with your instructions to us. Where relevant that information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
We will not share your personal data with any other third party.
Where do we keep your personal data?
Information may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above. Information held in electronic format may be held on servers not based in our offices and some of these third parties may be based outside of the UK or the European Economic Area. Where this is the case we will always take care to protect your data and where relevant we will enter into appropriate agreements for the protection of your data.
For how long do we keep your information?
We will only keep your personal data for as long as we need it in order to complete the purpose for which we collected it in the first place.
When a legal case is concluded, we retain your file of papers up to a period of either 7 or 15 years from date of formal closure depending upon the nature of the transaction. Our retention schedule is as follows:
Commercial Litigation and Dispute resolution – 7 years
Landlord and tenant disputes – length of the term plus 7 years
Partnership disputes – 15 years
Serious injury – 7 years
Medical negligence – 15 years
Credit hire recovery – 7 years
Provided we have not identified any of your papers as being required for a longer term, we will aim to destroy all papers and data we hold about you upon the expiry of the 7 or 15 year period (as appropriate), unless we have a legal, regulatory or statutory obligation to dispose of /delete such papers/data prior to this period or unless the papers are the subject of an ongoing or anticipated claim against us.
Information in relation to job applications which contain personal information will be retained for a period of 1 year after the application is made, after which it will be destroyed, unless it is in relation to someone to whom an offer of employment is made in which case the provisions applying to our employees will apply.
Any person who requests that they receive marketing communications from us will be asked for re-consent every 2 years from the date of the original consent and can unsubscribe from those communications at any time during this period.
How we keep your information secure?
We are under a general duty to keep personal data and information confidential. Where we share information, we take all reasonable steps to keep it secure, use it fairly and ensure that data protection safeguards are in place. We use secure portals and encryption tools when necessary to ensure data in transit is protected.
Your rights
Subject to the type of information held about you, and the reason we are holding it, the UK GDPR gives you certain rights in relation to your personal data. Those rights include:
access - the right to be provided with a copy of your personal data together with the reasons why we hold it, who the data will be shared with and details of the period for which the data will be retained;
rectification – the right to have your records amended if the personal data we hold is inaccurate or incomplete;
erasure – the right to request that your data be deleted in certain circumstances – sometimes referred to as the right to be forgotten;
restrict processing - the right to require us to restrict processing of your personal data—in certain circumstances, eg if you contest the accuracy of the data;
data portability - the right in certain circumstances to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party. Please note that we have limited capability in this regard;
objection - the right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
not to be subject to automated individual decision-making - the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
In most instances, we will provide the information to which you are entitled within one month of receipt of a valid request as is required by the UK GDPR. Please note, however, that requests which are complex or numerous may however take up to three months and requests which are considered manifestly unfounded or excessive will be refused. Please also be aware that, for reasons of confidentiality of information, we will need to take the necessary steps to ensure that any person requesting information or exercising their rights as set out above are who they say they are.
You also have the right to lodge a complaint with a supervisory authority, namely the Information Commissioner’s Office (ICO) whose contact details are as follows:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number. If you are calling from outside the UK, you may not be able to use the 03 number above, so please call +44 1625 545 700.
Fax: 01625 524 510
Website: https://ico.org.uk/global/contact-us/
Email: icocasework@ico.org.uk
Opening Hours: their normal opening hours are Monday to Friday between 9am and 5pm UK time.
Providing information to you
Where information has been requested we will always endeavour to provide it to you in the format requested unless doing so would put your information, or that of other people, at risk. Usually we will send an electronic copy but we can provide a hard copy by special delivery post to your residential address if you so request.
Do you have a right to see all of the information we hold about you?
Please note that you may not be entitled to see all the information held about you if an exemption applies. Examples of exemptions include information that:
is about, or contains details of, another person
is subject to legal privilege.
If an exemption applies we will explain which exemption applies and we tell you if we have removed any information from the copy we send you.
Changes to this privacy notice
This privacy notice was last updated in April 2023. We may make changes to it from time to time. When we do so, we will not be able to inform you directly but it will be apparent as a new version will be posted on this website showing a revised date.
Please contact us if you wish to raise something with us