This page contains the priavcy notice for DMH Stallard LLP and links to the privacy notices for DMH Stallard Trust Corporation Limited and RB Trust Corporation Limited.
Privacy notice for DMH Stallard LLP (see below)
Privacy notice for DMH Stallard Trust Corporation Limited
Privacy notice for RB Trust Corporation Limited
Privacy notice for DMH Stallard LLP
We are committed to protecting your privacy and complying with data protection legislation. This Privacy Notice contains important information about us, how and why we collect, store, use and share personal information, your rights in relation to your personal information and how to contact us and the ICO, the supervisory authority, in the event you have a complaint.
DMH Stallard LLP is a limited liability partnership registered in England (registered number OC338287). Its registered office is Griffin House, 135 High Street, Crawley, West Sussex, RH10 1DQ and it is authorised and regulated by the Solicitors Regulation Authority.
DMH Stallard LLP collects, uses and is responsible for processing certain personal information about you. When we do so we are regulated under the General Data Protection (GDPR) (EU) 2016/679, which for the time being applies across the European Union (including in the United Kingdom), and the Data Protection Act 2018, and we are responsible as 'controller' of that personal information for the purposes of those laws.
Information collected by us
In the course of providing legal, planning and/or other services, we will or may collect and process the following personal data about you:
Information provided by you
Information obtained by us
- Contact information such as name, address, contact details (including phone number and email address) or personal data relating to other people within your organisation.
- Information to assist us with providing a service to you or to enable you to attend a seminar, webinar of other event hosted by us.
- Information from filling in forms on our site. This includes information you provide when you subscribe to a newsletter, search for a service, or complete a survey, and when you report a problem with our site.
- Special categories of personal data, for example, in connection with your attendance at a seminar, webinar or other event hosted by us to identify disabilities or dietary requirements or in connection with a personal injury claim.
How do we collect your personal data?
- Publically available information about you or your business (including through electronic sources).
- CCTV footage of you attending our offices.
- When you visit our site, the Internet protocol (IP) address used to connect your computer to the Internet, your browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
We may collect personal data about you or your organisation in a number of circumstances, such as:
Information we receive from other sources
- When you seek legal or planning advice or services from us;
- When you or your organisation offer to provide or provide services to us;
- When you use, browse, make an enquiry or otherwise interact on our site; and
- When you attend a seminar, webinar or other event.
We may receive personal data about you from people liaising with us in relation to the services or events (to include webinars, seminars, networking events, etc.) we are providing to you. For example, accountants, financial advisors, business partners and other professional advisors.
We may also obtain your personal information from others acting on your behalf, with your consent, for example, under a Power of Attorney, executors or trustees.
As we work closely with third parties including, for example, sub-contractors in technical, payment and delivery services, analytics providers, search information providers, and credit reference agencies we may also receive information about you from them.
If you provide personal data to us about someone you must ensure that you are entitled to disclose that personal data to us and that, without us taking any steps to verify this, we may collect, use and disclose that personal data as described in this Privacy Notice. It is your responsibility to inform the individual concerned of this Privacy Notice.
We process your personal information in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to comply with our legal and regulatory obligations;
- to analyse and improve our services and communications to you and notify you of any changes to our services;
- to protect the security of and managing access to our premises, IT and communication systems, online platforms, the site and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
- for insurance purposes;
- for monitoring and assessing compliance with our policies and standards;
- for investigating and resolving actual and potential claims and complaints against us;
- to comply with court orders and to exercise and/or defend our legal rights;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- to provide you with information about other services we offer that are similar to those that we have already provided to you or which you have enquired about;
- to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing client, we will only contact you by electronic means (email, SMS or other instant messenger means) with information about goods and services similar to those which were the subject of a previous instruction or potential instruction. If you are a new client, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data, if present, or email email@example.com to let us know;
- For any purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to us.
Collectively, we refer to the above as the Services in the remainder of this Privacy Notice.
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for our provision of the Services.
We may share your personal information with other entities within the DMH Stallard Group all of which are based within the United Kingdom including the DMH Stallard Trust Corporation Limited (Company number 02872937) acting as a processor and controller and DMH Stallard Service Company Limited (Company number 01832830) acting as a processor.
We may also share and/or disclose your information with selected third parties including:
- Business partners, professional advisers, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- Barristers, mediators, arbitrators (or other legal specialists), experts, consultants or any equivalent in connection with your matter;
- Foreign law firms for the purposes of obtaining foreign legal advice (based in the EEA and other countries);
- Service providers acting as processors based within the EEA and who provide IT and system administration services to us;
- Any law enforcement agency, court, regulator, government authority (including HM Revenue & Customs) or other third party where we believe this is necessary to comply with a regulatory obligation or otherwise to protect our rights or the rights of any third party;
- The Solicitors' Regulation Authority and other regulators of our business and the Legal Ombudsman;
- Business partners, professional advisers with whom we may co-host seminars, webinars, networking events or other events;
- Our insurers and any legal provider appointed by our insurers;
- Analytics and search engine providers that assist us in the improvement and optimisation of our site; and
- Quality standards bodies such as Lexcel.
- Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you or for verifying your existence and address. The credit reference agency may keep a record of that information. They may check your personal details against any particulars on any database (public or otherwise) to which they have access. They may also disclose your personal details and the fact that a search was made to its other customers for the purposes of assessing the risk of giving credit and occasionally to prevent fraud, money laundering and to trace debtors.
- On a confidential basis, to business development consultants for the purposes of collecting your feedback on the firm's services;
- If we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If DMH Stallard LLP or substantially all of its assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
The provision of certain personal data may be required from you to enable us to provide the Services. For example, we may require personal data to process your instructions and to comply with our regulatory obligations. We will inform you at the point of collecting information from you whether you are required to provide the information to us. If you are unable to provide the required personal data we may not be able to provide you with the Services.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements which includes investigating any legal claims that may be made against us.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Please contact us if you require further detail regarding our retention policy.
We will process your personal data for one or more of the following lawful grounds:
- Where we need to perform the contract we are about to enter into or have entered into with you to provide you with the Services.
- Where it is necessary for our legitimate interests (or those of a third party). A legitimate interest is when we have (or a third party has) a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
- Where we need to comply with a legal or regulatory obligation.
- Where we rely on your consent - for example, where you agree we can send you information about our seminars, webinars or other events, or where you agree we can share your information with selected third parties.
When we process criminal data, such as data relating to criminal convictions and offences, we will process this data for one or more of the above grounds and because we are authorised to do so under the laws of the United Kingdom or because we are doing it under the control of an official authority.
We will only process special categories of personal data (racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or condition, sexual life or sexual orientation, genetic data or biometric data) with your explicit consent or if such personal data is processed as a result of us carrying out mandatory regulatory checks, such as compliance with Anti Money Laundering checks.
If you would like any further information regarding the grounds upon which we process your personal data, please contact our Data Protection Officer whose details are below.
The data that we collect from and about you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). This may include countries which do not provide the same level of protection as the data protection laws governing the EEA. We will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the GDPR or other relevant laws.
We will require all agents, consultants and sub-contractors and others who are outside the EEA and to whom we transfer your personal data to ensure a similar level of data protection. When doing so we will comply with applicable data protection requirements and take appropriate safeguards to ensure the security and integrity of your personal data.
You may contact us anytime using the contact details below, if you would like further information on such safeguards.
Under the GDPR you have a number of important rights, subject to certain conditions. In summary, those include rights to:
- Request access to personal data held by us about you (also known as Data Subject Access Request);
- Request correction of personal information held by us about you;
- Require us to erase personal data held by us about you where there is no lawful reason to continue to process it or retain it;
- Restrict our processing of personal data held by us about you;
- Receive personal data, which you have provided to us, in a structured, commonly used and machine readable format. You also have the right to require us to transfer this personal data to another organisation, at your request;
- Object to our processing of personal data held by us about you (including for the purposes of sending marketing materials to you);
- Withdraw your consent, where we are relying on it to use your personal data; and
- Not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact, our Data Protection Officer, using the details below:
DMH Stallard LLP
1 Jubilee Street
In order to process your request, you will need to provide:
- sufficient information to identify you, that is your name, address and contact details;
- proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- sufficient explanation of your request relating to the rights set out above.
If you would like to unsubscribe from any electronic marketing material that may have been sent to you, you can simply click on the 'unsubscribe' button found at the bottom of all our marketing material or if reading this Privacy Notice on line, click here
. Please note that it may take up to 28 days for this to take place.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information.
The GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/
or telephone: 0303 123 1113 or post: Information Commissioner's Office, Wycliffe House. Water Lane, Wilmslow, Cheshire, SK9 5AF.
This Privacy Notice was published in May 2018 and updated March 2021. We may change this Privacy Notice from time to time to reflect any changes to the way in which we process your personal data and to meet our legal requirements. Any such change to the Privacy Notice will be published on our website will take effect as soon as they are posted.
Please contact our Data Protection Officer, on the details above, if you have any questions about this Privacy Notice or the information we hold about you.
If you would like to receive this Privacy Notice in another format, for example, large print or Braille, please contact us using the details above.