This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand how we will treat it, protect it and to understand more about your rights. By providing your personal information to us you are agreeing to us using your information as described in this policy.
|We or Us:||Watkins and Gunn, Glantorfaen House, Hanbury Road, Pontypool, Torfaen NP4 6XY|
|Personal data:||Any data or information, in electronic or organised hard copy, that identifies you personally or which relates to you when you are identifiable.|
|Special categories of personal data:||Sensitive information relating to you, namely: health records; information regarding your sex life, sexual orientation, political opinions, religious or philosophical beliefs, racial or ethnic origin, trade union membership; and genetic and biometric data|
In summary, we do not anticipate requiring your explicit consent to process your personal data. If that changes we will let you know.
We use information you provide to us in the following ways:
You have the right, free of charge, to:
You simply need to contact us to exercise any of your rights. In the case of marketing, there is always an ‘unsubscribe’ button in our marketing emails.
For more information on your legal rights see the Information Commissioner’s website (www.ico.org.uk).
We are required by our insurers and regulators to keep your file and personal data for minimum periods. We are not however permitted to keep your personal data indefinitely or for longer than is necessary.
Our retention policy is that the minimum period we will keep files and other personal data relating to a legal matter is six years. We may keep your file for significantly longer than that if it is necessary and in our legitimate interests to do so (for example, files relating to wills, property or children, or where you request this).
We operate a rolling annual programme of file destruction. All our files and other documents containing personal data are destroyed securely.
We may need to share your personal data with other professionals who we instruct on your behalf (e.g. barristers and doctors), third parties who are vital to a transaction (e.g. mortgage provider, the courts), providers of services that are necessary to progress a legal matter (e.g. to perform our client due diligence checks on you), and people who you ask us to share your personal data with (such as estate agents, family members or other representatives).
We may also need to share your personal data with our regulators, insurers, and law enforcement agencies.
We use external auditors to review our files for training, compliance and quality.
Where we share your personal data with third parties, we will ensure that they have appropriate data protection arrangements in place.
Your data will be stored at our offices and on our IT equipment, or where your information is shared with a third party, at their premises or on their IT equipment.
We archive our old files to a secure facility prior to destruction. Details are available on request.
We retain all of our data within the UK and as we do not have offices outside England & Wales, we have no reason to transfer your personal data outside the UK or the European Economic Area- unless you or a third party with whom we must share your personal data are based outside the Uk or the EEA.
Where we use third party IT services (e.g. ‘cloud’ based software) we shall ensure that their data centres are either within the EEA or that there are lawful safeguards in place to protect your personal data to the same standard as if it were held within the UK or the EEA.
As the Brexit transition period ended on 31 December 2020, the GDPR has been incorporated into UK data protection law as the UK GDPR. In practice there is little change to the core data protection principles, rights and obligations as the provisions of the EU GDPR were incorporated directly into UK law at the end of the transition period. The Data Protection Act 2018 (DPA 2018) continues to apply. The UK GDPR now sits alongside the DPA 2018 with some technical amendments so that it works in a UK-only context.
We do not have a Data Protection Officer but have appointed a Data Protection Manager to implement our data protection policies and procedures. Our Data Protection Manager’s details are:
Clive Thomas, Glantorfaen House, Hanbury Road, Pontypool, Torfaen NP4 6XY.
For the purpose of Data Protection legislation, the data controller is Watkins & Gunn.
If you have a complaint or question about our use of your personal data, please contact in the first instance our Data Protection Manager by clicking here.
You may also make complaints direct to the Information Commissioner’s Office (web: ico.org.uk/concerns tel: 0303 123 1113).