Randle Thomas LLP – Privacy Notice
Our Contact Details:
Randle Thomas LLP
2 Wendron Street
Tel: 01326 572951
Privacy Officer Details:
2 Wendron Street
Cornwall TR13 8PP
Tel: 01326 572951
Randle Thomas LLP is a Data Controller and is registered with the Information Commissioner’s Office (‘ICO’) under reference Z2280982.
The right of our clients, employees and third parties with whom we have a working relationship to have their personal details kept confidential has formed a major part of the firm’s ethos since Randle Thomas started practising in Helston in 1884.
Today, that right has been set out (and expanded upon) in legislation. The Data Protection Act 2018 (‘the Act’) sets out the rights of the individual to have their personal data protected, and imposes obligations on data controllers and processors to ensure that this happens.
We have appointed Zoé Lock (contact details set out above) to act as our Privacy Officer, and it is her job to ensure that the firm complies with the Act. She will also be responsible for ensuring that this notice is kept up-to-date. If any changes are made to this notice, a copy will either be sent to you or made available for you to review.
If you have any questions regarding your rights under the Act, or need to exercise any of your rights under the Act, or to raise any complaint about the security of your personal data, you will need to contact Zoé Lock
by post to: 2 Wendron Street, Helston, Cornwall TR13 8PP:
by email to: firstname.lastname@example.org
or telephone: 01326 572951 and ask for Zoé Lock.
What information we have
Randle Thomas LLP, as a legal services provider, employer and customer receives, handles and retains ‘personal data’ relating to its clients, employees and third parties. Personal data is any information which identifies an individual either directly or indirectly. This will include names, dates of birth and addresses, but also covers financial and other personal information obtained during the course of our relationship with any individual.
How we hold this information
Personal data will be kept by us in either paper form, or electronically (i.e on computer) or in both forms
The legal basis for processing personal data
Under the Act the lawful reasons we rely on for processing this information are one or more of the following:
a) Your consent. You can remove your consent at any time, by contacting Zoé Lock.
Removing your consent to the processing of your personal data may result in us being unable to fulfil our obligations to you. Similarly, we may still be under a legal, regulatory or contractual obligation to process your personal data despite your removal of consent.
b) Having a contractual obligation.
c) Having a legal obligation.
How we collect personal data and what we do with it
Most of the personal data we receive will come from you personally. We may obtain other information through third parties during the course of your relationship with us.
Your personal data will be used;
a) To enable us to provide legal services to you, your employer or our client. These legal services will be set out in the client care letter we send you at the start of your matter.
b) To fulfil our legal and regulatory obligations. These may include our obligations under anti-money laundering, anti-terrorism and anti-criminal financing legislation.
c) To fulfil our obligations under employment law.
d) To fulfil our obligations under contractual law arising from our relationship with you.
e) To answer any queries raised or authorised by you.
f) To undertake future work for you.
g) To provide clear records of all matters previously undertaken for you and/or all documents you have asked us to keep for you
h) For marketing purposes. At present we only use personal data for very limited marketing activities. We do not share your data with third parties (e.g. Google) for marketing purposes.
i) To fulfil our obligations to government agencies, our regulators and our insurers.
j) To use in the investigation and/or defence of a complaint, disciplinary proceedings and claims.
Do we share your personal data
We will only share your personal data where it is appropriate to do so during the course of your matter, or where our files are inspected by outside bodies e.g. our accountants (who will only be looking at our financial records), our quality control auditors (we are accredited under the Lexcel Standard and the Conveyancing Quality Scheme), our regulator – the Solicitors Regulation Authority, government agencies, or where we have your specific authority. As we have said above we do not share your personal data for marketing purposes.
Storage of personal data
The safe storage of your personal information, both during the time we are acting for you and after the matter has ended, is very important to us, and we owe you a duty to safeguard this information. Personal data in paper form is kept in files within our premises and storage facilities except where it may need to be taken out of the office (e.g. court hearings, visits to you or third parties during the course of your matter). Electronic records are saved to our server which is kept on our premises, and which is protected by firewalls and anti-virus software. We do store copies of all our electronic records offsite, but the information is encrypted and the third party storing the information is unable to access the information stored.
Transfers to third countries
At present we do not transfer any personal data outside UK and the European Economic Area (‘EEA’). If it should become necessary for any reason to transfer personal data beyond the EEA Zoé Lock, as our Privacy Officer, shall carry out an assessment of the adequacy of protection available in respect of the proposed transfer, and shall apply the criteria laid down by the ICO for making an assessment.
The Partners have decided that personal data shall be retained for the following periods.
a. Copy documents received by way of proof of identity
– central records (paper) – 5 years
– file copies (paper) – the life of the file.
b. Client paper files
Residential 15 years from completion
Commercial 15 years from completion
Agricultural 15 years from completion
Probate files 25 years at which time the file will be reviewed and either retained for a further period or destroyed
Will files 25 years at which time the file will be reviewed and either retained for a further period or destroyed
Matrimonial files 15 years from end of matter
Dispute Resolution 15 years from end of matter
LPAs 15 years or on death of client
Partnership 15 years from completion of matter
c. Client Electronic files
15 years for all types of matter
d. Original Deeds and Documents
Wills Indefinitely or known death of client
LPAs Indefinitely or known death of client
Pre-registration deeds. Send to clients wherever possible otherwise
and documents indefinitely or known sale of property
Change of Name deeds Send to clients wherever possible otherwise
e. Employee Documents
Contract and amendments 12 years
Personal documents 5 years
Wage details 12 years
Appraisals and work details 5 years
f. Job applicants
CVs and applications 12 months
Interview notes 12 months
References, if obtained 12 months
g. Third parties (suppliers etc) Individuals only
References 6 months from end of contract
Bank details 6 months from end of contract
Counsel and/or expert 5 years from receipt
Counsel and/or expert assessments – 5 years (subject to review by assessments Partners who may extend time if the experience of the third party or the severity of the assessment warrant such an extension)
We need to keep personal data after your matter has ended to fulfil our obligations to you, government agencies, our regulators and our insurers. At the end of the retention period all personal data whether paper or electronic shall be destroyed securely to complete our obligations to you.
This notice will be reviewed regularly and changes made it made to it. Notification of any changes shall be placed on our website so that you are aware of them.
Rights of individuals under the Act
Under the Act individuals have rights including:
The right of access – You can ask us to supply you with details of the personal information we hold about you
The right to rectification – You can ask us to rectify any information we hold about you if you think it is incorrect. You can also ask us to complete any information which you think is incomplete.
The right to erasure –You can ask for your personal data to be erased, and where possible this will be done. Your request may not be granted if to do so would conflict with our compliance duties to our regulators, insurers and government agencies, or our own requirements to keep a record of the advice given and the work undertaken for you.
The right to restriction of processing and the right to object to processing – You can ask for us not to process your personal data or to limit how we process it in certain circumstances. If you do make such a request we may not be able to fulfil our contractual obligations to you.
The right to data portability – In certain circumstances you can ask us to transfer the information you gave us to you or to another organisation.
You will not be charged for making any of the requests listed above. If you do make any request we have one month to respond to you.
To make any request please contact Zoé Lock whose contact details can be found at the beginning of this notice.
How to complain
You have the right to complain to the ICO if you are unhappy with the way we have handled your data.
The ICO’s address is:
Information Commissioner’s Office
Helpline number: 0303 123 1113
Or visit their website – ico.org.uk