Lincoln, Watts & Leeding (LWL) is a Data Controller who processes personal data and special categories of data, which we will refer to as personal information.
At LWL we understand the importance of data protection compliance, we know that excellent data protection practice is not only necessary to meet our legal obligations but it is also essential to meet our obligations to the individuals whose personal information we process and the clients we serve.
We have built a strong data protection programme supported by robust information security standards to ensure we use personal information lawfully and responsibly and that we afford it the necessary safeguards whilst it is in our possession. Our data protection programme enables us to provide the highest assurances to the individuals whose information we process and to our clients when processing personal information as part of our services we provide.
LWL always respects privacy of the individuals whose personal information we process, we will always ensure that it is only used for specified and lawful purposes as provided for under the General Data Protection Regulation (GDPR) and any other UK legislation subsequently enacted that may relate to, replace or supersede GDPR.
WHAT WE USE PERSONAL INFORMATION FOR
Lincoln, Watts & Leeding is a law firm. We work with large number of customers, across a range of sectors in England & Wales. The legal services we provide help our customers to reduce the time and money spent on resolving disputes, on property transactions, on commercial, probate and private client work whilst offering a practical and solutions driven approach.
The legal services we provide to our customers require that we process of variety of personal information where necessary for:
The types and volumes of personal information and the manner in which we process it varies between the different sectors that we operate – more information on the sectors we operate in can be seen on the OUR SERVICES page of our website.
Our approach is to only process the minimum personal information necessary in a responsible and proportionate manner in order to preserve the rights of data subjects and achieve the best outcome for our customers.
Compliance with legal obligations
We may need to process personal information where necessary to comply with professional, legal and regulatory obligations that apply to our business, for example, those under health and safety regulations or rules issued by the Solicitors Regulation Authority (SRA) and the Information Commissioners Office (ICO). That processing may include gathering and providing personal information as required by or relating to audits, enquiries or investigations by regulatory bodies.
Marketing and promotion
We may process personal information to carry out a range of marketing and promotional activities about the services we offer to current, former and prospective clients and customers, to provide legal updates and to send invitations to events we are holding or involved in.
Our marketing activities include:
We will always ensure any personal information we hold for marketing purposes is stored securely and is not shared with any other person without the individuals awareness and permission – for attending events we may need to share some personal information with carefully selected third parties in order to manage attendance, in which case we ensure that individuals are informed in advance and that those third parties keep the information secure and use it for these purposes only.
We will only hold personal information for marketing purposes for as long the individual wishes to receive marketing from us. We offer individuals the opportunity to unsubscribe and opt out from marketing at any point and will remove their details from our marketing lists where they wish for us to do so.
If you are currently receiving marketing from LWL and no longer wish to do so you can let us know by contacting:
Data Protection Officer
Lincoln, Watts & Leeding
4 Novar Road
Prevention and detection of fraud
We may also process personal information where it is necessary for the prevention and detection of fraud, including fraudulent insurance claims and we may share information with other agencies for such purposes.
Other business functions
We also process personal information in order to effectively manage our business activities including statistical analysis to support our practices in relation to financial performance, client base, work type or other efficiency measures and to maintain our accounts and records. As an employer we also process personal information about our partners and staff to help us support, develop and manage them.
WHAT PERSONAL INFORMATION WE COLLECT
We always aim to use the minimum personal information necessary to support the business activities and functions we carry out. Where those activities and functions require the processing of personal information it may include:
Who we process personal information about
The categories of individuals we process personal information about include:
WHO WE MIGHT SHARE PERSONAL INFORMATION WITH
We sometimes need to share the personal information we process with third parties outside of LWL. Below is a description of the types of third party organisations we may need to share the personal information we process with for one or more purposes:
Whenever we share personal information we take great care to ensure it is done through the most secure and appropriate means possible so that it is afforded the necessary safeguards to prevent it from accidental loss or unauthorised access.
HOW LONG WE WILL KEEP YOUR INFORMATION
We implement a proactive approach to retention and disposal of personal information whereby it is retained for the minimum period necessary and only where there is a legitimate reason or lawful basis to do so. We have Records Management and Data Cleansing policies that set out the processes we follow to manage retention and disposal of personal information and they define the periods for which personal information is retained. The retention periods we apply have been determined based on a combination of legal obligations and legitimate business activities and the criteria we use to determine retention periods include:
LAWFUL BASIS FOR PROCESSING
We will only ever process personal information where we have a genuine need and lawful basis to do so. The lawful processing conditions we generally rely on to process personal information are set out below
For personal data:
For special categories of data:
There may be circumstances where we rely on different lawful processing conditions to those set out above, where this is the case and where required to do so we will inform you of this in any privacy notices we provide.
HOW WE PROTECT PERSONAL INFORMATION
We recognise and respect the importance and sensitivity of personal information and so we take great care to make sure we use and handle it responsibly and we afford it the necessary safeguards whilst it is in our possession. To achieve this we have implemented a range of organisational and technical measures to protect and safeguard personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to make sure we meet our obligations.
Organisational measures we implement include but are not limited to: Data Protection; Information Security; Access Control; Acceptable Use; Information Classification and Data Handling; Information Exchange and Clear Desk and Clear Screen policies and procedures. These set the requirements and standards to be adhered to and implemented by all partners and staff with regards to access, use, handling and exchange of personal data. We also provide regular information security and data protection training and awareness for all our partners and staff and undertake system monitoring, audits, risk assessments and inspections.
Technical measures we implement to ensure the security of personal data include but are not limited to: secure data exchange methods; user access controls; secure electronic data storage facilities; secure document storage and disposal; firewalls; antivirus software and regular system vulnerability and penetration testing.
LWL’s offices are located within England and the personal information we process is held in those offices or within data centres that are located within the UK.
From time to time however and in certain sectors we operate there are instances where transfer of personal information outside of the European Economic Area (EEA) is necessary. Where the need for an international transfer of personal information arises, we ensure it is done so using secure methods that offer sufficient assurances and guarantees that the information is afforded the necessary safeguards to prevent it from accidental or unlawful loss, disclosure, access, alteration or destruction. We will also ensure that where necessary our clients and the data subjects whose information is to be transferred are notified in advance and informed of the safeguards we will take to ensure the security of their information.
The transfer process itself will include establishing and ensuring that there is a legal basis for the transfer to take place and that the receiving party and country within which they reside offers an adequate level of protection for the rights and freedoms of data subjects through methods including:
YOUR RIGHTS AND HOW TO CONTACT US
Under data protection laws individuals have a number of rights that enable them to control when and how their personal information is used, and, to allow them to hold organisations accountable for use of their information.
If you believe LWL processes your personal information and you wish to exercise any of your rights under GDPR, such as gaining access to the information we hold about you, where you believe the information may be incorrect, inaccurate or incomplete, where you wish to restrict or object to processing, or, if you are dissatisfied with the way in which LWL has used your information in any way you can report the matter to our Data Protection Officer using the following contact details:
Lincoln, Watts & Leeding
4 Novar Road
You also have the right to refer any concerns you may have regarding LWL’s use of your information to the Information Commissioners Office (ICO) - more information can be found by visiting the ICO’s website at: www.ico.org.uk
SUMMARY OF DATA PROTECTION RIGHTS:
MEASURING WEBSITE USE AND COOKIES
MEASURING WEBSITE USAGE (GOOGLE ANALYTICS)
We use Google Analytics software to collect information about how our visitors browse and visit our site. We use the information to compile reports and to help us to improve our service. The Google Analytics cookies collect information anonymously, including the number of visitors to our site, where visitors originated from and the links they click within the site. No personal information is collected or stored (for example your name or address) so this information cannot be used to identify who you are. Click here:
[http://www.google.co.uk/intl/en/analytics/privacyoverview.html] for an overview of privacy from Google.
Name Purpose Expiration time
_ga Used to distinguish users, incl. number of visitors and if you’ve visited before. 2 years
_gid Used to distinguish users, incl. number of visitors and if you’ve visited before. 24 hours
_gat Used to manage the rate at which page view requests are sent to the analytics server. 10 minutes
OUR INTRODUCTORY COOKIES MESSAGE
You may see a pop-up cookies message when you first visit www.lwlsols.co.uk. A cookie is used to log that you have seen this message, so that it doesn’t show again.
Name Purpose Expiration time
Cookiepolicy This cookie is used to hide the cookies information banner when you have seen it. No expiry set
Change cookie settings for this website
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
Comments or queries this website
If you have any comments about using this site, then please e-mail firstname.lastname@example.org.
CHANGES TO THIS PRIVACY STATEMENT
Technology and data privacy best practice are continuously developing. We therefore reserve the right to revise this Privacy Statement at any time. If this Privacy Statement changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances we may share it with other parties.