Howes Percival LLP (“we”, “us”, “our”, “the Firm”) respects your privacy and is committed to protecting your personal data. We operate the websites; www.howespercival.com, www.eastwestcorridor.co.uk and www.academyconversions.law (“the Websites”).
We are a limited liability partnership with registered company number OC322781 and its registered office address is at Nene House, 4 Rushmills, Northampton, England NN4 7YB. We are also a regulated legal professional business, regulated by the Solicitors Regulation Authority (“SRA”) and are subject to their rules, which include a need to comply with the SRA Code, the SRA Handbook and the SRA Principles.
This privacy notice will provide you information about how we look after your personal data when you visit and use our Websites (regardless of where you visit it from) including any data you may provide through the Websites. It will also tell you about your privacy rights and how the law protects you.
Please note that this privacy notice relates only to the treatment and use of personal data arising from your visiting the Websites. For other types of processing carried out by us, please see the following documents:
Howes Percival LLP is the controller of your personal data and is therefore responsible for your personal data. Howes Percival is registered with the Information Commissioner under registration number Z6669366.
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions, including any requests to exercise your legal rights, please contact the DPO using the details set out at the bottom of this privacy notice.
Data protection principles
We will comply with data protection law. This says that the personal information we hold about you must be:
1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.
6. Kept securely.
The personal data we collect
Personal data means any information about an individual from which that person can be identified. We may collect and process the following data about you:
• Information about you that you give us
The information you give us may include your name, address, e-mail address and phone number. This may be given by you in order to:
a. Complete an enquiry or contact form;
d. Sign up to receive our newsletter and/or news and legal updates; and/or
e. Sign up to events and seminars.
• Information collected by us automatically
We may automatically collect information about you such as technical information regarding your visits to our Websites including, but not limited to, the Internet Protocol (IP) address used to connect your computer to the Internet, geographical location, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
It may also include information about your visit(s) to our Websites including the full Uniform Resource Locators (URL), clickstream to, through and from our Websites (including date and time), job vacancies you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call us.
Personal data does not include data where your identity has been removed or which not associated with or linked to your personal data (anonymous data).
We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
IP addresses and Cookies
How we use your personal data
We will only use your personal information we collect about you as follows:
• Information that you give us
We may use the information you give to us to:
a. Respond to your enquiries as requested by you and in accordance with our legitimate interests;
b. Provide you with information that you request in accordance with our legitimate interests;
c. Process and evaluate your CV or covering letter / job application / training contract application in respect of any job vacancy or training contract you have applied for as a step prior to entering into any contract with you;
d. Send you our newsletter, news or legal updates, where you have consented to receive such communications; and
e. Provide you with information regarding upcoming events or seminars where you have consented to receive such communications.
• Information collected by us automatically
We may use the information we automatically collect to:
a. Ensure that content from our Websites is presented in the most effective manner for you and for your computer as is in our legitimate interest;
b. Administer and monitor our Websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes so as to allow us to provide you with the best possible service and experience as is in our legitimate interest to do so; and
a. Keep our Websites safe and secure as is in our legitimate interest.
Storage of your personal data
All of the information you provide to us is stored on our secure servers which are located within the UK and the European Economic Area.
Sharing and transfer of your personal data
We do not share the data that you supply to us via our Websites with any third parties. However, in the event that you instruct us to act on your behalf, we may have to share your data with third parties for the purposes of acting for you or to deal with regulatory requirements or for professional indemnity insurance purposes. In some situations we may instruct third parties to advise and/or act for you (e.g. counsel, experts, medical professionals etc).
We require third parties to respect the security of your data and to treat it in accordance with the law and/or our instructions or as part of our regulatory or insurance obligations.
We do not transfer personal data received via our Websites outside of the European Economic Area.
We have put in place measures to protect the security of your information. Details of these measures are available upon request.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, the access to and use of the personal data that we collect is restricted to those employees who need the personal data to perform a specific job role or activity. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Websites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Websites; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access. We urge you to take every precaution to protect your personal data when you are on the internet.
We have in place a retention and destruction policy which sets out the criteria we adopt for retaining your personal information. Please contact the DPO using the contact details below if you would like to obtain a copy of our retention policy.
You have the right to:
· Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
· Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
· Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
· Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
· Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
· Request the transfer of your personal information to another party.
If you wish to exercise any of your above rights, please send a written request to us at the address listed at the end of this privacy notice, addressed for the attention of the DPO.
Where we have relied on your consent for the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You may withdraw your consent by emailing email@example.com. If you would like to withdraw your consent from receiving our newsletter, news, legal updates or any other marketing communications then you can do so using our unsubscribe link at the footer of the email.
Other websites and links
Our Websites may contain links to other websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control third party websites and are not responsible for their privacy notices or for the content, accuracy or opinions express in such websites. We do not investigate, monitor or check third party websites for accuracy or completeness and the inclusion of any linked website on or through our Websites does not imply approval or endorsement by us of the linked website.
If you decide to leave our Websites and access these third party websites, plug-ins and/or applications you do so at your own risk. We encourage you to read the privacy notice of every website you visit.
Changes to this privacy notice
This version was last updated on 17 May 2018.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
We have appointed James Howarth, Partner as our Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact James Howarth on firstname.lastname@example.org.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
The Firm’s Data Protection Officer is responsible for this Notice which was adopted on 8 May 2018.
Version 1.0 May 2018