Burnett Barker Solicitors Ltd respects your privacy and is committed to protecting your personal data.
This policy explains when and why we collect personal information about you, how this information is used, the conditions under which it may be disclosed to others and how it is kept secure.
It is also designed to tell you about your privacy rights and how the law protects you.
1. Important information and who we are
This privacy notice aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you fill in a contact form, sign up to our newsletter, share a blog article on social media or complete a transaction.
Burnett Barker Solicitors Ltd is the data controller and responsible for your personal data (collectively referred to as “Burnett Barker Solicitors”, “we”, “us” or “our” in this privacy notice).
We help people & businesses with the legal issues they don’t have the time or expertise for themselves, through a number of legal services in the areas of family law, conveyancing, crime & motoring, commercial property, business legal services, personal injury, Wills & Probate.
Throughout this document we are going to refer to our website and any services that we offer such as legal representation, conveyancing or consultancy, as “services”.
Full name of legal entity: Burnett Barker Solicitors Ltd
Company Registration No: 09385832
Email address: firstname.lastname@example.org
Postal address: Collingwood House, 20 Whiting Street, Bury St Edmunds, IP33 1NX
Telephone number: 01284 701131
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.
We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
2. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may obtain, use, process and disclose personal data to:
- provide you with professional services
- undertake quality, security and risk management activities
- provide you with information about us and our services
- Internal record keeping.
- We may use the information to improve our products and services.
- develop our business and services
- comply with legal, regulatory or professional body requirements
We have grouped together the different kinds of personal data about you as follows:
- Identity Dataincludes first name, maiden name, last name or title.
- Contact Dataincludes billing address, delivery address, email address and telephone numbers.
- Financial Dataincludes the names of clients making payments to our bank accounts (but not their account numbers or sort codes).
- Transaction Dataincludes details about payments to and from you and other details of services you have purchased from us.
- Technical Dataincludes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Marketing and Communications Dataincludes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose.
Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
Data collected outside of this website:
We may also collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data, criminal convictions and offences), depending on the nature of your services we provide to you.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a service you have taken out with us but we will notify you if this is the case at the time.
3. How is your personal data collected
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity and Contact details by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:apply for our products or services;subscribe to our service or publications;request marketing to be sent to you;give us some feedback.
- Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns.
- Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources, for example Technical Data from analytics providers such as Google based outside the EU.
4. How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Purposes for which we will use your personal data
We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
To process and deliver our service
When we provide you with our services we will use your personal data to create invoices, manage payments, communicate with you about the service, complete your client file and communicate with the necessary third parties required to carry out your service. This is necessary for us to perform the contract with you and for our legitimate interest in recovering debts.
To manage our relationship with you
This is for performance of a contract with you, to comply with our legal obligations, and for our legitimate interest to keep our records updated and to study how customers use our services.
To administer and protect our business and this website
This includes troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data.
This is necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) and to comply with a legal obligation.
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
This is necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
This is necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).
To make suggestions and recommendations to you about goods or services that may be of interest to you.
This is necessary for our legitimate interests (to develop our products/services and grow our business).
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
However, we will not contact you about marketing promotions or news (even if we think you might be really interested!) unless you have expressly signed up to our email newsletter list which you can do so here:
During the sign up process you can chose what type of news and updates you wish to receive (whether in relation to you or your family, or if you run a business), and have the option to opt-out of receiving our newsletters at any time.
We will get your express opt-in consent before we share your personal data with any company outside of Burnett Barker Solicitors for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. Sharing information
We never sell your information to any third party, but we do share your information in the circumstances outlined below, with safeguards in place to help protect your privacy.
Employees and independent contractors – it may be the case we need to share your details with a contractor who we have employed to work on your project or service. They will only receive the information they need to be able to communicate with you and / or help us provide your service.
Third party provider – to help us run our business we use several third party vendors to provide services to us, for example accounting software and payment providers. We need to provide them with your details so they carry out that services successfully and safely. All this data is stored in a secure way (see below).
Each third-party provider has been vetted by us to ensure that privacy policies and practices meet or exceed the same levels of compliance and standards that we follow. Where appropriate and available, we hold additional signed Data Privacy Agreements with these companies as an additional layer of accountability in order to help ensure your data is safe and secure.
Business Transfers – in connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that Burnett Barker Solicitors goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party.
As Required by Law – we may disclose information about you in response to a court order, or other governmental request.
To Protect Rights and Property – we may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Burnett Barker Solicitors, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
Information shared publicly
We like to show off our work to help market our products and services with others. Unless agreed otherwise in our contract we may share the work we have done in our portfolio.
Whilst nothing is ever 100% secure, we work very hard to protect information about you against unauthorised access, use, alteration or destruction and we take reasonable measures to do so.
See wordpress.org/about/security for details on the security of the WordPress core itself.
- Prevention is best when it comes to security, and as a first step, we follow all WordPress Code Standards in the plugins that we use.
- All staff /contractors) undergo initial training to ensure proper understanding of all security-related processes.
- All staff / contractors only have access to systems that are directly required to complete the functions of their job.
- We only use third-party services that adhere to the highest levels of privacy and security practices.
- All the data we store on you is stored on servers or computers which use encryption when sending data from one device to another. Where services allow us to, we always use Two Factor Authentication to improve security of login information and reduce the risk of login information being used to gain unauthorised access.
Data Breach Procedure
Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our clients via email no later than 48 hours of us becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.
- How long we keep your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
As a general rule we will retain client data for 7 years.
In the absence of specific legal, regulatory or contractual requirements we will delete data 7 years after we cease to act for a client. Some data is deleted sooner.
In some circumstances you can ask us to delete your data: see “your right to be forgotten” below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
8. Your Rights
You have several choices regarding the information we store about you:
- Limit the information that you provide– you can choose to provide us with only the information we require to operate our services and not any optional information.
- Opt-out of electronic communications– you may choose to opt out of receiving electronic communications from us by following the instructions in those messages. If you do opt out, we may still send you other messages such as those about your service/case and legal notices.
- Set your browser to reject cookies– you can set your browser to reject cookies which will mean we will not track data from your we usually collect via cookies (see above). This comes with the drawback that some of our services may not operate or function properly without the aid of cookies.
Your “right to be forgotten”
You have a right to both access the information we hold from you as well as asking us to remove the information we hold from our systems. You can request either of these, doing so by completing a request here. If you request we delete your information, you understand this may mean that we cannot continue providing you with the service or product you are currently using. We will also request that other organisations we have shared your data with do the same. If you require a list of these organisations, please indicate this when contacting us with your request.
For further information on what these rights are please visit: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Burnett Barker is primarily a UK based business but we do work with clients and third party providers from across the world. By accessing or using our services or providing your information to us you consent to us processing, transferring and storing your information in countries which could be outside of the UK and/or different from your home country.
By continuing to use this site, our other sites and our products and services constitutes your acceptance of any changes.