Data Privacy Notice for website visitors and for clients
Introduction: Cohen Davis Ltd. (“We”, “Us”, “Our”) is committed to protecting information through appropriate controls, being transparent about how We collect data, what data We hold and how We use it.
“You” (“Your”) are Our client or prospective client to whom We provide services, or are considering entering into an agreement with, for the provision of Our services or consumer of information that We provide on Our website. The rules on processing of Personal Data are set out in the General Data Protection Regulation (the “GDPR”).
The terms “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “Processing” and “Appropriate Technical and Organisational Measures” used below shall be interpreted in accordance with the GDPR.
This policy sets out the basis on which any Personal Data We collect from You, or that You provide to Us, will be processed by Us.
Cohen Davis Ltd. is a company registered in England under the number 08009327, whose registered office is Warlies Park House, Horseshoe Hill, Upshire, Essex EN9 3SL. We are also a law firm which is regulated by the Solicitor Regulation Authority (SRA) under the number 569233. We are the Data Controller.
How we end up with your data:
Below, We explain how We collect data from You, why We collect it and what We do with it. The Personal Data We collect from You includes (but is not limited to) the following:
When you visit Our website:
When You visit Our website, We may collect and process information about Your use of Our website by using “cookies” to help Us make improvements to the website and to the services We make available.
Please see the Cookies section below for more information.
When you make an enquiry: When You enquire about Our services by submitting a form through Our website, by sending Us an email or by contacting Us on the phone, We collect Personal Data such as Your name, Your telephone number and email address and We might also collect other information that You send to Us with Your enquiry or give Us during Our conversation with You.
To handle Your enquiry efficiently, We add Your name, email address and telephone number to an AutoResponder, which is a programme that helps Us make Our service more efficient. For example: • It confirms We have received Your enquiry; • It allows Us to automatically provide You with a time estimation for Our call back to You; • It allows Us to send You information updates such as when there is a change in the law or if there are new developments which are likely to affect the subject matter of Your enquiry; and • It allows Us to update You if there are changes or updates to information that We previously published on Our website and which might have prompted You to contact Us in the first place.
You can stop receiving communication from Us at any time because We always make sure that with every communication We send You with the AutoResponder, there is an option for You to unsubscribe. All You need to do to stop receiving communication from Us is to click on the “unsubscribe” link, which is clearly displayed at the bottom of each communication You receive from Us and follow the simple instructions.
The lawful basis for processing Your Personal Data in this way is that You have asked Us for information before entering into a contract with Us or to fulfil
Our contractual obligations to You.
When You make an enquiry with Us, We also log the information You have given Us into Our internal project management system. The reason for this is to ensure We provide You with a consistent, accurate and timely service and to comply with certain legal obligations. An example of Our legal obligations is that being a law firm, We must always act in the best interest of Our clients and must never act if there is a conflict of interests. We need to log Your information internally in case Your opposing party also asks Us to advise or represent them. The logged information helps Us identify very quickly all the individuals We have advised in the past and those We are currently advising.
We might also use the logged information to help Us improve the advice We give and to handle any complaints. The lawful basis for processing Your Personal Data in this way is to comply with Our legal obligations as a firm of solicitors. Finally, when You make an enquiry, We may monitor and record Your phone conversations with Us and use this information for training and quality purposes (for example Your calls with Us might be listened to by a supervising solicitor to ensure that You have been given accurate and updated advice), to ensure any verbal instructions You give Us are properly understood, to enable Us to investigate complaints, and to meet Our legal and regulatory obligations. All recordings are encrypted and securely stored shortly after completion of the phone call and access to recordings is controlled and monitored.
The lawful basis for processing Your Personal Data in this way is to comply with Our legal obligations as a firm of solicitors.
When you instruct Us:
After Your initial enquiry, You might request to have an initial consultation with an expert lawyer. At this point, We will ask You to provide Us with additional information. For example, further details about Your case, billing information, identifying information and so on. If We do the initial consultation face to face, We will often make detailed written notes of it and if We do it over the telephone, We will often record the call. The notes and the recording will help Us discuss Your case internally to ensure We provide You with consistent and accurate legal advice.
We may also use the information later on as Your case progresses to help Us prepare Your witness statement.
After You instruct Us, We will create Your project on Our secure interactive project management system where We keep all the information pertaining to Your case, including utility bills, photographic identification and legal documents, bank account and other financial information for at least 6 years after the date Your project is concluded. The lawful basis for processing Your Personal Data in this way is to comply with Our legal obligations as a firm of solicitors and to perform Our contract with You.
About Our legal obligations: We will use the Personal Data for purposes of fulfilling legal obligations, which include but are not limited to:
• Complying with Our obligations under the SRA Code of Conduct and Accounts Rules;
• Maintaining Our business records and accounts;
• Meeting Our obligations to HMRC;
• Preventing or detecting a crime, fraud or misuse of Our services, and investigating where We believe any of these have or may have occurred;
• Meeting Our obligations under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and the London Local Authorities Act 2007; and
• Meeting Our obligations under the Data Retention (EC Directive) Regulations 2009.
Storing Your data
Whilst storing Your data: We will use Appropriate Technical and Organisational Measures to keep Personal Data secure and to prevent it being accidently lost, accessed or used in an unauthorised way, altered or disclosed. We will make reasonable efforts to ensure the data is accurate and up to date and will undertake to rectify any inaccuracies of which We become aware of without delay. We aim to ensure that We store Your data in the European Economic Area (EEA) but whenever third parties We work with store it outside of the EEA, We will have contracts in place to ensure that Your information is adequately protected.
Sharing Your data: We may share information with third parties in the following circumstances:
• To handle Your case with Us;
• In response to properly made requests from Our regulators, law enforcement agencies for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires Us to, such as in response to a court order or other lawful demand or powers contained in legislation; or
• With a company who is assisting Us in providing services to You or who provides services to Us, which enable Us to provide Our services to You, examples of such services being billing and financial systems, telecommunications services and customer management systems.
Breach of data: Where any data breach is identified that affects the information that We hold about You or have processed from You, We will take urgent action in accordance with the GDPR and guidance issued from the Information Commissioner’s Office. If You identify any data breach that affects data We have passed to You, You must notify Us in writing immediately and provide full information about the data affected by this breach.
Cookies are tiny “memory” files of random letters and numbers that are stored by Your web browser, either temporarily within Your device’s memory or more permanently on Your device’s storage. Cookies last for between 2 hours and 5 years but You can delete them at any time by following the “privacy” link on Your browser.
We will not attempt to personally identify visitors from their IP addresses unless required to as a matter of law or regulation or in order to protect Our or other customers' rights.
We may use the following cookies:
• Performance cookies: These help Us identify how users use Our website including how frequently the same people visit it, what pages they visit and how long they stay on Our website. In doing so information about Your use of Our website, including Your IP address, may be transmitted to third parties such as Google and AWeber who might store the information on servers in the USA.
• Functionality cookies: These are cookies that enhance Your use of Our website and which enable Us to interact with You by way of Live Chat.
Requesting a record of Your data: If We collect data about You, You have the right to request a record it.
To do this, You should submit a request in writing to Cohen Davis Ltd, Warlies Park House, Horseshoe Hill, Upshire, Essex EN9 3SL.
We will need You to provide Us with proof of identity to make sure We are giving information to the right person. Other rights You might have in relation to Your Data: The GDPR gives individuals a number of other rights including the right to request the correction or erasure of Personal Data, the right to request the restriction of processing of Personal Data, the right to request the transfer of Personal Data (to the Data Subject or a third party), and the right to withdraw Your consent to the processing at any time where consent is the lawful basis for processing. These rights under GDPR might however be subject to exceptions.
Changes to this policy: Please note that We will review periodically the ways in which We collect, use and protect Personal Data and may change Our relevant policies from time to time. We will notify You by email should such changes occur.
Complaints and requests in relation to your data: If You wish to raise a complaint in relation to how We use Your data, in the first instance, please contact Us using the details above. If this does not resolve Your complaint to Your satisfaction, You have the right to complain to the Information Commissioner about the way in which We collect and use Your Personal Data: https://www.ico.org.uk/concerns or telephone 0303 123 1113.
We are registered with the Information Commissioner’s Office under Register number Z3462446.