1. Introduction and Terms
2. How to contact us
3. Your rights
4. Who we are
5. What information will Rowles Davis LTD collect about me?
6. How will this be used?
7. When will you contact me and will this be marketing?
8. Will you share my information with anyone else?
9. How long will you keep my details?
10. Can I delete my details?
11. Can I find out what details you hold?
12. Changes
13. Complaints

1. Introduction and Terms

Rowles Davis LTD (“we” or “us”) are committed to protecting and respecting your personal information and privacy.  This privacy and cookie policy relates to our use of any personal information we collect from you from any of our services.  Whenever you provide such information we are legally obliged to use your information in line with all applicable laws concerning the protection of personal information; including the Data Protection Act 1998 (“DPA”) and as of May 2018 The General Data Protection Regulation (“GDPR”).

2. How to contact us

You can contact us using the following details:

FAO: Privacy Officer, Rowles Davis LTD, 37 Salisbury Street, Taunton  TA2 6NA

Email: RRD@rowlesdavis.co.uk

Telephone: 01823 27 77 45

3. Your rights

Under the GDPR your rights are as follows.

• The right to be informed We must make available this privacy notice with the emphasis on transparency over how we process your data.
• The right of access You are entitled to find out what details we may hold about your and why.
• The right to rectification We are obliged to correct or update your details.
• The right to erasure This is also known as the request to be forgotten.
• The right to restrict processing You have the right to “block” or suppress the processing by us of your personal data.
• The right to data portability You have the right to obtain and reuse your personal data that you have provided to us.
• The right to object You have the right to object to us processing your data in relation to direct marketing and/or profiling.
• Rights in relation to automated decision-making and profiling We do not use automatic decision-making or processing.

4. Who we are

For the purpose of DPA and GDPR, the data controller is Rowles Davis LTD of 37 Salisbury Street, Taunton  TA2 6NA.  If you wish to request more information about our privacy policy or information regarding data protection you should contact RRD@rowles-davis.co.uk or write to the Privacy Officer at the address provided at paragraph 2 above.

5. What information will Rowles Davis LTD collect about me?

We process both Personal and Sensitive (Special) categories of data.  Personal data we process may including name, address and email address.  It also may include IP address and cookies (Website).  Due to the nature of our business we also process Sensitive (Special) categories of data, such as health data, racial or ethnic origin and biometric data (passports for identification and verification purposes as required by law).

Our collection methods are:

• Through our website
• Through engagement of our services
• By communications
• Networking
• Through engagement of service providers

6. How will this be used?

We use information held about you in the following ways.

• To ensure that content from our site is presented in the most effective manner for you and for your devices.

• To provide you with information, products or services that you request from us or which we feel may interest you, where you have contented to be contacted for such purposes or because we have a “legitimate interest” in doing so. (A “legitimate interest” may arise, for example, when we have an existing business to business relationship with you.  Where we rely on “legitimate interests” we will record our decision and our method on making this decision.  This can be requested by you at any time.)

• To carry out our obligations arising from any contracts entered into between you and us.

• To allow you to participate in interactive features of our services when you choose to do so, eg asking a question through our website. We also embrace the use of social media and may wish to process any comments made public by you.

• To carry out necessary maintenance of our IT infrastructure.

• And also to notify you about changes to our service.

7. When will you contact me and will this be marketing?

If you were an existing or former client as at 22 May 2018 and have been receiving information about our legal services (marketing) from us, we will continue to contact you by postal and electronic means (e-mail) with information about our legal services, unless you ask us not to.

If you become a client after 22 May 2018 we will contact you by post or electronic means with information about our legal services, but only if you have consented to this.  You may choose to not receive these types of communication.

Our contact details are at paragraph 2.

8. Will you share my information with anyone else?

We will keep your information within the firm except where disclosure is required or permitted by law or when we use third party service providers (data processors) to supply and support our services to you.  We have contracts in place with our data processors.  This means that they cannot do anything with your personal information unless we have instructed them to do so.  They will not share your personal information with any organisation apart from us.  They will hold it securely and retain it for the period we instruct.

9. How long will you keep my details

Our data retention policy is dictated by the DPA/GDPR and the requirements of our legal profession regulator, the Solicitors Regulatory Authority (“SRA”), a copy of which may be requested.

10. Can I delete my details?

Under GDPR you have the right to erasure under specific circumstances: this will be decided on a case by case basis.  Please contact us for more information relating to your rights.

11. Can I correct or update my details?

We will correct or update your data without delay provided you make the request in writing specifying which of our data is incorrect or out of date.  If you have any concerns regarding this issue please contact us.

12. Can I find out what details you hold?

We strive to be as open as we can in giving people access to their own personal information.  Individuals can find out if we hold any personal information by making a “subject access request” under DPA and the “Right of Access” under GDPR.  If we do hold information about you we will respond in writing within one calendar month of your confirmed request.

The information we supply will:

• Confirm that your data is being processed.
• Verify the lawfulness and purpose of the processing.
• Confirm the categories of personal data being processed.
• Confirm the type of recipient to whom the personal data have been or will be disclosed; and
• Let you have a copy of the information in an intelligible form.

To make a request for any personal information please write to us at the address provided in this policy.  Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do not hold information about you we will also confirm this in writing at the earliest opportunity.

13. Changes

We keep our privacy notice under regular review and change may be made to it from time to time.  The current version of our privacy notice will be posted on our website so that you are aware of its contents.

14. Complaints

You have the right to complain about the processing of our personal information.  Please contact us using the contact details at paragraph 2.  If we cannot resolve the issue, you have the right to complain to the Information Commissioners Office www.ico.org.uk