1. The Data Controller
Stephens Wilmot Limited arecommitted to protecting and respecting the privacy of our clients, prospective clients and anyone using www.stephenswilmot.co.uk (“our website”).
This policy (and any other documents referred to in it) sets out the basis on which any personally identifiable information (“personal data”) we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Whilst every effort has been made to ensure that our online forms and emails are as secure as possible, we are not able to guarantee the security of any information you submit via our website or over the internet. This is because the internet is not a secure medium of communication. Submitting your personal information into our site is done at your own discretion.
For the purpose of the UK data protection legislation, the data controller is Stephens Wilmot Limited a limited company registered in England and Wales under company number 10411634. Our registered office address is Ty Glyn, 1 Brecon Court, William Brown Close, Llantarnam, Cwmbran NP44 3AB. Our Registration number with the Information Commissioner is ZA265203.
2. Personal Data
In the EU’s General Data Protection Regulation (GDPR), Personal Data is defined as “…any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.”
3. What type of information will we collect from you?
The personal information we collect will depend on the nature of the services we are providing and what we are contracted to do for you. Typically this might include the following:
Contact details (including your name, address, date of birth, and email address)
Photographic identification and proof of address documents (to carry out due diligence)
Professional information (such as job title, previous positions, and professional experience)
Banking and financial details (to establish the source of funds where a transaction is involved)
Details of visits to our website (which enable our website to remember information about you and your preferences). Please read our ‘Cookies Policy‘ for further details.
Where necessary to act in your best interests, and for the establishment, exercise, or defence of your legal matter, we may need to process information which is very sensitive in nature such as diversity and health-relateddetails. In some circumstances,we may need to share this information with third parties, for example,a court or tribunal. If you volunteer sensitive personal data, you will be allowing us to process it as part of engaging our services.
4. How we use your information
The legal grounds for processing your personal data are as follows:
It is necessary for the performance of a contract to which you are a party, or to take steps prior to entering into a contract with you. The retainer between you and Stephens Wilmot Ltd, which is made up of our terms of business and any engagement letter, sets out the terms of the contract and the services we will provide.
It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this we shall consider a number of factors, such as what you were told at the time you provided your data, what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
It is necessary in order to comply with mandatory legal obligations to which we are subject under EU or UK law.
5. Information we collect about you from others
Information may be passed to us by third parties in the course of providing our legal services. The processing of this information will be necessary for the progression of your legal matter and to enable us to act in your best interests as your legal representative.
As a law firm,we have an obligation to make you aware of anything that is relevant to your matter. When we obtain information about you from a third party rather than from you directly, we will notify you of any relevant information within a reasonable period, and provide you with details including the type of data and source it came from. Typically these sources may include:
Other parties involved in the legal proceedings (such as the solicitor acting on the other side).
Financial institutions (such as banks involved in financing the transaction). Other professional services firms (such as accountants and tax specialists).
Government bodies (such as HM Land Registry for details of your property).
Public sources where this relates to you or your organisation (for example Companies House).
6. Information collected from you about other people
In personal matters,you may be providing other third-partydata to us, for example,details about your family members, in which case we will use such data as a data controller in our own right and will comply with data protection legislation in relation to use of that data. You must have the authority to disclose personal data if it relates to someone else and all data disclosed should be complete, accurate and up to date.
In commercial matters, in the course of providing our legal, financial and other professional services to you we will hold and use personal information about you, your officers and/or your employees. When you provide personal information to us relating to your officers or employees, you confirm that you are allowed to do so. You should ensure that those individuals understand how their data will be used by us.
7. Why do we need to collect and store personal data?
In order for us to do any of the above, we must collect and store your data firstly for correspondence purposes. We will ensure that the information collected will only be used for its intended purpose and does not constitute an invasion of your privacy.
8. What we are going to do with your information?
We will hold and use personal information about you in the following ways:
Verify your identity and establish the source of funding in any transaction.
Carry out appropriate anti-fraud checks (by conducting online searches using a third-partyidentity provider). Please note that this will not affect your credit rating.
Prevent money laundering or terrorist financing in accordance with financial crime regulations.
Communicate with you during the course of providing our services, for example providing you with advice and dealing with your enquiries and requests.
Prepare documentation to complete transactions and commence legal proceedings on your behalf.
Seek advice from third parties in connection with your matter, such as legalCounsel.
Carry out obligations arising from any contract entered into between you and third parties as part of your legal matter.
Respond to any complaint or allegation of negligence against us.
Statistical purposes so we can analyse figures to help us manage our business and plan strategically for the future.
Refer you to another department within Stephens Wilmot Ltd about additional legal services which may benefit you.
To obtain your interest in products and services that a member of the We Plan Group of companies (‘the We Plan Group’) may be able to offer or arrange. Products include funeral plans, life cover and financial products such as debt help, unsecured lending, re-mortgage and equity release. We will usually ask about your interests in these products in order to gain your consent to future marketing. Where you have an existing relationship with us, we may contact you under our legitimate interests to offer products and services only where we think it reasonable to do so and have carried out an appropriate assessment. You can object at any time from receiving such marketing – see Section 15 below.
We will do our utmost to keep your information accurate and up to date and not keep it longer than is necessary. Stephens Wilmot Ltd may issue occasional reminders to all customers to keep their contact details up to date and will update them accordingly.
Please be advised that there is information that we are required to keep in accordance with the law, such as information needed for tax and audit purposes. Personal data may be held for longer than these periods, however,this will depend on the individual needs of the company.
9. Will we share your personal data with anyone else?
Based upon the services you need we may pass your details to selected people or organisations (data processors) to carry out certain activities on our behalf. For example, personalinformation you provide may be disclosed to our agents, who may keep a record of that information.
We may pass your information to any third parties whererequired to do so in the course of providing legal services, or where we are obliged by law. This will include, but is not limited to:
A court or tribunal where we are acting for you in a dispute or litigation.
Government bodies (such as HM Land Registry or HM Revenue and Customs for property related work).
The solicitors (if any) acting on the other side of your matter.
Legal counsel or other experts to obtain advice or assistance on your matter.
Other professionals and service providers (such as insurance brokers, where you wish to take out an insurance policy as part of a transaction).
Any disclosures to law enforcement agencies where required by law (in particular the prevention of financial crime and terrorism).
Our regulators including the SRA and the Society of Will Writers, in connection with anyongoing regulatory investigation.
Our professional indemnity insurer in the event a claim is made against us in order to defend ourselves.
The bank or building societyor other lender providing finance in the transaction.
External auditors who may carry out independent checks of your file as part of our accreditations.
At the outset of your matterwe may not be aware of all the other parties involved as this will depend on the specific nature of the work.
We will not share your information with third parties for marketing purposes.
10. Under what circumstances will we contact you?
We will only ever contact you when necessary, or when you have requested that we do so. We do not mean at any point to be intrusive or ask for unnecessary information. We will do our best to ensure that the information we hold is as secure as possible to minimise the risk of unauthorised access or disclosure.
11. How long we keep your data for
We will only retain your information for as long as is necessary to:
Carry out the legal work
Establishment or defence of legal claims (for example negligence claims) that could be made against us.
Compliance with legal obligations under EU/UK law (anti-money laundering regulations say your identification and source of funds information must be kept for a minimum period from conclusionof the matter).
Typically we will store the information for fifteen years from the date of your final bill.
If you request information from us but decide not to use our service, your personal data will be automatically deleted after 12 months.
12. Can you find out about the personal data that we hold about you?
If you want to see what personal data we hold on you and how it is processed, you may contact us to request this. This is known as a Data Subject Access Request (DSAR) and you must request this in writing (either by post or email), providing the necessary identification before any information is released. If Stephens Wilmot Ltddostore any of your personal data, you may request information on the following:
Identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
Contact details of the GDPR owner, where applicable.
The purpose of the processing as well as the legal basis for processing.
If the processing is based on the legitimate interests of a third party, information about those interests.
The categories of personal data collected, stored and processed.
Recipient(s) or categories of recipients that the data is/will be disclosed to.
If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
How long the data will be stored.
Details of your rights to correct, erase, restrict or object to such processing.
Information about your right to withdraw consent at any time.
How to lodge a complaint with the supervisory authority.
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
The source of personal data if it wasn’t collected directly from you.
Any details and information ofautomated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
13. What forms of ID will you need to provide in order to access this?
Stephens Wilmot Ltd will accept the following forms of ID when information on your personal data is requested:
Passport; Photo Driving Licence; Utility Bill (from the last three months); Notarised ID Document.
14. Contact details of the GDPR Owner
If you wish to submit a DSAR,or have any questions regarding this privacy statement, you must do so in writing using the following information.
Stephens Wilmot Ltd, Ty Glyn, 1 Brecon Court, William Brown Close, Llantarnam, Cwmbran NP44 3AB
15. Your data, Your rights
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by contacting our Data Protection Officer at:[email protected] telephone: 01633 712895.
If you do use our service, we are required by law to retain your personal data for as long as is reasonably necessary to comply with our statutory and contractual obligations. You have the right to request we delete your data from our records subject to our statutory and contractual obligations. This is known as the right to be forgotten.
You also have the right to rectification, which means that the personal information we hold about you can be rectified,if any of its detail has been logged or processed incorrectly. If you would like us to make any amendments to the data we hold, please contact us at [email protected]
To make this site simpler, small data files are placed on your computer. These are known as cookies. Most big websites do this too.
They improve things by:
remembering settings, so you don’t have to keep re-entering them whenever you visit a new page;
remembering information you’ve given (e.g. your postcode) so you don’t need to keep entering it;
measuring how you use the website so we can make sure it meets your needs.
Our cookies aren’t used to identify you personally. They’re just here to make the site work better for you. Indeed, you can manage and/or delete these small files as you wish.
You can opt out of Google Analytics cookies for all sites.
To learn more about cookies and how to manage them, visit AboutCookies.org.
i) First Party Cookies
These are cookies that are set by this website directly.
There are also cookies that store basic data on your interactions with WordPress, the CMS running this website.
ii) Third Party Cookies
These are cookies set on your machine by external websites whose services are used on this site. Cookies of this type are the sharing buttons across the site allow visitors to share content onto social networks. Cookies are currently set by Twitter, Facebook and Google+. If you want to prevent sites setting third partycookies, instructions to do so are here.
iii) Log Files
Log files allow us to record visitors’ use of the site. These logs are automatically generated from all our visitors, which we use to make improvements to the layout of the site and to the information in it, based on the way that visitors move around it. Log files do not contain any personal information about you.