Greenhalgh Kerr policies
This Notice is issued in accordance with the General Data Protection Regulations (“GDPR”).
The notice applies to the professional legal service we provide to our clients for recovery of debt from debtors and any associated litigation. The legal basis for this processing of your personal data is our legitimate interest.
Our Contact details are:
Greenhalgh Kerr Solicitors
Smithy Brook Road
Tel: 0333 200 5200
As a professional legal service provider, we are registered with the Information Commissioner’s Office under reference Z2064791. In accordance with the requirements of GDPR we act as both Data Controllers and Processors. Our designated Data Protection Officer is Kerry Winstanley who can be contacted at the above address or by e-mail at firstname.lastname@example.org.
We may obtain your personal data from someone other than you, for example our client.
The purpose of processing your personal data is in furtherance of our legal obligation to our client(s). and is in full compliance with the relevant Data Protection legislation. Provision of the obtained data is a contractual and legal requirement and whilst you have the right to request the deletion of the data we hold relating to you, it would be subject to our legal retention obligations (normally 6 years after the completion of the matter).
The data we process includes names, addresses, contact details, details of debt, income, assets, expenditure, employment and other data relating to the security and recovery of the debt. We do not process special categories of data, with the exception of health data that you disclose to us or our client and where relevant to the debt or repayment of it.
We have appropriate processes and procedures in place to safeguard Personal Data against loss, damage, destruction, theft or unauthorised access, use or disclosure. Where data is used in electronic format it will always be transmitted by secure electronic means.
Your Personal Data may be passed to certain third parties, such as the court service, enforcement officers, barristers, advocates, process servers, confidential waste disposal companies, etc such as is reasonably necessary to allow us to carry out legal services for our clients. Appropriate contractual arrangements are in place to ensure as far as possible that your data is transferred securely and treated confidentially. In addition, your data may be shared where Greenhalgh Kerr uses computer software and the services of third-party IT support providers to manage personal data, where it is required by statutory regulatory bodies, such as H M Revenue & Customs, the FCA, The Solicitors Regulatory Authority or the Financial Ombudsman Service.
Your personal data will be stored by us for a minimum period of 6 years on completion of the matter. This is a requirement of our regulator and our indemnity insurers.
Under GDPR you have the following rights:
- The right to rectification (if data is incorrect or incomplete)
- The right to be forgotten on completion of the matter for debtors, unless advised so differently by the source as we are under a legal obligation.
- The right to object
- The right to data portability (to receive personal data in a structured, commonly- used and machine-readable format)
- The Right to Subject Access (see below)
- The Right to Complain to the Regulator (www.ico.org.uk)
Data Subject Access Request (DSAR)
You have the right to submit to us a DSAR concerning the personal data we hold, free of charge. Under GDPR we have one month to respond to details of:
- The purpose of the processing
- The categories of Personal Data concerned
- Third parties to whom it has been or will be disclosed
- The data retention period or criteria used to determine it
- The right to lodge a complaint with the Information Commissioner’s Office
- Information as to the data’s source (if it was not provided by you)