Data Controller – David Barton Solicitor Advocate Limited a limited company registered at Companies House under company number 7404230. The registered office is Flagstones, High Halden Road, Biddenden, Ashford, Kent TN27 8JG.
In this notice it is referred to as “the Company”.
David Barton, a solicitor, is the sole director of the company and he is also the data controller. Any further details may be obtained by writing to this address, emailing to , or telephoning 01580 292409.
This Policy applies to – the Company’s collection, use, and disclosure of data from the following, whether individuals or companies:
- Website Visitors: Individuals who visit Company websites and who may provide data in order to receive communications from David Barton.
- Enquirers: Those who contact me through Company websites, emails or telephones or in any other way seeking advice or guidance whether or not they contract for the provision of legal services;
- Clients: Those who contract for the provision of legal services.
Purposes of processing – your data will be processed in order to:
- market legal services to you;
- provide services under contract to you;
- provide services to others (in so far as this does not breach client confidentiality);
- comply with regulatory and other legal obligations; and
- protect David Barton solicitor and the company against potential claims.
Legal Basis your data will be processed on the basis that the Company has a legitimate interest in being able to achieve the aims of processing set out above. Where special category data is provided, the provider of the data warrants that they consent to the Company processing that data or that they have obtained written consent from the data subject.
Personal data held – as a minimum, the Company is required to positively identify its clients. This also includes positively identifying a director in the case of a corporate client. In addition, the Company holds whatever information is provided to it by its clients and others. This will rarely include special category data.
Failure to provide data – if you fail to provide the Company with the data required you will not receive services or marketing.
Data Sources – the Company obtains most personal data from its clients and those who have indicated that they have an interest in the Company’s legal services. The Company also obtains some personal data from other sources. The Company also collect some data from publicly available sources, for example Companies House.
Recipients – any data provided by clients is treated as confidential to that client and will only be shared with others insofar as this is necessary in order to provide the services contracted for by the client, to comply with regulatory and other legal obligations and to protect the Company against a potential claim. In order to provide its services the Company relies on the services of certain data processors. These include secure cloud storage for documents and emails. They also include marketing and accounting support, but client confidentiality is maintained and I do not permit recipients to use data I may share with them for any other purpose.
In each case the Company ensures that data is processed in compliance with this policy.
Third countries and safeguards – other than where required in order to provide services as required in individual client matters, data is rarely sent to third countries. Where it is, the relevant devices are password protected and equipped with tracking and remote wipe software. The devices are personally accompanied.
Retention period – data is held for six years from the end of the relevant matter of the six years were not associated with a particular matter.
Data subjects rights – where relevant you have the right, subject to client confidentiality, to:
- withdraw consent to the processing of your data;
- complain to a supervisory authority regarding the processing of your data, and
- obtain a copy of the data held on you and to correction of any errors in that data.
Automated decision-making – none.