At The Magic Octopus we have always placed a high priority on the maintenance of client confidentiality as well as the use and storage of personal information gathered whilst providing the full range of legal services we offer to our clients.
The implementation of the General Data Protection Regulation (GDPR) on 25th May 2018 requires us to provide further details on how we gather, use and store personal data and your rights in respect of the personal data that we hold.
This policy will be reviewed and may be updated from time to time.
1. PERSONAL INFORMATION WE USE
We will collect personal information about you from a variety of sources, including information we collect from you directly and information we collect about you from other sources, when we undertake our standard searches for example.
2. HOW WE USE YOUR PERSONAL INFORMATION AND THE BASIS ON WHICH WE USE IT
The legal basis we rely upon in order to process your personal information may be one or more of the following:
(a) to fulfil our contractual obligations to provide the services you have requested, and for example, to ensure that payments are made correctly. Failure to provide this information may prevent or delay the fulfilment of these contractual obligations
(b) to comply with our legal obligations, for example obtaining proof of your identity to enable us to meet our anti-money laundering obligations and fulfilling our duties to our clients, employees and Director.
We use your personal information to:
(c) provide and personalise our services
(d) deal with your enquiries and requests
(e) comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies
3. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION
You have certain rights regarding your personal information, which include the following rights to:
• access your personal information
• rectify the information we hold about you
• erase your personal information
• restrict our use of your personal information
• object to our use of your personal information
• receive your personal information in a usable electronic format and transmit it to a third party (right to data portability)
• lodge a complaint regarding your personal data.
If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us.
If you would like to discuss or exercise such rights, please contact us via the details below.
We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate.
4. INFORMATION SHARING
We may share your personal information with third parties under the following circumstances:
• Service providers and business partners. We may share your personal information with our service providers and business partners that perform marketing services and other business operations for us. For example, we may partner with other companies to process secure payments, fulfil orders, optimize our services, send newsletters and marketing emails, support email and messaging services and analyse information.
• Law enforcement agency, court, regulator, government authority or other third party. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.
• Asset purchasers. We may share your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this privacy notice.
5. INFORMATION SECURITY AND STORAGE
We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing.
We will keep your personal information for as long as we have a relationship with you, and for a period of SIX years after our relationship ceases. We will only retain your personal information after this time if we are required to do so to comply with the law, or if there are outstanding claims or complaints that will reasonably require your personal information to be retained.
6. INTERNATIONAL DATA TRANSFER
It is unlikely that your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law / by the European Commission. However, if this is likely to happen it will only be done with your prior consent.
7. CONTACT US
If you have questions or concerns regarding the way in which your personal information has been used, please contact us firstname.lastname@example.org
We are committed to working with you to obtain a fair resolution of any complaint or concern about your personal data or any other matter. If, however, you believe that we have not been able to assist with your complaint or concern regarding your personal data, you have the right to make a complaint to the Information Commissioner’s Office which is the data protection authority of the United Kingdom at ICO Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: 0303 123 1113 www.ico.org.uk