This Policy applies when you visit our website www.kbgchambers.co.uk. It also applies where we are in contact with you in other ways in your capacity as an individual or as a director, shareholder, partner, employee or other representative of a company or other organisation.
Who we are
We are KBG Chambers, at 115 North Hill, Plymouth, Devon, PL4 8JY We are registered with the UK Information Commissioner’s Office (“ICO”) under registration number Z755881X
KBG Chambers, 115 North Hill, Plymouth, Devon, PL4 8JY. By email: firstname.lastname@example.org By telephone: 01752 221551
Data protection principles
KBG Chambers adheres to the following principles when processing your personal information as data controller:
Lawfulness, fairness and transparency – data must be processed lawfully, fairly and in a transparent manner.
Purpose limitation - data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimisation - data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
Accuracy - data must be accurate and, where necessary, kept up to date.
Storage limitation - data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal information are processed.
Integrity and confidentiality - data must be processed in a manner that ensures appropriate security of the personal information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
Information we may collect
Information you provide us with
You may choose to provide us with personal data when you are introduced to us, when we meet you in person, or when we are in contact by phone, email, via. our website or otherwise. The categories of personal information you provide may include:
• first and last name
• job title and company name;
• email address;
• phone number;
• mailing address
• bank details;
• marketing and communications data including your preference in receiving marketing from us and your communication preferences;
• any other identifier that permits KBG to make contact with you.
Information we collect from third parties
We collect most of this information from you directly. However, we also collect information about you:
• from publicly accessible sources, e.g. Companies House, Legal 500, Chambers and Partners;
• from third party sources of information;
• which you have made public on websites associated with you or your company or on social media platforms such as LinkedIn;
• from a third party, e.g. a person who has introduced you to us or other professionals (such as solicitors) you may engage.
Information we collect online
We collect, store, and use information about your visits to our website and about your computer, tablet, mobile or other device through which you access the website. This includes the following information:
technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location; and information about your visits and use of the Site, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and website navigation and search terms used.
Sensitive categories of (“Sensitive”) personal data
We do not generally seek to collect sensitive personal information through our website. Sensitive personal information is information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; health or sex life, sexual orientation; genetic or biometric information. If we do collect sensitive personal information, we will ask for your explicit consent to our proposed use of that information at the time of collection.
Our website is not intended for or directed at children under the age of 16 years and we do not knowingly collect data relating to children under this age.
How we use your information
As data controllers, KBG Chambers will only use your personal information if we have a legal basis for doing so. The purpose for which we use and process your information and the legal basis on which we carry out each type of processing is explained in the table below.
Purposes for which we will process the information
Legal Basis for the processing
To provide you with information and services that you request from us.
It is in our legitimate interests to respond to your queries and provide any information and materials requested in order to generate and develop business. To ensure we offer an efficient service, we consider this use to be proportionate and will not be prejudicial or detrimental to you.
To enforce the terms and conditions and any contracts entered into with you.
It is in our legitimate interests to enforce our terms and conditions of service. We consider this use to be necessary for our legitimate interests and proportionate.
To send you alerts, newsletters, bulletins, announcements, and other communications concerning KBG Chambers, legal developments or notifications we believe may be of interest to you.
It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
To invite you to seminars, events, or other functions we believe may be of interest to you.
It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you. You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
For market research purposes to measure or understand the effectiveness of any marketing we provide to you and others, and to deliver relevant marketing to you.
It is in our legitimate interests to continually improve our offering and to develop our business. We consider this use to be necessary in order to effectively generate business and will not be prejudicial or detrimental to you.
To send you information regarding changes to our policies, other terms and conditions and other administrative information.
It is in our legitimate interests to ensure that any changes to our policies and other terms are communicated to you. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
To administer our website including troubleshooting, data analysis, testing, research, statistical and survey purposes;
To improve websites to ensure that consent is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access the websites; and
To keep our websites safe and secure.
For all these categories, it is in our legitimate interests to continually monitor and improve our services and your experience of the Sites and to ensure network security. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
Where you provide consent, you can withdraw your consent at any time and free of charge, but without affecting the lawfulness of processing based on consent before its withdrawal. You can update your details or change your privacy preferences by contacting us as provided in “Contacting us” above.
KBG Chambers will only use your personal information for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you in a timely manner and we will explain the legal basis which allows us to do so.
For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged as a client, we need your consent to send you unsolicited email marketing. Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal. You have the right to opt out of receiving email marketing communications from us at any time by: contacting our Privacy Officer using the contact details set out above; or using the “unsubscribe” link in emails.
Third party processors
• with KBG Chambers, staff, pupil barristers, mini-pupils and consultants based in the UK;
• suppliers providing marketing services to us, or with whom we are conducting joint marketing exercises
• our service providers who assist with the running of our website
• our office services including our diary management services, accountancy and banking services, IT support services, data storage and back up services, and email security services.
Our third party processors are subject to security and confidentiality obligations and are only permitted to process your personal information for specified purposes and in accordance with our instructions. In addition, KBG Chambers may disclose information about you:
• if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation;
• if necessary to protect the vital interests of a person
• ;to enforce or apply our terms and conditions or to establish, exercise or defend the rights of KBG Chambers, our staff, clients, members of KBG Chambers or others;
In the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets; and if all or substantially all of KBG Chambers’ assets are acquired by a third party, in which case personal information held by it about its clients will be one of the transferred assets.
Your personal data may be transferred, stored, and processed, outside of the European Economic Area. Regardless of where your personal data is transferred, we shall ensure that your personal data is safe and shall take all steps reasonably necessary to put in place appropriate safeguards to ensure that your personal data is treated securely and in accordance with this Policy and applicable law. Details regarding these safeguards can be obtained by contacting us or our Privacy Officer (see details above).
Security of your information
We are committed to ensuring that your information is secure. We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorized access. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal information. Despite these precautions, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted over the internet or that unauthorised persons will not obtain access to personal information. In the event of a data breach, KBG Chambers have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so. If you have any questions about security on our website, you can contact us as our Privacy Officer using the contact details set out above.
How long we keep your personal data
Your personal information will not be kept for longer than is necessary for the purposes for which it was collected and processed. We will retain your personal information for as long as your account is active or as needed to provide you with services or products you have requested. The criteria we use for retaining different types of personal information, includes the following: General queries - when you make an enquiry or contact us by email or telephone, we will retain your information for as long as necessary to respond to your queries. After this period, we will not hold your personal information for longer than necessary if we have not had any active subsequent contact with you;
Direct marketing - where we hold your personal information on our database for direct marketing purposes, we will retain your information for no longer than two years if we have not had any active subsequent contact with you.
Legal and regulatory requirements - we may need to retain personal information for up 15 years after we cease providing services to you where necessary to comply with our legal obligations, resolve disputes or enforce our terms and conditions.
Access to and updating your personal data
You have the right to access information which we hold about you (“data subject access request”). You may also have the right to receive personal information which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means. We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. Please keep us informed if your personal information changes during your relationship with us.
Right to object
You have the right to object at any time to our processing of your personal information for direct marketing purposes.
Where we process your information based on our legitimate interests.
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Your other rights
You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete. In certain circumstances, you have the right to: request the erasure of your personal information erasure (“right to be forgotten”);
restrict the processing of your personal information to processing in certain circumstances. Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. For example, we may refuse a request for erasure of personal information where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive.
Exercising your rights
You can exercise any of your rights as described in this policy and under data protection laws by contacting the Privacy Officer. Save as described in this Policy or provided under applicable data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or
refuse to act on the request. Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
Our website may, from time to time, contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Emails which you send to us or which we send to you may be monitored by us to ensure compliance with professional standards and our internal compliance policies. Monitoring is not continuous or routine but may be undertaken on the instruction of the Head(s) of Chamber(s) or Senior Clerk where there are reasonable grounds for doing so.
You should address your complaints to our Privacy Officer whose details are set out above. You may also refer to our Complaints Policy.
In addition, you have the right to complain to the Information Commissioner’s Office about our data processing activities in relation to your personal information if you think they infringe applicable data protection laws (ICO helpline on 0303 123 1113).
Changes to the policy
We may change this Policy from time to time. The current version will always be available from us in hard copy or on our website. We will post a prominent notice on our website to notify you of any significant changes to this Policy or update you by other appropriate means.