Sentinels Solicitors

Consumer and Injury Specialists

Contact us now
01925 759 510

GDPR

PRIVACY NOTICE

This privacy notice sets out information about Sentinels Solicitors Ltd privacy practices and your rights.

1 Introduction

Sentinels Solicitors Ltd takes the protection of your personal data seriously.

References to “Sentinels”, “we” or “us” in this Privacy Notice mean Sentinels Solicitors Ltd.

This Privacy Notice sets out information about Sentinels’ privacy practices and your rights.

We may amend this Privacy Notice at any time and for any reason. The updated version will be available on request.

2 Data protection laws

Sentinels is bound by the European Union (“EU”) General Data Protection Regulation 2016/679 (“GDPR”).

In this Privacy Notice, the terms personal data, controller, processor, data subject, consent, recipient, third party, processing and profiling have the meanings given to them in the GDPR.

3 Controller contact details

The controller for the processing of personal data under this Privacy Notice is:

Sentinels Solicitors Ltd, 792 Wilmslow Road, Didsbury, Manchester, M20 6UG

Telephone: +44 1925 759 510
Email: njb@sentinelssolicitors.co.uk
Website: www.sentinelssolicitors.co.uk

4 Data Protection Officer contact details

If you have any questions about this Privacy Notice or about our personal data processing practices, or if you wish to exercise any of your rights as a data subject, you may contact Sentinels’ Data Protection Officer, Nicholas Bettridge at the above address, email and telephone number.

5 Lead supervisory authority contact details

If you have a complaint about our personal data processing practices, you should first contact Nick Bettridge. If you are not satisfied with our response, you have the right to lodge your complaint with the following supervisory authority:

Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom
Telephone: +44 (0) 303 123 1113
Email: casework@rco.org.uk
Website: https://ico.org.uk

If you are located outside the EU or the UK, you may also contact your local data protection authority.

6 Specific situations in which we may process your personal data

Sentinels collects and processes personal data in a number of different situations.

6.1 Clients

We will process certain personal data about clients who are individuals.

Types of personal data we collect

To engage and serve you as a client, we will need to collect personal data about you, including your name, position, address, contact details and business details. We may also collect data on the industry in which you operate and your business and personal interests.

In some countries, we may be required by law to collect certain identifying information about you. This may include your name, address, identification or business numbers. We may also be required to view or take a copy of your passport or identity documents.

In the course of your matter, we may collect other personal data about you that is relevant to the matter.

Generally, we will obtain this personal data directly from you. Sometimes, we may obtain personal data about you from third parties (for example, a doctor may provide a report about your health) or public sources (for example, we may obtain data about your directorships from a company search).

Purposes of processing

(a) We will process your personal data for the purpose of providing legal and other professional services to you and for other purposes related to that purpose (for example, to carry out conflict checks, to comply with anti-money laundering and terrorism financing laws, and to send you invoices).

(b) We may also use your contact details and interests to manage and develop our relationship with you and to send you communications about our services and firm events.

Legal basis for processing under the GDPR

When you become a client, you enter into a contract with Sentinels for the provision of services. The processing described in paragraph (a) above is necessary for taking steps to enter into that contract, or for the performance of that contract. Some of that processing is necessary to comply with applicable laws (for example, legal practice rules or anti-money laundering and terrorism financing laws).

The processing described in paragraph (b) above is necessary for the purposes of Sentinels’ legitimate interests in developing and growing its business. See section 7 below for more details about Sentinels’ legitimate interests.

Recipients or categories of recipients

We may disclose your personal data to third parties who provide administrative, storage, telecommunications, information technology and other services to us in support of our business. However, we will ensure that all such suppliers are subject to obligations not to use or disclose that data.

For the purposes of your matter, we may disclose your personal data to third parties who provide services which assist us with your matter and to third parties who are involved in the matter.

In some countries, we are required by law to provide your personal data to government authorities.

In exceptional circumstances, we may be required or permitted by law to disclose personal data, for example to law enforcement authorities or to prevent a serious threat to public safety.

Transfers

We may transfer your personal data overseas.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

When a client matter involves obtaining legal or other professional advice from another country, we may need to transfer details about the client matter, including your personal data, to a third party in that country.

See section 8 below for information about the safeguards Sentinels adopts when transferring personal data overseas.

Retention period

Sentinels will only retain personal data for as long as it has a legitimate purpose to do so. Sentinels will need to retain personal data for commercial and legal purposes. How long it will need to retain personal data for these purposes will depend on the specific personal data.

Sentinels generally retains client documentation and matter files for at least 6 years after the end of the matter, in case a dispute arises in relation to the matter. It may retain some client matter files for longer than this (for example, property related matters).

Sentinels is required to retain certain client and matter information for a specified period by corporate and tax laws, legal industry regulations and our insurance providers.

Once Sentinels has no legal or commercial reasons to retain personal data, it will be securely deleted or destroyed.

Requirement to provide personal data

As a client, it is mandatory to provide us with basic personal data such as your name and contact details. If you do not provide this data, we will not be able to act for you.

In some countries, we are required by law to collect certain personal data about you. If you do not provide this data, we will not be able to act for you, for example we are required to obtain and use your National Insurance number if you have one to pursue a claim for personal injuries.

It is optional to provide most other personal data. However, in many cases, if you do not provide that data, the advice and services we can provide to you may be limited or may not take into account your particular circumstances.

6.2 Officers, employees or contractors of clients

We may collect personal data from officers, employees or contractors of clients which are organisations.

Types of personal data we collect

To engage and serve your organisation as a client, we may need to collect personal data about you, including your name, position, address, contact details and business details. We may also collect data on the industry in which your organisation operates and your business and personal interests.

In some countries, we may be required by law to collect certain identifying information about you. This may include your name, address, identification or business numbers. We may also be required to view or take a copy of your passport or identity documents.

In the course of your matter, we may collect other personal data about you that is relevant to the matter.

Generally, we will obtain this personal data directly from you. Sometimes, we may obtain personal data about you from third parties (for example, a doctor may provide a report about your health) or public sources (for example, we may obtain data about your directorships from a company search).

Purposes of processing

We will process your personal data for the purpose of providing legal and other professional services to you and for other purposes related to that purpose (for example, to carry out conflict checks, to comply with anti-money laundering and terrorism financing laws, and to send you invoices).

We may also use your contact details and interests to manage and develop our relationship with you and to send you communications about our services and firm events.

Legal basis for processing

The processing described above is necessary for the purposes of Sentinels’ legitimate interests in operating a law firm which provides legal and other professional services to its clients and in developing and growing our business. See section 7 below for more details about Sentinels’ legitimate interests.

Some of that processing is necessary to comply with applicable laws (for example, legal practice rules or anti-money laundering and terrorism financing laws).

Recipients or categories of recipients

We may disclose your personal data to third parties who provide administrative, storage, telecommunications, information technology and other services to us in support of our business. However, we will ensure that all such suppliers are subject to obligations not to use or disclose that data.

For the purposes of your matter, we may disclose your personal data to third parties who provide services which assist us with your matter and to third parties who are involved in the matter.

In some countries, we are required by law to provide your personal data to government authorities.

In exceptional circumstances, we may be required or permitted by law to disclose personal data, for example to law enforcement authorities or to prevent a serious threat to public safety.

Transfers

We may transfer your personal data overseas.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

When a client matter involves obtaining legal or other professional advice from another country, we may need to transfer details about the client matter, including your personal data, to a third party in that country.

See section 8 below for information about the safeguards Sentinels adopts when transferring personal data overseas.

Retention period

Sentinels will only retain personal data for as long as it has a legitimate purpose to do so. Sentinels will need to retain personal data for commercial and legal purposes. How long it will need to retain personal data for these purposes will depend on the specific personal data.

Sentinels generally retains client documentation and matter files for at least 6 years after the end of the matter, in case a dispute arises in relation to the matter. It may retain some client matter files for longer than this (for example, property related matters).

Sentinels is required to retain certain client and matter information for a specified period by corporate and tax laws, legal industry regulations and our insurance providers.

Once Sentinels has no legal or commercial reasons to retain personal data, it will be securely deleted or destroyed.

Requirement to provide personal data

As a client, it is mandatory to provide us with basic personal data such as your name and contact details. If you do not provide this data, we will not be able to act for you.

In some countries, we are required by law to collect certain personal data about you. If you do not provide this data, we will not be able to act for you.

It is optional to provide most other personal data. However, in many cases, if you do not provide that data, the advice and services we can provide to you may be limited or may not take into account your particular circumstances.

6.3 Individuals involved in or connected with a client matter

In the course of a client matter, we may collect certain personal data about individuals who are involved in or connected with the matter. This may include claimants, policyholders, witnesses, investigators, experts, advisors and consultants, and individuals connected with any other parties involved in the matter.

Types of personal data we collect

In the course of a matter, we may collect personal data about individuals who are involved in or connected with the matter. The types of personal data we collect will depend on what is necessary for and relevant to the matter.

Basic personal data we collect include names, addresses, contact details and job/business details. We may also collect identifying details such as date of birth, national insurance numbers and identification numbers. If the matter relates to an insurance claim, we will collect personal data that is relevant to that claim, such as the circumstances of the incident, ownership of a motor vehicle, or the nature of any injuries suffered. It may also include information like credit history and electoral roll details. The personal data we collect may also include special categories of personal data if relevant to a matter, such as disability, health and medical information.

Depending on the circumstances, we may obtain this personal data directly from the individual, from third parties or public sources. We may obtain personal data from third parties including investigators, doctors, experts, insurers, witnesses and other parties involved in the matter. We may collect personal data from public sources including social media, company records, the land registry, births deaths and marriages, insurance industry databases, credit reporting agencies and the electoral roll.

Purposes of processing

We process your personal data for the purpose of providing legal and other professional services to our client and for other purposes related to the provision of these services (for example, to gather evidence, to identify witnesses and to conduct legal proceedings).

If the matter relates to an insurance claim, our intelligence team may process your personal data in the course of conducting investigations and analysis on that claim for our client. These investigations may involve tracing people connected with the claim, conducting background research on claimants, or determining whether a claim is fraudulent.

Legal basis for processing under the GDPR

The processing described above is necessary for the purposes of Sentinels’ legitimate interests in operating a law firm which provides legal and other professional services to its clients. See section 7 below for more details about Sentinels’ legitimate interests.

The processing by our intelligence team to determine whether a claim is fraudulent is necessary for the purposes of insurers’, policyholders’ and the public’s legitimate interests in administering claims efficiently, identifying potentially fraudulent claims and helping prevent insurance fraud.

Recipients or categories of recipients

We may disclose your personal data to third parties who provide administrative, storage, telecommunications, information technology and other services to us in support of our business. However, we will ensure that all such suppliers are subject to obligations not to use or disclose that data.

We may disclose your personal data to our client or to third parties who provide services to our client in support of its business. For example, if our intelligence team identifies a person who has posted to social media about an incident and may be a potential witness, we will provide that person’s details to our client.

We may disclose your personal data to third parties who provide legal and non-legal services which assist us with the matter. For example, we may disclose your data to barristers, investigators, experts, or translators, if that is necessary for the conduct of the matter.

We may disclose your personal data to third parties who are involved in the matter. For example, when we file court documents in a legal proceeding, that will involve providing any personal data contained in those court documents to the court and the other parties involved in the proceeding.

We may disclose your personal data to public authorities or registrars if necessary for the conduct of the matter. For example, in a property transaction, we will need to disclose your personal data to the land registry.

In exceptional circumstances, we may be required or permitted by law to disclose personal data, for example to law enforcement authorities or to prevent a serious threat to public safety.

Transfers

We may transfer your personal data overseas.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

See section 8 below for information about the safeguards Sentinels adopts when transferring personal data overseas.

Retention period

Sentinels will only retain personal data for as long as it has a legitimate purpose to do so. We will need to retain personal data for commercial and legal purposes. How long we will need to retain personal data for these purposes will depend on the specific personal data.

Sentinels generally retains client matter files for at least 6 years after the end of the matter, in case a dispute arises in relation to the matter. It may retain some client matter files for longer than this (for example, property related matters).

If the matter relates to an insurance claim, our intelligence team may retain your personal data indefinitely to assist in future investigations.

Sentinels is required to retain certain matter information for a specified period by corporate and tax laws, legal industry regulations and our insurance providers.

Once Sentinels has no legal or commercial reasons to retain personal data, it will be securely deleted or destroyed.

Requirement to provide personal data

It is optional to provide most of the above personal data. However, in many cases, if you do not provide that data, it may affect your participation in and rights in relation to the matter.

6.4 Subject-matter experts and barristers

Sentinels will collect certain personal data about experts and barristers who assist or advise (or may potentially advise or assist) Sentinels in relation to a client matter. This may include doctors, psychologists, forensic experts and other subject matter experts.

Types of personal data we collect

To engage you as an expert, we will need to collect personal data about you, including your name, position, address, contact details, business details, qualifications, experience and performance.

We may obtain this data directly from you, from third parties (for example, recommendations from clients) or from public sources (for example, a website or directory).

Purposes of processing

(a) We may process your personal data for the purpose of providing your expert services as part of our legal and other professional services to our client and for other purposes related to that purpose (for example, to pay you for your services).

(b) We may also add you to our internal experts’ database, so that other lawyers within the firm can see your expertise and contact you for future matters.

(c) With your consent, we may disclose your details to other Sentinels’ clients and other third parties (such as counsel, co-defendants and claimants’ solicitors) for the purpose of considering whether to instruct you in relation to future matters.

Legal basis for processing under the GDPR

When you provide expert services to Sentinels, you enter into a contract with Sentinels for the provision of services. The processing described in paragraph (a) above is necessary for taking steps to enter into that contract, or for the performance of that contract.

The processing in paragraph (b) above is necessary for the purposes of Sentinels’ legitimate interests in operating a law firm which provides legal and claims processing services to clients. See section 7 below for more details about Sentinels’ legitimate interests.

The processing in paragraph (c) above is based on your consent.

Recipients or categories of recipients

We may disclose your personal data to third parties who provide administrative, storage, telecommunications, information technology and other services to us in support of our business. However, we will ensure that all such suppliers are subject to obligations not to use or disclose that data.

We may disclose your personal data to our client in the course of providing legal and other professional services to them.

We may disclose your personal data to third parties who provide legal and non-legal services which assist us with the matter. For example, we may disclose your data to a barrister, an investigator or a translation service, if that is necessary for the conduct of the matter.

We may disclose your personal data to third parties who are involved in the matter. For example, when we file court documents in a legal proceeding, that will involve providing any personal data contained in those court documents to the court and the other parties involved in the proceeding.

With your consent, we may also disclose your personal data to other Sentinels clients who require your expertise.

In exceptional circumstances, we may be required or permitted by law to disclose personal data, for example to law enforcement authorities or to prevent a serious threat to public safety.

Transfers

We may transfer your personal data overseas.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

See section 8 below for information about the safeguards Sentinels adopts when transferring personal data overseas.

Retention period

Sentinels will only retain personal data for as long as it has a legitimate purpose to do so. Sentinels will need to retain personal data for commercial and legal purposes. How long it will need to retain personal data for these purposes will depend on the specific personal data.

Sentinels will generally retain your personal data on our experts’ database for at least six years after you last provided services to us.

Sentinels generally retains client matter files for at least 6 years after the end of the matter, in case a dispute arises in relation to the matter. It may retain some client matter files for longer than this (for example, property related matters).

Sentinels is required to retain certain matter information for a specified period by corporate and tax laws, legal industry regulations and our insurance providers.

Once Sentinels has no legal or commercial reasons to retain personal data, it will be securely deleted or destroyed.

Requirement to provide personal data

It is optional to provide most of the above personal data. However, in many cases, if you do not provide that data, it may affect your participation in and rights in relation to the matter.

6.5 Contacting us with a query

Sentinels will collect certain personal data about you if you contact us with a query, by mail, email, or through our website.

Types of personal data we collect

We may collect your name and contact details, and any other personal data in your correspondence to us.

Purposes of processing

We may use your personal data to respond to your query.

Legal basis for processing

The processing described above is necessary for the purposes of Sentinels’ legitimate interests in operating a law firm which provides legal and other professional services to clients. See section 7 below for more details about Sentinels’ legitimate interests.

Recipients or categories of recipients

We may disclose your personal data to third parties who provide administrative, storage, telecommunications, information technology and other services to us in support of our business. However, we will ensure that all such suppliers are subject to obligations not to use or disclose that data.

Otherwise, we will not disclose your personal data outside Sentinels, unless that is necessary to respond to your query.

Transfers

We may transfer your personal data overseas.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

See section 8 below for information about the safeguards Sentinels adopts when transferring personal data overseas.

Retention period

Sentinels will only retain personal data for as long as it has a legitimate purpose to do so. Sentinels will need to retain personal data for commercial and legal purposes. How long it will need to retain personal data for these purposes will depend on the specific personal data.

Sentinels may retain your personal data for as long as it takes to respond to your query. After we have responded to your query, we may retain your personal data for follow up or record-keeping purposes.

Once Sentinels has no legal or commercial reasons to retain personal data, it will be securely deleted or destroyed.

Requirement to provide personal data

You may choose what personal data you provide when you send us a query.

7 Legitimate interests

As noted in section 6 above, in some situations, Sentinels may process your personal data on the basis of its “legitimate interests”.

As such, Sentinels has a legitimate interest in:

providing legal services (such as advice and litigation), claims handling services (such as claims administration, management and processing) and other professional services (such as debtor and asset tracing) to its clients, ensuring those services are of high quality, and complying with all regulations which apply to the provision of those services;

developing and growing its business and its relationships, understanding the needs of its clients and prospective clients, and providing insights and commentary on legal issues; and

employing and managing its partners, employees and contractors.

Sentinels will only rely on those legitimate interests to process personal data where:

the processing is necessary for the purposes of those for the purposes of those legitimate interests; and

those legitimate interests are not overridden by the data subject’s interests or fundamental rights and freedoms.

8 Transfers

As noted in section 6 above, Sentinels may transfer your personal data to other countries.

The information systems of Sentinels are hosted on central servers located in the United Kingdom and USA. Any personal data that we store on our systems will be transferred to one of those locations.

When a matter involves obtaining legal or other professional advice from another country, we may need to transfer details about the matter, including personal data, to a third party in that country.

For the purposes of the GDPR, the European Commission issues adequacy decisions on the data privacy laws of non-EU countries. The majority of countries to which Sentinels may transfer personal data are not covered by an EC adequacy decision. However, many of them do have local data privacy laws which are similar to the GDPR.

In addition, Sentinels adopts following safeguards when transferring personal data overseas:

Sentinels will always make such transfers in accordance with the requirements of the data privacy laws of your home country;

Sentinels will require that any overseas third party to which it discloses your personal data to: (a) only use that personal data for the purposes for which it was disclosed; (b) use all technical and organisational measures which are reasonable in the circumstances to secure that personal data; (c) delete that personal data when it is no longer required; and (d) treat that personal data in accordance with this Privacy Notice and their local data privacy law; and

9 Automated decision-making including profiling

Sentinels does not engage in any automated decision-making or profiling.

“Automated decision-making” means a decision based solely on automated processing of personal data (without human intervention) which produces legal effects concerning the person or otherwise significantly affects the person.

“Profiling” is a form of automated decision-making. It uses personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements. Profiling is generally associated with systems based on artificial intelligence and machine learning. A system will be provided with a set of personal data and trained to identify correlations, and to then use those correlations to predict future behaviour by individuals.

10 Your rights

If you are located in the European Union or the United Kingdom

If you are located in the EU or the UK, you have certain rights in relation to your personal data as follows:

Access: You have the right to obtain access to and a copy of any personal data we hold about you. You also have the right to find out whether your personal data has been transferred outside the EU and any safeguards relating to this transfer.

Rectification: If you consider that any personal data we hold about you is incorrect or incomplete, you have the right to ask us to correct or complete that personal data.

Erasure: In certain circumstances, you have the right to ask us to erase any personal data we hold about you.

Restriction of processing: In certain circumstances, you have the right to ask us not to process your personal data for certain purposes.

Objection to processing: In certain circumstances, you have the right to object to us processing your personal data for certain purposes.

Data portability: In certain circumstances, you have the right to request a copy of your personal data in a structured, commonly used and machine-readable format.

Withdrawing consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.

For more information about these rights, visit https://ico.org.uk/for-the-public/.

To make a request pursuant to these rights, contact Sentinels’ Data Protection Officer (see section 3 above).

If you are located outside the European Union and the United Kingdom

If you are not located in the EU or the UK, you may still have rights in relation to your personal data under your local data privacy law. Many countries provide data subjects with a right to seek access to any personal data we hold about you, and to request correction of that data if it is incorrect.

To make a request pursuant to these rights, contact Sentinels’ Data Protection Officer (see section 3 above).

Share This!
Show Buttons
Hide Buttons