contact morgan, brown & company today

MBC Solicitors Data Protection Privacy Notice November 2020

Data Protection Privacy Notice


Your rights

The General Data Protection Regulations provide the following rights for individuals:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object

How we use your data
MBC Solicitors Ltd trading as Morgan Brown and Company Solicitors is registered as a Data Controller with the Information Commissioners Office. We will use the information that you give us to provide you with legal services, as per your instructions. We will keep your information confidential and will only use it for the purpose(s) for which it was provided or as is permitted in law (i.e. for dealing with complaints or regulatory investigations).

Data Processing Officer
Our data processing officer is Kim Flaherty. Any requests to access information should be made to her and a response will be provided within 28 days. If we cannot respond to your request within that timeframe we will let you know why.

Information Held

  • Individuals who contact us

    Where individuals contact us for information, we collect basic information such as name, contact details and the nature of their enquiry. Information will normally be used only for the purposes of responding to the enquiry.

  • Other individuals
    In the course of delivering legal services to our clients, or otherwise operating our business, we collect information relating to individuals who do not fall into any of the categories listed above. The information collected depends on which area of our business is responsible for the processing, but it includes:

    • your name and contact information, including address, email address and telephone number(s);
    • information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin;
    • your gender information;
    • your billing information, transaction and payment card information;
    • information about your business(es) or employment;
    • details of your assets and financial position. Such processing is necessary in order to protect our legitimate business interests, deliver a proper standard of service to our clients and to comply with our legal and regulatory obligations. In the vast majority of cases such information will be collected as part of a client matter and the information will therefore be held in accordance with the retention period that applies to that area of law. We will also, where practical, make efforts to redact and anonymize data where it is not necessary for individuals to be identified as part of any processing activities.

Where information is held
Information may be held at our offices, or on remote servers maintained by our IT consultants. Alternatively, it may be held by any of the third parties identified above. Some of these third parties may be based outside the European Economic Area (EEA). Territories outside the EEA countries generally do not have the same data protection laws as the UK and EEA. We will, however, take reasonable steps to ensure the transfer complies with data protection law and all personal information will be secure.

Keeping your personal data secure
Information may be held at our offices, or on backup servers maintained by our IT consultants. Alternatively, it may be held by any of the third parties listed above. Some of these third parties may be based outside the European Economic Area (EEA). Territories outside the EEA countries generally do not have the same data protection laws as the UK and EEA. We will, however, take reasonable steps to ensure the transfer complies with data protection law and all personal information will be secure.

Sharing information
If you are a client under the legal aid scheme then we may be required to share some or all of that information with the Legal Aid Agency and / or with our quality assurance auditors. We may need to share some or all of your information with quality assurance auditors for the purposes of their assessment of whether we are adhering to quality standards. Any examination will be strictly controlled and will be shared for the sole purpose of ensuring that our handling of your matter meets the requirements of the quality standard. Please let us know if you are happy for us to share that information. We may have to share some or all of your information with other third parties. This may include barristers; experts; and others who we need to instruct to assist us with your matter, the Legal Ombudsman (if you complain about our services) and the Solicitors Regulation Authority (the statutory body that regulates solicitors). In doing so we will always take care to ensure that your information remains confidential and safe. We will liaise with you during your case about which experts, barristers and other third parties we instruct on your behalf. [Further details are set out in our Terms and Conditions.]

How long will we hold your data?
We will only hold your information for as necessary to provide you with legal services and then for only so long as we are required either contractually or under our regulatory obligations. This will not be more than six years after the end of your case / matter. After this time, we will confidentially destroy all information that we hold about you (please see our terms and conditions which set out our procedures relating to storage and retrieval) other than your name, address and date of birth which we will be obliged to continue to hold for the purposes of ensuring that we never act for another client where doing so would conflict with our obligations of confidentiality to you