Bivonas Law LLP (“Bivonas”) respects your privacy and is committed to protecting your personal data. This Privacy Notice describes how we, as data controller, may collect, use, and share information about you in the course of operating our business and your rights in relation to that information.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Information we collect
We will collect and process personal information such as name, contact details, and any other details you give us at a meeting, during a telephone call or otherwise communicate to us in any way.
How we use your information
We use your personal information where one or more of the following applies:
- It is necessary for the performance of a contract with you or our client on your behalf.
- It is necessary in connection with a legal obligation.
- You have provided your consent to such use.
- We consider such use of your information as not detrimental to you, within your reasonable expectations, having a minimal impact on your privacy, and necessary to fulfil our legitimate interests.
- We are otherwise required or authorised by law.
How we may share your information
We may share your personal information with certain third parties where:
- You have consented for us to do so.
- We are under a legal, regulatory or professional obligation to do so.
- It is necessary for the purpose of, or in connection with, legal proceedings, or to exercise or defend legal rights.
- It is required or will assist us in providing our services.
We do not transfer your personal data outside the European Economic Area without your consent. We do not sell, rent or otherwise make personal information commercially available to any third party.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We have in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How we protect your information
We have put in place appropriate electronic or physical security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Third party links on our website
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
How long we keep your information
We are required by law to keep your basic personal data (name, address, contact details) and maintain your case file for a minimum of 6 years after which time it will be destroyed, unless we are required by our regulatory authorities to keep the data for a longer period.
You have certain rights regarding your personal information which we have collected and process on your behalf:
- Right of access: you have the right to request a copy of the information that we hold about you.
- Right of rectification: you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to withdraw consent: you have the right to withdraw consent at any time where we are relying on consent to process your personal data.
- Right to erasure: in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing: in certain circumstances you can apply to restrict the way your data is being processed.
- Right of portability: you have the right to have the data we hold about you transferred to another organisation.
- Right to object: you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling: you have the right not to be subject to the legal effects of automated processing or profiling.
- Right to judicial remedy: you have the right to a judicial review where you believe that your privacy rights have been infringed.
Accessing your data
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Questions and complaints
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), we would however prefer you to contact us first as we should be able to resolve any matter quickly and to your satisfaction.