This Privacy Notice is for information purposes only and it is not intended to be advice of any kind. Information provided on our website with regards to the services is offered with the belief that it is up to date and accurate. We are committed to providing a first class service both in terms of the services we provide and also the methods and practices used to achieve those goals.

We will always protect, respect and safeguard your personal data and your privacy whilst also requesting any other partners with who we share your data with, also abide by our high operating standards.

Who we are

TRP Limited is a law firm authorised and regulated by the Bar Standards Board licence no. 126967. It trades as The Reflective Practice.  TRP Limited is company no. 9647478 registered in England & Wales VAT no. 217 3542 23.  Our registered office is 2 Anderson Road, Bearwood, Birmingham B66 4AR but we prefer you to use email to contact us: enquiries@thereflectivepractice.co.uk

Our address for unavoidable post only is 85-87 Cornwall Street, Birmingham B3 3BY or DX 741120 B’ham 70.  Our website address is: http://thereflectivepractice.co.uk.

What personal data we collect

For the purpose of the Data Protection Act 1998 we are a Data Controller. The Information Commissioner’s Office have a public register and our registration number is ZA127813.  We were registered on 12 July 2015.

Please note that by instructing us or entering any other contract with us, you are agreeing to the following terms and conditions. It is advisable you take a little time to read these as they inform you of how we respect and treat your personal data, such information including:

  • Name;
  • Address;
  • Email address;
  • Your payment information;
  • Personal identification such as driving license or passport;
  • IP address;
  • Company name, address, email address and/or phone number;
  • Details of any legal case or prospective legal case you may be involved in ;
  • Medical or other professional information held;
  • Political religious or social standing information;
  • Any other personal identifiable data you disclose about yourself or your business.

We have tried to make this privacy notice clear, concise and easy to understand but if you have any questions, please contact us on enquiries@thereflectivepractice.co.uk. We will be able to supply you with further information or supporting literature as required.

Lawful Basis for Processing

Under the General Data Protection Regulation (“GDPR”) guidelines it is important we clearly explain how we operate, what processes we follow and also on what authority we process your personal data.

Operating under instructions either direct from lay clients or under the direction of a solicitor customer, we would generally have a “contractual” basis for lawful processing.

When instructed to do so, we may also process on a “legal obligation” basis and there may also be occasions when we are required to process your personal data under a “legitimate interests” basis.

With regards to any marketing campaigns we undertake, we would usually operate and send marketing information to clients under the terms of a “legitimate interest” basis, where that client has previously instructed us to act on their behalf.

Comments

If visitors leave comments on blog posts on our site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

Embedded content

Articles on this site might include embedded content from other websites (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We use Google for website analytics. The information that we collect through Google Analytics is data such as device information, location, IP addresses, gender and age information. We also collect language information, bounce rate, browser type, operating system used, Google cookie and other standard information but none of which is classed as personal identifiable data.  We collect this information so that we can use it to improve our website and also to improve the user experience

Marketing

We may use your personal data to communicate important legal updates, to invite you to seminars, conferences or events or other marketing materials. If you have instructed us in the last 3 years then we may do so on a “legitimate interest” basis.

Employment

If you are applying to join our employment we will ask you for your name, address, contact details and other information relevant to your application. This information will not be made available to any member of staff other than those involved in recruitment and your details will kept confidential.  Where we make a conditional job offer we may ask you for further information so that we can complete pre-joining checks.  You must successfully complete these checks in order to progress to a final offer. We are required to confirm your identity and your right to work in the UK and also seek assurance as your trustworthiness, integrity and reliability. We will therefore ask you to provide us with:

  • Proof of your identity – you will be asked to send us original personal identification documents and we will take copies.
  • Proof of your qualification – you will be asked to send us original documentation and we will take copies
  • Your information may be forwarded for a Criminal Records Check and you be invited to update us on any criminal convictions you may have.
  • You may be asked to complete a health questionnaire in order to advise us of any health issues you have so that we can make reasonable adjustments to accommodate you.
  • We will contact your referees, using the details you provide in your application in order to obtain references.
  • We will collect financial information from you such as your bank details and VAT registration number in order to process your salary payments.
  • We will collect details in order to allow us to contact your next of kin in the case of an emergency.

Why Do We Collect This Information?

We collect and store this information in order to allow us to assist you and provide you with legal services as a client. We understand this information will be personal data and sometimes sensitive data but we will always act to preserve the security and integrity of your data.

How Do We Process This Information?

Your personal data is processed in accordance with our terms and conditions and is only used as required for the sole purpose of legal duties and responsibilities to fulfil what is required under a lawful contract. We will not process your personal data for any other purpose except those requirements that we originally accepted your personal information for.

Where Do We Store Your Information?

The data that we collect from you will generally be stored electronically.  Since the company started in 2015, we have contract with “G Suite” part of Google for Business and all data is stored on their Safe Harbour compliant cloud platform.  This means that your data is stored outside of the European Economic Area (EEA).  G Suite is used by 5 million businesses worldwide including many multinational corporations.  For full details of their many data security practices go to:

https://storage.googleapis.com/gfw-touched-accounts-pdfs/google-cloud-security-and-compliance-whitepaper.pdf

How long do we retain your data?

We will keep your personal data for no longer than is necessary by law. We have put in place specific retention and deletion periods for how we hold different types of data which can be found in our Data Protection Policy, available on request.

Under the GDPR we are required to define deletion dates for all personal data that we hold and process and therefore we have a legal requirement to abide by these dates.  If however you request an extension to these dates, we then have your legal authority to extend these dates as requested.

If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights do you have over your data?

The GDPR gives rights to individuals in respect of the personal data that we hold about them.  In particular, you have:

  • The right of information access to confirm the details about the personal data that is being processed about you and to obtain a copy;
  • The right to rectification of any inaccurate personal data;
  • The right to erasure of personal data held about you in certain circumstances;
  • The right to restriction on the use of personal data held about you in certain circumstances;
  • The right to portability to include the right to receive data processed by automated means and have it transferred to another data controller; and
  • The right to object to the processing of your personal data in certain circumstances.

If you would like to exercise any of these rights then please contact us.

If you have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

External data processors are third parties who may provide support for our business in some way, such as accountancy.  We have GDPR compliant contracts in place with all of our external data processors.  This means they have a legal responsibility to ensure it is held securely and not accessed by unauthorised persons.

Visitor comments on the website may be checked through an automated spam detection service.

Email

We make every reasonable effort to ensure email communication is secure.  This includes using our cloud-based Gmail and the government-approved CJSM system. Please note though that transmission of data over the internet may still be intercepted and we cannot therefore be held liable for any loss of data transmission to or by us electronically.

Please let us know as soon as possible if you become aware of any failure, delay or error in sending or receiving emails from us. Our “email sent” records can be used to evidence that an email has been sent unless there is a clear administrative error.

How we protect your data

Where we ask you for personal data via our website or via other methods, we will maintain strict security standards and procedures to prevent unauthorised access to your data by anyone – including our staff. We will maintain appropriate technological measures to ensure the information you submit remains secure.

You must not misuse our website by knowingly introducing viruses, trojans, worms, or other malware or spyware software that is malicious or technologically harmful. You must not attempt to gain unauthorised access to our websites, our network, servers, computers or databases, including those that host our website.

Although we have made every effort to secure our IT systems, we are not liable for any loss or damage caused by a virus or other technologically harmful software that may infect your computer equipment, computer programs or data.

Social Media

We use social media such as Twitter as a tool in order to share knowledge of the business as a whole. We do however, reserve the right to remove any posts that are present on any of our social media sites that we deem to be incorrect, damaging, offensive, irrelevant, distasteful or otherwise not complying with our high standards.

Our liabilities to you

While we make every effort to ensure the information on our website is accurate, we do not warrant or guarantee its accuracy on any linked website. We are not therefore liable for any loss or damage resulting from any use, or inability to use, any linked website or any unauthorised access or reliance on any information on our own website.

We cannot guarantee that our website will be free from errors, defects, virus or alterations made outside of our control. If there is any difference between the information on our website and our corporate literature including documents, technical guides and policy documents, the corporate literature takes precedent.

In the unfortunate event you are dissatisfied by the service we provide you may complain in accordance with our complaints procedure.

These terms and the contents of our website are governed according to English Law and regulations and are subject to the exclusive jurisdiction of the English Courts.

Copyright

Copyright of all information published on our website or in corporate literature including photographs and images belongs to TRP Ltd  and may not be used, sold licensed, copied or reproduced in whole or in part in any way without our expressed agreement.