The purpose of this policy is to set out the basis on which personal data we collect from you, or that you provide to us, will be processed by Waller Pollins Goldstein. The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”).
When we refer to personal information we mean any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Under data protection legislation it is known as personal data. Some personal information will identify you directly – for example, Passport Number.
Whilst working on your matter we may collect various categories of personal information. Typically, this will include, but is not limited to:
We may record, use and store any telephone, postal, e-mail or other electronic communications provided by you. This is to ensure that we can refer back to any instruction you may have given to us as well as to ensure that the information we provide you with is accurate.
You may browse our website without telling us who you are or revealing any personal information about yourself. The information we collect whist you are using the web site, is only that which is required by us so that we may deliver the site functionality, information you have requested or searched for and to provide you with our services.
All the personal data we collect in relation to our clients is directly related to the processing of matters we have been instructed to perform. The data we request enables Waller Pollins Goldstein to perform its work as regulated by the Solicitors Regulatory Authority (SRA).
The personal information we collect is used to:
Under GDPR clients have the right to “be forgotten” and for their personal data be removed from the Waller Pollins Goldstein systems. Clients may request to “be forgotten” by writing to the Data Protection Officer at Waller Pollins Goldstein. However, due to SRA and regulatory requirements, this can only be actioned if the matter has been completed for at least 6 years, and if there are no business or regulatory need to maintain the data. No reasonable request to “be forgotten” will be rejected, and in these circumstances personal data will be removed from the systems.
Under GDPR clients may request access to their own personal data held by this firm. This request must be made in writing to the Data Protection Officer. In such circumstances details of the private information being held will be made available, and copies of correspondence which contain this information will be sent to the requestor. Copies of requested data will be provided within 1 month of the request being submitted.
Your data will be stored securely in line with industry best practice. The security measures in place are reviewed annually;
For further information please contact the Data Protection Officer.