This is a privacy notice for KLS Law of 850 Ibis Court, Lakeside Drive, Warrington,WA1 1RL, who also trade as Cycle Accident Claims and is referred to as “we” or “us” in this Notice. We are authorised and regulated by The Solicitors Regulation Authority (No. 496029).
We understand that your privacy is extremely important. As a result we have put in place many measures to ensure that any personal data we obtain from you is processed and maintained in accordance with the General Data Protection Regulation 2016 (GDPR). This statement provides you with details of the type of information we may hold about you, how we obtain and use the information and how we protect your privacy.
Security of Personal Data
Security of personal data is our priority, we protect this information by maintaining physical, electronic and procedural safeguards that meet or exceed applicable law. We train our employees in the handling of personal information. When we use other companies to provide services to us, we also require them to protect the confidentiality of the personal information that they receive to a similar or increased level.
Collecting Personal Data
The personal data that we will collect will be, but not limited to, name, address, email address, date of birth, occupation and bank account details and in certain circumstances medical records if as a result of a personal injury claim.
How we use your information
We may use the personal data we hold about you in the following ways:
- For verifying your identity and to establish the funding of any work that we do on your behalf.
- For handling your claim or transaction, providing legal advice, carrying out litigation and any other related purpose. Where funding is being provided by a family member or third party, we may need to ask that they provide personal information and any information provided will also be subject to the terms of this Data Privacy Notice
- Keeping financial records of your legal transactions and those we make on your behalf.
- Seeking advice or reports from third parties in connection with your matter.
- Responding to any complaint or allegation of negligence against us.
- Internal management, supervision and planning
- To provide you with information, products or services that you request from us or which we feel may interest you - where you have consented to be contacted for such purposes.
- To notify you about changes to our service – this is for our legal and regulatory obligations.
- To safeguard against fraud and money laundering and to meet general legal or regulatory obligations.
Sensitive data may be required by us as part of handling your claim or transaction. Such information could include but is not limited to obtaining copies of your medical records. The provision of such data is conditional for us to be able to deal with your matter as without your consent for us to process such data, this may result in us not being able to continue to deal with your claim or transaction. Where such data is provided to us, it will only be used for the purposes set out above, and will be treated securely and in line with this notice.
Sharing your information
We may disclose your personal information to any of our staff, third parties involved in providing products or services to us, or to service providers who perform services on our behalf where it is reasonable to do so. (If consent is necessary to facilitate this sharing we will ensure it is obtained prior to processing).
- A Court or Tribunal
- The Solicitor or Insurer acting on the other side of your matter
- Legal Counsel
- Medical Service Providers including MedCo Registration Solutions in order to obtain advice or assistance in your matter
- Engineers or Accountants in order to obtain reports on liability or quantum of your claim
- Your Motor Insurer in a road traffic accident claim in order to discuss liability and any evidence they hold and outcome of any claim
- The insurance company funding a ‘no win no fee” agreement or Before the Event Insurance
- Fraud detection agencies
- Loss Adjustors
- External Law Firms
- External Auditors
- Regulatory authorities including the Solicitors Regulation Authority under whom we are regulated.
We may be legally obliged to disclose your personal information to the extent that we are required to by law in connection with any ongoing prospective legal proceedings in order toestablish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing risk).
We may also disclose your personal information:
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. If the company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
To protect the rights, property, or safety of our customers or others.
We may transfer your personal data to destinations outside the European Economic Area (“EEA”). Where we transfer your personal data outside of the EEA, we will ensure that it is treated securely, and in accordance with this privacy notice and the Legislation. We only transfer data to countries deemed as having adequate protection by the European Commission.
Subject Access Request
You may instruct us to provide you with any personal information we hold about you, via a ‘Subject Access Request’. Upon receipt of such request we will, after confirming identity, provide all relevant data we may hold to you in the most practical format unless otherwise stipulated and reasonably possible within 30 days. We will not charge you to do so, however we may charge you for duplicate copies should this be part of your request.
Right of Rectification
You are entitled to have your personal data rectified if inaccurate or incomplete and we will respond to a rectification request within one month if not deemed complex. We will also inform related third parties where possible if the personal data was disclosed to them.
Right of Erasure
You have ‘The right to be forgotten’ or right to erasure if there is no compelling reason for possession and continued processing of your data. Specific circumstances stated by the Information Commissioner Office include:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
The personal data has to be erased in order to comply with a legal obligation
Right of Portability
You have the right to ask us to transfer your data in a structured, commonly used and machine - readable format and also have the right to transmit data to another controller.
Right to withdraw consent
You have the right to ask us to not process your data for marketing purposes.
Right to lodge a complaint
If you have a complaint or concern over how your data has or will be used or feel that we have not dealt with your request to your satisfaction please contact our Data Information Officer Emma Parkinson who can be contacted as follows:
If you feel that we have not dealt with your request satisfactorily you do have ultimate recourse to refer your complaint to the ICO (Information Commissioner Officer). You can find out more details by visiting https://ico.org.uk or calling 0303 123 1113.
Where you have provided consent, we may share personal data that you provide to us with other companies with whom we have commercial links. They and we may contact you (by mail, e-mail, telephone, text, or other agreed means) in order to tell you about products, services or offers that we believe will be of interest to you, or to provide you with commercial updates.
Opting out of Marketing
We want to make it easy for you to make your own choices as to what information you receive from us and how we contact you. Therefore, whether you are an existing, former or prospective client we will always remind you of your right to opt out of future marketing related communications each time we send such correspondence to you. You can elect not to receive any marketing related communications from us at all, or request that you only receive certain types of communication.
Basis for processing your data
Your personal data will only be obtained, held, used or disclosed if you have either given consent to do so ; there is a contract to provide legal services or we have another legitimate interest allowing us to do so. We understand that "consent" means you have been fully informed of the intended processing of your personal data and have signified your acceptance.
How long we keep your data
Your data will not be retained for longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of six (6) years following the closure of claim or transaction , unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.
What are Cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website
Additionally, we may use third party software to better understand your preferences and behaviour while on our website in order to personalise your experience and understand current trends.
This software may include (but is not limited to):
All efforts have been made to ensure that the aforementioned services and links are accurate at the time of writing.
Should users wish to deny the use and saving of cookies from this website onto their computers hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.
You can find further information on cookies on the link below https://ico.org.uk/for-the-public/online/cookies/.
We are registered as a data controller with the information Commissioner Office (ICO and our registration number is Z1499066
Data Information Officer
Our Data Information Officer is Emma Parkinson and any data protection issues can be directed to email@example.com