Tayntons (LS) Limited is committed to protecting and respecting your privacy.
This policy explains how and why we will collect, store and use personal data.
Our details are as follows
- Tayntons (LS) Ltd, trading as Tayntons, of 8 – 12 Clarence Street, Gloucester, GL1 1DZ.
- ICO registration number ZA060482.
Please take time to read this Policy, which contains important information about the way in which we will process personal data. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.
Our data protection managers are Andrew Ollerenshaw, our managing partner, and his deputy Christopher Price.
2 Information we may collect about you
We may collect the following personal information that you provide to us:
- Full name, postal address and contact details (including your title, telephone numbers, email addresses, gender, date of birth and marital status)
- Information relating to your identity (including your driving licence, passport, utility bills etc)
- Personal reference numbers (including national insurance, tax reference and NHS numbers)
- Your bank and credit card account details
- Certificates (including birth, death and marriage certificates)
- Employment details (including the name and address of your employer, employment history, job applications, job title, payroll number, salary slips, P45s, P11Ds and P60s)
- Educational details (including the name and address of Educational establishments you have attended and qualifications/certificates)
- Photographic identification and video footage
- In certain circumstances data relating to health (including disabilities), ethnicity, trade union membership, the processing of genetic data/biometric data (including paternity tests), sex life or sexual orientation and other “special category data”
- The content of any enquiry submitted over the website or social media
- Details about your areas of interest where we wish to send you marketing information about our events and services
- Our client reference number/client number which we will assign to you
- Any other personal data we collect for you during the course of the work we undertake for you or in the course of operating our business.
We also store Personal Data from contact form submissions, which is deleted after 90 days.
The Personal Data described above may relate to any of the following categories of person:
- Our clients
- Our clients personnel
- Third parties with whom we have contact whilst providing legal services to the client
- Professional advisors
- Our contractors, agencies and suppliers
- Our prospective employees, work experience students of other job applicants
- Emergency contacts given to us by our people
- Our prospective target clients
- People who submit enquiries to us in person, writing, on the phone or through our website or using social media and whose details may be added to our client relationship management system
- Any other visitor to our offices.
4 How we will use your information
We use your personal information for the following purposes:
- To respond to new enquiries
- To carry out conflict, anti-money laundering and other appropriate or regulatory checks
- To manage our relationship with you
- To provide legal services to you
- To ensure the billing of any legal services provided to you and to obtain payment
- To monitor and manage the quality of service we provide
- To capture your feedback and consent for testimonials and case studies for marketing purposes, including our website and social media
- To provide online reviews of our services
- To manage and respond to complaints
- To provide telephone support to include recording of conversations for monitoring and quality purposes
- To send you any relevant information about our services and events that may be of interest to you, providing you have given us your consent to do so
- To monitor and record information relating to the use of our website and social media platforms to help us manage, optimize and improve them
- As part of our efforts to keep our website safe and secure
- To process and manage any work experience applications
- To process and manage any job application you have submitted
- To manage human resource administration to include assessing suitability, eligibility and/or fitness to work
- To comply with any other professional, legal and regulatory obligations which apply to us or policies that we may have in place.
- As we feel is necessary to prevent illegal activity or to protect our interests.
We will only collect the personal information we need to enable us to fulfil these purposes.
5 Legal grounds for processing your information
We rely on the following legal basis for processing your Personal Data:
- the performance of a contract – we would not be able to act on your behalf without this Personal Data
- compliance with a legal obligation to which we are subject
- we have a legitimate interest in doing so as a legal services provider
- we will process special category data where it is necessary for the establishment, exercise or defence of legal claims or with your consent.
6 Sharing your information
We may share your information with the parties set out below:
- Any other relevant parties or professional advisers in relation to your matter (for example, accountants, brokers, costs draftsmen, counsel, courts, doctors, estate agents, financial advisers, HM Land Registry, insurers, lenders, medical agencies, medical experts, Probate Registry, solicitors and advisers, the other side, tribunals, your professional advisers’, witnesses, and other professional experts)
- Our outsourced IT provider, Converge TS
- Our data processors providing telephone, IT and business support services
- Our outsourced reception service, MoneyPenny
- Our outsourced compliance providers, Compliance Legal
- Our file storage provider, Restore
- AML, credit reference and fraud prevention agencies
- Our professional advisors (including accountants, bankers, and auditors)
- Our insurers
- HM Revenue and Customs
- Quality assurance assessors, including external accreditation bodies
- Our regulator, the Solicitors Regulation Authority, the Law Society, the Legal Ombudsman, the Legal Aid Agency and the Information Commissioner’s Office.
- Selected partner digital marketing agencies and online job application providers
- Analytics and search engine providers that assist us in the improvement and optimisation of our website
- Any third party you ask us to share your data with.
We will share personal information with law enforcement agencies if required by applicable law.
We will not share your personal information with any other third parties without your consent.
7 Transfer of your information outside the European Economic Area (EEA)
All information you provide to us is stored on our secure servers in the United Kingdom, or on secure cloud based servers in a country within the European Economic Area.
8 How long will we store your personal data?
We will keep your information for as long as it takes to provide our services to you and in accordance with our terms of business.
We will retain the case files for you for at least 6 years and may keep your data for longer than our stated retention period if we cannot delete it for legal, compliance and technical reasons.
Important documents such wills, deeds, and other securities will be kept secure and will not be disposed of.
9 Your rights
Under the General Data Protection Regulation, you have a number of important rights that you can exercise free of charge.
In summary, these rights are:
- Transparency over how we use your personal data and fair processing of your information;
- Access to your personal information and other supplementary information;
- Require us to correct any mistakes or complete missing information we hold on you;
- Require us to erase your personal information in certain circumstances;
- Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine readable format;
- Object at any time to processing of your personal information for direct marketing;
- Object in certain other situations to the continued processing of your personal information;
- Restrict our processing of your personal information in certain circumstances;
- Request not to be subject to automated decision making which produce legal effects that concern you or affect you in a significantly similar way;
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioners Office on Individual’s rights under the GDPR.
If you want to exercise any of these rights, please:
- Email, or write to our Data Protection Managers. Please see “Get in Touch” below.
- Let us have proof of your identity and address;
- State the right or rights that you wish to exercise;
We will respond to you within one month from when we receive your request.
10 Withdrawal of consent
Where we process your Personal Data on the basis that you have provided your consent to do so, for the purposes set out in this Policy, you may withdraw your consent at any time.
To withdraw your consent please write to us at: FAO Data Protection Managers, Tayntons, 8 – 12 Clarence Street, Gloucester, GL1 1DZ.
Please note that this this will not affect the lawfulness of any processing activity we have carried out prior to you withdrawing your consent.
We hope that you are happy with our service but should you have any questions then please contact our Data Protection Managers (Please see ‘Get in touch’ below).
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where the alleged infringement of data protection laws occurred.
The UK supervisory authority is the Information Commissioner’s Office. For more details please visit the ICO website.
12 Automated Decision Making
We do not use automated decision making processes.
13 Our Security
We are committed to the protection of Personal Data and have implemented a number of IT security measures to preserve its integrity and availability.
Our specialist legal IT providers, Converge TS, provide a hosted desktop solution for us. Our data is located in a UKFAST data centre with replication to a Teledata data centre for DR. Both data centres are Tier 3 and operate to ISO27001.
We utilise a number of additional resources to protect Personal Data including, a Sophos UTM firewall, Mimecast – email security, AV Defender anti virus, WebTitan – cloud web security, anti virus protection, URL filtering, Malware and Phishing Protection, and SSL inspection, and 2 factor authentication.
Further details can be provided upon request to our Data Managers.
14 Future Processing
We do not intend to process your personal information for any reason other than stated within this privacy notice.
15 Changes to this privacy notice
We constantly review our internal privacy practices and may change this policy from time to time.
Any changes we make will be posted on our website and will become effective immediately.
Any changes we make will be posted on our website and will become effective immediately. This privacy statement was published on 25 May 2018 and reviewed on 26 August 2020.
16 Get in touch
Please contact our Data Protection Managers if you have any questions, comments of requests about this Policy.
The best way to reach us is to: