K J Smith are always striving to achieve the highest possible ethical and regulatory standards. These standards as well as our obligations to our regulators form the underlying motivation for all our working policies. This includes how we deal with personal data from clients, prospective clients, staff, candidates and private individual third parties.
This Privacy Notice explains how we collect, retain and process personal data whether it is received through this website or via any other contact with us. It also explains the rights of the “data subject” (ie: the owner of the personal data). If you are at all unsure about your data protection rights or any part of this Notice, please contact us via email@example.com
Controller: K J S Solicitors Limited T/as K J Smith Solicitors is the overall data controller and responsible for the obligations contained within this Privacy Notice (collectively referred to as “we”, “us” or “our”). Our Compliance Manager has been appointed our day to day data protection manager. They may be contacted by email (firstname.lastname@example.org) or by writing to us at K J Smith Solicitors, 5-7 Headley Road, Woodley, Reading, RG5 4JB.
Supervisory body: Notwithstanding this Privacy Notice, you have the right at any time to make a complaint to the Information Commissioner’s Office (ICO) which is the UK supervisory body for data protection issues. Details of the ICO can be found on their website (www.ico.org.uk) or by contacting their helpline on 0303 123 1113. Alternatively, they can be written to at The ICO’s address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
What is personal data? Personal data means “means any information relating to an identified or identifiable living individual”. This sort of data typically includes names (including maiden names, middle names and aliases), addresses (including billing and delivery addresses), email addresses, telephone numbers, bank account details and payment card details. It may also include internet protocol (IP) addresses, voice recordings, imagery (photographic, CCTV still or avatar), usernames or handles.
Why do we protect personal data? As a “data controller” we are duty bound only to process personal data in accordance with the conditions of that Act. We are also bound by the professional principles within the Legal Services Act 2007 which, among other things, requires us to keep the affairs of our clients confidential. This principle covers personal data and information about you that you have imparted to us whilst instructing us. Our adherence to these principles is regulated by the Solicitors Regulation Authority via a Code of Conduct.
Do we collect any other data? We may collect statistical or demographical data – this is data which is not considered personal but which derives from the personal data given. This sort of data (such as age ranges, gender, ethnicity and so on) is often required by the SRA and other regulatory and supervisory bodies to ensure that the principles of the Legal Services Act 2007 are being properly carried out (one of which is encouraging an independent, strong, diverse and effective legal profession). Individuals are not identifiable in any way through statistical or demographical data.
Why do we process personal data? As a service provider, it is important that we have the means of contacting our clients, and also that we hold sufficient information about our clients in order to properly identify them and their needs. Under the current data protection at least one of the following must be present for us to process your data: (a) Your consent (which you are able to withdraw at any time by emailing email@example.com), (b) we have a contractual obligation, (c) we have a legal obligation, (d) we have a vital interest, (e) we need it to perform a public task or (f) we have a legitimate interest.
Changes to your matter. We may take your personal data in order to assist you with one particular matter and over time, the nature of this matter may change. For example, you may instruct us on a matrimonial matter and then to draft a Will on your behalf. In these circumstances, we will still retain a lawful right to process your data as long as the new purpose is compatible with the original purpose.
How do we collect data? Quite often, the data is volunteered to us by the data subject (the owner of the data). We may also extract data from interactions which may include emails, discussions or the completion of our online enquiry form. We may also extract data when appointments are made, estimate enquiries are made or when a data subject subscribes to our website/articles/newsletters/publications. Where a request is made for marketing information, or a promotion entered, we will also extract personal data. We may also receive data from third parties such as other professionals including financial institutions when payments are made.
How do we store your personal data. Personal data is stored on our IT systems such as our case management system, accounting package and Office package (including Outlook and shared drives). Data is also stored in physical format on our files. Your personal information may also appear in restricted or redacted form on registers that we keep for compliance purposes.
What we do NOT do with personal data. We will not sell or disclose any personal data to a third party for marketing purposes. We may have to pass your personal data to third parties for legitimate reasons and these are discussed below. Unless you have opted into marketing from us, we will not use your data to send you marketing material about our other services except where we would be failing in our duty to you by omitting to highlight other remedies that may be available to you.
When we may pass your data to third parties. There may be instances where it is legitimate for your data to be passed to a third party. As the controller of your data, we require all third parties who are passed personal data to treat it in accordance with the law and this Privacy Notice. Third parties are not permitted to use personal data for their own purposes and must only process the data in accordance with the reason behind it being released to them in the first place. For example, it may be that your data is passed to another professional to advise on the value of an asset or Pension. This professional will likely be another service provider however they will be duty bound only to use the data for the purpose of providing the valuation required. Should you receive unsolicited communications from third parties who have previously been sent your personal data by us, please let us know immediately. Additionally, we may acquire another business or merge in which case your personal data may be imparted to any new owners to satisfy our regulatory requirements. Finally, your data may be accessed by our auditors. If you would prefer not to have your file audited, please let us know.
Criminal Convictions. We do not routinely seek or store this sort of data however depending on the nature of your matter we may be required to hold and process this sort of data on your behalf. Data relating to criminal convictions will only be retained for the purpose of the matter for which it is relevant and all the while it is in our possession it will be stored securely.
International transfers. Unless the need arises within your matter whereby your data needs to be sent overseas (which will be discussed with your first), we envisage no instance where your data will be imparted outside of the European Economic Area.
If you fail to provide us with personal data or keep us up-dated when changes to your personal data we will not be able to provide appropriate services to you and may have to cancel our retainer with you. It is important therefore that you keep us up to date with any changes to your personal information.
How long do we keep your data. We will only retain your data for as long as it is necessary. Typically, this will be the life of your matter with us and a period of 6 years after its completion. After that, any papers we hold for you in archives and any data held on our IT and internal systems will be destroyed and purged except for nominal redacted information that we may required to satisfy our regulatory obligations. At the end of your case, we will let you have further information about how long you data will be stored for and how it can be accessed should you need it.
Your rights. You have the right to ask for details about the data we hold about you and the right to ask that we amend any incorrect information held. You further have the right to ask that we erase all data we hold in relation to you (subject to our regulatory obligations referred to above). Finally, you have the right to ask that we suspend or restrict processing your data. In relation to these last points, if we can demonstrate a legitimate reason why processing must continue, we can override any request to suspend or restrict.
Right to transfer. You may request a transfer of your data to you or to a third party in which case it will be provided by us in a commonly used and machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Right to access. As mentioned above, you have the right to ask us for details about the information we hold about you. This is known as a “Subject Access Request” and further details can be found at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access/. Once we have received a request from you, we will acknowledge this and set about completing your request. Please note that we have the right to refuse the request if we consider it manifestly unfounded or excessive. We typically endeavour to satisfy Subject Access Requests within one month and will not make a charge unless your request is repetitive or excessive in which case we may apply an administration charge for time taken to collate / copy the documentation. If you are concerned about how we have handled your request or your data generally, you should let us know in the first instance or ultimately make reference to the Information Commissioner’s Office.
We reserve the right to change our Privacy Notice and all changes will be posted here. Where the changes are significant, we may also choose to email all our registered users with the new Privacy Notice. If you have any questions or comments about this Privacy Notice or if you would like to exercise your rights please contact us at firstname.lastname@example.org.
All our offices are easily accessible by road, rail or bus and we are open Monday to Friday from 8:30am to 6:00pm. With today's busy schedules, we offer telephone appointments outside normal office hours until 9pm on Thursdays and between 10am and 3pm on Saturdays.
Not sure which office is closest to you? Try our Office Finder.
If you would like to visit our team of family solicitors, we have offices in Henley-on-Thames, Woodley, Reading (Head Office), Reading (Central), Basingstoke, Guildford, Beaconsfield, Ascot & Newbury. We serve a wide range of other areas including Abingdon, Bracknell, Gerrards Cross, Maidenhead, Marlow, Oxford, Slough, High Wycombe and Wokingham.