Privacy Statement - Clients
Beauchamps regard our clients’ affairs as confidential in accordance with the best practices of the legal profession. In the course of acting for you, Beauchamps will receive personal information relating to you, your employees, your associates and other parties (data subjects). In this statement, we refer to this information as "personal data". We are committed to protecting the right to privacy of all persons about whom we hold personal data.
This statement sets out the how we use, process and disclose personal data provided to us by individuals we do business with us which includes our (current, former and prospective) clients.
How we obtain personal data
We will collect data directly from you and will create some data internally (e.g. when exchange correspondence with you). We will also collect additional personal data throughout the period you remain a client or you continue to interact / work with us.
We may also collect some data from external sources. For example, we may obtain information from public registers or employers may provide us with information about employees.
How we use personal data
For our clients, where we request personal data for compliance with anti-money laundering regulations, we shall process such information only for the purposes of preventing money laundering or terrorist financing, or as otherwise set out in this Statement or permitted by law.
For the purpose of our providing services to you, we shall use personal data and share it with Beauchamps partners, staff and consultants. The legal basis for the processing of such data is for the performance of a contract with you or to comply with a legal obligation or where it is necessary for our legitimate interest in providing legal services to you. We may disclose personal data to our services company, Beauchamps Services LLC and to third party service providers (such as our contractors, agents, credit card providers, IT service providers and debt collectors) as well as with third parties (such as barristers, experts and regulators) where required by law, where necessary to administer our working relationship with you or where we have a legitimate interest in doing so.
We may use personal data to send you ezines, newsletters, invitations to seminars and similar marketing but we shall seek your consent to receiving such marketing materials from us. If at any time you decide that you do not wish to receive marketing emails from us, you can opt out by emailing firstname.lastname@example.org.
Third party processors
Our information technology systems are operated by Beauchamps but some data processing is carried out on our behalf by a third party. Where processing of personal data is carried out by a third party data processor on our behalf we endeavour to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
Disclosure of personal data to a successor firm
We may transfer personal data to a successor firm or company which acquires the legal practice carried on by Beauchamps. If this happens, we will require the firm or company to which we transfer personal data to observe standards of data protection and privacy no less secure than those set out in this statement. Save as described in this statement, personal data will be retained by us and will not be sold, transferred or otherwise disclosed to any third party, unless such disclosure is required by law or court order.
Change of purpose
We will only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How we use special categories of personal data
“Special categories of personal data” require a higher level of protection. These include information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or condition or sexual life. We have in place appropriate safeguards which we are required by law to maintain when processing such data. We may process special categories of personal data, in limited circumstances, with the data subject’s explicit written consent.
Less commonly, we may process this type of data where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and the data subject is not capable of giving consent, or where the data subject has already made the information public. We will use special categories of personal data to perform the contract we have entered into with you, to comply with a legal obligation or where it is necessary for our legitimate interests.
Transferring personal data outside the EEA
We may transfer personal data outside the EEA. However, if we do, we will notify you in advance and you can expect a similar degree of protection in respect of the personal data obtained by us in the course of acting for you.
How long will we retain personal data
We will only retain personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Details of retention periods for different aspects of personal data obtained by us are available in our retention policy which you can request from email@example.com. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
Once you are no longer a client of our Firm or your relationship with us has ended, we will retain and securely destroy the personal data in accordance with our data retention policy.
We do not envisage that any decisions will be taken about you using automated means. However we will notify you in writing if this position changes.
In certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data - provided that we are not required to retain the data for the performance of your employment contract or to comply with our legal obligations. Any deletion of personal data may impact on our ability to provide a reference for you.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and you want to object to processing on this ground.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our Risk Management Lawyer, Georgina K Murphy (firstname.lastname@example.org) in writing. We will respond to your request as soon as possible and in any event within one month of receipt. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email email@example.com. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Where we process personal data for you as a “data processor”
In certain circumstances, we may process personal data on your behalf as a "data processor". Where we act as a data processor we shall:
- process the personal data only to the extent, and in such a manner as is necessary for the purposes specified and in accordance with your documented instructions and only in accordance with the applicable data protection laws;
- promptly respond to any request from you requiring us to amend, transfer or delete the personal data;
- implement and maintain such technical and organisational security measures as may comply with the data security obligations under the applicable data protection laws;
- not transfer the personal data outside the EEA without your written consent and where such consent is given to only transfer personal data where appropriate safeguards are in place;
- not engage a sub-processor without your prior specific or general written consent and where a sub-processor is engaged they shall be subject to the same data protection obligations as us;
- notify you without undue delay, and at least within 48 hours, after becoming aware of a personal data breach;
- ensure that persons authorised to process the personal data are bound by confidentiality provisions;
- assist you in ensuring compliance with the obligations regarding security of processing, notifications of breaches, data protection impact assessments and prior consultations taking into account the nature of the processing and the information available to us; and
- at your choice, delete or return any personal data to you on the expiration or termination of the processing agreement and delete existing copies unless applicable law requires the storage of the data.
If you have any questions about this statement or how we handle personal data, please contact our Risk Management Lawyer, Georgina K Murphy (firstname.lastname@example.org). You have the right to make a complaint at any time to the Data Protection Commissioner’s Office (DPC), the Irish supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the DPC and so, please contact us in the first instance.
Changes to this Statement
We may change this statement from time to time and we will provide you with a new statement where any substantial updates are made. The current version will always be available from us in hard copy or on our website.
Last updated: May 2018
Privacy Statement - Website
Beauchamps respects your privacy and we are committed to protecting your right to privacy.
Beauchamps and Beauchamps Services ULC
Beauchamps Services ULC is a company owned by the partners in Beauchamps partnership and carries out certain services for Beauchamps partnership pursuant to a Services Agreement. This privacy statement is in respect of personal data collected by Beauchamps Services ULC as well as Beauchamps partnership (together referred to as Beauchamps).
Collection of personal data
We only collect personal data about you which you volunteer when you email us, when you use our Website, or when you contact us through our Website. When you contact us, we may keep a record of that correspondence. The information which we collect and process about you is:
- your name;
- your email address;
- information that you provide in correspondence e.g. your job title, your address, telephone number and mobile number;
- the time and date of your visit to our Website;
- your IP address, the type of browser that you use and the URL linking you to our Website; and
- the areas of law in which you have expressed an interest.
Uses made of your personal data
We may use personal data that you provide to us for our legitimate business interests including:
- for the purpose for which it was provided by you
- to provide you with information, products and services which you have requested
- to improve our Website and the products and services we offer
- for statistical analysis on the sue of our website
- to comply with legal obligations
- to notify you about changes to our service.
We do not identify individual visitors to our Website, unless we are required to disclose such information by law.
We will see your consent by email, prior to the use of your personal data for marketing purpose and we will seek to renew this consent annually. You have the right to withdraw your consent at any time. If you wish to withdraw your consent, please contact us at email@example.com.
We will store your personal data only for as long as is necessary for the purposes outlined above and
- to provide access to our Website and related services
- to provide you with information, services and publications requested by you;
- as required by law and
- to exercise or defend any legal claims.
Disclosure of your personal data
We may disclose your personal data to third parties who provide a service to us (eg our internet service provider) and are bound by confidentiality provisions or in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or where necessary for our legitimate business interests to protect the rights, property, or safety of Beauchamps, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Communication of information via the Internet and by email is not completely secure and involves the information passing through third parties. In addition, communication of information via the Internet and by email may involve the transfer of personal data to third parties outside of the European Economic Area (EEA). To the limited extent that it is necessary to transfer your personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such data. Please contact us if you wish to obtain information concerning such safeguards (see ‘Contact Us’ below).
You have the right to receive a copy of any of your personal data which we hold. You may request that the information that we hold about you is rectified if inaccurate, or erased. In addition you have the right to object to the processing of your personal data as well as the right in certain circumstances to have your personal data transferred to another data controller. We will respond to your request in writing as soon as possible and in any event within one month of receipt of your request. We may request additional information from you to verify your identity and to enable us to respond to your request. All requests should be sent by email to firstname.lastname@example.org or by post to Beauchamps, Riverside Two, Sir John Rogerson’s Quay, Dublin 2.
You have the right to complain to the Data Protection Commissioner if you are unhappy with how we are processing your personal data.
Beauchamps has security measures in place to prevent unauthorised access to, or disclosure of, your personal data. However, no data transmission over the internet can be 100% secure, and so we cannot guarantee the security of any information you send to us over the internet. Any transmission of such information is at your own risk.
Links to third party websites
Amendments to this statement
We reserve the right to change this privacy statement at any time. Any changes will be posted here and we will update the “Last Updated” date at the bottom of this statement. When you use our Website after any such change, you will be deemed to have consented to the current version of the privacy statement and accordingly you should check the privacy statement from time to time.
If you have any questions or concerns regarding how your personal data is processed by us via our Website please contact us at email@example.com or by post to Beauchamps, Riverside Two, Sir John Rogerson’s Quay, Dublin 2.
Last updated May 2018