We make it our business to know about privacy. As a law firm, client confidentiality and privacy has always been mandatory. We value our clients and treat your information with the utmost respect.
Who we are
We are Be Legal Limited, operating as Be.
Our company is incorporated in England and Wales under number 07774608 and our registered office is at The Sussex Innovation Centre, Science Park Square, Falmer, Brighton, East Sussex BN1 9SB.
We are regulated by the Solicitors Regulation Authority under number 564267.
Clare Hancox was admitted as a solicitor on 15/9/98 and is regulated by the Solicitors Regulation Authority under SRA ID: 169597. Clare is the firm’s Compliance Officer for Legal Practice and Finance & Administration.
Our website is at www.be-legal.com.
- email at [email protected];
- telephone on +44 (0) 1273 704 525; or
- by post to our registered office at The Sussex Innovation Centre, Science Park Square, Falmer, Brighton, East Sussex BN1 9SB
Clare Hancox is the nominated person in charge of privacy at Be Legal Limited and will respond to your enquiries promptly.
Under applicable Data Protection Laws, we will be the “data controller” of the personal information that we collect about you in connection with your use of our services or websites, unless we specifically agree or the context determines otherwise.
When we collect information
We will collect personal information about you in these circumstances:
- When you submit a contact form to us via our website. We will receive this in the form of an email to our main firm inbox.
- When you engage us to act for you
- When we procure a product or service from you
- When you contact us by phone, email, post or otherwise interact with us or provide information to us. This may be as a client or in a professional capacity e.g. in the course of contract negotiations or a dispute
What information we collect
We may collect the following types of personal information about you
- Your name
- Telephone number
- Email address
- Postal address
- Other information relevant to your use of our services or the professional matter we are dealing with
- Information that may be provided about you by others, in the course of our professional services
We do not collect or use
- Website analytics or browsing information from your visit to our website, as it is a simple brochure site
How we use your information
We may use your information in a number of ways, including:
- Providing initial advice by telephone, emails or preliminary meetings
- Providing legal services to our clients under engagement
- Communicating regarding professional matters
- Managing our business, including for accounting and auditing purposes
- Maintaining our website and IT systems
- Dealing with any complaints or legal disputes involving you or our suppliers
- Preventing fraud
We do not:
- Use your information for our own marketing purposes
- Share your information with anyone else for marketing or commercial purposes
Lawful basis on which we use your information
We will only ever use your personal information as permitted under applicable Data Protection Law, which means one or more of the following will always apply:
- To perform our contractual obligations
- To comply with our legal and regulatory obligations
- In pursuing our legitimate interests or those of a third party (for example, conducting our business in an efficient and compliant manner) and where your interests and fundamental rights do not override these interests
- Where you have given clear and valid consent to such use.
Third parties we work with
From time to time we may retain the services of other carefully selected partners and suppliers to perform functions on our behalf, which may involve sharing your information with them. Examples of these functions would include third parties involved in:
- Third party law firms and IP attorneys
- Website hosting and support (we host our website with Moonfruit (Sitemaker Software Limited, based in the UK) and our email server is with Fasthosts Internet Limited, also based in the UK
- Online document storage and management (we use Livedrive Internet Limited, based in the UK)
- IT services (we use Dolphin Computer Upgrades Limited, based in Brighton)
- Online book-keeping and invoicing (we use www.xero.com, via their UK region company, Xero Limited)
- Accountancy (we use Michael George & Co Limited, based in London)
- Other services appropriate to specific cases and clients
These third parties may be provided with limited access to your personal details in order to fulfil their main function, but we will contractually restrict them from using such information for any other purpose.
In addition, we may disclose your personal information to third parties in the following situations:
- To our regulators and law enforcement agencies
- In the context of a possible sale or restructuring of our business;
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets on the same terms and conditions as herein;
- If we are under a duty to disclose or share your personal data to comply with any legal obligation, or in order to enforce or apply our terms and conditions or other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Unless otherwise provided by law, all third parties are required to respect the confidentiality of your personal information. They are required to take appropriate security measures to protect your personal information. We do not allow them to use it for their own purposes, but only as we specify and in accordance with our instructions.
Where your information is stored
Your information within our filing systems will be held at our main administrative office in East Sussex. Our website and email server are hosted within the EEA.
Transfers to third countries and safeguards
How we keep your personal information safe
We will safeguard your information in our custody. We have developed and will maintain adequate security procedures to safeguard personal information against loss, theft, copying, and unauthorised disclosure, use or modification. Access to personal information is restricted to authorised individuals and companies who need it to perform their work. We also regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
Retention of records
We will do our best not to keep your personal information for longer than necessary to facilitate your use of the services and website, except as required by law. We will regularly review the information that we hold and delete unnecessary information from our systems. Please note that, as a law firm, we will often need to retain our files for substantial periods in line with statutory limitation periods for legal claims. For example, if we drafted a 5 year contract for you, you will need us to retain our files for the length of the contract and for at least six years after its termination or expiry.
Unless you request otherwise, we may retain information that will make providing our services and website to you more convenient and safer, such as your previous case files, but you have the right to ask us to delete any information or take custody of original documents that we hold for you – see the Your Rights section below.
When your personal information is no longer required, it will be destroyed either by shredding or other approved destruction methods to prevent unauthorised parties from gaining access to the information during and after the process.
You have several rights as a data subject as summarised below:
- Access: You have the right to obtain confirmation as to whether your personal information is being processed by us and, if it is, to access your information and details of how we process it, as long as this does not adversely affect the rights and freedoms of others.
- Rectification: We will rectify any errors in the personal information we hold on request.
- Erasure: You may ask us to erase your personal information from our systems in the following situations:
- The information is no longer necessary in relation to the purpose for which it was collected;
- You withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
- You object to the processing and there are no overriding legitimate grounds for the processing;
- The information has been unlawfully processed;
- The information has to be erased for compliance with a legal obligation to which we are subject.
- Right to restrict processing: You have the right to restrict our processing on specified grounds.
- Notification: Where you have asked us to rectify, erase or restrict processing of your information, we shall communicate the same to each recipient to whom your information has been disclosed, unless this proves impossible or involves disproportionate effort, in which case we shall let you know.
- Data portability: You have the right in specific circumstances where processing is based on consent to receive your information in a structured, commonly used and machine-readable format and have the right to transmit the information to another controller without hindrance, provided that our processing is carried out by automated means.
- Right to object: In certain circumstances you have the right to object to our processing of your information, including in relation to profiling, direct marketing or scientific or historical research purposes.
- Right to complain to a supervisory authority: You are entitled to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk in relation to our use of your personal data.
You also have the right to object to automated decision-making, including profiling, but we do not use your information for these purposes.
How to exercise your rights
To exercise any of your other data subject rights, please contact us (see Contacting Us above):
- You may request a copy of information undergoing processing, subject to evidence of your identity (normally a certified copy of your passport plus an original copy of a utility bill showing your current address). The first copy shall normally be provided without charge, but reasonable administration fees shall be charged for substantial, additional or subsequent copies.
- We shall respond to your requests without undue delay and in any event within one month unless we need to extend such period by up to two further months in specific circumstances.
- Please note that if you delete or restrict your account or required information, this may prevent you from making full use of our services.
What happens if a data breach occurs
Whilst we try our best to keep your personal information safe, we have an internal investigation procedure in case of data protection security breaches
In the event of data theft, we may suspend access to our servers, emails and online systems and take other urgent steps to prevent further unauthorised access to information.
If we believe that our data has been compromised, we will report the issue to the Information Commissioner's Office (ICO) at www.ico.org.uk.
We will notify you without delay if we believe a data breach is likely to result in a significant risk to your rights and freedoms.
Any notification will describe in clear and plain language the nature of the personal data breach and contain all required information.