One Law

Privacy Policy

What this policy is about

This Privacy Policy explains how One Law Consultancy Ltd collects, uses, stores and protects personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and our professional obligations as a legal services provider.

When you deal with One Law Consultancy Ltd, you trust us with your personal information. We take that responsibility seriously and are committed to protecting your privacy.

This policy explains:

This policy explains:

  • what personal data we collect;
  • how and why we use it;
  • the legal bases on which we rely;
  • who we may share it with; and
  • your rights in relation to your data.

This policy may be updated from time to time. Please review it periodically to ensure you remain happy with its terms.

Who we are

One Law Consultancy Ltd is a limited company registered in England and Wales (company number 13980384).

Our registered office and principal place of business is:
Suite 5, Worthington House
146 High Street
Burton-On-Trent
England
DE14 1JE

One Law Consultancy Ltd is the data controller for the purposes of UK GDPR. This means we decide how and why your personal data is processed. We are registered with the Information Commissioner’s Office (ICO). (ICO registration number: ZB415029. References in this policy to “we”, “us” or “our” mean One Law Consultancy Ltd.

Regulation and professional obligations

One Law Consultancy Ltd is authorised and regulated by the Solicitors Regulation Authority (SRA). We may be required to process and disclose personal data in order to comply with:

  • our professional duties;
  • regulatory requirements;
  • audits, investigations or inspections;
  • insurance and risk-management obligations; and
  • lawful requests from regulatory or supervisory bodies.

This may include disclosure to the Solicitors Regulation Authority (SRA), professional indemnity insurers, auditors, courts, tribunals or other competent authorities where required or permitted by law

How we collect your personal data

We collect personal data in a number of ways, including:

  • directly from you;
  • from clients instructing us;
  • from third parties connected with a legal matter; and
  • automatically through our website.

We may receive information about you when:

  • you are a client or potential client;
  • you are a counterparty, witness or beneficiary;
  • you contact us with an enquiry; or
  • we are required to obtain information about you as part of a legal matter.

Information you provide to us

You may provide personal data when you:

  • make an enquiry;
  • instruct us to provide services to you;
  • communicate with us by phone, email, post or online (including live chat or social media);
  • complete forms on our website; or
  • correspond with us during a legal matter.

This information may include:

  • contact details;
  • identification and verification information;
  • financial or billing details;
  • employment information; and
  • information relevant to a legal transaction or dispute.

Information we receive from other sources

We may receive personal data from third parties, including:

We may receive personal data from third parties, including:

  • professional advisers (law firms, accountants, counsel and experts);
  • courts and dispute resolution bodies;
  • financial institutions;
  • regulatory and law-enforcement bodies;
  • recruitment agencies and referees; and
  • introducers and referrers.

We may also obtain information from publicly available sources where appropriate.

Special category and criminal offence data

As a legal practice, we may process special category personal data, including data relating to:

  • health;
  • racial or ethnic origin;
  • religious or philosophical beliefs;
  • sexual orientation; and
  • trade union membership.

We may also process criminal offence or conviction data where relevant to a legal matter.

Such data is handled with enhanced safeguards and only where:

  • you have given explicit consent;
  • it is necessary for legal claims;
  • it is required by law; or
  • it is necessary to protect vital interests.

Types of personal data we process

As a legal practice dealing with matters and cases, we may process a range of personal data about you. Not all categories of personal data will apply to every individual. We group the personal data we process into the following categories:

  • Banking/billing – information used to send or receive funds or appearing on invoices or bills
  • Behavioural – information relating to activities, actions and behaviours
  • Biographical – information about life experiences and personal circumstances
  • Cardholder – payment card details
  • Contact – information used to communicate with you, such as email address, postal address, employer name and job title
  • Correspondence – information contained in correspondence and other communications
  • Employment – previous, current or future employment details
  • Geo-location – information relating to the location of your electronic device (where applicable)
  • Identification – information contained in identification documents or unique reference numbers
  • Insurance – insurance applications and claim-related information
  • Legal – information relating to legal claims, proceedings and processes

Mandatory information and identity verification

  • If you are a client, your provision of documents and information for identity verification purposes is mandatory. This is necessary for us to comply with our legal and regulatory obligations, including those under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
  • If you do not provide the information or documents requested, we may be unable to complete the required identity checks and, as a result, may not be able to act for you or continue to provide legal services.

Monitoring and CCTV

  • We may record telephone calls and retain transcripts of live-chat communications for training, quality and compliance purposes.

  • CCTV may be used at our premises for security and safety.

How and why we use your personal data

We process personal data on the following lawful bases:

  • Contract – to provide legal services or take steps prior to entering a contract
  • Legal obligation – to comply with statutory and regulatory requirements
  • Legitimate interests – including conflict checks, fraud prevention, service improvement and business administration
  • Consent – for marketing communications and specific optional uses
  • Vital interests – in rare cases where safety is at risk

Disclosure of personal data

We may share personal data with:

  • courts and tribunals;
  • opposing parties and professional advisers;
  • professional indemnity insurers;
  • auditors and compliance providers;
  • regulators including the SRA; and
  • IT and service providers under confidentiality obligations.

We do not sell personal data.

International transfers

  • Some service providers may process personal data outside the UK or EEA.
  • Where this occurs, we ensure appropriate safeguards are in place, including contractual protections.

Data retention

We retain personal data only for as long as necessary. Typical retention periods include:

  • client files: minimum six years;
  • potential client enquiries: up to six years; and
  • recruitment data: up to twelve months.

Longer retention may apply where legally required.

Your rights

You have the right to:

  • access your data;
  • request correction;
  • request erasure (where applicable);
  • restrict processing;
  • object to processing; and
  • data portability.

Requests can be made using the contact details below.

Complaints

You have the right to complain to the Information Commissioner’s Office (ICO). Website: ico.org.uk

Website use, cookies and Google Analytics

Our website uses cookies and similar technologies.

Our use of Google Analytics

We use Google Analytics to understand how our website is used and to improve its performance.

17.3 Google Analytics collects information such as:

  • IP address (anonymised where possible);
  • browser type and device; and
  • pages visited and time spent on the site.

This information is processed by Google in accordance with its privacy policies. Google may process data outside the UK/EEA with appropriate safeguards. Further information:

You can control cookies through your browser settings and our cookie consent tool. Where required, non-essential cookies are only placed with your consent. Full details are set out in our Cookie Policy.

Security

  • We use appropriate technical and organisational measures to protect personal data.
  • No internet transmission is completely secure, but we take reasonable steps to protect your information.

Contact us

The person responsible for data protection matters is the Data Controller.

Contact details:

The Data Controller
One Law Consultancy Ltd
Suite 5, Worthington House
146 High Street
Burton-On-Trent
DE14 1JE

Telephone: 0330 043 5295
E-Mail :  info@one-law.uk

146 High Street
Burton-on-Trent
DE14 1JE

Suite 23 – Brunts Business Centre
Samuel Brunts Way
Mansfield 
NG18 2AH

Work and general inquiries
0330 043 5295

Office  hours:
Monday – Friday 9am to 5pm

One Law is the trading name of One Law Consultancy Ltd which is a limited company registered in England and Wales – Company Number 13980384 and is authorised and regulated by the Solicitors Regulation Authority – SRA No. 8001044.

We use cookies to give you the best experience. Cookie Policy