QDR Solicitors Ltd (QDR) is defined as a data controller under the General Data Protection Regulations Act 2018 and is registered with the Information Commissioners Office (ICO) under Z2724050. QDR only collects or uses personal information for those purposes indicated in our notification with the Information Commissioner’s Office.
The information we collect
We process personal data including but not limited to:
- Name, address and contact details,
- Correspondence with you, such as any information that you have provided
- Information pertaining to your personal circumstances
- Information regarding living individuals (e.g. customers / suppliers, staff)
- Financial details
- Data provided to prove your identity or the identity of shareholders and directors.
We process special category data such as:
- Racial or ethnic origin.
- Political opinions.
- Religious or similar beliefs.
- Trade union membership.
- Genetic data.
- Biometric data.
- Data concerning health.
- Data concerning a natural persons sex life or sexual orientation.
How we use information
We may gain information about you from your use of this website. It may be ‘voluntary information’ - information that you provide to us such as personal data, (e.g. contact details or information contained in an employment application form) or ‘involuntary information’- information that we gather through our monitoring of visits to this website.
Involuntary information will not generally identify individual visitors to our website and is mainly statistical. It will be used mainly to improve the website and its navigability, and to identify areas that are of most interest to visitors.
Where visitors are identified they can be either individuals in their own right and/or organisations that already have relationships with us, and the information we gain will be used in developing those relationships and improving the services we provide.
The information obtained will be retained and utilised in accordance with all applicable laws – in particular, the Data Protection Act 2018, in accordance with which QDR l will maintain and protect the confidentiality of your information.
Navigating and using our website will not normally require you to provide personal data. Although, you may need to provide personal data if you would like to use other services available on the website. QDR is the sole owner of the data collected and will not transfer, trade, sell or share the data.
We will use the information to improve our services and for marketing purposes only where a person/organisation has supplied explicit consent. Further, QDR will use your data to respond to your enquiries, provide you with legal and non legal services and manage your relationship with us.
QDR may engage third party suppliers, (Data Processors) to provide us with support in certain areas of the business. We will ensure contractual obligations are in place to ensure the processing of personal data is kept confidential, secure and only processed under our explicit instructions and in line with the 7 Principles of the Data Protection Act 2018.
We will regularly review the personal information we hold about you and make changes to any service or information-handling processes when the law or the Information Commissioner request such changes.
Please note that by using our website you consent to the processing and collection of any personal data that you provide in the manner described.
Registration for events
Registration forms may need to be completed in order for you to attend or show your interest in attending an event. We may ask you to provide personal data regarding your name, company name, email address and postcode. This information enables QDR to contact you about the events in which you have expressed an interest in. These details will be added to our current delegates’ database and used to identify areas where we can improve our services. You may be taken to third party websites to register and/or make a payment for attending the event. We cannot be responsible for third party websites, we recommend you ensure you read the privacy statements when you visit third party websites.
E-bulletins/legal research and sector wide newsletters
QDR will only provide you with E-bulletins / legal research and sector wide newsletters that you have consented to receiving. This will either be through you positively consenting on our subscription forms by ticking a box stating for example you wish to receive the employment e-bulletin via email or you have directly contacted us requesting a subscription. If you would like to unsubscribe to receiving updates sector please email email@example.com.
QDR will assume, unless notified of the contrary before the information is provided to us and we approve the position, that data provided by a prospective client or an existing client concerning a prospective matter:
the information provided does not carry confidential obligations that are owed to a third party or
that the information provided is not given in breach of any confidential obligation owed to a third party or
the information provided is not confidential and so QDR would not be barred from acting for other individuals. Further, unless the individual becomes a client, where confidentially and conflicts of interests will apply, QDR may disclose the information provided to any prospective or current clients. This is irrespective of whether the individual has any matters in which they have interest in or are involved in.
Visiting our websites - Cookies
When you visit our website, we collect standard internet log information for statistical purposes.
We use Google Analytics features for Display Advertising. You can opt-out of Google Analytics and disable tracking using the Google Analytics Opt-Out Browser Add-on. The data provided by Google Analytics Demographics we will use to develop our website and content in line with our users interests.
We do not make any attempt to identify visitors to our websites. We do not associate information gathered from our sites with personally identifying information from any source.
When we collect personal information, for example via an online form, we will explain what we intend to do with it.
By using our website, you agree that we can place these types of cookies on your device.
Links and IP addresses
Our websites contain links to various third party websites. We are not responsible for the content or privacy practices of any external websites that are linked from our sites.
QDR uses IP addresses in order to assess patterns, gather broad demographic information for aggregate use, track visitors to the websites movements and to manage our website. QDR does not link the IP addresses with any personal identifiable information.
Applying to work at QDR Ltd
The individual to whom the Curriculum Vitae (CV) relates to is the owner of this information and by supplying this to us you consent for the processing of your data. If you submit an application to work for QDR we will use your personal information to process your application and to produce and monitor recruitment statistics as an equal opportunities employer. We will not take up references without your prior permission. We will not share or disclose your information unless you have given us your consent or we are required to by law. We may be required to carry out a Disclosure and Barring Service check, SC checks, other vetting and right to work in the United Kingdom checks. When we do so we will comply with the law and your rights when carrying out these checks.
We retain personal information relating to unsuccessful applicants for no longer than 12 months, for use in the event of an appeal. We produce statistical information to assist with recruitment analysis.
How we share your personal information
We will not normally share your information without your consent unless we are required to by law. We may seek your consent directly, or may obtain it by telling you about how your information may be used at the time you provide information or enter into a contract with us.
If QDR merges or is subject to a take-over, we may disclose your information to the new business owners or business partners.
Our legal obligations
We will share specific and relevant information where required to by law, with law enforcement and government agencies or public bodies where we are legally required to do so. Examples may include:
- The prevention or detection of crime and fraud
- The apprehension or prosecution of offenders
- The assessment or collection of tax or duty owed to customs and excise
- In connection with legal proceedings
- In relation to the physical or mental health of an individual, where disclosure is required to protect them or others from serious harm and to protect their vital interests
- Research and statistical purposes
Sharing information with our partners
We may enter into partnerships with other organisations, we will have data protection contractual obligations put in place with all third parties before any sharing takes place with a partner organisation.
We may share your data with our other group members such as Wright Hassall LLP who is registered as data controller with the ICO under Z5507739. This will regard purposes of debt collection and litigation.
Sharing information with our contractors and suppliers
There are some cases when we will share your information to support legitimate business purposes. We do this to ensure that we can meet your needs, and also to meet our health and safety obligations towards those delivering services on our behalf. This may include sharing information with our contractors and suppliers to enable them to carry out duties on our behalf or to meet contractual obligations we may have. We will ensure that the third party supplier has the appropriate safeguards to protect your data in line with the Data Protection Act 1998 and only processes data on our instructions.
Keeping your information secure
We store personal information both electronically and in paper form. We implement security policies, processes and technical security solutions to protect the personal information we hold from:
- Unauthorised access
- Improper use or disclosure
- Unauthorised modification
- Unlawful destruction or accidental loss
All of our employees, contractors and third parties that we engage to process data on our or your behalf are obliged to treat the data confidentially. We hold and process personal data inside and outside the EEA and in doing so we will ensure proper safeguards are in place.
How we use your email and telephone number
When making an enquiry on our website you will be required to enter your contact number and email address. Contact via telephone, text messages and email provides a direct way to contact you regarding queries. QDR may share information with you about the services we can deliver to you.
We may use your telephone number and email address that you have provided us, to keep in contact with you. When we send SMS/text messages or emails, there may be someone in your household who may read the message before you are able to. You may like to inform the people who live with you that you may receive text messages from time to time.
Electronic communications through emails will be monitored by QDR but only in so far as to be compliant with the law. This is to enable QDR to fulfill its regulatory / legal obligations and its own internal policies. All email addresses except those which are not associated with a company, will not have their ‘to’ ‘from’ and ‘time stamp’ fields processed in order to manage our clients relationship and evaluate trends of network traffic.
Operational SMS/Text messaging, calls and emails
Your telephone contact details and email address may be used to send you operational messages. Examples of operational messages include:
- Confirming an appointment
- Sending a reminder about an appointment
- Asking you to contact a named person
- Responding to your email or phone message
You cannot opt-out of the use of your telephone numbers for operational purposes. However, where there is a legitimate need we will make reasonable adjustments.
Sharing your telephone number and email address with third parties
QDR may pass your telephone number and email address to third parties so that we can meet our contractual obligations with you. We may also share your telephone number and email address if we are required to by law and we will comply with the Data Protection Act 2018 when we do so.
We may supply the details to our approved third party contractors who are delivering or performing services on our behalf, and these companies must not use your information for any other purpose. We never share or sell your telephone numbers or email address to telesales/marketing companies.
Contacting us about your personal information
We will be as open as possible with you about the personal information we hold about you, If you feel your information is wrong or are dissatisfied on how your information is being processed please contact us. If something is wrong we want to work with you to put it right.
You have the right to have inaccurate/outdated information amended, deleted or destroyed. If any of your circumstances change please contact us. You have the right to object to direct marketing, know about automated decisions we make about your data, object to the use of data which causes you damage or distress. You can seek compensation via the courts if you feel a serious contravention of your rights has occurred.
Finding out about the personal information we hold about you
You can ask us whether we are keeping personal information about you by writing to our Compliance Team, Olympus Avenue, Leamington Spa, Warwickshire, CV34 6BF.
The GDPR and Data Protection Act 2018 gives you a number of rights in relation to your personal information. You can find out about your rights, and get further guidance, on the ICO website.
Requesting a copy of your personal information
As part of our service to you, we are happy to provide you with copies of personal data you are the focus. We will provide this on receipt of a formal written request. This is called a ‘subject access request’. If you make a subject access request we will provide you with a readable copy of the personal information we hold about you. You will only receive the information the Data Protection Act 2018 state are not exempt from disclosure. To make a subject access request you must:
- Provide proof of your identity
Please send your request to firstname.lastname@example.org.
Questions and complaints
Please tell us if you have a concern about the personal information we hold about you, or how we use it. We’ll do our best to help. If, after contacting us, you are still not satisfied you can complain to the Information Commissioner. You can also apply to the Court for compensation for distress and/or damages due to non-compliance of the GDPR and the Data Protection Act 2018.
Keeping this policy updated