At Lindsays, we respect your privacy and we are committed to protecting your personal data. This privacy notice will inform you as to how we look after and deal with your personal data and tell you about your privacy rights and how the law protects you.
Purpose of this Privacy Notice
This privacy notice aims to give you information on how Lindsays collects and processes your personal data, including any data you may provide through this website when you sign up to our Mailing List or complete the Contact Us form.
It is important that you read this privacy notice so that you are aware of how and why we are using your data. This privacy notice supplements any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you and is not intended to override them.
Please note, this website is not intended for children and we do not knowingly collect data relating to children.
What data we collect
Identity Data includes name, marital status, title, gender, date of birth, nationality and National Insurance Number.
Contact Data includes address, email address and telephone numbers.
Special Categories of Personal Data including information about race, ethnic origin, politics, religion, trade union membership, health, sex life, sexual orientation or criminal offences.
Financial Data includes bank account and payment card details and information about your financial position and history.
Publicly Available Data includes information that is publicly available on the internet or from public registers including Companies House, Registers of Scotland and others.
Transaction Data includes details about payments to and from you, payments to or from third parties on your behalf and other details of services you have purchased from us.
Usage Data includes information about how you use our website, products and services.
How we collect your data
Direct interactions
You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you apply for our products or services or complete our contact form.
Third parties or publicly available sources
We may receive personal data about you from various third parties such as analytics providers and search information providers and public sources such as the internet or public registers including Companies House, Registers of Scotland and others.
How we process your data
If you are a client:
| Purpose/Activity | Type of Data | Lawful Basis for Processing |
| To provide you with legal services and fulfil our contractual obligations to you | Identity Data, Contact Data, Special Categories of Personal Data, Financial Data and Publicly Available Data |
|
| To carry out identity verification, background checks and anti-money laundering procedures and to carry out credit checks | Identity Data, Contact Data, Publicly Available Data and Financial Data |
|
| To manage our relationship with you and to carry out any necessary administration | Identity Data, Contact Data, Publicly Available Data, Transaction Data and Usage Data |
|
| For the prevention of crime | Identity Data, Contact Data, Special Categories of Personal Data, Financial Data, Publicly Available Data and Transaction Data |
|
| For business development activities, including seeking new business and promoting our services and events | Identity Data, Contact Data, Publicly Available Data, Transaction Data and Usage Data |
|
If you are a third party:
In connection with providing services to our clients as set out above, in some instances, we may process personal data of third parties.
If you have a personal or professional relationship with our client, we may use your personal data in connection with the:
- Establishment, exercise or defence of legal claims,
- Conduct of a due diligence exercise,
- Operation of a data room, and/or
- Administration of an executry or trust (whether you are an executor, administrator, trustee or a beneficiary).
Depending on the circumstances, this may involve Identity Data, Contact Data, Special Categories of Personal Data, Financial Data and Publicly Available Data. Our lawful basis for processing is that we have a legitimate interest to provide legal services to our client, including for the establishment, exercise or defence of legal claims, to keep our records up to data and to manage risk and fulfil our legal and regulatory obligations.
How we share your data
In some instances, we may have to share your personal data with the parties set out below for the purposes set out in the table above.
- Clients, other solicitors, intermediaries, expert witnesses, courts and other parties with whom it is necessary for us to share information to provide legal services and fulfil our contractual obligations to you.
- Public registers including Companies House, Registers of Scotland and others.
- Service providers acting as processors who provide IT, document management and system administration services
- Professional advisers including lawyers, bankers, auditors, who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.
- The police and other law enforcement agencies where it is necessary to do so for the purposes of providing you with our services or where we have a legal or regulatory obligation to do so.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
How long we retain your data
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data; the potential risk of harm from unauthorised use or disclosure of your personal data; the purposes for which we process your personal data and whether we can achieve those purposes through other means; and the applicable legal requirements.
In most instances, we will retain our client files (and your personal information within them) for a minimum period of 10 years from the date on which the matter on which you have instructed us has completed. Please note that in some instances (particularly in relation to title deeds, powers of attorney, wills, trusts and executries) we may be required to hold documents and client files (and your personal information) for longer periods.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
International transfers
Although we hold your personal data in the UK, in some instances, we may transfer your personal data outside of the UK. For example, if you ask us to transfer your personal data outside of the UK; if we are instructed by solicitors outside the UK; where we require to instruct foreign solicitors outside the UK; where the transfer is required in connection with the establishment, exercise or defence of legal claims; or where we have a legal or regulatory obligation to do so.
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Your legal rights
For details of your rights under data protection laws, including the right to receive a copy of the personal data we hold about you and the right to make a complaint at any time to the Information Commissioner's Office, the UK regulator for data protection issues (www.ico.org.uk).
Contact details
If you have any questions about this privacy policy or about the use of your personal data or you want to exercise your privacy rights, please contact us in the following ways:
Email address: ianbeattie@lindsays.co.uk
Postal address: Lindsays, Caledonian Exchange, 19a Canning Street, Edinburgh EH3 9HE
Telephone number: 0131 229 1212
Complaints
You have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). However, before doing so please make sure you have first made your complaint to us or asked us for clarification if there is something you do not understand.
The ICO will expect you to have done this before reviewing your complaint.