0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

your information

We are committed to protecting the security and integrity of all data within our control including, but not limited to, complying with the requirements of GDPR. This is evidenced in part through our ISO27001 accreditation which we have held for six years as well as Cyber Essentials Plus. 

Specifically in relation to GDPR, we have implemented an extensive and comprehensive project for the purposes of ensuring compliance with all UK data protection legislation. We summarise below the key steps and elements that formed part of this project:

  • The Project Board co-ordinated and approved the implementation of the our GDPR compliance programme. The Board included our Head of Risk and Compliance, the partner who is the Chief Information Security Officer (CISO) and a specialist data protection partner. The Board reports into the Risk & Compliance Committee.
  • We undertook an audit of the data held by the firm for the purposes of informing and tailoring the compliance programme.
  • We have a comprehensive suite of policies and procedures to deal with GDPR and information security and these are available (where applicable) to staff on our microsite.
  • As part of our ongoing awareness programme we have in place training plan for GDPR and information security in order to raise awareness and provide more detailed training and education.
  • From a data control perspective, we operate a ‘paper light’ approach across our offices whereby documents received are stored within our secure electronic filing systems and hard copies are only retained where absolutely necessary. Also, we use secure datarooms for the exchange of information where possible.
  • All our devices are encrypted and our systems are subject to regular vulnerability and penetration testing.
  • All electronic equipment at 'end of life' is physically destroyed by chipping into 5mm pieces and a certificate of destruction for every piece of hardware destroyed. All mobile phones and ipads are digitally wiped.

Further information

For further information on how we use your data, please visit the following pages:

Contact us

Please send enquiries about your data to compliance@brownejacobson.com.