3. Who does this privacy notice apply to?
4. What personal information do we collect?
5. How do we collect your personal information?
6. How do we use your personal information?
7. Who might we share your information with?
8. How can you change your marketing preferences?
9. How long we keep hold of your information?
10. How is your information kept secure?
11. What are your rights in respect of your data?
12. What can you do if you have concerns about our use of data?
14. Will there be changes to this notice?
Browne Jacobson is committed to protecting and respecting your privacy. This privacy notice is designed to provide information about our practices concerning the collection, use and disclosure of your personal information in the course of providing legal, advisory and/or consultancy services, carrying out marketing and recruitment activities. This privacy notice sets out how we use and protect your personal information.
Browne Jacobson is made up of Browne Jacobson LLP, Browne Jacobson Ireland LLP, Mowbray Trustees Ltd and Mowbray Trust Corporation Ltd. When we mention ‘Browne Jacobson’, ‘we’, ‘us’ or ‘our’ in this privacy notice, we are referring to the relevant business responsible for processing your data. You will be informed which entity is processing your personal data however your personal data may be processed by the other business from time to time.
We are committed to maintaining high standards of confidentiality in relation to the information provided to us in the course of our business. Our data security controls are certified under ISO 27001 and accredited in relation to the UK Government’s Cyber Essentials Plus security standards.
Please read this notice carefully and should you have any questions please contact us using the details outlined at the end of this document (How can you contact us?).
This privacy notice applies to everyone whose personal information we collect and process (excluding our existing or former workforce, to whom a separate HR Privacy Notice applies). This includes individuals in the categories below or who work for any of the following:
Personal data, or personal information, means any information about an individual from which that person can be identified.
In the course of our business, we will need to collect and process various types of personal information for various purposes. Given the nature of our business and the services we provide, it is impractical to list all the categories of personal information that may be collected and processed. We will however only process and collect personal information where we have a lawful basis to do so.
We most commonly collect and process the following kinds of personal data about you:
For details about information we collect automatically from your use of our website, please see our Cookie Notice.
We use different methods to collect personal information from and about you including:
You may voluntarily provide us with your personal information, for instance when you:
As you interact with our website, we will automatically collect information about your browsing activities and your equipment. We collect this information by using cookies. For full details about our use of cookies, please see our Cookie Notice.
We may collect personal information available publicly from the publicly accessible and online sources such as:
We may collect personal information from the following third party sources:
We will only use your personal information when the law allows us to do so, i.e. where we have a lawful basis for processing. Most commonly, we will use your personal information in the following circumstances:
and/or for the legitimate purposes of our clients or other third parties in receiving those services. We will only rely on this lawful basis where we consider that your interests and fundamental rights do not override such interests.
When processing your personal information we comply with the provisions of this privacy notice and, in respect of the provision of legal services we are also bound by professional obligations of confidentiality. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us using the ‘Contact Details’ section below.
In most cases, when we process special category data (see What personal information do we collect? for what data this includes) it is because it is necessary to do so for the establishment, exercise or defence of legal claims or whenever instructed by the courts acting in their judicial capacity. We may however process special categories of data with your explicit consent (for example for the purpose of providing legal advice), where it is necessary to protect your vital interests (for example in the event of an emergency where you are attending our offices) or where the data has been manifestly made public by you.
In some cases we need to process information about criminal convictions or offences where they are relevant to the legal advice being sought. For example, our Employment law team regularly advises clients on misconduct matters involving criminal offences and offences and convictions data may be processed in the course of litigation matters. We process this data on the basis that it is necessary for legal proceedings, obtaining legal advice or is otherwise necessary for the purpose of establishing, exercising or defending legal claims.
We may process your information for the following purposes:
Where we receive personal data in connection with the provision of legal, advisory and/or consultancy services, we process that data for the purposes of the provision of those services. This includes:
(a) Providing legal and related services, such as:
When we hold and use personal information in the course of providing legal, advisory and/or consultancy services to a client, that client is also entitled to access that personal information. They may in turn use that information in accordance with their own privacy notice or equivalent.
(b) Complying with our legal obligations or making disclosures to government, regulatory or other public bodies where in our reasonable opinion the disclosure is appropriate and permitted by law. This includes:
(c) Providing access to our files for audit, review or other quality assurance checks, by our clients, regulators, auditors, professional advisers and certification/accreditation bodies.
(d) Processing required in connection with the day to day operation of our business such as billing and payments, complaints handling and internal record keeping. For this we may use third party service providers such as IT service providers.
(e) Processing required in connection with any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business or assets.
We process personal information in connection with marketing or communications purposes, including so that we can:
We process personal information in connection with our recruitment practices for the following purposes:
We may process your personal information in connection with research projects. Where we do so, we will only process information that is necessary for the purposes of the research.
For the purposes set out in the ‘How we use your personal information’ section above, we may share your personal information with the following categories of third parties, some of whom we appoint to provide services, including:
Additionally, we will disclose your personal information to the relevant third party:
Where we share your personal information with third parties, as described above, we will only do so where in our reasonable opinion that information will be adequately protected. The terms on which we provide information to barristers, experts and investigators can be found here.
In providing wills and probate services we will process information about beneficiaries under an obligation of professional confidentiality to the testator. Upon the death of the testator, we will contact beneficiaries and share with them the data relevant to their entitlement.
Any other service providers with whom we share information are approved by us and subject to contractual obligations designed to ensure that those providers comply with data protection legislation.
We may transfer personal data outside the UK or the EEA where adequate protection measures are in place in compliance with data protection laws.
We share your personal data within the business. This will involve transferring your data outside the UK or the EEA, as applicable.
Whenever we transfer your personal data outside the UK or EEA, as applicable, we ensure that at least one of the following safeguards is in place, as applicable:
Our website may include links to third-party websites, plug-ins and applications, for example when you click the link to register for on one of our webinars, you will be taken to the third party website of our webinar provider. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
We strive to provide you with choices around what marketing communications you receive from us. To ensure that we continue to provide you with the most relevant information, you can review and update your marketing preferences at any time by clicking ‘unsubscribe’ or ‘manage preferences’ in any of our emails.
To request that we stop processing your personal information for marketing purposes, you can opt-out of all communications at any time by clicking ‘unsubscribe’ or ‘manage preferences’ in any of our emails, or by emailing compliance@brownejacobson.com, and we shall stop processing your information for those purposes.
If you have consented to receive marketing communications from us, you can withdraw this consent at any time by clicking ‘unsubscribe’ or ‘manage preferences’ in any of our emails, or by emailing compliance@brownejacobson.com, and we Will stop processing your information for those purposes.
See Your Rights section below for further information about your rights to withdraw consent and opt-out.
We retain personal data in accordance with our retention and destruction policy, a copy of which can be found here.
If you unsubscribe from our marketing emails or withdraw your consent for us to contact you, we will store your information for a period of two years to ensure that you no longer receive emails from us.
We are strongly committed to data security and take reasonable appropriate steps to protect the personal information we hold from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic and managerial procedures to safeguard and secure that information, controls for which are certified under ISO 27001 and accredited in relation to the UK Government’s Cyber Essentials Plus security standards.
If we process your personal data, you have the following rights. You can exercise these rights at any time by emailing us at compliance@brownejacobson.com or by using the other contact details given in the ‘Contact details’ section below.
You have the right:
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting the Risk & Compliance Director in the first instance by using the contact details below. If we are unable to resolve your concerns and you remain dissatisfied, you have the right to complain to the relevant supervisory authority.
In the UK the relevant supervisory authority is the Information Commissioner’s Office (ICO). The ICO’s contact details are available here: https://ico.org.uk/concerns/.
In Ireland the relevant supervisory authority is the Data Protection Commission (DPC). The DPC’s contact details are available here: www.dataprotection.ie.
Please read this notice carefully and contact us if you have any queries by emailing us at compliance@brownejacobson.com, or by writing to:
Risk & Compliance Director
Browne Jacobson LLP
Castle Meadow Road
Nottingham
NG2 1BJ
or by calling us on:
+44 (0)115 976 6000
+44 (0)115 947 5246.
Our UK representative is Browne Jacobson LLP. You may contact our representative at:
Risk & Compliance Director
Browne Jacobson LLP
Castle Meadow Road
Nottingham
NG2 1BJ
or by emailing compliance@brownejacobson.com or by calling us on +44 (0)115 976 6000 or +44 (0)115 947 5246.
Our EU representative is Browne Jacobson Ireland LLP. You may contact our representative at:
Jeanne Kelly, Partner
jeanne.kelly@brownejacobson.com
Browne Jacobson Ireland LLP
Viscount House
6-7 Fitzwilliam Square
Dublin 2
This privacy notice may change from time to time so we recommend that you review it periodically. This version of the privacy notice was last updated in December 2022.