Arthur Cox Northern Ireland is committed to safeguarding the privacy of information we hold. This Privacy Statement explains how we may collect and use information about you, and your rights in relation to that information.
This Privacy Statement sets out how Arthur Cox Northern Ireland collects, uses and discloses personal data and ensures compliance with current laws and regulations.
The Privacy Statement applies across the conduct of our business, including use of personal data in connection with:
- requesting information from us;
- dealing with enquiries that you may make;
- our business acceptance processes when you engage our legal services;
- providing you with legal services;
- managing and administering your or your organisations’ business relationship with us, including processing payments, accounting, auditing, billing and collection, support services;
- we may collect or receive information about you from other sources, such as keeping the contact details we already hold for you accurate and up to date using publically available sources;
- your relationship with one or more of our clients;
- applying for a job or work placement;
- insurance purposes;
- compliance with our legal obligations; and
- business development including sending legal updates, publications and events details.
We may share this information with other Arthur Cox offices and service providers outside Northern Ireland. In the course of carrying out the activities referred to above we may transfer your data to other countries, which may not have the same legal protections for your data as does the UK. Where data is being transferred outside of the European Economic Area, we will take steps to ensure that your data is adequately protected in accordance with UK legal requirements. Where we are in a contractual relationship with the recipient, such protection will include appropriate contractual protections agreed between us and the recipient.
The personal information that we process includes:
- Basic information, such as your name (including name prefix or title), the company you work for, your title or position and your relationship to a person;
- Contact information, such as your postal address, email address and phone number(s);
- Financial information, such as payment-related information;
- Information you provide to us for the purposes of attending meetings and events;
- Identification and background information provided by you or collected as part of our business acceptance processes;
- Personal information provided to us by or on behalf of our clients or generated by us in the course of providing our services, which may include special categories of data;
- Any other information relating to you which you may provide to us.
HOW WE OBTAIN PERSONAL INFORMATION
We will collect personal information directly from you, from our clients or their counterparties and authorised representatives. We may also collect relevant information from third parties, regulatory authorities, employers or other organisations with whom you have dealings including government agencies, credit reporting agencies, recruitment agencies, information or service providers, publically available records and third parties.
USE OF YOUR INFORMATION
We may use your personal information, including disclosure to third parties, if:
- it is necessary for the performance of a contract with you or necessary in connection with a legal obligation;
- you have provided your consent to such use;
- we consider such use of your information within your reasonable expectations and not detrimental to you, having a minimal impact on your privacy, and necessary to fulfil our legitimate interests;
- it is necessary to fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims;
- it is required for legitimate business purposes; or
- we are otherwise required by law.
CAREERS AND RECRUITMENT
If you apply for a job or work placement with us, you may need to provide information about your education, employment, state of health and community background. Your application will constitute your expressed consent for our use of this information to assess your application and to allow us to carry out any monitoring requirements under law as an employer. In addition, we may also carry out various screening checks (including reference, eligibility to work, and vocational suitability) and consider you for other positions. We may disclose your personal information (including diversity and equality information) as required by law.
INFORMATION PROVIDED AS PART OF OUR SERVICE RELATIONSHIP WITH YOU
We may use personal information to send details of new services, legal updates, and invitations to seminars and events, where we have a legitimate business reason to do so (for example, where this is called for in our business relationship agreement with a client organisation).
BUSINESS DEVELOPMENT AND MARKETING
Where there is not a formal service relationship with you, we may use personal information to send you details of new services, legal updates, and invitations to seminars and events. In these circumstances, we will only do this where you consent.
If you prefer not to receive this information from us in the future, you may opt out of any or all elements (new services, legal updates, invitations to seminars and events) at any time by emailing firstname.lastname@example.org.
HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT
Your personal information will be retained, in computer and/or manual files, only for as long as necessary to fulfil the purposes for which the information was collected; or as required by law; or as long as is set out in any relevant contract you may hold with us.
Your personal information will be retained in accordance with our Data Retention Policy which categorises all of the information held by us and specifies the appropriate retention period for each category of data. Those periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.
Arthur Cox Northern Ireland takes appropriate measures to secure personal data and protect it from unauthorised access, use, disclosure, alteration or damage consistent with applicable data protection laws. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Arthur Cox Northern Ireland is ISO 9001:2015 certified and it is a requirement that all our employees and any third parties we engage process your personal information in accordance with applicable data protection law.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected security breach where we are legally required to do so.
Please note that our website and other digital platforms may contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms and therefore we recommend that you check the privacy and security policies of each and every other website / digital platform that you visit.
You may have a right in accordance with applicable data protection law to:
- request details of the information we hold about you and how we process it;
- have personal information rectified or deleted and to restrict our processing of that information;
- stop unauthorised transfers of your personal information to a third party;
- have personal information relating to you transferred to another organisation; and
- to lodge a complaint in relation to our processing of your personal information with the Information Commissioners Office.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform our services. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
It is important that your personal information is accurate and up to date, please advise us of any changes to your information.
You have the right to access your information, if you would like to request a copy of your information or would like to change or update the information we hold about you please contact us at email@example.com or Arthur Cox Northern Ireland, Victoria House, Gloucester Street, Belfast BT1 4LS.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). Its contact details are:
Information Commissioner’s Office
14 Cromac Place
Tel: 028 9027 8757
We would appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance in writing to firstname.lastname@example.org or Arthur Cox Northern Ireland, Victoria House, Gloucester Street, Belfast BT1 4LS.
On receipt of a complaint we will create a file containing all the details of the complaint. This normally contains the identity of the complainant and any other relevant individuals. We will only use the personal information we collect to process the complaint and to check on our level of service. We may have to disclose the complainant’s identity to whomever the complaint is about. If a complainant doesn’t want identifying information to be disclosed, we will make every effort to accommodate this. However, it may not be possible to handle a complaint anonymously in every circumstance. In line with our retention policy information relating to a complaint will be retained for two years from closure. During this period, it will be retained securely and with restricted access.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on our level of service.
We review this Privacy Statement regularly and reserve the right to revise it or any part of it from time to time to reflect changes in the law or best practice.
If you have any questions or concerns about this Privacy Statement, please contact our Compliance Officer at email@example.com or Arthur Cox Northern Ireland, Victoria House, Gloucester Street, Belfast BT1 4LS.