Creation Date: March 2021
Issue Date: June 2021
Responsible: Terry Daniell – Managing Director / Sharon McDermott – Managing Director and Data Protection Officer
Next Review Date: March 2022
Remarks: Branding updated 29.06.2021
Trenches Law respects your privacy and understand that it is important to you. Trenches are committed to meeting our legal obligations for everyone who visits this website https://trencheslaw.co.uk/ in protecting your personal data, including how and why we collect and use your data, and how we safeguard your personal information. This policy will inform you as to, the types of personal data that Trenches may collect, why Trenches may collect and use your data, when and why we will share personal data within Trenches and the rights and choices you have when it comes to your personal data.
What does this policy cover?
The data we collect
What is personal data?
Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified by reference to an identifier’.
Personal data or personal information, in simpler terms, means any information about an individual from which that person can be identified. Personal data covers obvious information such as an individual’s name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
There are different ways in which we will collect your information both directly from you and from third parties. For example:
Personal information you give to us
This is information about you that you give to us by entering information via:
- our website (trencheslaw.co.uk)
- our social media accounts, e.g., via Facebook, LinkedIn or Twitter
- corresponding with us by phone, email or otherwise,
- and is provided entirely voluntarily.
This includes information provided at the time of accessing our website to request access the “Book of Wayleave”; filling out our “contact us” form and engaging in correspondence with us by phone, email or otherwise. We may also ask you for information when you report a problem with our website.
The basic personal information we may ask for, or you may choose to give us, includes your name, your email address, your phone number, and your company name. We may retain details of any enquiry you make to us and records of any correspondence with us. We may also ask for, or you may choose to give us, other information for specific purposes, e.g., additional information to your enquiry.
We will seek to minimise the information we ask for to that which is needed to perform the relevant function of service at the time.
Personal information we collect about you
We automatically collect the following information when you interact with us: e.g., details of your visits to our site, including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources you access.
‘Special category data’ or ‘sensitive data’
How we use your personal information:
Under the Data Protection Legislation, we must always have a lawful basis for using personal data.
Where there is a Legitimate Interest
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, or those of a third party, for the following purposes:
We use your personal information to:
- to provide good and services to you;
- to verify the accuracy of data that we hold about you;
- to create a better understanding of you, as a customer of our products and services so we can customise the content of our website;
- to correspond or communicate with you about any changes to our website and/or to our services;
- to help improve our services and to ensure that our online content is presented in the most effective manner for you and your computer;
- to correspond or communicate with you to offer promotions from time to time which may be of interest to you.
Where there is a Legal Requirement:
We will use your personal information to comply with our legal obligations:
- to assist any public authority or criminal investigation body as required;
- to identify you when you contact us;
- to verify the accuracy of data we hold about you; and/or
- to help us comply with equalities legislation in our recruitment practices; and/or
- to comply with a request from you in connection with the exercise of your rights.
Where it is required to complete or perform a contract with you
We may use and process your personal information where we have supplied you (or continue to supply you) with any products or services; or where you are in discussions with us about any new product or service. We will use this information in connection with the contract for the supply of products or services when it is needed to carry out that contract with you or for you to enter into it.
- Where there are vital interests
- Where our use of your personal information is necessary to protect you or someone else’s life.
- Where you have provided Consent
- We may use and process your personal information where you have consented for us to do so for the following purposes: for marketing activities, which may include contacting you by email and/ or telephone and/or text message and/or by post with information, news and offers on our products and/or services. You will not be sent any unlawful marketing or spam.
- We will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes and you will be able to opt-out at any time.
- We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal date for that purpose.
- You may withdraw your consent from us to use your information any of these ways at any time. Please see section on withdrawing your consent for further details.
Who do we share your information with?
We will not share any of your personal data with any third parties for any purposes, subject to the following exception[s]:
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
Sharing your data outside of the UK
If any personal data is transferred outside of the UK, we will take suitable steps to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation.
How we protect & store your data
How we store your personal data
We will store some of your personal data in the UK. This means that it will be fully protected under the Data Protection Legislation.
We will store some of your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the EU GDPR and/or to equivalent standards by law. Transfers of personal data to the EEA from the UK are permitted without additional safeguards.
We will use specific approved contracts which ensure the same levels of personal data protection that apply under the Data Protection Legislation. For further information, please refer to the Information Commissioner’s Office.
Please contact us using the details below in Section 8 for further information about the data protection safeguards used by us when transferring your personal data to a third country.
How we protect your Personal Data
The security of your personal data is essential to us and to protect your data, we take several important measures, including the following:
- limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality.
- procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.
- Internal policies setting out our data security approach
- Training for employees on security and privacy.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information and/or personal data, we cannot guarantee the security of your information transmitted to your website and any transmission is at your own risk.
How Long we keep your personal data
We keep personal data and information for as long as necessary to ensure we can deliver our services. We will not keep your person for any longer than is necessary considering the reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):
|When information is collected||What information we ask for||How and why, we use your infromation|
|When you register with us||identity
|Performance of the agreement and provision of services|
|To process and deliver your order including:
Manage payments and subscriptions and charges
Collect and recover money owed to us
|Performance of the agreement and provision of services
Necessary for our legitimate interests (to recover debts due)
|To manage the relationship between us and you which will include:
asking you to leave a review or to take a survey
|Performance of the agreement and provision of, subscriptions, products, and services
Necessary to comply with a legal obligation
Necessary for our legitimate interests (to keep records updated and to study how customers use our services)
|To administer and protect our business (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Identity
|Necessary for our legitimate interests (for running business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
To comply with a legal obligation
|To deliver relevant website content and advertisements to partner and measure or understand the effectiveness of the advertising our serves to you||Identity
|Necessary for our legitimate interests (to study how customers use our subscriptions and services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||Technical
|Necessary for our legitimate interests (to define types of customers for our subscriptions and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)|
|To make suggestions and recommendations to you about subscriptions or services that may be of interest to you||Identity
|Necessary for our legitimate interests (to develop ours products/services and grow our business)|