Privacy Policy

Walkers Commercial Solicitors Limited is committed to ensuring your privacy is protected. It is therefore important that you read this our Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data and your rights in relation to your personal data.

Personal data is any information relating to an identified or identifiable living individual. We are a data controller and our use of your personal data is subject to your instructions, the current data protection regulation and our professional duty of confidentiality.

The personal data collected is required to enable us to provide our legal services to you. When we request personal data from you we will tell you for what purpose we are requesting the data and who it will be shared with. If you do not provide the personal data and information that we ask for, it may delay or prevent us from providing the legal services to you that you have contracted with us to carry out on your behalf.

Should you wish to complain, exercise any of your rights relating to your personal data or contact us regarding anything else in this privacy policy you can get in touch with us using the contact information provided below. We may require you to provide further information or ID before we are able to help with your request.

We reserve the right to change this Privacy Policy from time to time.

Data Controller Walkers Commercial Solicitors Limited

31 Bootham
YO30 7BT
Data Protection Officer Charles Walker
Personal data we may collect
  • Name
  • Address, telephone number, email
  • Date of birth
  • Gender
  • National Insurance number
  • Passport, driving licence (or other ID) details
  • Information relating to the matter in which you are seeking our advice or representation
  • Financial details including source of funds, account details or financial affairs
  • Company information/Corporate affairs and your job title or position within the company
  • IP address, location, user device or other website analytics
Sensitive Personal Data
  • Sensitive personal data may include racial or ethnic origin, political affiliations, beliefs, health or sexual orientation.
  • We do not normally collect or store your sensitive personal data
  • In any circumstance where we do collect sensitive personal data we will take extra care to ensure your privacy rights are protected and will not use it without your explicit consent.
How we hold your Personal Data
  • Hard copy records at our offices
  • On our internal computer systems
  • Online or externally with an external software provider, emails or shared drives
  • Offsite in a secure document storage facility
How is personal data collected
  • It is provided by you
  • Use of publicly accessible sources e.g. Companies House or HM Land Registry
  • Via third parties e.g. financial institutions, consultants or professionals
  • Via our website
  • Data generated throughout your matter
Legal basis for processing your personal data
  • Your consent where it is freely given, specific, informed and unambiguous
  • To comply with legal and regulatory obligations
  • For our legitimate interests or those of a third party
Reasons for using your personal data
  • To perform any necessary checks, such as anti-money laundering checks, before we begin your retainer
  • In order to act on any instructions by you in the delivery of our services
  • After the conclusion of your matter to respond to any questions, complaints or claims or to check for conflicts of interest
Third parties with whom we may share your personal data
  • Professional advisers who we instruct on your behalf or refer you to, e.g. barristers, accountants, tax advisers or other experts
  • Other third parties where necessary for legal compliance or to carry out your instructions e.g. mortgage providers, money laundering and property search providers, HM Revenue and Customs, HM Land Registry or Companies House
  • Our insurers and brokers
  • External auditors, e.g. in relation to the audit of our accounts
  • Our bank
  • Our IT and software providers
  • Regulators such as the Solicitors Regulation Authority, the Legal Ombudsman and the Information Commissioner's Office
  • Document storage providers
  • We have in place secure IT systems to protect your data
  • All staff are trained in current data protection laws, the appropriate use of your personal data and the risks and avoidance of data breaches
  • We ensure our service providers take appropriate measures to protect your personal data
  • We impose contractual obligations upon our service providers to ensure they can only use your personal data to provide services to us and to you
  • In the unlikely event of a breach of personal data we will inform you and the regulator of the breach and the risk to your data
  • Our general retention policy is to hold personal data for eight years following the conclusion of your matter
  • Some personal data may be held longer for legal compliance reasons and different retention periods will apply to different types of personal data
  • Financial transactions will be held indefinitely for auditing and investigative purposes
  • You may withdraw your consent for us to hold your personal data and we will make arrangements to return or delete such data subject to any we may or are required to hold for some other legitimate reason
  • To withdraw consent, you may contact us on any of the contact details provided above
Outside the EEA
  • In certain circumstances, we may send your personal data outside of the European Economic Area (EEA)
  • Non-EEA countries do not have the same data protections laws, so we will only transfer your data outside the EEA where necessary for the provision of legal services
  • The transfers will comply with data protection regulations
  • We will ask for your consent before contacting you for any marketing purposes, including providing news and updates, invitations to events or details of our services
  • We will never share your personal data with other organisations for marketing purposes
  • We will not sell your data on to any third parties
  • We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
  • We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
Your rights under the GDPR
  • Access your personal data
  • Be informed about data processing
  • Require us to rectify false information
  • Request erasure of your personal data
  • Restrict certain types of data processing
  • Object to your personal data being processed for direct marketing
  • Data portability which means any data you request that you have directly provided to us must be provided in a structured, machine-readable format
  • Challenge automated decision-making and profiling