Privacy and Retention Policy
This policy is applicable to all areas processing personal records containing personal data at Hillyer McKeown LLP and the HM Group.
Any questions or requests surrounding this policy should be directed to Mr Paul Beckett, who can be reached by emailing [email protected]
Business details of Data Processor/Controller
Hillyer McKeown LLP is a company registered in England and Wales under company number OC344864 and with a registered office at Gorse Stacks, George Street, Chester, CH1 3EQ.
Data Controller or Processor
If Hillyer McKeown LLP is provided with personal information under contract via a third party, it is likely we will be acting as a Data Processor or acting as Joint Controllers. If this is not the case, then Hillyer McKeown LLP will be acting as the Data Controller.
Collecting personal information
We ask you for personal data only when it is needed to provide services you have enquired about or asked us to provide, to respond to your requests for information or to enable us to carry out our legal obligations in connection with instructions you may have given us.
We may collect, store and use the following kinds of personal information:
(a) information that you provide to allow the processing of your instructions including (but not limited to)your name, address, gender, date of birth, relationship status, health records, employment records and payment details, financial information, property information.
(b) information about your computer and about your visits to and use of our website including your IP address, search terms, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths;
(c) information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters;
(d) information that is generated in the course of the progression of your matter or services we provide;
(d) information that you provide to us when using the services on our website.
(f) information relating to any purchases of services or any other transactions that you enter into through our website, online chat or directly through our contact centre including your name, address, telephone number, email address;
(g) information that you provide when responding to customer service feedback or complaints;
(h) information contained in or relating to any communication that you send to us or send through our website, email or telephone calls (call recording) including the communication content and metadata associated with the communication; and
(i) Information we receive from other sources.
(j) payment data when purchasing services.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
We may also record phone calls for the purposes of staff training, mitigation of disputes and the collection of consent from data subjects.
Using personal information
Personal information submitted to us through our website, phone calls, emails or in person will be used for the purposes specified in this policy.
We may use your personal information to:
- act upon, process and progress instructions given by you to us;
(b) allow us to comply with our legal obligations in acting upon your instructions;
(c) enable your use of our services;
(d) send you information;
(e) process payments;
(f) send statements, invoices and payment reminders to you, and collect payments from you;
(g) send you non-marketing commercial communications;
(h) send you email notifications that you have specifically requested that form part of the service;
(i) send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter);
(j) deal with enquiries and complaints;
(k) keep our website secure and prevent fraud;
(l) verify compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website private messaging service).
(m) We will not supply your personal information to any third party for the purpose of their or any other third party’s direct marketing without your express consent.
(n) All our website and financial transactions are handled through our payment services provider, Worldpay We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, directly, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
(o) Data supplied by you for the purposes of our services is stored in our onsite facilities. We currently do not utilise cloud or data centre storage.
(p) We do not use any automated decision-making processes or profile of you based on the data you provide.
(q) Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending upon the types of information we receive).
Disclosing personal information
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, consultants, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy and in the delivery of our services.
We may disclose your personal information to any member of our group of companies. This means our subsidiaries, our ultimate holding company and all its subsidiaries insofar as reasonably necessary for the purposes set out in this policy as defined in Section 1159 of the UK Companies Act 2006.
We may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights including providing information to others for the purposes of fraud prevention and reducing credit risk;
(d) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
(e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
(f) except as provided in this policy, we will not provide your personal information to third parties.
International data transfers
We do not transfer any personal data outside of the EEA, should this requirement change then we will contact you again to obtain your explicit consent to the transfers.
Retaining personal information
This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Without prejudice to other obligations set out in this policy or legal obligations, we will usually delete personal data falling within the categories set out below at the date/time set out below:
(a) personal and sensitive data including marital status, religion, race, gender, sexual orientation, dependants, dependants’ names, medical history, criminal history, financial status, bank details – debt, CCJ, nationality, employment status, employer details where relevant – upon the completion of your matter;
(b) when you ask us to erase your data compliant with GDPR Article 17-within the timeframes prescribed in GDPR.
Notwithstanding the other provisions of this policy, we will retain documents and records containing personal data:
(i) to the extent that we are required to do so by law;
(ii) if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
(iii) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
There is no statutory period defined in legislation, so our retention period is based on 7 years retention unless there is a legal or business requirement to retain the data in excess of 7 years. Full details of our file storage /destruction policy are available on request.
Security of personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure password and firewall protected servers.
All communications via our website, payment transactions, electronic documents and database records will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except during authenticating access to electronic systems).
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure you are happy with any changes to this policy.
We may notify you of any changes to this policy by email.
Please let us know if the personal information that we hold about you needs to be corrected or updated.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) there is no payment required; and
(b) the supply of appropriate evidence of your identity for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank, plus an original copy of a utility bill showing your current address.
(c) We may withhold personal information that you request to the extent permitted by law.
(d) You may instruct us at any time not to process your personal information as permitted by law.
(e) You can instruct us to erase your data, compliant to GDPR Article 17.
(f) You have the right to lodge a complaint with the Data Protection Authority, if you consider your rights have been breached in anyway.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
Third party websites
Our website includes hyperlinks to, and details of, third party websites.
We have no control over, and are not responsible for, the privacy policies and practices of third parties if you register with them independently. If you follow any link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Cookies and Trackers
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
We use both session and persistent cookies on our website.
The purposes for which they are used, are set out below:
Category 1 – Session Cookies
These expire at the end of a browser session that is when the user exits the browser. They allow website operators to link the actions of users during a single browser session to allow them to use the website most efficiently. For example, session cookies enable a website to remember that a user has placed items in an online shopping basket.
Category 2 – Performance Cookies
These are cookies we use to gather browsing data anonymously to enable us to monitor the effectiveness of our website. The information gathered is not used for any other purpose.
Atlas cookies. These cookies are used to collect information about the marketing activity and the sales driven from this activity. The information is used to compile reports and to help improve the site and marketing activity. The cookies collect information in an anonymous form, including the number of clicks to the site from marketing activity, where the clicks have come from and the number of sales.
NONE of the cookies on our site contain or pass any personal, confidential or financial information or any other information that could be used to identify individual visitors or customers purchasing from our website.
Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
(b) in Firefox (version 47) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
(c) in Chrome (version 52), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
Note: Blocking all cookies will have a negative impact upon the usability of many websites and you may not be able to use all the features on the website.
You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (here are instructions for manually deleting cookies);
(b) in Firefox (version 47), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
(c) in Chrome (version 52), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.
Note: Deleting cookies will have a negative impact on the usability of many websites.
Data protection registration
We are registered as a data controller with the UK Information Commissioner’s Office.
We are registered in England and Wales under registration number Z4737214 and our registered office is at Gorse Stacks House, George Street, Chester, CH1 3EQ.
Our principal place of business is at Gorse Stacks House, George Street, Chester, CH1 3EQ.
You can contact us:
- by post, using the postal address given above;
- using our website contact form;
- by telephone, on the contact number published on our website; or
- by email, using the email address published on our website.
- by online live chat.
Or you can contact our Data Protection Officer directly by email at [email protected]
Download our Privacy and Retention Policy here.
File Retention Schedules
- Matrimonial Matters – 15 years
- Litigation – 12 years
Hillyer McKeown LLP (“We” or “Us” or “Our”) are committed to protecting and respecting your privacy.
For the purpose of the General Data Protection Regulations (GDPR), the data controller is Hillyer McKeown of Gorse Stacks House, George Street, Chester CH1 3EQ.
Information we collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on Our website www.hillyermckeown.co.uk (“Our Site”). This includes information provided at the time of registering to use Our Site, subscribing to Our service, posting material or requesting further services. We may also ask you for when you report a problem with Our Site.
- If you contact Us, We may keep a record of that correspondence.
- We may also ask you to complete surveys that We use for research purposes, although you do not have to respond to them.
- Details of your visits to Our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for Our own billing purposes or otherwise and the resources that you access.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to Our advertisers. This is statistical data about Our users’ browsing actions and patterns, and does not identify any individual.
Where we store your personal data
[All information you provide to Us is stored on Our secure servers. Any payment transactions will be encrypted [using SSL technology].] Where We have given you (or where you have chosen) a password which enables you to access certain parts of Our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted to Our Site; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways:
- To ensure that content from Our Site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from Us or which We feel may interest you, where you have consented to be contacted for such purposes.
- To carry out Our obligations arising from any contracts entered into between you and Us.
- To allow you to participate in interactive features of Our service, when you choose to do so.
- To notify you about changes to Our service.
We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and We or they may contact you about these by email, post or telephone.
If you are an existing customer, We will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.
If you are a new customer, and where we permit selected third parties to use your data, We (or they) will contact you by electronic means only if you have consented to this.
If you do not want Us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the registration page of Our Site.
[We do not disclose information about identifiable individuals to Our advertisers, but We may provide them with aggregate information about Our users (for example, We may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1). We may make use of the personal data We have collected from you to enable Us to comply with Our advertisers’ wishes by displaying their advertisement to that target audience.]
Disclosure of your information
We may disclose your personal information to any member of Our group, which means Our subsidiaries, Our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- In the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Hillyer McKeown LLP or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
You have the right to ask Us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms We use to collect your data. You can also exercise the right at any time by contacting Us at [email protected]
Our Site may, from time to time, contain links to and from the websites of Our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that We do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the GDPR.
Terms of Website Use
We are regulated by the Solicitors Regulation Authority.
Accessing our Site
Access to Our Site is permitted on a temporary basis, and We reserve the right to withdraw or amend the service We provide on Our Site without notice (see below). We will not be liable if for any reason Our Site is unavailable at any time or for any period.
From time to time, We may restrict access to some parts of Our Site, or Our Site in its entirety, to users who have registered with us.
You are responsible for making all arrangements necessary for you to have access to Our Site. You are also responsible for ensuring that all persons who access Our Site through your internet connection are aware of these terms, and that they comply with them.
Intellectual Property Rights
We are the owner or the licensee of all intellectual property rights in Our Site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.
You may print off one copy, and may download extracts, of any page(s) from Our Site for your personal reference and you may draw the attention of others within your organisation to material posted on Our Site.
You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.
Our status (and that of any identified contributors) as the authors of material on Our Site must always be acknowledged.
You must not use any part of the materials on Our Site for commercial purposes without obtaining a licence to do so from us or Our licensors.
Reliance of Information Posted
Commentary and other materials posted on Our Site are not intended to amount to advice on which reliance should be placed. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to Our Site, or by anyone who may be informed of any of its contents.
Our Site Changes Regularly
We aim to update Our Site regularly, and may change the content at any time. If the need arises, We may suspend access to Our Site, or close it indefinitely. Any of the material on Our Site may be out of date at any given time, and We are under no obligation to update such material.
The material displayed on Our Site is provided without any guarantees, conditions or warranties as to its accuracy. To the extent permitted by law, We, other members of Our group of companies and third parties connected to us hereby expressly exclude:
All conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity.
Any liability for any direct, indirect or consequential loss or damage incurred by any user in connection with Our Site or in connection with the use, inability to use, or results of the use of Our Site, any websites linked to it and any materials posted on it, including, without limitation any liability for:
- loss of income or revenue
- loss of business
- loss of profits or contracts
- loss of anticipated savings
- loss of data
- loss of goodwill
- wasted management or office time; and
- for any other loss or damage of any kind, however arising and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable, provided that this condition shall not prevent claims for loss of or damage to your tangible property or any other claims for direct financial loss that are not excluded by any of the categories set out above.
This does not affect Our liability for death or personal injury arising from Our negligence, nor Our liability for fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable law.
Information about you and your visits to our site
Viruses, hacking and other offences
You must not misuse Our Site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to Our Site, the server on which Our Site is stored or any server, computer or database connected to Our Site. You must not attack Our Site via a denial-of-service attack or a distributed denial-of service attack.
By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and We will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use Our Site will cease immediately.
We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of Our Site or to your downloading of any material posted on it, or on any website linked to it.
Linking to our site
You may link to Our home page, provided you do so in a way that is fair and legal and does not damage Our reputation or take advantage of it, but you must not establish a link in such a way as to suggest any form of association, approval or endorsement on Our part where none exists.
You must not establish a link from any website that is not owned by you.
Our Site must not be framed on any other site, nor may you create a link to any part of Our Site other than the home page. We reserve the right to withdraw linking permission without notice.
If you wish to make any use of material on Our Site other than that set out above, please address your request to [email protected].
Links from our site
Where Our Site contains links to other sites and resources provided by third parties, these links are provided for your information only. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them.
Jurisdiction and Applicable Law
The English courts will have exclusive jurisdiction over any claim arising from, or related to, a visit to Our Site although We retain the right to bring proceedings against you for breach of these conditions in your country of residence or any other relevant country.
If you have any concerns about material which appears on Our Site, please contact [email protected].