This policy is maintained by Adam Rose and Michele Morgan. Last reviewed in March 2023.
We respect your rights to data protection and privacy
This notice only relates to the processing of personal data directly provided by you or collected as a result of visiting this website. Should we process your personal data in a different context or circumstances (for instance if you instruct us and become our client), we will provide you with a separate notice.
Who are we?
We are Mishcon de Reya LLP, a limited liability partnership registered in England and Wales with number OC399969 and authorised and regulated by the Solicitors Regulation Authority under SRA number 624547. We are registered with the Information Commissioner's Office as a fee-paying controller, under registration number ZA144945.
In respect of personal data processed when you use this website, we are the controller. "Personal data", "processing" and "controller" are all used in this notice according to their definitions in the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.
What personal data do we collect?
As a result of your visiting this website, we may collect or otherwise process your personal data in the following ways:
- When you provide your personal data on a contact form.
- When you contact us by other means, such as email, telephone or fax
What is our basis for processing your personal data?
Any personal data that you give to us may be retained by us to provide a requested service, or for our legitimate interests as a business. You do not have to give us any of your personal data in order to use most of the website or associated online systems. However, if you wish to take advantage of some of the more special personalised services that we offer on our website, you will need to provide certain information.
In general, our legal basis for processing your personal data is that it is in our legitimate interests (and, indeed, in some cases, yours) to do so, although we would refrain from doing so if our legitimate interests were overridden by your interests or fundamental rights and freedoms. We have an interest in operating our business in the most customer-focused and professional way, and our processing of your personal data is done in accordance with this.
We will maintain this Privacy Notice from time to time on this site.
Who might access or receive your personal data?
Recipients of personal data provided as a result of your visiting this website will generally only consist of our employees. In certain circumstances we may be compelled to provide information we hold to third parties, such as regulatory or law enforcement bodies. We would only do so in compliance with the law, and where strictly necessary.
We do not intend to transfer your personal data provided or collected as a result of visiting our website outside of the UK.
As a result of your providing requests for services or updates, we may occasionally send you those mailings which you have requested or, in accordance with marketing laws, which we feel may interest you and/or are relevant to your practice/work. Such mailings may include details of our products and services, newsletters, briefing notes and legal updates and invitations to our various training seminars and other events. We will not send you such marketing unless you have asked to receive it, and we will always offer you the option to opt out of any future marketing (please note that the situation might be different if you subsequently become one of our clients).
We do not rent, sell or otherwise disclose your personal data to any other third party.
Other than when you have agreed to receive updates, your personal data provided or collected as a result of visiting the website will be stored for six months after the most recent activity recorded.
You have the right to:
- request from us access to, and rectification or erasure of, personal data
- request that we restrict processing concerning you
- object to our processing of the data
- data portability, where applicable
You also have the right to complain to the Information Commissioner's Office about the manner in which, or otherwise, in which we process your personal data.
Contacting us about your information
If you have any questions or concerns regarding your personal data or how it is used, please contact us.
To help us keep your personal data up-to-date, you should let us know should any of your contact details change, or if you notice any inaccuracies in them. You can do this directly via email or by using the mydetails.mishcon.com website. From time to time we may contact you to confirm that the data we hold for you is correct.
Explanatory note: this Privacy Notice is in place to inform you, in line with our general obligations, and in particular in line with Article 13 of the UK GDPR, of the processing by us of your personal data. It isn't a contractual document, so we don't ask you to "agree" to it, or claim that by reading it you are taken to have agreed to it.
Please note that where we are offering goods or services to individuals in the European Union we will also be subject to the GDPR itself (not just the UK GDPR). In those cases you would also have the right to make a complaint, under Article 77, to another GDPR supervisory authority. Also in those cases, we have designated a representative, under Article 27(1) of the GDPR. This is Mishcon de Reya IP B.V., of Prinsenkade 9D, 4811 VB Breda, The Netherlands, who can be contacted at firstname.lastname@example.org.