GDPR Data Privacy Notice

🏢 1. Who We Are

This notice relates to the Firm, acting as the data controller responsible for the personal data you provide or that we collect during your interactions with us.

🗂️ 2. Data We Collect

We may collect the following categories of personal data:

• Identity data
• Contact data
• Usage data (including website interactions)
• Aggregated analytical data

🧾 3. How Data Is Collected

Data is collected directly from users (e.g., enquiries or forms) and indirectly through interactions with our website and online services.

⚙️ 4. How Data Is Used

Personal data is processed for the following purposes:

• To perform contractual obligations
• To pursue legitimate business interests
• To comply with legal or regulatory obligations

🤝 5. Sharing Your Data

Personal data may be shared with:

• Internal staff and authorised personnel
• Service providers acting on our behalf
• Regulators or legal authorities (where required)

✈️ 6. International Data Transfers

Where personal data is transferred outside the UK or EEA, appropriate safeguards are implemented to ensure compliance with GDPR requirements.

🔐 7. Data Security

We apply appropriate technical and organisational measures to protect personal data from misuse, loss, or unauthorised access.

🗄️ 8. Data Retention

Personal data is retained only as long as necessary. In most cases, data is retained for up to six years to meet legal or regulatory requirements.

📜 9. Your Rights

Under GDPR, individuals have the following rights regarding their personal data:

• Right of access
• Right to correction (rectification)
• Right to erasure
• Right to object
• Right to data portability

🔄 10. Changes to This Notice

This notice may be updated periodically to reflect legal or operational changes.