PRIVACY

The Macdonald Maciver and Co Limited Privacy Notice is available here for you to read. If you require any further information about how we handle your personal data, pease do not hesitate to get in touch.

Business Meeting

MACDONALD MACIVER & CO. LTD - PRIVACY NOTICE

Our Privacy Notice describes the categories of personal data we process and for what purposes.  We are committed to collecting and using such data fairly and in accordance with the requirements of applicable data protection legislation.

This Privacy Notice became effective on 25 May 2018.

 1. Introduction 

1.1 This Privacy Notice explains your privacy rights and how we gather, use and share your personal information. That includes the personal information we already hold about you now and the further personal information we might collect about you, either from you or from a third party.  How we use your personal information will depend on the services we provide to you.

1.2 This Privacy Notice provides information about how we use your personal information and will update any previous information we have given you about using your personal information (also referred to as personal data).

1.3 We are the controller of your personal information under applicable data protection legislation, unless otherwise stated in this Privacy Notice or otherwise provided for in applicable data protection legislation.

1.4 If you have any queries regarding our use of your personal information, please contact us at Data Protection Officer, MacDonald Maciver & Co. Ltd, 20 Francis Street, Stornoway, Isle of Lewis HS1 2NB.

1.6 In this Privacy Notice, the terms "we", "us" and "our" refer to MacDonald Maciver & Co. Ltd.

 2. Your Privacy Rights

2.1 You can exercise any of your rights by contacting us at Data Protection Officer, MacDonald Maciver & Co. Ltd, 20 Francis Street, Stornoway, Isle of Lewis HS1 2NB.

2.2 Any requests received by MacDonald Maciver & Co. Ltd will be considered under applicable data protection legislation. If you remain dissatisfied, you have a right to raise a complaint with the Information Commissioner's Office at ico.org.uk.

Right to be informed

This Privacy Notice informs you about the collection and use of your personal information.    

Right to access

You have a right to request access to the personal information that we hold about you by making a "subject access request".

Right of rectification

If you believe that any of the personal information that we hold about you is inaccurate or incomplete, you have a right to request that we correct or complete that personal information.

Right of erasure

If you wish us to delete the personal information that we hold about you, you may request that we do so in certain circumstances.

Right to restrict processing

You have a right to request that we restrict the processing of the personal information that we hold about you for specific purposes.

Right to object

You have a right to object to us processing your personal information in certain circumstances.

Right to portability

You have a right to obtain and reuse the personal information that we hold about you for your own purposes in certain circumstances.

Rights related to automated decision-making

Where we undertake any automated decision-making and profiling, you have certain rights in relation to such processing.

3. The categories of personal information we use

3.1 MacDonald Maciver & Co. Ltd is a general practice law firm and estate agency, and therefore we use a variety of personal information depending on the services we deliver.

3.2 In all cases, we need to use your name, address, date of birth, contact details and information to allow us to check your identity.

Contact and socio-demographic information

In all cases, we need to use your name and contact details, including your postal address, email address and phone number.  We will use this data and your date of birth to allow us to check your identity to meet our legal obligations.  We may also use your date of birth to allow us to determine how long we will retain historic wills.

Race, ethnic origin, politics, religion, trade union membership, sex life, sexual orientation

These special categories of personal information may be required in employment cases, for example if you are raising a claim for discrimination or unfair dismissal.


They may also be used in matrimonial cases (for example, divorce) and other forms of dispute resolution and litigation.

Health and medical information

This personal information will be used in various cases, including personal injury cases, employment cases, matrimonial cases, cases where we are supporting individuals who have a vulnerability (for example arranging powers of attorney), other forms of dispute resolution.

Criminal offence data

This personal information may be processed in relation to litigation cases, employment cases, matrimonial cases and other cases.  This information may also be used in all cases in relation to due diligence required for fraud prevention, and/or anti-money laundering to meet our legal obligations.

Information relating to financial status or position

Including salaries, pensions, dividends and other earnings, data used to make assessments of an individual’s ability to meet existing or potential financial obligations, information received from credit reference agencies, information about money an individual owes or could owe, information about an individual's assets.


This personal information will be used in a wide range of legal matters including debt recovery, litigation, other forms of dispute resolution, matrimonial, employment, personal tax, trusts, wills, business creation/acquisition/disposal, property matters, lending, borrowing, other financing.

Information relating to payment, credit and debits.

Funds received from or for an individual or made in relation to a client's matter (e.g. to pay for the legal service, to pay for outlays incurred by us on your behalf, to pay in settlement of a claim, property purchase/sale, other asset purchase/sale).


We do not store credit or debit card details, but will use them to process payments in line with PCI-DSS standards.

Personal information contained in communications with individuals across different channels.


Copies of letters received by or sent to us, information relating to emails received by or sent by us, file notes, other information or logs about when communication has taken place (rather than the content of that communication), and/or information you supply when contacting us through one of our websites.

Social relationships

Personal information relating to an individual's family and social relationships including status of spouse/partnerships, wider family including parental and caring status may be used in range of types of cases.

Open data and public records

Personal information relating to individuals that are, or can be, collected from public or open sources.  These do not necessarily have to be collected from open data/public records, and may come from other sources (e.g. from you directly, or from your other advisors or solicitors on the other side of the transaction).  This may include information about an individual's bankruptcy, information about a public office held by an individual, information about inhibitions, information about ownership of land held by the Land Register, Register of Inhibitions, Companies House, information from courts or tribunals, information from credit agencies to verify an individual's identity, information from Royal Mail and/or other data sources which we use to verify the accuracy of our client postal addresses.

Consents

Personal information relating to permissions, consents or preferences given to us by individuals, contact permission, mandates to contact employers, other solicitors, and/or GPs and other medical specialists.

National Identifiers

Unique identifiers attributed to an individual from a government department, such as Tax ID, National Insurance Number, and/or passport number.  This information may be used as part of our customer due diligence measures for identifying individuals to meet our legal obligations.  The information may also be used in different types of cases including trusts, personal tax, and employment.

Technical

When you visit our websites and use other systems, we may collect personal information to monitor usage.  This could include your IP address, operating system and browser type.  This will be used to improve our websites, systems, and for research into service delivery.

4. How we gather personal information

4.1 We are a general practice law firm, engaged with a large number of stakeholders. We obtain personal information from a wide range of sources:

4.1.1 Directly from you or your representative, for example when you submit details through our websites, sign up for estate agency mailing lists, contact us in writing, by email, in person, by telephone, or by any other method.

4.1.2 From information you or your representative have made publicly available.

4.1.3 From other people you know, including family members, and people you are financially linked to, and their representatives. This also includes organisations and individuals who are our clients in circumstances where you are party to, or otherwise involved in, a matter on which we are instructed, for example as a witness, beneficiary, guarantor, buyer, seller, debtor, defender, pursuer, employee, or employer.

4.1.4 From other organisations which have referred you to us, for example estate agents, accountants, financial advisers, other solicitors, insurance companies, banks.

4.1.5 From open data and public records, for example from various registers (Land Register, Register of Inhibitions, Companies House, OSCR, etc.), credit agencies and from Dow Jones to verify the identity of our clients and beneficial owners to assist us in complying with our legal obligations.


5. How we use your personal information

5.1 To respond and communicate

5.1.1 We use personal information to allow us to respond to you and communicate with you regarding your instructions, questions, comments, support needs, complaints or concerns.

5.2 Using client information

5.2.1 When you become our client, we will collect, store and use the personal information that you provide to us in your instructions and during the course of our solicitor/client relationship.

5.2.2 We need to collect personal information so that we can perform our obligations under our service agreement with clients. We will use such personal information to:

5.2.2.1 provide clients with legal advice, including communicating with them by email, letter and/or telephone, etc. in connection with the services that we provide;

5.2.2.2 represent clients as their solicitors in connection with such services;

5.2.2.3 provide clients with legal advice in respect of the matter(s) upon which we are instructed to provide advice; and/or

5.2.2.4 process and make payments in connection with such matter(s).

5.2.3 If clients do not provide us with all of the personal information that we need to collect in order to perform our obligations under our service agreement, then this may affect our ability to provide them with legal advice and/or represent them as their solicitors.

5.2.4 We may also process personal information for purposes relating to the provision of services we provide including updating, reviewing and enhancing client records and undertaking analysis for management purposes.

5.3 Business clients and other stakeholders

5.3.1 For business clients (including bodies corporate, public bodies and/or charities) and other stakeholders including suppliers, we will use personal information about key individuals in the business, so that we can operate and administer the services which we provide.

5.3.2 To comply with our legal obligations to prevent financial crime (see 5.4 below) we will complete due diligence steps by using personal information about key individuals who are either a sole trader of the business or are a proprietor, director, company secretary, shareholder, partner, member, committee/board member, trustee, charity trustee, controller, beneficial owner or authorised signatory to the account of the business.

5.4 To comply with our legal obligations to prevent financial crime

5.4.1 To comply with our legal obligations to prevent financial crime including money laundering under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, we will use personal data including name, address, date of birth, country of residence/citizenship, personal identification (which may include passport number or driving licence number), information about any criminal convictions, information about roles held in public office, and information about your status as or your relationship and association with a politically exposed person.

5.4.2 We will give personal information to and receive personal information from third parties where that is necessary to meet our legal obligations, including credit reference agencies, fraud prevention agencies, the police and other law enforcement and government agencies, and regulators.

5.4.3 We will use the personal information described in 5.4.1 above to verify the identity of individuals. This does not affect individual's credit history or rating.

5.5 To comply with regulatory obligations

5.5.1 We will provide our regulator, the Law Society of Scotland, with names of individuals for whom our solicitors act under Powers of Attorney.

5.6 Other parties

5.6.1 We will process personal information of individuals who are not our client, but have a relationship with our client as described in 4.1.3 above.

5.6.2 We will obtain such personal information from the sources described in 4 above, which will include the same categories of information described in 3 above.

5.6.3 We will use this information to comply with our duty as a legal adviser to our client, which is a regulatory requirement on us as a firm of solicitors regulated by the Law Society of Scotland. We may have a duty to disclose information to our client where relevant to their case (for example information about earnings in a divorce matter).

5.7 Financial management and debt recovery

5.7.1 We may give personal information to and receive personal information from third parties where that is necessary to recover debts due by you to us, for example, credit reference agencies and sheriff officer or bailiff services.

5.8 To market services to you

5.8.1 We will use contact details provided by our clients and information on the services clients have used to assess what services would be most beneficial to them. For example, where we hold a client's will, we may write to the client to advise them to consider updating their will.

5.9 Automated decision making and profiling

5.9.1 We do not use personal information to make decisions solely by automated means without any human involvement.

6. Our legal basis for using your personal information

6.1 We only use your personal information where that is permitted by the applicable data protection legislation. We only use personal information where:

6.1.1 we have your consent (if consent is needed);

6.1.2 we need to use the information to comply with our legal obligations;

6.1.3 we need to use the information to perform a contract with you, including taking steps to enter into a contract with you; and/or

6.2 Where we have your consent, you have the right to withdraw it at any time.

 7. Sharing personal information

7.1 We may be required to share personal information with statutory or regulatory authorities and organisations to comply with statutory obligations imposed both upon us and upon you in respect of the matter(s) upon which we advise. Such organisations include the Law Society of Scotland, Department of Work & Pensions, HMRC, Scottish and UK courts, Registers of Scotland and/or local authorities.

7.2 We may also share personal data with our or your other professional advisors for the purposes of taking advice and the event of any legal claims.

7.3 We may be required to share personal information with other organisations, which during the course of our providing services on a matter may be contracted to supply a service related to such matter, which we are not in a position to provide. Depending on the nature of your instruction to us, this may include sheriff officers, property search companies, Companies House, expert witnesses, translators, local agents, accountants and/or auditors.

7.4 In the event that we do share personal information with external third parties, we will only share such personal data strictly required for the specific purposes and take reasonable steps to ensure that recipients shall only process the disclosed personal data in accordance with those purposes.

8. Storing personal information

8.1 We will protect your personal information in order to prevent unauthorised access to, or use or disclosure of, your personal information through a number of organisational and technical security measures. Your personal information is stored on our systems to which access is both physically and electronically controlled. 

8.2 For the purposes of IT hosting and maintenance, the personal information we hold is located on servers within the European Union.

8.3 Our staff receives data protection training and we have detailed data protection and information security procedures in place. 

9. How long we keep your personal information for

9.1 We will retain your personal information for as long as is required to comply with our obligations set out above, unless you ask us to return any copies of it to you or send it to a third party.