1. Who we are:
We are Gayle D. Patton Solicitor of Suite 7, Seaview Offices, Main Street, Howth, Co. Dublin. You can contact us at this address by post or by email at email@example.com.
2. Why we process your data, the lawful basis for processing your data and who we share it with
The principles by which we respect user privacy and practice data protection:
We perceive privacy and data protection as a human right
We have a duty of care to the people within our data
We see data about individuals as a liability and believe it should only be collected and processed when absolutely necessary
We detest spam as much as you do!
We will never sell or otherwise distribute or make public your personal information.
A. For people who view and interact with our website, we process data to respond to your query when sent through our ‘contact us’ form
Site visitor tracking
Like most websites, this site uses Google Analytics to track user interactions. This data is used to determine the number of people accessing our website. This aids our understanding of how they find and use our web pages and helps us to see their interaction with the website. None of the data tracked by Google Analytics personally identifies you to us. The type of data tracked includes your geographical location, device type, internet browser and operating system. Google Analytics does record your connection IP address but Google do not grant us access to this. For name, Google is a third party data processor (more about third party processors below).
Contact forms and email links
Should you choose to contact us using the contact form on our Contact us page or an email link like this one, none of the data that you supply will be stored within this website. Instead it will be securely relayed to our email host with Office 365. For more details see https://servicetrust.microsoft.com/ViewPage/GDPRGetStarted.
The legal basis for this processing is our legitimate interest in the administration and operation of our legal services as well as our legitimate interest in marketing and promoting our firm’s legal services. We always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time. We share this data with our client relationship management system provider. They may only process this data for the purpose of providing us with their services, and no other purpose. We will retain this data for one year.
B. For our potential clients, we process data:
- in order to market the services of our firm
- to provide you with legal updates and newsletters to which you may have subscribed.
The legal basis for the processing of this data is processing necessary for the purpose of the legitimate interests of our firm in promoting our services. We always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
We share information such as your name and email address with our newsletter services provider who sends out our newsletters. This provider is not permitted to use this data other than on our behalf. We will retain this data for on year.
C. For solicitors and barristers that we liaise with on client matters, we process data:
In order to liaise with you about our client matters
The legal basis for the processing of this data is processing necessary for the purposes of the legitimate interests pursued by our firm in representing our clients. We share the information you provide with our practice management system in order to store your contact information with our client file. We may also send you emails through our email service provider.
We will retain this data for as long as you remain a client of the firm and until such time as you discontinue your retainer of this firm.
D. For job applicants to the firm, we process data:
- to recruit new employees
- to ascertain your suitability for a specific role.
The legal basis for this processing is processing necessary for the purpose of the legitimate interests of our firm in recruiting new staff. Please see the privacy notice in the job advertisement for further information about how we process applicant data. We share the information you provide in your application with our contracted recruiter in order to make a shortlist of candidates. This recruiter is not permitted to use this data other than on our behalf. We may also send you emails about your application through our email service provider. We will retain this data for one year.
3. Your rights relating to personal data
You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:
- right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
- right to rectification- you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
- right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
- right to restriction of processing or to object to processing – you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
- Right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine readable format.
In order to exercise any of the rights set out above, please contact us at the contact details at the start of this privacy notice.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal. If you are unhappy with how we process personal data, we ask you to contact us so that we can rectify the situation. You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commission.
4. Requirement to process personal data
You may browse our website without providing us with any personal data and this will not affect your ability to view our website. If you do not provide us with your information for the purposes described above, we cannot send your our newsletter, respond to your queries sent through our contact us form, liaise with you on client matters or assess your suitability for a role within our firm.
5. Automated decision-making and profiling
We do not use any personal data for the purpose of automated decision-making or profiling.
6. About our Third Party Data Processors
We use the services of a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with GDPR legislation. Both of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.
In the event of a Data Breach
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors in the event that it is confirmed, to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Gayle D Patton Solicitor