Privacy Policy

Privacy

At PCB Byrne LLP we take your privacy seriously and this privacy statement explains what personal data or information we collect from you and from people who visit our website and how we use it.  We would encourage you to read the information below.

Who are we?

PCB Byrne LLP is a registered company (OC322793) and our registered office address is: 5th Floor, 1 Plough Place, London, EC4A 1DE. PCB Byrne LLP is a registered data controller (ICO registration number Z1158597).

What personal data or information do we collect?

We may collect personal data about clients, prospective clients, job applicants, our current and former employees, suppliers, and external experts. The personal information we collect may include your name, address, email address, IP address, and information regarding what pages you access on this website and when.

How do we collect data or information from you?

We collect personal information about you when you:

  • Instruct us to act on your behalf
  • Make an enquiry via our website or via the telephone
  • Use our website
  • Enquire about a job opportunity
  • Work for or with the firm
  • Exchange business cards with a member of the firm
How is your information used?

We collect your personal data or information to operate the firm effectively and provide you with a high-quality service.  We may use your information:

  • To deliver legal services to you on your instruction.
  • To answer enquiries that you make prior to any formal instruction.
  • To avoid any conflict of interest as we represent you
  • To process a job application
  • To fulfil our obligations as an employer
  • To provide benefits to you as an employee
  • To adhere to regulations set out by the Solicitors Regulatory Authority
  • To adhere to quality standards as set out under the Lexcel Standard.
  • To maintain security of our office and IT infrastructure
  • To invoice you, and to track payments you make or payments made to you

We believe that all these purposes are justified on the basis of our legitimate interests in running and promoting the firm, our contractual requirements to deliver the agreed legal services to you, and our legal obligations, both as an LLP and responsible employer.   If you would like to know more, please read below:

  • Clients
  • Prospective Clients
  • Job Applicants, Our Current and Former Employees
  • External Experts
  • Suppliers        

Clients

As a client, we may hold the following information about you:

  • Name, date of birth, and contact information.
  • National insurance number
  • Information relating to your legal matter
  • Financial details
  • Information and documents relating to the service we are providing, including communications with you.
  • Billing and payment information.

We store your information in our practice management system on our secure servers based in the UK.  We also hold paper copies of your information in the client matter files, stored in our London office and in a secure, offsite storage archive.

We occasionally use third-party online tools:

  • “Safe-4 to share documents electronically with you with your agreement.  Safe-4 uses servers which are based in the United Kingdom and so do not transfer your data to outside the EEA and to jurisdictions which may not be subject to the same level of data protection. Safe-4 UK advises that its UK data centres comply with the key information security standard ISO 27001.”  Safe-4’s Privacy Policy.
  • Brookland Computer Services – hosted IT platform;
  • Mimecast – email archive;
  • Morae Global Corporation (formerly Phoenix) – iManage; and
  • Tresorit – secure file sharing.

We will retain your client matter file for the duration of our relationship with you, then for a minimum of 7 years after, and a maximum of 12 years, if required for audit purposes.  We will retain financial records for 6 years, following the end of the current financial year.

Prospective Clients

As a prospective client, we may hold the following information about you:

  • Name, date of birth, and contact information.
  • National insurance number
  • Brief information relating to your legal matter

We store your information in our practice management system on our secure servers based in the UK.  Communications with you relating to your initial enquiry may also be stored in our email system for a period of 6 months. If you do not become a client of the firm we will retain any personal information about you that was used to conduct a conflict of interests check (as required by the Solicitors Regulatory Authority) for a period of 6 months.

Job Applicants

When you apply for a job with us, we may hold the following information about you:

  • Name, date of birth, and contact information.
  • Information relating to your qualifications and experience
  • References where we take them up
  • Information and documents relating to the review, interview and selection process, including communications with you.

We store your information in our practice management system on our secure servers based in the UK.  We will also store communications with you relating to the interview process on our email server, based in the UK.  We will retain your personal data relating to the review, interview and selection process for a period of 6 months after the interview date unless we have agreed to retaining your details for a further period. 

Current and Former Employees

When you work for us, we may hold the following information about you:

  • Name, date of birth, and contact information
  • National insurance number and Unique Tax Reference (UTR)
  • Information relating to your qualifications and experience
  • Information and documents relating to your performance and supervision as an employee of the firm, including communications with you
  • Your photograph, including Building Pass, Passport and Driving Licence
  • Financial information, such as bank details, pension scheme and salary details
  • Information about your next of kin
  • Health information

We store your information in our practice management system on our secure servers based in the UK and in hard copy in a secure filing cabinet in the office.  We will also store communications with you on our email server, based in the UK.  We will retain your personal data for the duration of your employment and for a period of 6 years after you leave the firm.  Beyond this point, we may retain only minimal information about you to confirm the period of time you were employed by the firm for reference purposes. We share your information with HMRC, and our chosen pension / benefits providers

External Experts

When you work with us to provide expertise to matters we are working on, we may hold the following information about you:

  • Name and contact information.
  • Information relating to your qualifications and experience
  • Information and documents relating to the service you provide us with, including communications with you.
  • Feedback about your performance

We store your information in our practice management system on our secure servers based in the UK.  We will also store communications with you on our email server, based in the UK.  We will retain your personal data for the time you are available as an expert and for a maximum of 1 year after you are no longer available. 

Suppliers

When you work with the firm as a supplier, we may hold the following information about you:

  • Name and business contact information.
  • Information relating to your qualifications and experience
  • Information relating to your business activities
  • Information and documents relating to the services or products you offer, including our communications with you.
  • Financial information

We store your information in our practice management system on our secure servers based in the UK.  We will also store communications with you on our email server, based in the UK.  We will retain your information for the duration of our relationship with you and for 7 years after the last purchase we made from you. 

Marketing/Business Development

We should like to send information about our services that we believe may be of interest to you. If you have consented to being contacted on this basis we will store your information in our practice management system on our secure servers and on our email server based in the UK. We may contact you by mail, telephone, email or text. We will keep the personal information you have provided for any marketing or business development purpose for as long as is necessary or until you have advised us that you have changed your mind, wish to opt out and want us to delete the information. If you wish to opt out and want us to delete the information please either write to our Data Protection Compliance Programme Manager, Nick Ractliff at nractliff@pcb-byrne.com or send an email to datacontroller@pcb-byrne.com with “Stop Marketing” in the subject line. Alternatively you may click the unsubscribe button in an email we send to you with marketing or business development information and follow any further instructions.

Who has access to your information?

We do not sell or rent your personal data or information to any third party or share your information with third parties for their marketing purposes.  

We will disclose your data or information if required by law, for example by a court order or for the prevention of fraud or other crime.

We may pass information about your matter to the prosecution and to other parties within the justice system (e.g. Counsel, Barristers, Police) as required to provide legal services to you. 

We may pass your information on to third party service providers, agents or subcontractors for the purposes of completing a task or providing services to you on our behalf (e.g. to provide external expertise in your matter). However, we disclose only the personal information necessary to deliver that service and have a contract in place that requires them to keep your information secure and not to use it for other purposes.

A list of third – party service providers who act as data processors on our behalf can be obtained from the data controller at datacontroller@pcb-byrne.com.

Transfers outside of the European Economic Area

Your personal information in the European Economic Area (EEA) is protected by data protection laws, but other countries do not necessarily protect your personal information in the same way. The EEA covers all countries in the EU plus Norway, Liechtenstein and Iceland. A limited number of the third-party providers we use to help us manage our business and services may involve data transferring to the United States or other countries outside of the EEA. Specific providers are identified above and we link to their relevant Privacy Policies. Where your data is transferred outside the EEA and the country to which it has been transferred has not been designated by the European Commissioner as a country with equivalent standards of data protection as the EEA we seek assurance from our processors that appropriate safeguards are in place to protect your data.

Your rights

You have certain rights over the processing of your personal information by PCB Byrne LLP. These are:

  • The right to be informed, which is what this privacy policy is for
  • The right to access the data we hold about you
  • The right to object to direct marketing
  • The right to object to processing carried out on the basis of legitimate interests
  • The right to erasure (in some circumstances)
  • The right to data portability
  • The right to have your data rectified if it is inaccurate
  • The right to have your data restricted or blocked from processing

We do not undertake direct marketing activities, so you will not receive such information from us.

How you can update your information

The accuracy of your information is important to us.  If you change your contact details or if you want to update any of the information we hold on you, please email us at datacontroller@pcb-byrne.com.

or by post at: 5th Floor, 1 Plough Place, London, EC4A 1DE.

 

How you can access your personal information

You have the right to ask for a copy of the personal information PCB Byrne LLP hold relating to you. To do this please contact datacontroller@pcb-byrne.com.

or by post at: Data Protection Lead, 5th Floor, 1 Plough Place, London EC4A 1DE. 

You also have the right to lodge a complaint about our processing of your personal data with the UK’s Information Commissioner’s Office.

Keeping your data secure

When you give us personal information we take steps to ensure that it’s treated securely and strive to protect it on our internal systems.  Our secure server systems encrypt your information.

Contacting us via email

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government standards. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

 

More questions?

To contact PCB Byrne LLP with a data protection query regarding the processing of your personal data, please use the contact us or email datacontroller@pcb-byrne.com.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 01.04.21.