Arrested? Call 07988 226048
9:00 - 18:00
Lines Open Mon - Fri (GMT)
Search
Arrested? Call 07988 226048
9:00 - 18:00
Lines Open Mon - Fri (GMT)
Search
Fenton Marsh & Co is committed to protecting the privacy and security of personal data. This policy explains how and why we collect, use, and store personal information, the lawful bases upon which we process it, and the rights of individuals under the UK General Data Protection Regulation and the Data Protection Act 2018.
We act as a data controller in respect of the personal data provided to us. Our registered office is in London and we are authorised and regulated by the Solicitors Regulation Authority. We collect personal data directly from clients, prospective clients, counterparties, regulators, suppliers, professional contacts, and through publicly available sources. The categories of data collected may include names, contact details, identification documents, financial information, employment details, case-related information, and correspondence records.
We process this data for purposes including the provision of legal services, client identification and anti-money laundering checks, file and matter management, compliance with our regulatory obligations, billing, marketing to existing and former clients, and the defence or pursuit of legal claims. Our lawful bases for processing include the performance of a contract, compliance with legal obligations, the establishment, exercise or defence of legal claims, the protection of vital interests, and legitimate interests pursued by us or a third party, provided such interests are not overridden by the rights and freedoms of the data subject.
We may share personal data with third parties including counsel, expert witnesses, counterparties and their representatives, courts, regulators, insurers, auditors, service providers, and professional advisers where necessary for the purposes set out above. We require all such third parties to respect the security of personal data and to process it only in accordance with our instructions and applicable law.
Personal data will be stored securely and retained for as long as is necessary for the purposes for which it was collected, including to meet legal, regulatory, accounting, or reporting requirements. The retention period will be determined by reference to the nature of the data, the sensitivity of the information, the potential risk of harm from unauthorised use or disclosure, and the purposes of processing.
Individuals have the right to request access to their personal data, to request rectification of inaccurate data, to request erasure in certain circumstances, to object to processing based on legitimate interests, to request restriction of processing, and to request the transfer of their data to another controller. Where processing is based on consent, that consent may be withdrawn at any time without affecting the lawfulness of processing carried out before withdrawal.
We have implemented appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. While we do not generally transfer personal data outside the United Kingdom, where such transfers occur we ensure that they are subject to appropriate safeguards such as adequacy regulations or standard contractual clauses.
Complaints regarding our handling of personal data should be raised with us in the first instance. Individuals also have the right to lodge a complaint with the Information Commissioner’s Office, whose contact details are available at www.ico.org.uk.
We reserve the right to amend this policy at any time and will post any updates on our website. Continued use of our services after changes have been made will constitute acceptance of the revised policy.