Privacy Policy - Martha Grekos

Privacy Notice

Third Party Privacy Notice Client Privacy Notice

Our privacy policy in relation to third party date and privacy policy in relation to clients is set out below. These policies should be read in conjunction with our Legal Notices and Terms of Use of our website (along with any Terms of Business that would be supplied to you if you are a client).

Third Party Privacy Notice

This privacy policy (sometimes called a processing notice or privacy notice) aims to inform third parties (that is, individuals who have no contract with us but whose data we are handling) and, where different, visitors to our website or who receive marketing information from us, how we will process their personal information.

Please note that this policy can only be a general summary. You may at any time request to see and, if appropriate, amend the personal data we hold about you. Details are given below under

‘Your data privacy rights’.

The reason for this policy

EU General Data Protection Regulation, the Data Protection Act 2018 and other applicable laws provide, or enhance, rights belonging to individuals. For convenience we refer to this body of law as 'DP legislation’.

We expect to amend this policy as new legislation is passed, and as further guidance is given for example when the appropriate arrangements are made for the effect of the UK exiting the European Union.

Who we are

Martha Grekos Legal Consultancy is a data controller for the purposes of the DP legislation. We are registered with the UK Information Commissioner's Office. Our Data Privacy Partner is Martha Grekos.

Your data privacy rights

You have the right to access personal data that we hold for you and can find out more about your rights under the DP legislation at www.ico.org.uk.

If you have any requests concerning your personal information or any queries concerning our processing, please contact us at martha@marthagrekos.co.uk or in writing to our Data Privacy Partner at 5 Chancery lane, London, WC2A 1LG. We will respond to your enquiry within 30 days unless the query is complex.

You will not have to pay a fee to access your personal information (or to exercise any other right as data subject). However, we may charge a reasonable fee, if your request is clearly unfounded or excessive.

How we collect personal data

Personal data is information that identifies a living person whether directly or indirectly.

We collect such personal information in the course of our business from or about a number of different categories of people both directly and indirectly. This includes:

people involved in matters we act on for our clients such as customers of our clients;
people with whom we, or our staff, have a business relationship e.g. you give us your business card;
other third parties who visit our website, request information or receive marketing services (updates, events and seminars).

What we collect

We collect personal information which can include one or more of the following:

basic information such as your name, title or position, and related information such as the company you work for;
how to contact you by phone, email or post;
identification information collected as part of our business acceptance process - please note that we may use anti-money laundering information from Experian but only with your consent; Experian process data in accordance with the Credit Reference Agency Information Notice;
financial information such as payment related information;
information to help us help you when you attend events such as access or dietary
requirements; and
any other information relating to you from public sources and/or provided to us by you.

From time to time this information may include special category data which the law requires us to treat with extra care. Special category data can include information about your health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation.

Where personal information has been supplied to us indirectly, e.g. by a client, we respect any specific requirements they may make about our use of that data.

What we do with your information

We process personal information for the purpose of providing legal services to our clients and also for our own business purposes including:

to provide information requested by you;
where appropriate, to provide legal services set out in a contract between ourselves and our clients;
to tell you about our services including details of events, seminars and publications (as permitted by you or by law);
disclosures to our regulators, auditors, our own legal or professional advisors, our insurers and insurance brokers;
to provide our website and improve its use including monitoring and auditing;
recruitment (further information will be provided direct where this applies);
fraud prevention (including money laundering and bribery) and for the prevention or detection of crime (although use of any CCTV on our premises is the responsibility of our landlord).

What is the basis for processing your data?

We will only process your personal data where we have a lawful basis for doing so. This is set out in the DP legislation. The lawful basis will be one or more of the following, that the process is necessary:

for compliance with our legal and regulatory obligations;
to pursue our legitimate interests;
for establishing, exercising or defending legal claims; or
to perform a contract to which you are a party or taking steps prior to entering into such a contract.

Transfer of personal data

We do not routinely transfer personal data outside the European Economic Area (‘the EEA’) but may do so in the future. The level of protection of personal data in some countries outside the EEA is often lower than that within EEA countries. We will take all reasonable steps to ensure that any personal data that is transferred is treated securely and in accordance with this policy.

Further information

We send very occasional mailings, by post and by email, of marketing information that we believe is of interest to you. You have the right at any time to be removed from our marketing mailing list or to request only one type of mailing (email or post).

Website

We are committed to safeguarding the privacy of visitors to our website.

You are not required to provide any personal information on the public areas of our website. However, you may choose to do so by completing the contact form on our website. If you do, your personal information will be treated as set out in this policy.

Cookies

Cookies are small text files that are downloaded to your device when you visit a website and automatically retrieve information about your use of the website. We use cookies to help us improve our website and improve our services. Information from cookies is used in aggregate form and does not identify the individual visitor, and, where you are known to us, we may use this information in an identifiable form to build a profile for you for marketing purposes. You can delete and block cookies by changing your browser settings. Please see www.allaboutcookies.org for instructions on how to do this.

You consent, by continuing to use this website without changing your settings, to our use of cookies.

Security

We use trusted IT suppliers to protect and preserve the data we process and control. They employ up-to-date data storage and security techniques to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. All our employees and any third parties we engage to process your personal information are obliged to respect the confidentiality of your personal information.

Other websites

Our website may contain links to other websites outside our control and which are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.

Changes to this policy

We reserve the right to update this privacy notice at any time. The most up to date version will be available on our website.

Client Privacy Notice

This privacy policy (sometimes called a processing notice or privacy notice) aims to inform our clients, and individuals associated with our clients, how we will process their personal information.

We have a separate privacy policy for third parties (that is, individuals who have no contract with us but whose data we are handling) and, where different, visitors to our website and for our staff since the basis on which we process that personal data differs.

This policy should be read together with our terms of business and, where appropriate, our engagement letter.

Please note that this policy can only be a general summary. You may at any time request to see and, if appropriate, amend the personal data we hold about you. Details are given below under ‘Your data privacy rights’.

The reason for this policy

EU General Data Protection Regulation, the Data Protection Act 2018 and other applicable laws provide, or enhance, rights belonging to individuals. For convenience we refer to this body of law as 'DP legislation’.

We expect to amend this policy as new legislation is passed, and as further guidance is given for example when the appropriate arrangements are made for the effect of the UK exiting the European Union.

Who we are

Martha Grekos Legal Consultancy is a data controller for the purposes of the DP legislation. We are registered with the UK Information Commissioner's Office. Our Data Privacy Partner is Martha Grekos.

Your data privacy rights

You have the right to access personal data that we hold for you and can find out more about your rights under the DP legislation at www.ico.org.uk.

If you have any requests concerning your personal information or any queries concerning our processing, please contact us at martha@marthagrekos.co.uk or in writing to our Data Privacy Partner at 5 Chancery lane, London, WC2A 1LG. We will respond to your enquiry within 30 days unless the query is complex.

You will not have to pay a fee to access your personal information (or to exercise any other right as data subject). However, we may charge a reasonable fee, if your request is clearly unfounded or excessive.

How we collect personal data

Personal data is information that identifies a living person whether directly or indirectly.

We collect such personal information in the course of our business from or about a number of different categories of people both directly and indirectly. This includes:

where our clients are individuals, those clients, and
people who work for our clients.

We do not make decisions based on automatic profiling and have no immediate plans for this to change.

What we collect

We collect personal information which can include one or more of the following:

basic information such as your name, title or position, and related information such as the organisation you work for;
how to contact you by phone, email or post;
identification information collected as part of our business acceptance process – please note that we may use anti-money laundering information from Experian but only with your consent; Experian process data in accordance with the Credit Reference Agency Information Notice;
financial information such as payment related information;
information to help us help you when you attend events such as access or dietary requirements; and
any other information relating to you from public sources and/or provided to us by you.

From time to time this information may include special category data which the law requires us to treat with extra care. Special category data can include information about your health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation.

What we do with your information

We process personal information for the purpose of providing legal services to you and also for our own business purposes including:

to provide information requested by you;
disclosures to our regulators, auditors, our own legal or professional advisors, our insurers and
insurance brokers; and
fraud prevention (including money laundering and bribery) and for the prevention or detection of crime (although use of any CCTV on our premises is the responsibility of our landlord).

What is the basis for processing your data?

We will only process your personal data where we have a lawful basis for doing so. This is set out in the DP legislation. The lawful basis will be one or more of the following, that the process is necessary:

for compliance with our legal and regulatory obligations;
to pursue our legitimate interests;
for establishing, exercising or defending legal claims; or
to perform a contract for the provision of legal services to which you are a party directly (or to which our client is a party) or taking steps prior to entering into such a contract;