Data Protection and Privacy Notice

Last updated: July 2024

Please read this Data Protection and Privacy Notice (“Notice”) carefully as it contains important information about how James Whitaker (“JW”) collects, uses, stores and shares your personal data, as well as your rights in relation to your personal data and how to contact JW and/or the relevant supervisory authorities in the event that you have a complaint. 

About JW

JW is a freelance solicitor, regulated in his personal capacity by the UK Solicitors Regulation Authority and the State Bar of California. JW collects, uses, stores, shares and is responsible for certain personal information about you and, in doing so, is subject to data protection laws. JW is responsible as a “controller” of that personal information for the purposes of those laws. 

The personal information JW collects and uses

In the course of representing and/or advising you in relation to the matter in respect of which you have retained, or are considering retaining, JW’s services (the “Instruction”), JW will collect the following personal information when you provide it:

  1. Your name, address and telephone and mobile telephone numbers, as well as electronic contact details such as your email address;

  1. Information to enable JW to verify your identity, for example your date of birth, your passport details and/or your driving licence details;

  1. Information relevant to the Instruction.

In the course of the Instruction, JW may collect the following personal information depending on the circumstances of the Instruction:

  1. Information to enable JW to undertake a credit or other financial checks on you;

  2. Your National Insurance and tax details;

  3. Your bank and/or building society details;

  4. Information regarding your professional online presence, for example your LinkedIn profile;

  5. Information regarding your employment status and remuneration to the extent it is relevant to the Instruction;

  6. Personal identifying information, such as your hair or eye colour or your parents’ names, to the extent it is relevant to the Instruction (for example in the context of the incorporation of a company);

  7. Information about your use of JW’s IT, communication and other systems, and other monitoring information. 

This personal data is required to enable JW to provide services to you. If you do not provide personal data we ask for, it may delay or prevent JW from providing services to you. 

The information JW may collect from other sources

JW will request, and collects, most of this information from you directly. In addition, however, JW may also collect information:

  1. from publicly available sources such as Companies House;

  2. from third parties directly to the extent it is necessary to verify your identity or standing, for example sanctions screening providers; credit reference agencies; and/or client due diligence providers;

  3. from third parties directly, with your consent, to the extent that it is necessary to verify your identity or standing or for the purposes of the Instruction, for example your bank or building society or other financial institution or advisor; consultants and other professionals JW may engage in relation to your matter; and

  4. via JW’s website, which uses cookies (for more information on cookies, please see JW’s cookie policy);

  5. via JW’s information technology (IT) systems, for example JW’s case management, document management and time recording systems. 

How and why JW uses your personal information

Under data protection law, JW can only use your personal data if he has a proper reason for or legitimate interest in doing so. A legitimate interest is when JW has a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

JW will use (process) your personal data:

  1. for JW’s performance of the contract with you governing the Instruction or to take steps at your request before entering into that contract;

  1. to comply with JW’s legal and regulatory obligations, including for example (i) conducting checks to identify you and verify your identity; (ii) screening for financial and other sanctions or embargoes; (iii) updating and enhancing your records; (iv) statutory returns; (v) ensuring safe working practices; (vi) ensuring the confidentiality of commercially sensitive information; (vii) other processing necessary to comply with professional, legal and regulatory obligations that apply to JW’s business, such as quality checks, audits, enquiries or investigations by regulatory bodies or rules issued by JW’s professional regulator;

  1. for JW’s legitimate interests or those of a third party, for example (i) ensuring business policies (such as those relating to internet use) are adhered to; (ii) operational reasons (such as improving efficiency); (iii) ensuring the confidentiality of commercially sensitive information; (iv) statistical analysis to help JW manage his practice (including in relation to financial performance, client base, and work streams); (v) updating and enhancing your records; (vi) preventing unauthorised access and modifications to systems; and (vii) marketing to existing and former clients; or

  1. where you have given consent.

The above does not apply to special category personal data, which JW will only process with your explicit consent. Special category personal data includes personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data, data concerning health, sex life or sexual orientation

Who JW may share your personal information with

JW may share your personal data with:

  1. professional advisers instructed on your behalf, for example barristers, medical professionals, accountants, tax advisors or other experts;

  2. other third parties to the extent necessary to carry out the Instruction, for example Companies House;

  3. courts, to comply with legal requirements, and for the administration of justice:

  4. credit reference agencies;

  5. JW’s professional indemnity insurers and brokers;

  6. external auditors, for example in relation to ISO or Lexcel accreditation and the audit of JW’s accounts;

  7. JW’s bank;

  8. external service suppliers, representatives and agents that JW may use to promote business efficiency, such as typing services and marketing agencies.

JW only allows service providers to handle your personal data if he is satisfied they take appropriate measures to protect your personal data. JW also seeks to impose contractual obligations on service providers to ensure they can only use your personal data to provide services to JW and to you. JW may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with his legal and regulatory obligations. JW will share personal information with law enforcement or other authorities if required by applicable law. JW will not share your personal data with any other third party. 

Promotional material

JW may use your personal data to send you updates about legal developments that might be of interest to you and/or information about JW’s services. JW has a legitimate interest in processing your personal data for promotional purposes. This means JW does not usually need your consent to send you promotional communications. Where consent is needed, however, JW will ask for this consent separately and clearly. JW will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes. 

How long JW retains your personal information

JW will keep your personal data after the Instruction has concluded, for one of the following reasons:

  1. to respond to any questions, complaints or claims made by you or on your behalf;

  2. to show that JW treated you fairly; and

  3. to keep records required by law.

We will not retain your data for longer than necessary for the purposes set out in this Notice. Different retention periods apply for different types of data. When it is no longer necessary to retain your personal data, we will delete or anonymise it.

Transfer of your information out of the EEA

To deliver services to you, it may be necessary for JW to share your personal data outside the European Economic Area (EEA), for example:

  1. with your and JW’s service providers located outside the EEA;

  2. if you are based outside the EEA; and

  3. where there is an international dimension to the matter in which JW is advising you. 

These transfers are subject to special rules under European and UK data protection law. If you would like further information please contact us (see further below). 

Your rights

Under data protection laws you have a number of important rights, which you can call upon free of charge, and which can be summarised as follows:

  1. the right to be provided with a copy of your personal data (known as the “right of access“);

  2. the right to require JW to correct any mistakes in your personal data (known as the “right of rectification“);

  3. the right to require JW to delete your personal data in certain situations (known as the “right to be forgotten” or the “right of erasure“);

  4. the right to require JW to restrict processing of your personal data in certain circumstances (known as the “right to restrict processing“);

  5. the right to move, copy or transfer your personal data (known as the “right to data portability“);

  6. the right to object to processing of your personal data (known as the “right to object“); and

  7. the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you (known as the “right not to be subject to automated individual decision-making“).

For further information on each of those rights, including the circumstances in which they apply, please contact the UK Information Commissioner’s Office (ICO) (see further below). If you would like to exercise any of those rights, please:

  1. email, call or write to JW;

  2. provide enough information to identify you;

  3. provide proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and

  4. identify the information to which your request relates.

How JW keeps your personal information secure

JW has appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. JW limits access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. JW also has procedures in place to deal with any suspected data security breach. JW will notify you and any applicable regulator of a suspected data security breach where legally required to do so. 

Making a complaint

JW hopes to be able to resolve any query or concern you raise about the use of your information, and you should feel free to contact JW using the details at the bottom of this Notice.

Data protection laws also entitle you to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner. The contact information for the Information Commissioner is available here: https://ico.org.uk/concerns/

Changes to this privacy notice

This privacy notice was published in July 2024., and may be changed from time to time. 

Contact details

Please contact us if you have any questions about this Notice or the information we hold about you, using the following details:

Email: Info@whitakerlaw/.co.uk

Telephone: 07970286317

Contact

If you have a query, problem or idea, feel free to get in touch, giving as much information as possible, and I will respond as soon as possible.

Send a message

    Privacy Notice | © 2025 All rights reserved.

    Sign up to receive news, updates and insights!