This policy (which does not apply to our employees) was last updated on the 26th of November 2020.
Orbach and Chambers Limited (‘Chambers’ ‘we’, ‘us’, and ‘our’) take data protection very seriously and we are committed to protecting your personal information.
Most of the personal information we process is provided to us in the course of our research and other business activities from law firms and individual lawyers.
We may also obtain personal information from third parties (other individuals or organisations) or from publicly available sources.
We do not collect special category (also known as sensitive) personal information through our website
Although you do not have to provide any of your personal information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information or services you want from us.
What is personal information?
Personal information (also called “personal data”) is anything that enables an individual to be identified or identifiable.
The personal information that we typically collect in the course of our research and other business activities comprises:
What is processing?
We collectively refer to collecting, using, protecting, sharing, storing and destroying personal information as ‘processing’.
Collecting personal information
We collect personal information:
Using personal information
When personal information is provided to us, we may use it for any of the purposes described below, or as stated at the point we collect it from you (or as may obvious to you from the context of collection), including to:
And for any other purposes for which personal information has been provided to us, including any of the purposes given in the ‘Collection of personal information’ section above.
We do not collect personally identifying information for sale to third parties.
Legal grounds for processing personal information
We rely on one or more of the following processing conditions:
Security of personal information
We have implemented generally accepted standards of technology and operational security in order to protect personally identifiable information from loss, misuse, alteration or destruction.
Only authorised persons are provided access to personally identifiable information we have collected, and such individuals have agreed to maintain the confidentiality of this information.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure.
We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.
Sharing personal information
We may share or disclose personal information we collect to third parties (other organisations or individuals) for:
We also may share or disclose personal data to third parties who process personal information on our behalf and in accordance with our instructions ("data processors"). These include:
We have contracts in place with our data processors. This means that they cannot do anything with personal information unless we have instructed them to do it. They will not share personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
These third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.
We may also disclose personal information to third parties under the following circumstances:
We may also disclose your personal information to law enforcement and other third parties, as required by and/or in accordance with applicable law or regulation.
International transfers of personal information
Your personal information will not be transferred by us outside the UK or the European Economic Area.
Retention of personal information
We will retain personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.
Where we are legally required to obtain consent to provide marketing materials, we will only provide such marketing materials if we have been provided with consent for us to do so.
Anyone can object to receive direct marketing from us at any time, by contacting us. Any emails or other electronic communications that we send for direct marketing purposes will also have an 'unsubscribe' facility. However, we may retain information sufficient to identify individuals so that we can honour their request.
Rights in relation to your information
You have certain rights in relation to the personal information we hold about you. In particular, you have the right to:
If you would like to exercise these rights or understand if these rights apply to you, please contact us.
Automated decision making
We will not use your personal information for automated decision making or profiling.
We understand the importance of protecting children's privacy and we never knowingly collect personal information about individuals under the age of 13. We adhere to laws regarding marketing to children.
If you have any questions or complaints about the way your personal information is processed by us, or would like to exercise one of your rights set out above, please contact us by one of the following means:
You also have the right to lodge a complaint with your local data protection regulator, which in the UK is the Information Commissioner Office (ICO). The ICO can be contacted by the following means: