About this Privacy Notice

We understand that you care about your personal privacy and The Information Law Practice Limited takes that seriously.

When you visit our website, contact us or become one of our customers or service providers we may collect information about you. This Privacy Notice sets out the types of personal information we collect, how we collect and process that information, who we share it with and certain legal rights and options that you have.

Children’s Privacy: Our services are not aimed at children. In the limited circumstances where we may collect and use personal information about children we will comply with relevant law and guidelines.

Our Contact Details

If you need to contact us about this Privacy Notice you can do so by telephone, email and post.

Our postal address:

The Data Protection Manager
The Information Law Practice Ltd
Mistletoe House
Rous Lench
Evesham, Worcestershire, WR11 4UW

Our telephone number: 01386 793632

Our email address: privacy@ilp.legal

Our Data Protection Manager

Our Data Protection Manager is Alan Williamson. You can contact him at privacy@ilp.legal or by writing to us at our postal address shown above.

Who is responsible for your personal data?

The Information Law Practice Limited is responsible for your personal data. It is a limited liability company incorporated in England & Wales, registered number 5680144. For the purposes of applicable data protection law, in particular, the Data Protection Act 2018 and the EU General Data Protection Regulation (EU) 2016/679 (the “GDPR”), your data will be controlled by The Information Law Practice Limited.

Security of your personal data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. If you would like more specific information about our security measures please contact us.

We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your Legal Rights

You have various rights with respect to our use of your personal data:

  • Access: You have the right to request a copy of the personal data that we hold about you. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact us.
  • Accuracy: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us by emailing privacy@ilp.legal to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
  • Objecting: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please email us at privacy@ilp.legal.
  • Right to withdraw consent If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. For example, we only send you direct marketing if you have consented.

To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact privacy@ilp.legal.

Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our legal or other services.

  • Porting: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
  • Erasure: You have the right to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
  • Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority, or to seek a remedy through the courts.

You may, at any time, exercise any of the above rights, by emailing privacy@ilp.legal together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.

If you fail to provide personal data

Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.

Updating your personal data

If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to privacy@ilp.legal. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

Changes to our Privacy Notice

We will update and change this Notice from time to time to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Notice.

Want more detail?

Personal data we collect and how we use it

The type of personal data we collect and how we use it will vary depending on our relationship. To find out more about how we use your personal data, you should select and read the detailed Privacy Notice that applies to our relationship.

Simply choose from the options below:

  • Website visitor (including browsers and customers of our online products)
  • Clients (including prospective clients)
  • Event delegates (Delegates attending our training, conferences, webinars or other events)
  • Other (including service providers and those not falling in any of the above categories)

Cookie Policy

View our Cookie Notice here.

Click on the boxes on the left to read more…

Using our website & Event Delegates

This Privacy Notice applies to you if:

  • You browse our website
  • Communicate with us via our website e.g. through our Contact Form
  • Purchase products or services via our website e.g. webinar or training course
  • Attend our events or training courses (whether these are booked online or not)
  • You are a supplier

Personal data we collect and how we collect it

When you use our website or attend one of our events such as a conference or course or are a supplier, we may collect some or all of the following personal data:

  • Identity and Contact Data, including your name, address, telephone number, email address, employer’s name and contact details, job title and function, and other personal data that you choose to provide us as part of your enquiry;
  • Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention and debt recovery, including credit/debit card numbers, security code numbers and other related billing information;
  • Profile and Usage Data, including passwords to The Information Law Practice website(s) or password protected platforms or services, your preferences in receiving marketing information from us, your communication preferences and information about how you use our websites(s) including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs);
  • Technical Data, including information collected during your visits to our website(s), the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;
  • But we only process or publish these with your express consent.
  • Images and video may be recorded at our events such as a conference. You may appear incidentally in these images/video. These may be published on our website, printed publicity material or our social networking platforms. We also let you know this is happening when you sign in at an event so as to give you the opportunity of telling us that you don’t want to be photographed/videoed.
  • Rarely, we may need to process special categories of personal data relating to you in order to comply with our legal obligations and to meet your needs. For example, we collect health information in order to cater for your specific requirements at an event and to ensure your comfort. This sort of information will only be used for these specific purposes.

Cookies and similar technologies

Just like many other websites, our website uses some standard technology to store and manage user preferences, enable content, and gather analytic and usage data, for example. We do not use cookies to deliver targeted advertising.

By using our website you agree that we can use cookies for the purposes described below on your device unless you adjust your browser to manage or prevent cookies.

To read more about the cookies we use and how to manage or prevent them, please read our Cookie Policy.

Information about other people

If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

 

How will we use your personal data?

We use your personal data for the following purposes:

  • To deal with an enquiry you have made via our website or online Contact Form
  • To process your purchase. For example, processing and administering your booking of a training event, webinar, conference or purchase of a product;
  • We use the logs from our servers to assist in our firm’s security, as well as to develop our online strategy. For example, where they have not been disabled, our cookies may be used to improve the user-friendliness of our website, enhance your experience using our website and help us work out which pages are most popular.
  • To fulfil a contract, or take steps linked to a contract, with you or your organisation. This may include:
    • to register you as a client of The Information Law Practice;
    • to process payments, billing and collection
  • For promotional and marketing purposes. For example, we may publish images of our events on our website and you may incidentally appear in that image. When you sign into an event, we will let you know this is happening so you can tell us if you don’t want to be included in these photographs or video.
  • Where you give us consent:
    • To hold and publish a testimonial.
    • to communicate information about our services (including briefings, newsletters and other information), events and initiatives; to send you details of client surveys, marketing campaigns or other promotional activities.
    • to collect information about your preferences to personalise and improve the quality of our communications with you.

We will only send you marketing related information if you consent.

We will not sell or rent your personal data to third parties for any purpose whatsoever or use it to take any automated decisions affecting or creating profiles other than as described above.

Legal Basis for processing your personal data

Data protection law requires us to provide you with information about the legal basis for processing your personal data.

If you are purchasing a product or service, we need to process your personal data in order to fulfill our contract with you.

If we send you direct marketing it will be because you have given us your consent to do this.

We may need to use your personal data in order to comply with our legal obligations. For example, in order to comply with VAT rules.

Rarely, we need to process special categories of personal data such as health or medical information. For example, in order that we can cater for specific dietary needs or a hearing impairment at an event you are attending. We will only process this sort of information with your explicit consent or where it is necessary for reasons of substantial public interest that are based upon a law.

In most other cases, our use of your personal data will be on the legal basis that it is necessary for our legitimate interests, providing those interests are not overridden by your own interests or fundamental rights and freedoms. For example, it is in our legitimate interests to use personal data for business strategy planning and to ensure that the measures we deploy to keep your information secure are adequate.

Disclosure of your personal data

Normally, we wouldn’t share your personal data with another organisation except in the following sort of circumstances:

  • with our subsidiary undertakings and/or affiliates for the purposes of providing you with our services as described in this Privacy Notice;
  • on a confidential basis with third parties for the purposes of collecting your feedback on our services, to help us measure our performance and to improve and promote our services;
  • with service providers who we engage e.g. external administrators and mailers. Where we do this, the service providers are contractually required by us to keep your personal data securely and only process it on our behalf and in accordance with out strict instructions only;
  • with our website hoster and third-party providers of our social networking platform. We may publish information including images and video of our events for promotional purposes. You may appear, incidentally in this material.
  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.

Information we transfer outside the European Economic Area (EEA)

Except where you specifically instruct us to do so, we would not usually need to transfer your personal data outside the European Economic Area (EEA). For example, our data is held on servers that are located within the EEA.

If it becomes necessary to transfer your personal data outside the EEA, we will take practical steps to ensure that it is appropriately protected. For example, if we transfer your personal data to a service provider outside the EEA we would ensure that our contract with them incorporates data security clauses that have been approved by the European Commission. For more information about this please contact us.

How long we keep your personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

For example, we would usually retain personal data relating to your online purchases for 7 years after your last purchase. Beyond this, we will retain your contact details on our database unless you ask us to delete them.

Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

If you want to learn more about our specific retention periods for your personal data established in our retention policy, you may contact us at privacy@ilp.legal.

Clients and Prospective Clients

Personal data we collect and how we collect it

In order to provide you with our services we may collect some or all of the following personal data from you when you communicate with us:

  • Identity and Contact Data, including your name, address, email address, telephone number, date of birth, passport number, employment history, educational or professional background, tax status, employee number, job title and function, and other personal data concerning your preferences relevant to our services;
  • Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Business Information, including information provided in the course of the contractual or client relationship between you or your organisation and The Information Law Practice, or otherwise voluntarily provided by you or your organisation;
  • Physical Access Data, relating to details of your visits to our premises or events;
  • Sensitive Personal Data: In the course of our client services, we may represent you and/or your organisation in legal matters that require us to collect and use special categories of personal data and other sensitive information, i.e. information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life and sexual orientation or genetic or biometric data or information about criminal offences.

[Alternatively, if you come to an event or course, we may need to collect health and disability information such as dietary requirements in order to meet your specific requirements and ensure your safety and comfort.]

  • We may supplement the information you provide us with other information that we obtain from our dealings with you.

Cookies and similar technologies

Just like many other websites, our website uses some standard technology to store and manage user preferences, enable content, and gather analytic and usage data, for example. We do not use cookies to deliver targeted advertising.

By using our website you agree that we can use cookies for the purposes described below on your device unless you adjust your browser to manage or prevent cookies.

To read more about the cookies we use and how to manage or prevent them, please read our Cookie Policy.

Information about other people

If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

How we use your personal data & the legal basis for processing it

Data protection law requires us to tell you how we use your personal data and the legal basis for processing it.

We use your personal data mainly to provide you with our services, to administrate your account (including any debt recovery), for accountancy and insurance purposes, for the prevention of fraud and to detect money laundering and terrorist funding offences.

Where we process your personal data to provide you with our services, the legal basis for doing so is is to fulfil a contract with you or your organisation or to take steps linked to that contract. If you do not want to provide us with the information we require we may not be able to act for you or otherwise provide you with our services.

We have a legal obligation in some cases to carry out money laundering or other background checks.  Any personal data processed in connection with this activity will only be used for the purposes of prevention and detection of money laundering and/or terrorist funding unless the law permits us to use it for another purpose or you consent to us using it for another purpose.

We may use your personal data to improve our services, develop our business, for market research, to send you client surveys and to comply with our professional obligations. The legal basis for doing this is that such use is necessary for the purposes of our legitimate interests and these interests are not overridden by your own interests, rights and freedoms.

Direct Marketing: Where you give us consent we may send you direct marketing by post, email or telephone in order to market and promote our services, events and initiatives. Where we do this it is on the legal basis of your consent.

We will not sell or rent your personal data to third parties for any purpose whatsoever or use it to take any automated decisions affecting or creating profiles other than as described above.

Testimonials: Where we publish a testimonial you have provided, we will only do so on the legal basis of your consent.

Disclosure of your personal data

Normally, we wouldn’t share your personal data with another organisation except in the following sort of circumstances:

  • with our subsidiary undertakings and/or affiliates for the purposes of providing you with our services as described in this Privacy Notice;
  • with third parties including certain service providers we have retained in connection with the legal services we provide, such as barristers, consultants, mediators, or experts and other legal specialists such as law firms for obtaining specialist advice, translators, couriers, etc;
  • if we have collected your personal data in the course of providing legal services to any of our clients, we may disclose it to that client, and where permitted by law to others for the purpose of providing those services;
  • on a confidential basis with third parties for the purposes of collecting your feedback on the firm’s service provision, to help us measure our performance and to improve and promote our services;
  • with companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such personal data is shared;
  • with courts, law enforcement authorities, regulators, government officials or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process;
  • with service providers who we engage e.g. external administrators and mailers. Where we do this, the service providers are contractually required by us to keep your personal data securely and only process it on our behalf and in accordance with out strict instructions only;
  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.

Information we transfer outside the European Economic Area (EEA)

Except where you specifically instruct us to do so, we would not usually need to transfer your personal data outside the European Economic Area (EEA). For example, our data is held on servers that are located within the EEA.

If it becomes necessary to transfer your personal data outside the EEA, we will take practical steps to ensure that it is appropriately protected. For example, if we transfer your personal data to a service provider outside the EEA we would ensure that our contract with them incorporates data security clauses that have been approved by the European Commission. For more information about this please contact us.

How long we keep your personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

For example, we would usually retain a client file for 7 years after completion of the matter. Beyond this, we will retain your contact details on our database unless you ask us to delete them.

Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

If you want to learn more about our specific retention periods for your personal data established in our retention policy, you may contact us at privacy@ilp.legal.