General Data Protection Regulation: Privacy Notice

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

Who are we?
Glynis M Mackie is the data controller. This means that she decides how your personal data is processed and for what purposes. She can be contacted at 29a Princes Road, Brunton Park, Gosforth, Newcastle upon Tyne NE3 5TT, telephone 0191 2365308

How do we process your personal data?
Glynis M Mackie complies with her obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: -
We use your personal data for the purpose of providing legal services for you. This involves:

• Domestic Conveyancing
• Commercial conveyancing
• Wills
• Probate
• LPA and EPA
• Landlord & Tenant
• Non-litigious (other)
• Litigation

This information can include:

• personal details
• family details
• Identity and risk information (money laundering purposes)
• lifestyle and social circumstances
• property bought, sold, mortgaged, leased or rented etc
• goods and services
• financial details
• business of the person whose personal information we are processing
• education and employment details
• testamentary wishes
• a person’s legal position

We also process sensitive classes of information that can include:

• physical or mental health details
• racial or ethnic origin
• political opinions
• religious or other beliefs
• sexual life
• trade union membership
• offences and alleged offences
• criminal proceedings, outcomes and sentences

we do not use automated decision making techniques.

Who the information is processed about:
We process personal information about:

• clients
• suppliers
• complainants
• enquirers
• advisers, consultants and professional experts
• employees
• Service providers

Who information may be shared with or obtained from:
We sometimes need to share personal information we process with the individual themselves and also with other organisations. We also receive personal information from such organisations.

Where necessary or required we obtain client information from or share client information with:

• Representatives of the client whose personal data we are processing e.g. estate agents, mortgage providers, financial advisers.
• Family and associates of the client
• Solicitors and conveyancers dealing with the ‘other side’ in transactions and other legal matters
• Ombudsman
• Regulatory authorities e.g. SRA
• Courts and tribunals
• Money Laundering check providers
• PII insurer
• Other firms of solicitors in the event of amalgamation or closure.

Our Lawful Bases for Processing Personal data of clients are:

• Contract - we will normally act for clients under a contract (or in events leading up to a contract e.g. giving a quote or initial advice). We may be working under two or more contracts eg for a conveyancing client and his/her mortgage company where we need to comply with all the applicable contractual requirements.
• Legal Obligation - In some cases we are required to act under a legal obligation (e.g. reporting on taxation matters, money laundering checks etc) where failing to provide information might lead to us breaking the law.
• Public Tasks - As solicitors, we may have to act in public tasks ‘in the exercise of official authority’ or to perform a specific task in the public interest that is set out in law ( e.g. in court related matters or in dealing with the Public Guardian)
• Vital interests – we may need to process information which is necessary to protect someone’s life (e.g. when acting under a power of attorney)

We may process special category data about you and in doing so will rely on the exemptions in GDPR Article 9 (2) (a), (b), (c),(f) and/or (g) as appropriate.

Details of transfers abroad and safeguards:
We store information about clients:

• On paper at our office
• On paper with a depository
• In off-site safes (wills)
• Electronically in the Microsoft cloud (Office 123 email only)
• Electronically on firewall and password protected servers at our office.

Other than where we communicate with clients who are based outside the European Union, we do not transfer data outside the European Union except for a small amount of data that may be stored in the Microsoft Cloud. Microsoft has provided assurances that the security levels applied to such data are at least equivalent to safeguards applying within the European Union. Such assurances are available online from Microsoft.

Retention Period or Criteria used to determine the Retention period:

We retain data as follows:

Closed files will be destroyed after six years from the date the file was closed unless, before that time, you ask us to send the files to you. This includes files such as:

• Conveyancing
• Landlord and Tenant
• Litigation
• General legal advice and work.

We will keep probate files for twenty years.

We will retain the following:

• Deeds
• Formal legal documents
• Lasting powers of attorney
• Wills (until we are reasonably satisfied that any subsequent probate has been satisfactorily concluded since the file can occasionally be needed in connection with the Probate).

Further details are set out in our terms of business.

Your rights and your personal data:
Unless subject to an exemption under the GDPR you have the following rights with respect to your personal data: -

• The right to know if we are processing data about you and to obtain a copy of your personal data which Glynis M Mackie holds about you, normally free of charge;
• The right to request that Glynis M Mackie corrects any personal data if it is found to be inaccurate or out of date;
• The right to request your personal data is erased where it is no longer necessary for Glynis M Mackie to retain such data;
• The right to withdraw your consent to the processing at any time (nb this only applies if consent is relied upon as a processing condition;
• The right to request that Glynis M Mackie provides the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability) (nb this only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means].
• The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
• The right to object to the processing of personal data, (where applicable) nb this only applies where processing is based on legitimate interests or the performance of a task in the public interest/exercise of official authority; direct marketing and processing for the purposes of scientific/historical research and statistics.
• The right to lodge a complaint with the Information Commissioners Office.