You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances (e.g. the right of access, rectification and erasure). You can exercise these rights free of charge.
Under certain circumstances, you have the following data protection rights:
| Your right | Explanation |
| Access | This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. |
| Rectification | The right to require us to correct any inaccuracies in your personal data. |
| Erasure (to be forgotten) | The right to require us to delete your personal data in certain situations. |
| Restriction of processing | The right to require us to restrict processing of your personal data in certain circumstances (e.g. if you contest the accuracy of the data we hold). |
| Data portability | The right to receive, in certain situations, the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party. |
| To object | The right to object at any time to your personal data being processed for direct marketing (including profiling) or, in certain other situations, to our continued processing of your personal data (e.g. processing carried out for the purpose of our legitimate interests). |
| Not to be subject to automated individual decision-making | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. |
If you would like to exercise any of those rights, please contact us using the contact details provided in the How to contact us section of this policy. Please let us know what right you want to exercise and the information to which your request relates. Please note that we may ask you to provide you with information to verify your identity (e.g. your full name, address and client or matter reference number), and/or proof of your identity and address (e.g. a copy of your driving licence or passport and a recent utility or credit card bill).
For further information on when and how you can lawfully disclose personal data, please see the Information Commissioner’s Office Guide to the General Data Protection Regulation.
Keeping personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.