Last updated 26 June 2023.
Muckle LLP is committed to protecting and respecting your privacy.
This policy sets out how we process any personal data we collect from you, or that you provide to us.
For the purpose of the Data Protection Act 2018 and the General Data Protection Regulation (Data Protection Legislation), Muckle LLP of Time Central, 32 Gallowgate, Newcastle upon Tyne NE1 4BF (we, us, our) is the data controller of the data collected via this website (Site) and processed for the purposes set out in this policy.
1. Information we may collect about you and how it is used
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect and process the following data about you.
1.1 information that you provide by filling in forms on our Site. This includes contact details and information you provide for recruitment purposes, for enrolment on any training course or event we run, general queries you may raise using our contact us form or signing up to our eNews;
1.2 information that you provide when emailing or corresponding with us, or in meetings or telephone calls. This includes your name, job title or position, contact details, and information relating to the subject of your query, if it concerns you personally; or your CV or application form or other details provided for recruitment, vacation scheme, or work experience purposes;
If you contact us, we will keep a record of that correspondence in accordance with our retention periods set out below
1.3 information you provide when you ask us to provide you with a quote for our services. This includes contact details;
1.4 information you provide when you are engaged as our client. This includes contact details, job title, verified copies of your photographic ID, residential address and bank and payment information;
1.5 information we ask you to provide if you report a technical problem with our Site. This includes contact details;
1.6 technical details of your visits to our Site. This includes internet protocol (IP) address, browser type and version, traffic data, time zone setting and location, weblogs and other cookies and communication data about the pages and resources that you access;
1.7 if you are not a client of Muckle LLP, but an individual involved with any matters on which we are instructed by one of our clients, we may also be processing your personal data if it is provided by our client or another third party, to the minimum extent necessary for that respective matter. This includes contact details;
1.8 1.8 photos and video clips in the course of our business, of job applicants to assist the recruitment process; of clients and business associates for publicity and social media purposes; and operate and have access to CCTV which captures visitors to our office at Time Central for security purposes. This includes identity data. Please see below for further details on our use of CCTV; and
1.9 information you provide us where you are acting as a private individual or a sole trader. This includes bank and payment information.
Special category personal data
Special category personal data is any data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric identification data.
We may collect and hold special category data about you if you provide it so we can make any helpful or necessary changes to best accommodate you at our offices or events, such as health or dietary information.
We may also process limited special category data to the extent necessary for legal proceedings, for example (but not limited to) trade union membership data if we are instructed on an employment matter; religious beliefs if we are advising a faith school; or philosophical beliefs or health data if we are acting for you as a private client.
Criminal convictions and offences data
We process data relating to criminal convictions and offences, including alleged offences, to meet our legal and regulatory obligations and to the extent necessary to advise on matters where such data is relevant.
2. How we use your information
2.1 We use information held about you in the following ways:
2.1.1 Where we need to perform the contract we are about to enter into or have entered into with you.
2.1.2 Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
2.1.3 Where we need to comply with a legal obligation.
2.1.4 Where we require your consent.
2.2 We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Where you are a client, or an agent, representative, employee or otherwise acting with or for that client, or you are involved in a legal matter in which we have been instructed to act or advise.
For the performance of a contractual or statutory obligation or for your or our legitimate business interests as a provider of legal services.
Those legitimate interests are to protect your or your organisation’s business and property interests, for legal compliance, or to establish or defend legal claims.
We have to verify client ID to comply with a legal obligation, and some of your data may need to be processed for our other legal and regulatory reporting obligations.
Dietary and special assistance information is provided by you voluntarily and so is processed on the basis of your explicit consent.
Other special category and criminal convictions or offences data is processed either with your explicit consent, or to the extent necessary for legal proceedings or providing legal advice.
To manage payment transactions.
On the basis of your implied consent, and our legitimate business interest to fulfil that request
To send you legal updates.
On the basis of our legitimate interest as a provider of legal services to inform our clients about changes in and relating to the law.
Where you request information or a quote for services from us.
On the basis of your implied consent, and our legitimate business interest to fulfil that request.
To retarget you with information in which we believe you may be interested due to your browsing or other interactions with our website and/or links and/or pages.
To send you e-news, updates, annual firm news, or other communications on training, events, our newsletters, our annual terms of business, our privacy information and / or information on associated legal services.
On the basis of your consent, or where we have a legitimate interest to keep you informed, where this fulfils the soft opt-in criteria of the Privacy and Electronic Communications Regulations (PECR).
Where you provide us with information for the purpose of recruitment or work experience.
On the basis of your implied consent in regards of the position(s) or placement(s) applied for.
We retain this information for 12 months, and may contact you regarding similar opportunities in that time on our legitimate business interests. You can ask us to delete this information at any time, which we will be happy to do without fuss. We won’t share this data with any other party, and if you are applying for a position with us, we may provide additional privacy information throughout that process.
To protect our staff, clients, visitors and property.
On the basis of our legitimate interest as a provider of legal services and an employer to protect the individuals who enter our premises.
To monitor phone calls, video calls, meetings, transcripts or dialogues.
On the basis of our legitimate interest as a provider of legal services, for our records or training purposes.
2.3 Where we are processing your personal data for compliance with our contractual or statutory obligations to you or for compliance with our statutory requirements, we may not be able to provide you with the services you have requested if you do not provide the personal data needed to open your file and carry out your instructions.
2.4 Social media and publishing data
Where you are identifiable in an image or a quote, or another piece of data, we will approach you for your consent, or will ascertain whether we have a legitimate interest, before posting that data on our website, our social media platforms, or in any publication. If we do not consider you are identifiable from an image, or we otherwise anonymise your data, this is not your personal data, and we will not approach you for consent before publishing.
We operate CCTV in our office space. This predominantly captures images of staff only, but will on occasion capture images of visitors. The CCTV is installed on a computer that is located in our on-site server room. All images are stored locally on the CCTV computer, and limited numbers of staff have access to these images. The data is kept for around 30 days and is then overwritten by subsequent data.
The cameras are in fixed positions and point only to the entrance doors and the fire exit doors and are installed for security purposes.
Further CCTV is operated by the Time Central building management, which we do not control and have access to only in exceptional instances.
2.6 Promotional offers from us
We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
2.7 Third-party marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
2.8 Opting out
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchase, warranty registration, service experience or other transactions.
2.9 Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
3.3 If you wish to restrict or block any cookies that are set by our Site or any other, you can do so by adjusting your browser settings (check your ‘help’ function within your browser to find out how). Alternatively, you can visit aboutcookies.org which contains comprehensive information about cookies, including how to delete them. By continuing to use our Site you consent to the setting of these cookies.
4. Where we store your personal data
4.1 The data that we collect from you may be transferred to, and stored at, a destination outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff maybe engaged in, amongst other things, the provision of support services.
Any of your personal data that is transferred outside the UK will only be transferred to a country with an adequate ruling or where appropriate safeguards are in place. If not, we will put the appropriate safeguard in place such as standard contractual clauses or use other appropriate protection mechanisms to make sure that your personal data remains adequately protected.
4.2 All information you provide to us is stored on our secure servers or the secure servers of our IT software suppliers (where applicable).
4.3 Any payment transactions will be encrypted.
4.4 Any third party to whom we disclose information about you will be under an obligation to keep your information secure and not used for any purpose other than that for which it was disclosed.
4.5 We use GBG Group PLC (GBG) to carry out our ID processes to comply with our regulatory requirements.
5. When we disclose your information
5.1 We may disclose your personal information to third parties in limited circumstances, including:
5.1.1 in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
5.1.2 if Muckle LLP or substantially all of its assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets;
5.1.3 if we are under a duty to disclose or share your personal data in order to comply with any legal obligation (for example to the police, the courts, or any relevant regulatory body), or in order to enforce or apply our terms of business and other agreements;
5.1.4 where necessary to protect the rights, property, or safety of Muckle LLP, our clients, or others;
5.1.5 to our auditors or other inspecting organisations from time to time (including any accrediting organisations). This also includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
5.1.6 if you are our client, occasionally it is necessary to pass your personal data to third parties in order to carry out the services you have requested, which we will explain to you where applicable, or to send communications to you (where permissible in accordance with applicable legislation) using our third party processors; and
5.1.7 if you have provided consent to receive communications from us or we have a legitimate business interest to send communications to you (for example in relation to training, events, legal updates and / or newsletters) we may transfer your information to our third party processors for the purposes of sending such communications to you.
5.2 We may disclose your personal information to our affiliate companies. We may also share data with organisations with which we are working jointly, for example (but not limited to), to organise co-hosted events, regional work placement or other community initiatives.
5.3 Our Site at www.muckle-llp.com is hosted by OVH LTD, with company registration number 5519821).
6. Data security
6.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
6.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
6.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security or integrity of your data transmitted to our Site and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7. Your rights
7.1 Right to object
You have the right to ask us not to process your personal data for direct marketing purposes. We may use a third-party processor to send communications to you. You can opt-out from marketing communications at any time by contacting us at [email protected].
You can also object to any other processing we carry out on a legitimate interest. We will need to consider your objection and see if it overrides the purposes of processing in such cases.
7.2 Right to access
Data Protection Legislation gives you the right to access information held about you. Your right of access can be exercised in accordance with Data Protection Legislation by contacting [email protected].
7.3 Right to Erasure
In certain circumstances you can request us to delete or put your data beyond use (where our software systems do not allow deletion) so we cannot identify you. You can make this request at any time by contacting us at [email protected] but please note we may be compelled to maintain certain of your information due to specific legislative or regulatory requirements.
7.4 Right to rectification
You have the right to require us to correct any inaccuracies in your data free of charge. You can also exercise this right at any time by contacting us at [email protected] and:
7.4.1 providing us with enough information to identify you; and
7.4.2 specifying the information that is incorrect and what it should be replaced with.
7.5 Right to data portability
You have the right to request your data in a structured, commonly used, machine-readable and inter-operable form to be transferred to yourself or another data controller by contacting data protection lead at [email protected], where that data was provided for the purpose of a contract you have with us, or on your consent.
7.6 Request restriction of processing
You have the right to request that processing of your personal data is restricted by contacting [email protected], if you have objected to processing whilst we consider your objection; if we do not need it anymore but you want us to keep it to establish, exercise or defend legal claims; whilst we are verifying accuracy of your data; or if it has been unlawfully processed but you would rather we retain it than delete it.
7.7 Right to withdraw consent
Where we have processed your data on the basis of your consent. This will not affect the validity of processing carried out before your consent was withdrawn.
7.8 Right to complain
You have the right to complain to the data protection regulator, the Information Commissioner’s Office. Their website can be found here: www.ico.gov.uk. We invite all data protection queries or concerns to be made to us directly in the first instance.
8. When we will delete your information
We will keep the different types of information we collect from you in accordance with the following timescales:
Retain for 7 years – where the matter in question is in the following fields: debt collection, County Court litigation, crime, contentious construction.
Retain for 15 years – where the matter in question is in the following fields: commercial and residential property, commercial transactions, probate, secured lending (unless mortgage has been discharged earlier), partnership agreements, company formation, patents/intellectual property matters, non-contentious construction.
Retain indefinitely – where the matter in question is in the following fields: estate planning, wills, trusts (until the date of death/end of trust period) then file reverts to: estate planning/wills – 7 years, trusts – 15 years.
Retain 12 months – where we have your data for recruitment or work experience purposes.
Subject to our statutory and regulatory obligations and where you have provided consent for us to send you communications – we will store your information until either: we have not heard from you for a period of five years, or, you tell us that you do not want to receive communications from us.
If you unsubscribe, your data may be kept longer (up to 15 years) on a suppression list to ensure that you do not receive further communication for us.
Records of other non-matter related queries will be kept for up to three years in our files.
9. Third party links
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.