skip to main content
Privacy policy
Privacy policy

Privacy policy

Last updated 28 March 2024.

Muckle LLP is committed to protecting and respecting your privacy.

This privacy policy sets out how we process any personal data we collect from you, or that you provide to us.

For the purpose of the Data Protection Act 2018 and the UK General Data Protection Regulation (UK Data Protection Legislation), Muckle LLP of Time Central, 32 Gallowgate, Newcastle upon Tyne NE1 4BF (we, us, our) is the data controller of the data collected via this website (Site) and processed for the purposes set out in this privacy policy.

1.                Information we may collect about you and how it is used

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). 

We may collect and process the following data about you:

1.1             information that you provide by filling in forms on our Site. This includes contact details and information you provide for recruitment purposes, for enrolment on any training course or event we run, general queries you may raise using our contact us form or signing up to our eNews;

1.2             information you provide when you register for our online training programmes via our third party advertisers and payment providers (including but not limited to Kajabi, Eventbrite and Stripe). This includes contact and payment details;

1.3             information that you provide when emailing or corresponding with us, or in meetings or telephone calls. This includes your name, job title or position, contact details, and information relating to the subject of your query, if it concerns you personally; or your CV or application form or other details provided for recruitment, vacation scheme, or work experience purposes;

If you contact us, we will keep a record of that correspondence in accordance with our retention periods set out below. 

1.4             information you provide when you ask us to provide you with a quote for our services. This includes contact details;

1.5             information you provide when you are engaged as our client. This includes contact details, job tile, verified copies of your photographic ID, residential address and bank and payment information;

1.6             information we ask you to provide if you report a technical problem with our Site. This includes contact details;

1.7             technical details of your visits to our Site. This includes internet protocol (IP) address, browser type and version, traffic data, time zone setting and location, weblogs and other cookies and communication data about the pages and resources that you access;

1.8             if you are not a client of Muckle LLP, but an individual involved with any matters on which we are instructed by one of our clients, we may also be processing your personal data if it is provided by our client or another third party, to the minimum extent necessary for that respective matter. This may require us to use our third-party processors, including but not limited to, Iridium (acquired by BigHand), Diktamen, Bundledocs and Tiger Eye Consulting. This includes contact details;

1.9             photos and video clips in the course of our business, of job applicants to assist the recruitment process; of clients and business associates for publicity and social media purposes; and operate and have access to CCTV which captures visitors to our office at Time Central for security purposes. This includes identity data. Please see below for further details on our use of CCTV; and

1.10          information you provide us where you are acting as a private individual or a sole trader. This includes bank and payment information.  

Special category personal data

Special category personal data is any data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric identification data.

We may collect and hold special category data about you if you provide it so we can make any helpful or necessary changes to best accommodate you at our offices or events, such as health or dietary information. 

We may also process limited special category data to the extent necessary for legal proceedings, for example (but not limited to) trade union membership data if we are instructed on an employment matter; religious beliefs if we are advising a faith school; or philosophical beliefs or health data if we are acting for you as a private client. 

Criminal convictions and offences data

We process data relating to criminal convictions and offences, including alleged offences, to meet our legal and regulatory obligations and to the extent necessary to advise on matters where such data is relevant.

2.                How we use your information

2.1             We use information held about you in the following ways:

2.1.1        Where we need to perform the contract we are about to enter into or have entered into with you.

2.1.2        Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

2.1.3        Where we need to comply with a legal obligation.

2.1.4        Where we require your consent.

2.2             We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Where you are a client, or an agent, representative, employee or otherwise acting with or for that client, or you are involved in a legal matter in which we have been instructed to act or advise. 

For the performance of a contractual or statutory obligation or for your or our legitimate business interests as a provider of legal services.

Those legitimate interests are to protect your or your organisation’s business and property interests, for legal compliance, or to establish or defend legal claims.

We have to verify client ID to comply with a legal obligation, and some of your data may need to be processed for our other legal and regulatory reporting obligations.

Dietary and special assistance information is provided by you voluntarily and so is processed on the basis of your explicit consent.

Other special category and criminal convictions or offences data is processed either with your explicit consent, or to the extent necessary for legal proceedings or providing legal advice.

To manage payment transactions.

For the performance of a contractual obligation.

To send you legal updates 

On the basis of our legitimate interest as a provider of legal services to inform our clients about changes in and relating to the law. 

Where you request information or a quote for services from us. On the basis of our legitimate interest to fulfil that request.
To send you e-news, updates, annual firm news, or other communications on training, events, surveys and feedback, our newsletters, our annual terms of business, our privacy information and / or information on associated legal services. On the basis of your consent, or where we have a legitimate interest to keep you informed, where this fulfils the soft opt-in criteria of the Privacy and Electronic Communications Regulations (PECR).
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

On the basis of our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).

For the performance of a legal obligation to ensure our website is safe for website users to visit.

Where you provide us with information for the purpose of recruitment or work experience.

On the basis of your consent or our legitimate interest in regards of the position(s) or placement(s) applied for.

We retain this information for 12 months, and may contact you regarding similar opportunities in that time on our legitimate business interests. You can ask us to delete this information at any time, which we will be happy to do without fuss. We won’t share this data with any other party, and if you are applying for a position with us, we may provide additional privacy information throughout that process. 

To deliver relevant website content and online advertisements to you and measure or understand the effectiveness of the advertising we serve to you. On the basis of our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy.
To use data analytics to improve our website, products/services, customer relationships and experiences and to measure the effectiveness of our communications and marketing. On the basis of our legitimate interests to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.
To protect our staff, clients, visitors and property. On the basis of our legitimate interest as a provider of legal services and an employer to protect the individuals who enter our premises.
To monitor phone calls, video calls, meetings, transcripts or dialogues. On the basis of our legitimate interest as a provider of legal services, for our records or training purposes.
To send you relevant marketing communications and make personalised suggestions and recommendations to you about goods or services that may be of interest to you. On the basis our legitimate interests to carry out direct marketing, develop our products/services and grow our business and consent, having obtained your prior consent to receiving direct marketing communications.
To carry out market research through your voluntary participation in surveys. We use providers including, but not limited to, Net Promoter. On the basis of our legitimate interests to study how clients use our products/services and to help us improve and develop our products and services.
To provide you with online training courses.

For the performance of a contractual obligation.

On the basis of our legitimate interest as a provider of legal services to fully inform our clients on key legislative topics.

2.3             Where we are processing your personal data for compliance with our contractual or statutory obligations to you or for compliance with our statutory requirements, we may not be able to provide you with the services you have requested if you do not provide the personal data needed to open your file and carry out your instructions. 


2.4             Social media and publishing data

Where you are identifiable in an image or a quote, or another piece of data, we will approach you for your consent, or will ascertain whether we have a legitimate interest, before posting that data on our website, our social media platforms, or in any publication. If we do not consider you are identifiable from an image, or we otherwise anonymise your data, this is not your personal data, and we will not approach you for consent before publishing.

2.5             CCTV

We operate CCTV in our office space. This predominantly captures images of staff only, but will on occasion capture images of visitors. The CCTV is installed on a computer that is located in our on-site server room.  All images are stored locally on the CCTV computer, and limited numbers of staff have access to these images. The data is kept for around 30 days and is then overwritten by subsequent data.  

The cameras are in fixed positions and point only to the entrance doors and the fire exit doors and are installed for security purposes. 

Further CCTV is operated by the Time Central building management, which we do not control and have access to only in exceptional instances.

2.6             Promotional offers from us

We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.

2.7             Third-party marketing

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

2.8             Opting out

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you OR by contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchase, warranty registration, service experience or other transactions.

2.9             Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

3.                Cookies

3.1             Our Site uses cookies to remember who you are and to improve the performance of the Site. Cookies are small pieces of data that are placed on your computer or mobile phone when you visit our Site. The cookies we use do not identify you personally but are used to improve our services by letting us know about how our Site is used (for example, how many times a particular page is viewed). Please refer to our cookie policy here 20.07.2022 Cookie Policy Muckle for more information.  

3.2             Our Site uses Google Analytics, which is a web analytics service provided by Google Inc. This service evaluates visitors’ use of our Site. For more information on the cookies set by Google Analytics, including information on how to opt out, please visit and our cookies policy here 20.07.2022 Cookie Policy Muckle. This helps us to provide you with a good experience when you browse our website and also allows us to improve our Site.

3.3             If you wish to restrict or block any cookies that are set by our Site or any other, you can do so by adjusting your browser settings (check your ‘help’ function within your browser to find out how). Alternatively, you can visit which contains comprehensive information about cookies, including how to delete them. By continuing to use our Site you consent to the setting of these cookies.

4.                Where we store your personal data

4.1             The data that we collect from you may be transferred to, and stored at, a destination outside the UK, including but not limited to iManage. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff maybe engaged in, amongst other things, the provision of support services. 

Any of your personal data that is transferred outside the UK will only be transferred to a country with an adequate ruling or where appropriate safeguards are in place. If not, we will put the appropriate safeguard in place such as standard contractual clauses or use other appropriate protection mechanisms to make sure that your personal data remains adequately protected.

4.2             All information you provide to us is stored on our secure servers or the secure servers of our IT software suppliers (where applicable).

4.3             Any payment transactions will be encrypted. 

4.4             Any third party to whom we disclose information about you will be under an obligation to keep your information secure and not used for any purpose other than that for which it was disclosed.

4.5             We use GBG Group PLC (GBG) to carry out our ID processes to comply with our regulatory requirements. We also use Intapp to assist with our ID checks.

5.                When we disclose your information

5.1             We may disclose your personal information to third parties in limited circumstances, including:

5.1.1        in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;

5.1.2        if Muckle LLP or substantially all of its assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets;

5.1.3        if we are under a duty to disclose or share your personal data in order to comply with any legal obligation (for example to the police, the courts, or any relevant regulatory body), or in order to enforce or apply our terms of business and other agreements;

5.1.4        where necessary to protect the rights, property, or safety of Muckle LLP, our clients, or others;

5.1.5        to our auditors or other inspecting organisations from time to time (including any accrediting organisations). This also includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction; 

5.1.6        if you are our client, occasionally it is necessary to pass your personal data to third parties in order to carry out the services you have requested (for example using Firmex and Dropbox’s virtual data rooms for Muckle LLP employees and its clients to add and import documents and folders to assist with projects and other matters), which we will explain to you where applicable, or to send communications to you (where permissible in accordance with applicable legislation) using our third party processors; and

5.1.7        if you have provided consent to receive communications from us or we have a legitimate business interest to send communications to you (for example in relation to training, events, legal updates and / or newsletters) we may transfer your information to our third party processors for the purposes of sending such communications to you.

5.2             We may disclose your personal information to our affiliate companies. We may also share data with organisations with which we are working jointly, for example (but not limited to), to organise co-hosted events, regional work placement or other community initiatives. 

5.3             Our Site at is hosted by OVH LTD, with company registration number 5519821).

6.                Data security

6.1             We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, for example using software types including, but not limited to, Arctic Wolf who provide cyber-security services. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

6.2             We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6.3             Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security or integrity of your data transmitted to our Site and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

7.                Your rights 

7.1             Right to object

You have the right to ask us not to process your personal data for direct marketing purposes. We may use a third-party processor to send communications to you. You can opt-out from marketing communications at any time by contacting us at [email protected].

You can also object to any other processing we carry out on a legitimate interest. We will need to consider your objection and see if it overrides the purposes of processing in such cases.

7.2             Right to access

Data Protection Legislation gives you the right to access information held about you. Your right of access can be exercised in accordance with Data Protection Legislation by contacting [email protected].

7.3             Right to Erasure

In certain circumstances you can request us to delete or put your data beyond use (where our software systems do not allow deletion) so we cannot identify you. You can make this request at any time by contacting us at [email protected] but please note we may be compelled to maintain certain of your information due to specific legislative or regulatory requirements.

7.4             Right to rectification

You have the right to require us to correct any inaccuracies in your data free of charge. You can also exercise this right at any time by contacting us at [email protected] and:

7.4.1        providing us with enough information to identify you; and

7.4.2        specifying the information that is incorrect and what it should be replaced with.

7.5             Right to data portability

You have the right to request your data in a structured, commonly used, machine-readable and inter-operable form to be transferred to yourself or another data controller by contacting data protection lead at [email protected], where that data was provided for the purpose of a contract you have with us, or on your consent. 

7.6             Request restriction of processing

You have the right to request that processing of your personal data is restricted by contacting [email protected], if you have objected to processing whilst we consider your objection; if we do not need it anymore but you want us to keep it to establish, exercise or defend legal claims; whilst we are verifying accuracy of your data; or if it has been unlawfully processed but you would rather we retain it than delete it.

7.7             Right to withdraw consent

Where we have processed your data on the basis of your consent. This will not affect the validity of processing carried out before your consent was withdrawn. 

7.8             Right to complain

You have the right to complain to the data protection regulator, the Information Commissioner’s Office. Their website can be found here: We invite all data protection queries or concerns to be made to us directly in the first instance.

8.                When we will delete your information

We will keep the different types of information we collect from you in accordance with the following timescales:

Retain for 15 years – where the matter in question is in the following fields: debt collection, County Court litigation, crime, contentious construction, commercial and residential property, commercial transactions, probate, secured lending (unless mortgage has been discharged earlier), partnership agreements, company formation, patents/intellectual property matters, non-contentious construction.

Retain 250 years – where the matter in question is in the following fields: estate planning, wills and trusts (from the date of matter closure) then file reverts to: estate planning/wills – 7 years and trusts – 15 years.

Retain 12 months – where we have your data for recruitment or work experience purposes. 

Subject to our statutory and regulatory obligations and where you have provided consent for us to send you communications – we will store your information until either: you have not interacted with us for a period of 5 years, or, you tell us that you do not want to receive communications from us, including unsubscribing from our marketing emails.

If you unsubscribe, your data may be kept longer (up to 15 years) on a suppression list to ensure that you do not receive further communication for us.

Records of other non-matter related queries will be kept for up to 15 years in our files. 

9.                Third party links

Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers, suppliers (including but not limited to Kajabi and Eventbrite) and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

10.             Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and highlighted on entry to our Site.

11.             Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be sent to our data protection lead at [email protected].

Upcoming events
You may also be interested in...

Contact the legal specialists

Let's get started - get in touch today and we'll put you on the right track.