Известие за поверителност

 

1. Who we are

We are Metuendissimus Legal Ltd (trading as Angelov Solicitors), a private limited company with registered number SC789792 and having its registered office address at Suite 2/3, 48 West George Street, Glasgow, G2 1BP.

We are a data controller for the purposes of data protection law. We are registered with the Information Commissioner’s Office; our registration number is ZB651053.

2. How to contact us

We have appointed a data protection officer who is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact our DPO using the details set out below:

By post:        Suite 2/3, 48 West George Street, Glasgow, G2 1BP

By email:      dpo@angelov.law

By phone:     020 8088 2555

3. Purpose of this privacy notice 

We are committed to protecting your personal data and your privacy. This Privacy Notice sets out the basis on which any personal data that you provide to us or that we obtain from a third party will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

It is important that you read this Privacy Notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. Any other privacy notice or fair processing notice will supplement (not override) this Privacy Notice.

4. What personal data we collect 

Anonymous data means any information which can no longer identify an individual.

Additional Data Includes personal information about you that we receive from third parties to enable us better to provide our services and/or to conduct Customer Due Diligence and/or recruitment. Such third parties will include (but not limited to) other parties in a legal matter (including their legal representatives, counsel, accountants and other professional advisors), law firms, accountants and other professional advisors who may refer your matter to us and/or who may be acting for you in relation to other aspects of a particular matter, banks, building societies, insurers and other financial institutions, courts and court agents (including sheriffs’ officers), regulatory bodies, surveyors and estate agents, personal representatives, attorneys, trustees and executors, credit reference agencies, employers, education providers, the providers of electronic identity verification services and regulatory bodies such as the Scottish Legal Complaints Commission, the Law Society of Scotland, the Solicitors Regulation Authority, Legal Ombudsman or other similar bodies.

Aggregated Data Includes statistical or demographic data which may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Notice.

Children’s Data We obtain data relating to children both directly from such children and from persons with parental responsibility or educational responsibility for such children. Where we process children’s data, we take additional care to ensure the security of such data and to ensure that the rights and freedoms of the child are taken into consideration.

Contact Data Includes billing address, residential and/or business address, email address and telephone numbers and social media account names.

Contractual Data Information obtained by providing legal services to you.

Criminal Convictions / Offences Data This data may need to be collected from time-to-time in order to enable us to provide you with our services and/or to conduct Customer Due Diligence.

Financial Data Includes bank and building society accounts, payment card details and other billing information, payments made to us and payments made on your behalf and/or in connection with your transactions, credit reference checks and other payment and/or financial data to enable us to carry out fraud, identity checks to verify the source of funds and/or the source of wealth, as well as information collected from publicly available resources and/or credit agencies or any other information needed to enable us to undertake credit or financial checks on you.

Health Data Includes data provided to us or we may need to know about where you are visiting any of our premises such as accessibility or mobility concerns that you have, dietary requirements, other health matters which could affect your use of our services or the way we need to provide our services. We will only do so to the extent that processing relates to personal data which are manifestly made public by you or otherwise with your consent.

Identity Data Includes title, first name, middle name, last name, username or similar identifier, the organisation you work for, your job title or position, date of birth, geographic location, photograph or image and other information to enable us to check and verify your identity, e.g. your passport or driving licence and utility bills or bank statements and photographs or video recordings where you attend our meetings or events or via electronic identity verification services.

Marketing and Communications Data Includes your preferences in receiving marketing from us and our third parties and your communication preferences.

Other’s Data Where you are not our client, we may collect or receive personal information about you because you are involved in a matter on which we are advising our client or have advised our client. For example, if you are providing funding to our client, we may require to satisfy ourselves of your identity and obtain information about the source of funds and/or your wealth. This will allow us to comply with our policy, the law and/or guidance relating to AML and countering the financing of terrorism, and to conduct Sanctions checks. If you are a Beneficial Owner of our client, we may need to collect personal data about you for similar purposes.

Profile Data Includes purchases or orders made by you, your interests, preferences, feedback and survey responses.

Publicly Available Data Includes details that are publicly available, such as on Companies House, Registers of Scotland etc Social Relationships Data Includes details about your family, friends and other relationships.

Special Categories of Personal Data Includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, membership of a professional body or trade association, information about your health and genetic and biometric data may also need to be collected in limited circumstances in order to provide you with our legal services. We may also do so when conducting Customer Due Diligence, notably where we obtain photographic images or video recordings of you as part of the process of verifying your identity.

Technical Data Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites.

Transactional Data Includes details about the legal services relating to the matter on which you or your organisation have instructed; the information we will process about you to open our files and administer the client relationship and any credit checks we may have carried out.

Usage Data Includes information about how you use our website(s), products and services. Voice Recordings Includes any information that you provide to us when you leave a voicemail message or when you telephone. Video Recordings Including still images and sounds captured during a video recording, any information that you provide to us during a video recording when used to carry out Customer Due Diligence (notably verification of identity) as referred to in our Terms of Business (with you or your organisation), and/or as required by law and/or guidance relating to Anti-Money Laundering (‘AML’) and countering the financing of terrorism, for the purposes of Sanctions checks, or otherwise where you have agreed to the recording for the purposes of carrying out our legal services.

Any personal data obtained by us for the purposes of our compliance with The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLR 2017”) will be processed only: (a) for the purposes of preventing money laundering or terrorist financing, (b) as permitted by or under any legislation other than the MLR 2017 or the GDPR (as defined in the MLR 2017), or (c) where we have obtained the consent of the individual.

5. How we use your data and the legal basis for processing the data

We collect and use your personal data to:

• Deliver our legal services.
• Recruit staff.
• Meet our legal and professional responsibilities.
• Engage services and suppliers.
• Communicate with you or on your behalf, by post, electronically or by telephone.
• Maintain our records.
• Process financial transactions.
• Prevent and detect crime, fraud or corruption.
• Send emails or newsletters to keep you informed or invite you to events.
• Respond to complaints or claims.
• To monitor for cyber threats and to provide security to our offices.

Category I: Individual Clients
Type of Data	Purpose	Legal Basis	Legitimate Interest
Contact Children’s Communications Consents Contractual Criminal / Offence Financial Employment Health Identity Marketing Public Social Special Category Transactional Usage Video/Voice Recordings	To provide you with legal services and fulfil contractual obligations To contact you in the course of providing our services to you      To manage our relationship with you, including: fulfilling our contractual obligations; managing payments, fees and charges; collecting and recovering money owed to us; dealing with client complaints; and notifying you of any changes to our terms of business or privacy notices	Contractual performance Legitimate Interests	To fulfil our contractual obligations and rights to provide services To keep our records up to date To exercise our rights under a contract with the client organisation To manage credit control and debt recovery To manage complaints or potential claims To fulfil our responsibilities to our clients
	To carry out Customer Due Diligence, including identity verification and fraud prevention checks, background checks and anti-money laundering procedures	Legal Obligation Legitimate Interests	To engage you as a client and allow us to provide legal services To prevent fraud or money laundering To protect our business and reputation
	To carry out credit checks		To assess the financial risk associated with those who receive our services and assess their ability to pay sums due
	To improve and develop our services and products To promote our services in tenders or submissions to legal directories	Legitimate Interests	To improve our services and our efficiency To promote our firm and the work we do to prospective new clients
	To manage our business as a whole, including financial management; administration; business planning; business continuity; corporate governance; audits	Legal Obligation Contractual Performance Legitimate Interests	To manage credit control and debt recovery To bill for the services we provide and deal with funds transfers For financial reporting To manage complaints or potential claims To improve our efficiency and provide clients with new or improved products and services
	To comply with reporting obligations to regulatory bodies	Legal Obligation	To manage our compliance with our legal responsibilities and obligations
	To protect the rights, property, or safety of our staff, our clients, or others	Legal Obligation Legitimate Interests	To manage the safety of our staff, clients and others
	To establish, exercise or defend our legal rights	Legitimate Interests	To enforce our legal rights

 

Category II: Individuals in Client Organisations（directors, officers, partners, shareholders, other owners or beneficial owners of an organisation, as well as employees, consultants, workers）
Type of Data	Purpose	Legal Basis	Legitimate Interest
Contact Children’s Communications Consents Contractual Criminal / Offence Financial Employment Health Identity Marketing Public Social Special Category Transactional Usage Video/Voice Recordings	To provide you with legal services or guidance about our services To contact you in the provision of our legal services to the organisation, including Company Secretarial, debt collection, trustee services etc	Contractual performance Legitimate Interests	To provide you with legal services To fulfil our contractual obligations To keep our records up to date
	To carry out Customer Due Diligence, including identity verification and fraud prevention checks, background checks and anti-money laundering procedures (directors, shareholders, officers, partners, owners, trustees etc) To carry out credit checks (directors, shareholders, officers, partners, owners, trustees etc)	Legal Obligation Legitimate Interests	To engage you as a client and allow us to provide legal services To prevent fraud or money laundering To protect our business and reputation To assess the financial risk associated with those who receive our services and assess their ability to pay sums due
	To improve and develop our services and products To promote our services in tenders or submissions to legal directories	Legitimate Interests	To improve our services and our efficiency To promote our firm and the work we do to prospective new clients
	To manage our business as a whole, including financial management; administration; business planning; business continuity; corporate governance; audits	Legal Obligation Contractual Performance Legitimate Interests	To manage credit control and debt recovery To bill for the services we provide and deal with funds transfers For financial reporting To manage complaints or potential claims To manage our relationship with you and fulfil our responsibilities generally To improve our efficiency and provide clients with new or improved products and services
	To comply with reporting obligations to regulatory bodies	Legal Obligation	To manage our compliance with our legal responsibilities and obligations
	To protect the rights, property, or safety of our staff, our clients, or others	Legal Obligation Legitimate Interests	To manage the safety of our staff, clients and others
	To establish, exercise or defend our legal rights	Legitimate Interests	To enforce our legal rights
	For marketing and business development activities, including seeking new business, promoting our business and events management	Съгласие Legitimate Interests	To develop our relationship with you and the organisation To attract new business and promote our business To hold events, seminars and hospitality to promote our services and products

 

 

Category III: Suppliers & Professional Contracts (individuals and organisations who supply goods or services, including professional services, or have any other business or professional relationship with us)
Type of Data	Purpose	Legal Basis	Legitimate Interest
Additional   Contact   Communications   Financial   Employment – CV   Identity   Marketing   Public   Transactional   Video/Voice Recordings	To communicate with you in the course of our business or professional relationship	Legitimate interest   Contractual Performance	To provide our clients with legal and other services   To obtain goods or services from you or your organisation for our benefit   To obtain services from you or your organisation for the benefit of our clients
	To manage our business relationships with third party suppliers, which will include:   a)     assessing the suitability of any existing or potential supplier of goods and services to us b)     negotiating and entering into appropriate contracts for the supply of goods or services to us, carrying out any obligations under such contracts (including obligations of payment) and if necessary, enforcing any such contracts c)     undertaking on-going monitoring and management of our relationship with suppliers d)     investigating any complaints or enquiries	Legitimate interest   Contractual Performance	To perform a contract with your organisation or business    To manage third party relationships   To run our business efficiently and profitably To enhance, modify and improve our services and products   To pursue our commercial objectives where this does not override your rights and freedoms as a data subject
	To manage our professional relationship with professional advisors, regulatory authorities, public authorities	Legitimate interests	To maintain good working relationships with other professionals    To fulfil our responsibilities to our clients, suppliers and other third parties
	To improve and develop our services	Legitimate interests	To improve our services and our efficiency
	To manage our business as a whole, including  financial management and administration; business planning; corporate governance and audits	Legal obligation  Legitimate interests	To improve our services and our efficiency    To operate an efficient and profitable commercial business
	To comply with relevant legal obligations  To comply with reporting obligations to regulatory bodies	Legal obligation
	To protect the rights, property, or safety of our staff, clients, or others	Legal obligation Legitimate interests	To manage the safety of our staff, clients and others
	To establish, exercise or defend our legal rights	Legitimate interests	To enforce our legal rights

 

Category IV: Website Users & Marketing (individuals who visit our website or receive marketing material from us)
Type of Data	Purpose	Legal Basis	Legitimate Interest
Additional Contact Health Identity Marketing Profile Public Social Technical Usage	To manage our relationship with you, including: ·       notifying you about changes to our terms and conditions or our privacy policy ·       communicating with you in response to any online enquiries, requests or other contact. ·       provide you with our newsletters or blogs	Legal obligation Legitimate interests Съгласие Soft opt-ins	To develop our relationship with you and promote our goods and services To keep you up to date with news and developments
	To process any registrations for events including: (a) manage payments, fees and charges (b) collect and recover money owed to us	Legitimate Interests	To hold events, such as seminars and networking events, to promote our business and attract new business
	To administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	Legal Obligation Legitimate Interests	To run our business properly and efficiently To ensure the provision of administration and IT services To ensure network security To prevent fraud
	To use data analytics to improve our website, services, marketing, customer relationships and experiences	Consent (where required) Legitimate Interests	To keep our website updated and relevant To develop and improve our business To inform our marketing strategy To understand how our communications are used and what content is accessed, when and by whom To assess which of our services may be of interest to you To seek feedback and consent when we require consent to contact you
	To record or live stream seminars or events to be watched online	Legitimate interest	To enable clients / contacts to view and participate in events or seminars remotely We will always advise prior to the event that it is being recorded and/or live streamed
	To engage with you in business development and networking opportunities, including events, briefings and seminars	Legal Obligation Legitimate Interests	To ensure compliance with health and safety obligations, e.g. where we need to know about accessibility or mobility concerns, dietary requirements, other health matters which could affect your use of our services or how we provide you with services
	To process any registrations for events including: (a) manage payments, fees and charges (b) collect and recover money owed to us	Legitimate Interests	To hold events, such as seminars and networking events, to promote our business and attract new business

 

Category V: Complainant (individuals who wish to complain about the legal services provided by us or any of our staff members)
Type of Data	Purpose	Legal Basis	Legitimate Interest
Contact Communications Contractual Financial Identity Marketing Public Technical Usage Video/Voice Recordings	To communicate with you in relation to your complaint or legal claim	Contractual Performance Legitimate Interests	To deal with and respond to your complaint / claim
	To communicate with third parties who may be involved or have relevant information relating to the complaint or claim	Legitimate Interests	To investigate and gather information relating to the complaint / claim
	To notify our insurers and communicate with them regarding a claim	Legal Obligation Legitimate Interests	To comply with legal requirements and the terms of our insurance cover
	To notify our regulators and communicate with them regarding a complaint or claim	Legitimate Interests Legal Obligation	To comply with legal requirements and the terms of our insurance cover
	To notify our legal advisors and communicate with them regarding a complaint or claim	Legitimate interest	To take legal or other professional advice
	To establish, bring or defend legal claims	Legal Claims Legitimate Interests	To enforce our legal rights

 

Category VI: Anyone else
Type of Data	Type of Individual	Purpose	Lawful Basis	Legitimate Interest
Contact Communications Consents Contractual Financial Identity Public Social Special Category Transactional Usage Video/Voice Recordings	Third Parties (Claimant / Litigant)	To give legal advice to our clients To communicate with you or your advisors for our clients To conduct pre-action discovery To bring or defend legal claims To enforce judgments or awards for our clients	Contractual performance Legitimate interests Legal claims	To provide legal services to our clients To support the administration of justice To assist clients to establish, exercise and defend legal claims
	Third Party (transactional)	To give legal advice to our clients To communicate with you or your advisors for our clients To carry out due diligence	Contractual performance Legitimate interests	To provide legal services to our clients To carry out pre-contract due diligence To assist our clients to comply with legal obligations generally
	Witnesses	To contact you to establish whether you have evidence relevant to our client’s case To take evidence from you in connection with claims involving our client To seek to compel you to give evidence in court or elsewhere involving our client	Legitimate interests Legal claims	To support the administration of justice   To provide legal services to our clients

 

6. How is your personal data obtained?

We use different methods to collect data from and about you including through:

• Direct interactions. You may give us your personal data (including Special Categories of Personal Data and Criminal Convictions Data) through any number of direct interactions. This includes personal data you provide when you:
  • make an enquiry about our services;
  • instruct us to provide legal or other services and during the course of the provision of legal or other services;
  • correspond with us by post, phone, email, social media or otherwise;
  • provide feedback or respond to surveys
  • register for, attend or participate in events or seminars hosted or provided by us.

 

• Third parties or publicly available sources. We may receive or obtain personal data about you from various third parties and publicly available sources as set out:
  • fraud prevention agencies and credit reference agencies.
  • social media providers and other Internet sites (such as Twitter or LinkedIn).
  • Companies House, the Electoral Register, Registers of Scotland and other public bodies.
  • organisations or businesses that refer you to us, such as other law firms, other clients, accountants or financial institutions
  • other professional advisors, financial institutions, expert witnesses, courts and tribunals, mediators, arbiters, title and search agents and others with whom we interact in connection with the services that we provide to you.

 

7. Failure to provide information

Where we need to collect personal data by law (for example in order to carry out identity verification and anti-money laundering checks), or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have entered into with you, or we may be unable to comply with our own legal obligations.

In some cases, a failure to provide information when requested may delay our provision of legal or other services to you and in other cases, we may be unable to act for you or may have to withdraw from acting.

 

8. Who do we share your personal data with?

There may be circumstances in which we may also need to share your personal data with certain third parties. The third parties to which we may transfer your personal data include:

• Other third parties to any transaction, dispute, legal proceedings or other legal matter on which we are acting for you (including the Home Office, HMPO, other professional advisers, external counsel, expert witnesses, courts and tribunals, search agencies, surveyors, sheriff officers, governmental institutions, authorities, medical professionals etc);
• Our service providers who provide IT and system administration services (including client management systems, security software providers, accounting software and services, anti-money laundering, data rooms, document processing and storage software and other software services). A list of our current suppliers is available upon request;
• Identity verification service providers used to carry out identity checks for the purposes of customer due diligence;
• our agents and service providers who we engage in the provision of our services, including professional advisers, bankers, surveyors, external counsel, insurers, auditors and others;
• Marketing platform providers;
• Fraud prevention agencies and credit reference agencies;
• Any relevant regulatory authority, including the Law Society of Scotland, the Scottish Legal Complaints Commission, the Law Society of England & Wales, the Solicitors Regulation Authority, the Financial Conduct Authority and the Information Commissioner’s Office.
• The police and any other law enforcement agency, HM Revenue & Customs or other government body;
• Any other person who is authorised to act on your behalf;
• Professional indemnity or other relevant insurers;
• Foreign law firms (and associated regulators), should you need advice for outside the jurisdiction of Scotland;
• Public registers and public information resources, such as Companies House or Registers of Scotland;
• Any third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
• Third party agents/suppliers or contractors to allow us to organise and run the business, including:
  • Legal directories, e.g. Legal 500, Chambers and Partners, Who’s Who Legal and IP Stars, WTR100.
  • Our general insurers, auditor and accountants, pension providers, banks and other financial institutions, providers of electronic verification services, credit reference agencies and regulatory bodies.
  • General advertising, marketing, promotional, tendering activities, e.g. organising assisting us with our events, issuing of client updates/ bulletins, seminars, training, business development and networking opportunities.
  • Persons in connection with any sale, merger, acquisition, disposal, reorganisation or similar change in Angelov Solicitors

We may be legally required, and entitled, to share your FATCA (Foreign Account Tax Compliance Act) status and registration details with financial institutions and/or to submit reports to HMRC.

We typically undertake a search to verify an individual’s identity. This includes persons such as directors, officers, instructing individuals, beneficial owners of corporate entities, trustees and/or beneficiaries of trusts, and any agent acting on the client’s behalf. We may check the information supplied against any particulars on any database (public or otherwise) to which we have access.

 

9. International transfers

The personal data we collect from you will usually be stored inside the United Kingdom (‘UK’) or the EEA. This means our document management system, our email servers and our practice management system are all hosted in the UK.

We will only send your personal data outside the UK or EEA:

• where you instruct us to do so, e.g. where you are based outside the UK or EEA and we need to process your data to provide our service;
• where we are required to do so as part of the legal services that you have instructed us to provide (for example when we deal with professional advisors outwith the UK on your behalf or when we deal with counterparties to a transaction or other legal matter outwith the UK on your behalf);
• where we are instructed on your behalf by someone outwith the UK (for example your professional advisors outwith the UK);
• where we need to do so in order to comply with our or your legal obligations;
• where the transfer is necessary for reasons of public interest;
• where the transfer is necessary for the establishment, exercise or defence of legal rights;

 

We may also use ancillary IT systems hosted outside the UK, or where data is backed up in a data centre outside the UK.

Whenever we transfer your personal data outside of the UK, we will seek to ensure that it is protected to a similar degree as within the UK by using appropriate safeguards, which may include the following:

• we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
• where the recipient organisation is not located in a country with an adequacy decision, we may use specific contracts approved by the UK which give personal data the same protection it has in UK.

The safeguards used will depend on the circumstances of the transfer and the location of the non-UK recipient.

 

 

10. How long do we retain your personal data?

We will retain your personal data for as long as necessary to fulfil the purposes for which the personal data was obtained and to comply with any legal, accounting or reporting requirements.

Generally speaking, we will keep your client files (and any personal data contained therein) for a minimum period of ten years following completion of the matters, so that we are able to respond to a question, complaint or claim. We will keep the information used to verify your identity, and other related client due diligence information, for ten years after you cease to be our client.

Retention periods for records are determined on the basis of the type of record, the nature of the service or advice that we have provided, and any applicable legal or regulatory requirements. We follow the guidelines issued by the Law Society of Scotland concerning the retention of client files (including personal data contained therein), but the rules that apply to determine how long it is appropriate to hold client files can be complex and varied. If you require further information about our retention periods, please contact our Data Protection Officer using the contact details above.

11. Cookies

Our website (www.angelov.law or any other domain name registered in our name) uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use the following cookies:

• Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e- billing services.
• Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
• Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
• Performance cookies. These are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.
• Advertisement cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

We also use analytic services to help us understand how effective our content is, what interests our users have, and to improve how this website works. In addition, we use web beacons or tracking pixels to count visitor number and performance cookies to track how many individual users access this website and how often.

This information is used for statistical purposes only and we do not use such information to personally identify any user.

 

12. Marketing

We may provide you with direct marketing communications where you have consented to receive such communications. We may rely on our legitimate interests to market our business to provide direct marketing communications to other businesses (business-to-business marketing)

You can subscribe to such marketing communications, and you can adjust your marketing preferences at any time by contacting us on info@angelov.law or by clicking “unsubscribe” at the bottom of any marketing email.

In limited circumstances, we may rely on our legitimate interests to market our business to provide direct marketing communications to other businesses (business-to-business marketing).

You can also opt-out or unsubscribe from all or some of these marketing communications at any time by contacting us on info@angelov.law or by clicking “unsubscribe” at the bottom of any marketing email.

Where you opt out of receiving these marketing communications, this opt-out will not apply to personal data provided to us for any other purpose.

 

12. Data Security 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered or disclosed in an unauthorised manner. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know.

They will only process your personal data based on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data breach and will notify you of any breach and will also report any breach to the Information Commissioner’s Office, where we are legally required to do so.

 

13. Your Rights

Your personal data is protected by legal rights, which include your rights to:

• Request access to your personal data (a “Subject Access Request”). This enables you to get access to the personal data we hold about you and to check that we are lawfully processing it;

• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us;

• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which you will be notified of, if applicable, in response to your request.

• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.

• Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: if you want us to establish the data’s accuracy; where our use of the data is unlawful but you do not want us to erase it; where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

• Request the transfer of your personal data to you or to a third party (data portability). We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

• Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

 

If you wish to exercise any of these rights, please contact us using the details above.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not generally have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if we think your request is ‘manifestly unfounded or excessive’. If this applies to a request you have made, we will explain the reasons for our decision. We can also charge a fee if you ask for further copies of your information, following a request already fulfilled. In such cases, the one-month time limit does not begin until we have received the fee. There can be other reasons why you may not receive all the information you expect, such as when an exemption applies, or the type of information you asked for is not covered by a subject access request.

15. Changes to this privacy notice 

We keep this Privacy Notice under regular review and will place any updates on our website. This Privacy Notice was last updated on 21 February 2024.

16. Complaints 

We have appointed a Data Protection Officer (‘DPO’) who is responsible for answering questions regarding this Privacy Notice. If you have any questions or you wish to exercise any of your legal rights, you can contact the DPO using the following contact details:

By post: Metuendissimus Legal Ltd,

Suite 2/3, 48 West George Street, Glasgow, G2 1BP

By email: dpo@angelov.law

By phone: 020 8088 2555

If you are unhappy with our DPO’s response or the handling of your request, you have the right to complain to the Information Commissioner’s Office, which is the UK Supervisory Authority for data protection issues (https://ico.org.uk/). We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO.