Who we are
Our website address is: https://eganmeyer.com.
Egan Meyer Ltd is a “data controller” for the purposes of the General Data Protection Regulation (GDPR). This means that we are responsible for deciding how we hold and use personal information about you. Jim Meyer is the Data Protection Officer and can be contacted at dataprotection@egammeyer.com.
Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of Personal Data including, but not limited to, identity data, contact data, financial data, and data concerning a client’s case, general instructions and the legal services provided by us. We may also process sensitive personal data in connection with the legal services provided which includes information concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation and data regarding criminal convictions.
We will collect personal information about clients and any relevant third parties during the engagement process, either directly from our clients or sometimes from their permitted agents and representatives. We may also collect additional information about clients from third parties including the police, court service, crown prosecution service, parole board, legal aid agency, experts & consultants, family members, connected individuals and other agents or public bodies who may be involved in the conduct of a client’s case. Additional personal information may be collected during the course of a client’s relationship with us and any subsequent instructions we may receive.
We will only use a client’s personal information when the law allows us to. Most commonly, we will use a client’s personal information: where we need to perform the contract we have entered into (or in order to enter into such a contract); where we need to comply with a legal obligation; where it is necessary for our legitimate interests (or those of a third party) and a client’s interests and fundamental rights do not override those interests; or where it is necessary for the purpose of, or in connection with, legal proceedings (including prospective legal proceedings), the purpose of obtaining legal advice, or is otherwise necessary for the purposes of establishing, exercising or defending legal rights. Please note that some of the above grounds for processing will overlap and there may be several grounds which justify our use of a client’s personal information.
Generally, we do not rely on consent as a legal basis for processing a client’s personal data and we may process such personal data without their knowledge or consent, in compliance with the above rules, where this is required or permitted by law. If it becomes necessary to obtain a client’s consent, we will provide a client with full details of the information that we would like and the reason we need it, so that our clients can carefully consider whether they wish to consent. It is not a condition of any contract with us that a clients agrees to any request for consent from us and clients will be able to withdraw their consent at any time.
We need all the categories of information listed above primarily to allow us to provide you with legal services, as per a client’s instructions. We will keep a client’s information confidential and will only use it for the purpose(s) for which it was provided or as is permitted in law (i.e. for dealing with complaints or regulatory investigations). Where we need to collect personal data by law, or under the terms of a contract we have with a client and the client fails to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into. In this case, we may have to cancel a contract the client has with us but we will notify the client if this is the case at the time.
We may have to share your data with third parties. We will only share your personal data with third parties where required by law, where it is necessary to administer the contract a client has with us or where we have another legitimate interest in doing so.
This may include barristers; experts; and others who we need to instruct to assist us with a client’s matter, the Legal Ombudsman (if a client complains about our services) and the Solicitors Regulation Authority (the statutory body that regulates solicitors). In doing so we will always take care to ensure that a client’s information remains confidential and safe. We will liaise with our clients during their case about which experts, barristers and other third parties we instruct on their behalf. Sometimes we ask other companies or people to undertake tasks on our files to ensure this is done promptly (for example photocopying/scanning).
All third parties in the United Kingdom and the EU are subject to the provisions of the GDPR or similar regulations in relation to our clients’ Personal Data and we do not authorise third parties to use such Personal Data for their own purposes.
The data we collect from clients may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. The GDPR restricts data transfers to countries outside the EEA in order to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.
We will only transfer data outside the EEA where permitted to do so by law including where the necessary safeguards are in place such as standard contractual clauses approved by the European Commission or where the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection. If you have any questions about the transfer of data outside the EEA, please contact us for further information.
The GDPR requires us to put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We ensure that reasonable security measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. We have also put in place procedures to deal with any suspected data security breach and will notify those affected and any applicable regulator of a suspected breach where we are legally required to do so. If you have any questions about our current organisational and technical security procedures, please contact us for further information.
We will retain a client’s information for a reasonable period or as long as the law requires.
Clients have a right to access the personal data we hold about them. They may ask us to rectify or erase the personal data we hold about them or to restrict the processing we carry out. Clients can also object to the way we are processing their personal data or request it is transferred to a third party.
For a full list of a client’s rights and how these can be exercised, please visit www.ico.org.uk/your-data-matters for further details. Clients will not have to pay a fee to access their personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if their request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Clients also have the right to make a complaint at any time to the ICO (www.ico.org.uk).
If a client wants to review, verify, correct or request erasure of their personal information, object to the processing of their personal data, or request that we transfer a copy of their personal information to another party, they may contact us in writing at Data Protection Officer at dataprotection@eganmeyer.com
Retention of Data, Storage of Papers and Return of Documents
After the conclusion of a case we will check to ensure that all original documents relating to a file and any other documents that belong to a client are returned. This is to ensure that we do not retain or have any further responsibility for any documents which belong to a client. However, we may retain a copy of these same documents for our own purposes on the client’s file.
At the end of a case we will retain on our systems a client’s personal data, a full copy of our file including all the correspondence on the file with the client and other parties to their matter, all advices, all attendance notes, all experts reports and witness statements that were created during the course of your matter. We will also retain documents provided to us in the course of a client’s matter.
At the end of a client’s matter we will store their file for such period as we think is appropriate (or such time is required by law) after which time the file will be routinely destroyed without notice.
We reserve the right to store a client’s file in any format deemed appropriate by us, including in entirely electronic format.
We do not normally make a charge for retrieving stored papers from our archive. However, we reserve the right to make a charge in the following cases:-
- Where we have previously provided you with a copy of your papers and you are requesting a further copy.
- Where you request that we provide your papers in a format which is different to that in which they have been stored; i.e. if they have been stored electronically and you request a paper copy.
- Where you require us to search for specific documents and/or require us to read papers or write letters in respect of your archived file. In such cases, we may charge you at our normal hourly rates, although subject to us having provided you with an estimate of costs of the work in advance.
- To cover the costs of postage for forwarding a file of papers to you or to another firm of solicitors.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.