Privacy notice - Contents
1. Introduction
1.1 JMW Solicitors LLP (“JMW”) is committed to protecting the privacy and security of your personal information.
1.2 JMW is a limited liability partnership registered in England and Wales under registration number OC338958. It is authorised and regulated by the Solicitors Regulation Authority (“SRA”) under registration number 508380. JMW has notified the Information Commissioner’s Office (“ICO”) that it processes personal data under registration number Z5673466.
1.3 We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (“UK GDPR”). We are also subject to the EU General Data Protection Regulation (“EU GDPR”) in relation to services we offer to individuals in the European Economic Area (“EEA”).
1.4 We have tailored specific privacy policies dependent upon your relationship with JMW. Each of these privacy policies outline how JMW may collect, hold, process, and share your personal data to assist you in making informed decisions when using our website and/or accessing our services.
1.5 Our privacy notices are kept under regular review, and we may change them from time to time. When we do, the updated version will be published to our website with confirmation of the date it was last updated.
(a) If legally required, we may ask you to consent to any changes made to these notices.
1.6 Our services and website are not aimed specifically at children who are usually represented by their parents or guardians. If you are a child and you want further information about how we might use your data, please contact us using the information detailed below.
2. Your Rights
2.1 Under data protection legislation you are afforded the following rights:
(a) Right to Access: Gives you the right to be provided with a copy of your information held by us.
(b) Right to Rectification: Requires us to correct any mistakes in your information held by us when notified of the mistake by you.
(c) Right to Erasure (also known as Right to be forgotten): Requires us to delete your information (in certain situations) when requested by you.
(d) Right to Restrict Processing: Requires us to stop or reduce the level of processing of your information in certain situations (e.g. if you contest the accuracy of the information that we hold about you).
(e) Right to Data Portability: Gives you the right to receive the information held by us that you requested in a commonly used, machine-readable format and, where requested by you transmitted to a third party.
(f) Right to Object: Gives you the right to object:
i. At any time to our processing of your information for direct marketing (including profiling); or
ii. In certain situations, to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims.
(g) Right not to be subject to automated individual decision making: Gives you the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
(h) Right to withdraw consent: If you have provided us with a consent to use your information you have a right to withdraw that consent easily at any time. Withdrawing of consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn.
2.2 You can exercise these rights free of charge. However, we may charge a reasonable fee, or refuse to comply with your request outright, if the request is excessive or is clearly unfounded.
2.3 If you would like exercise any of these rights, please contact us using the information detailed in the contact information section.
(a) Please ensure you provide as much information as possible within your request such as your name, address, client/matter reference and the right/s you wish to exercise.
(b) We may request further information from you to validate your identity prior to proceeding with your request. Where this is the case, we shall inform you and confirm the information required with a justification for its requirement.
2.4 Please note: These rights are not absolute and we may have reasonable grounds to reject your request, either in part or in its entirety, or exclude certain information from disclosure. Where this is the case, you will be provided an explanation and justification for any rejection or exclusion in our formal response to your request.
3. Contact Information
3.1 If you have any questions regarding our privacy policies or the information we hold about you, wish to exercise one of your rights as a data subject, wish to raise a complaint or concern about the use of your information or require a copy of a privacy notice in another format (e.g. audio, large print, braille), please contact us using the below information.
(a) Individuals based within the UK can contact us via:
i. Post: FAO Data Protection Lead, JMW Solicitors, 1 Byrom Place, Manchester, M3 3HG.
ii. E-mail: dataprotection@jmw.co.uk.
iii. Telephone: 0345 872 666.
(b) For individuals based within the EEA, we have appointed a data protection representative as per Article 27 of the GDPR. You can either:
i. contact us directly using the information in 3.1; or
ii. contact our data protection representative:
> Post: Rechtsanwaltsgesellschaft mbH - JMW SOLICITORS LLP - Colmantstraße 15 53115 Bonn Germany.
> E-Mail: art-27-rep-jmw@rickert.law.
3.2 If following our response to any complaint or concern you raised, you remain unhappy you have the right to raise a complaint with the ICO via:
(a) Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
(b) Telephone: 0303 123 1113.
(c) Website: https://www.ico.org.uk/make-a-complaint.
4. Key Terms
4.1 The below table sets out some key terms used throughout each of our privacy notices:
| Key Term | Definition |
|---|---|
| “Criminal Offence Data” | Personal data that relates to criminal activity, proven and unproven allegations, investigations, proceedings, convictions (including absence of), penalties, conditions, or restrictions in place as part of the criminal justice process and civil measures which may lead to a criminal penalty if not adhered to. |
| “Data Subject” | The identified or identifiable living individual to whom personal data relates. |
| “Data Subject Rights” | Specific individual rights in regard to the data subjects personal data as defined in the UK GDPR (access, informed, rectification, erasure, restriction, objection, portability and not subject to automated decision making) |
| “Information” | One, or a combination of, criminal offence data, personal data or special category personal data. |
| “Lawful Basis“ or “Lawful Bases” | One, or a combination of, the six lawful bases required for processing personal data as defined in the UK GDPR. |
| “Personal Data” | Any information relating to ‘data subject’ who can be identified, directly or indirectly, in particular by reference to an identifier. Examples include a name, date of birth, home address, contact information etc. |
| “Special Category Personal Data” | Personal data that can reveal racial / ethnic origins, political opinions, religious / philosophical beliefs, trade union membership or concerns genetic data, biometric data, health data, sex life or sexual orientation. |
| “UK GDPR” | The retained EU law version of the General Data Protection Regulation ((EU) 2016/679) as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by Schedule 1 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419). |
| “We”, “Us” or “Our” | JMW and our group companies |
Privacy Notice for JMW Clients
1. Who does this privacy notice apply to?
1.1 This privacy notice applies to individuals who are current, former or prospective clients of JMW.
1.2 This notice should be read in conjunction with the client care letter and terms of business provided to you at the outset of your relationship with JMW.
1.3 We seek to ensure that our information collection and processing is always proportionate and will notify you of any changes to information we collect or to the purposes for which we collect and process it.
1.4 If you have any queries regarding this privacy notice, please contact us using the contact information listed above.
2. What information do we collect?
2.1 We will generally always collect the following information from you as part of your (potential) instruction of JMW:
(a) Personal data:
i. Your name;
ii. Contact information including address, telephone number and email;
iii. Your signature including electronic versions (collected via DocuSign);
iv. Information to enable us to check and verify your identity (e.g. your date of birth or passport details);
v. Information to enable us to undertake a SmartSearch or other financial checks on you. SmartSearch will perform sanctions checks, screening for adverse media and checks for politically exposed persons;
vi. Information relating to the matter in which you are seeking to instruct us.
(b) Special category data:
i. Information relating to the matter in which you are seeking to instruct us if that matter relates to or references your racial / ethnic origins, political opinions, religious / philosophical beliefs, trade union membership or concerns, genetic data, biometric data, health data, sex life or sexual orientation.
(c) Criminal offence data:
i. Information relating to the matter in which you are seeking to instruct us if that matter relates to criminal activity, proven and unproven allegations, investigations, proceedings, convictions (including absence of), penalties, conditions or restrictions in place as part of the criminal justice process and civil measures which may lead to a criminal penalty if not adhered to.
2.2 The following information may be collected dependent upon the reason for your (potential) instruction:
(a) Personal data:
i. Your financial details which can include:
> Source of funds;
> Bank and/or building society details;
> National insurance and tax details;
> Details of your pension arrangements;
ii. Details of your personal or professional online presence, e.g. LinkedIn profile;
iii. Details of your spouse/partner and dependants or other family members, e.g. if you instruct us on a family matter or a will;
iv. Details of your employment history/status including:
> salary and benefits, e.g. if you instruct us on matter related to your employment or in which your employment status or income is relevant;
> employment records including, where relevant, records relating to sickness and attendance, performance, disciplinary, conduct and grievances, e.g. if you instruct us on matter related to your employment or in which your employment records are relevant.
v. Your nationality and immigration status and information from related documents, such as your passport or other identification, and immigration information, e.g. if you instruct us on an immigration matter;
vi. Personal identifying information, such as your eye colour or your parents’ names, e.g. if you instruct us to incorporate a company for you.
(b) Special category personal data:
i. Racial or ethnic origin, gender and sexual orientation, religious or similar beliefs, e.g. if you instruct us on discrimination claim;
ii. Trade union membership, e.g. if you instruct us on a discrimination claim or your matter is funded by a trade union;
iii. Your medical records, e.g. if we are acting for you in a personal injury claim;
iv. Your genetic data or biometric data e.g. if it is required for the purpose of uniquely identifying you.
(c) Criminal offence data:
i. Your records relating to relating to criminal convictions and offences e.g. if you instruct us in relation to a criminal or regulatory matter.
3. How do we collect the information?
3.1 We collect the vast majority of this information directly from you e.g. in person, over telephone call or text, email or via mobile applications (such as the JMW app).
3.2 There may be circumstances where we collect this information from another source such as:
(a) publicly accessible sources, e.g. Companies House or HM Land Registry;
(b) a third party directly, e.g.:
i. a business such as an estate agency or claims management company that has introduced you to JMW;
ii. sanctions screening providers such as SmartSearch;
iii. credit reference agencies;
iv. customer due diligence providers.
(c) a third party with your consent, e.g.:
i. your bank or building society another financial institution or advisor;
ii. consultants and other professionals we may engage in relation to your matter;
iii. your employer and/or trade union, professional body or pension administrators;
iv. your doctors, medical and occupational health professionals;
(d) via our website - we use cookies on our website (for more information on Cookies, please refer to our ‘Website Visitors’ privacy notice).
4. Why do we collect this information (lawful basis)?
4.1 We rely on the following lawful bases for collecting and processing your information.
(a) You have provided your consent for us to process your information;
i. This lawful basis will only apply to specific sets of information dependent upon the nature of the legal services you require. Where we require your consent to obtain or process this information, we will make it clear.
(b) The processing is necessary for the performance of a contract between you and us (or in order for us to take steps at your request prior to entering into a contract with us);
(c) The processing is necessary for compliance with a legal obligation to which we are subject;
(d) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
5. How do we use this information
5.1 The information provided or collated will be used to:
(a) Provide legal services to you;
(b) Prevent and detect fraud against you or us;
(c) Conduct checks to identify our clients and verify their identity;
(d) Screen for politically exposed persons, financial and other sanctions or embargoes;
(e) Carry out other activities necessary to comply with our professional, legal and regulatory obligations that apply to our business, e.g. under health and safety law or rules issued by the Solicitors Regulation Authority;
(f) enforce legal rights or defend or undertake legal proceedings;
(g) Gather and provide information required by or relating to audits, enquiries or investigations by regulatory bodies;
(h) Ensure our business policies are adhered to, e.g. policies covering security and internet use;
(i) Support operational processes, such as improving efficiency, training and quality control;
(j) Ensure the confidentiality of commercially sensitive information;
(k) Provide statistical analysis to help us manage our business, e.g. in relation to our financial performance, client base, services range or other efficiency measures;
(l) Prevent unauthorised access and modifications to systems;
(m) Protect the security of systems and data used to provide services;
(n) Update and enhance client records;
(o) Complete statutory returns;
(p) Ensure safe working practices, people administration and assessments;
(q) Market our services and those of selected third parties;
(r) Comply with external audits and quality checks, e.g. for ISO or Lexcel accreditation and the audit of our accounts;
(s) Share your information with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale or in the event of our insolvency.
i. In such cases information will be anonymised where possible and only shared where necessary.
5.2 We may also use your information for marketing purposes. Please see the section titled ‘Marketing’ for further information.
6. How long do we keep the information?
6.1 We will keep your information for the duration of providing legal services to you and thereafter will retain the information for as long as is necessary to:
(a) Respond to any questions, complaints or claims made by you or on your behalf;
(b) Show that we treated you fairly;
(c) Keep records required by law.
6.2 We will not retain your information for longer than necessary for the purposes set out in this notice.
6.3 As a general rule, if we are no longer providing services to you, we will delete or anonymise your information after a period of seven years.
6.4 However, different retention periods apply to the different legal services we offer and the different types of information we collect. Therefore, your information may be retained for a period longer than seven years.
(a) Further details on the retention periods that will apply to your information are available upon request.
7. Do we share your information with other parties?
7.1 We routinely share information with:
(a) companies providing services for money laundering checks and other crime prevention purposes and companies providing similar services, including financial institutions and credit reference agencies, e.g. SmartSearch;
(b) third parties we use to help deliver our services to you, e.g. payment service providers, IT infrastructure providers, JMW App provider, delivery companies, barristers, expert witnesses and technology service providers such as eDiscovery and document review platforms;
(c) Other solicitors firms involved in your matter and the UK courts system as part of the disclosure or evidence exchange process;
(d) other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
(e) third parties approved by you;
(f) credit reference agencies;
(g) our insurers and brokers;
(h) our banks.
7.2 We only allow these organisations to handle your information if we are satisfied that they take appropriate measures to protect your information.
7.3 We, or the third parties mentioned above, may also occasionally share information with:
(a) our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
(b) third party travel providers and/or their agents when arranging travel for you;
(c) our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
(d) law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
(e) other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition or asset sale or in the event of our insolvency. The recipient of any of your personal data will be bound by confidentiality obligations;
(f) where necessary, companies within the JMW group.
8. Marketing
8.1 We may use your information to send you updates (by email, text message, telephone or post) about our services.
8.2 You have a right to opt out of any of these marketing communications at any time by:
(a) Contacting marketing@jmw.co.uk; or
(b) Selecting the ‘Unsubscribe’ link in any emails you receive; or
(c) Responding with ‘STOP’ in any text messages you may receive.
8.3 We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
8.4 We will always treat your information with the utmost respect and never sell or share it with other organisations outside of the JMW group for marketing purposes.
Privacy Notice for JMW People
1. Current JMW People
1.1 If you are actively working for or with JMW then please refer to the internal privacy notice accessible via the firm’s intranet for further information.
2. Former JMW People
2.1 If you previously worked for or with JMW then we may still process elements of your information following the end of your working relationship with JMW.
2.2 If you wish to exercise your data subject rights, would like a copy of our internal privacy notice or have any general queries regarding your information, please contact us using the contact information listed above.
Recruitment Privacy Notice
1. Who does this notice apply to?
1.1 This privacy notice applies to prospective employees, partners, consultants, workers or contractors who have applied for a vacancy with us via the JMW vacancy site (https://www.jmw.co.uk/vacancies) or directly with the JMW Recruitment team / recruiting manager.
(a) Where you have applied for a role with us via our website this notice should be read in conjunction with our ‘Website Visitors’ privacy notice.
1.2 If you have applied for a vacancy via a third-party, such as a recruitment consultancy, please refer to their privacy notice for further information.
1.3 We seek to ensure that our information collection and processing is always proportionate and will notify you of any changes to information we collect or to the purposes for which we collect and process it.
1.4 Our recruitment process consists of two stages; the shortlisting of applicants and the final decision to recruit. Where applicable, we have detailed which of these scenarios apply in each aspect of this privacy notice.
1.5 If you have any queries regarding this privacy notice, please contact us using the contact information listed above.
2. What information do we collect?
2.1 During our candidate shortlisting process, we collect the following information:
(a) Personal data:
i. Your name;
ii. contact details including residential address, telephone numbers and email address;
iii. employment history including qualifications, experience, job titles, salary and working hours;
iv. information about your interests and hobbies;
v. Any other information you might include within your application that is not detailed within the above examples;
(b) Special category personal data:
i. Health data (where reasonable adjustments are required for the recruitment process and those adjustments relate to health conditions);
2.2 Following the candidate shortlisting we conduct the final decision-making process where we collect the following information:
(a) Personal Data:
i. A copy of your passport or driving licence;
ii. Information about your previous academic and/or employment history, including details of any conduct, grievance or performance issues, appraisals, time and attendance;
iii. Information regarding your academic and professional qualifications;
iv. Information to enable us to undertake a SmartSearch or other financial checks on you. SmartSearch will perform sanctions checks, screening for adverse media and checks for politically exposed persons;
v. Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information.
(b) Special Category Personal Data:
i. Information relating to your health.
3. How do we collect the information?
3.1 As part of the shortlisting process the information we collect is generally provided directly from yourself via your CV, completed application form, covering letter, anonymous equal opportunities monitoring form and any other form of communication you may provide as part of your application.
3.2 As part of the final decision-making process, we collect information from the following sources:
(a) Directly from yourself;
(b) Via a recruitment agency (if applicable);
(c) Your referees.
i. If you are a referee for an applicant who has applied for a role with us please refer to our privacy notice for ‘Other Individuals’.
(d) third party background check providers;
(e) education provider / relevant professional bodies;
(f) disclosure and barring service (DBS);
(g) home office (confirmation of immigration status).
4. Why do we collect this information (lawful basis)?
4.1 As part of the candidate shortlisting process, we rely on the following lawful bases for collecting and processing your information:
(a) The processing is necessary for compliance with a legal obligation to which we are subject;
(b) The processing is necessary for the performance of a task carried out in the public interest;
(c) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
4.2 As part of the final decision-making process, we rely on the following lawful bases for collecting and processing your information:
(a) The processing is necessary for the performance of a contract between you and us (or in order for us to take steps at your request prior to entering into a contract with us);
(b) The processing is necessary for compliance with a legal obligation to which we are subject;
(c) The processing is necessary for the performance of a task carried out in the public interest;
(d) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
5. How do we use this information?
5.1 The information provided or collated during the application process will be used:
(a) To process your application via a fair recruitment process as well as to inform you of progression or outcomes of your application;
(b) To inform HR personnel or the manager of the hiring team/department of your application and, where applicable, arrange interviews and inform you of the outcome;
(c) To make an informed recruitment decision;
(d) To conduct right to work checks and any other legal obligations we are bound by;
(e) To comply with our equal opportunities monitoring obligations, to demonstrate our equality of opportunity or treatment processes and to follow our equity policies and procedures;
(f) To contact (or share information) with third parties in order to conduct further background checks or validate information already provided by the applicant;
(g) To establish, exercise and/or defend any legal claims.
6. How long do we keep the information?
6.1 We keep the information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful, the nature of the information concerned and the purposes for which it is processed.
6.2 We will keep recruitment information (including interview notes) for no longer than is reasonable, taking into account the limitation periods for potential claims such as race or sex discrimination (as extended to take account of early conciliation), after which they will be destroyed. If there is a clear business reason for keeping recruitment records for longer than the recruitment period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept
6.3 If an applicant is successful, we will only keep the information supplied that is relevant and necessary to your working relationship with us. This will form part of your personnel file and will then be subject to our internal privacy notice.
6.4 If your application is unsuccessful at the shortlisting stage your information will be retained for a reasonable period of time in the event that any further opportunities arise, as evidence of recent applications and for the purpose of establishing, exercising and/or defending any legal claims in accordance with our legitimate interests.
6.5 If your application is unsuccessful at the final decision-making stage your information will be retained for a reasonable period of time in the event that any further opportunities arise, as evidence of recent applications and for the purpose of establishing, exercising and/or defending any legal claims, in accordance with our legitimate interests.
6.6 Certain Home Office requirements may also apply if we sponsor a worker from outside the EU and need to maintain records of applicants for auditing purposes.
6.7 Following the end of the of the relevant retention period, we will delete or anonymise your information.
7. Do we share your information with other parties?
7.1 In order to obtain a DBS check we are required to submit some of your information to the disclosure and barring service.
(a) Your role with us will determine whether a DBS check is required, and the level of DBS check we request.
7.2 We may be required by law to report any adverse findings relating to your immigration or right to work status to the Home Office for further investigation.
7.3 Dependent on your role with us, we may also be required to share your information with our insurance providers. For example, we may need to disclose your information as part of our professional indemnity insurance applications.
7.4 Information provided within your application may also be shared with some third-party suppliers, either to validate the information provided as part of your application or provide separate information to support your application (such as credit history).
(a) The third-party providers we may use are:
(b) Sterling Check https://www.sterlingcheck.com/welcome/
(c) SmartSearch https://www.smartsearch.com/
(d) Atlantic Data https://www.atlanticdata.co.uk/
7.5 Privacy notices and contact information for each of these third parties can be found via their websites.
Privacy Notice for Website Visitors (Cookies)
1. Who does this privacy notice apply to?
1.1 This privacy notice applies to individuals who visit our website (https://www.jmw.co.uk/) and it should be read in conjunction with the website terms of use.
1.2 We seek to ensure that our information collection and processing is always proportionate and will notify you of any changes to information we collect or to the purposes for which we collect and process it.
1.3 If you have any queries regarding this privacy notice, please contact us using the contact information listed above.
2. What information do we collect?
2.1 The information we collect about you will depend upon the activities you carry out when visiting our website. The types of information we may collect can include:
(a) Your name;
(b) Address;
(c) Contact information including telephone number and email address;
(d) Information to verify your identity (e.g. your date of birth);
(e) Your gender;
(f) Your location;
(g) Your account details such as client/matter number;
(h) Billing, transaction, and payment card/method information;
(i) Your activities on, and use of, our website.
3. How do we collect the information?
3.1 We generally collect information from you directly from when you enter or send us information using the website. For example, when you fill out the online enquiry form or use our live chat function.
3.2 We may also collect some of this information indirectly via the following methods:
(a) By monitoring your browsing activity. Further details about the technologies we use to do this are detailed within the ‘Cookies’ section of this notice;
(b) We may also collect information about you from other sources. For example, we may receive information about you if you use any of the other websites we operate or other services we provide;
(c) We are also working closely with third parties (including, for example, business partners, sub-contractors in technical payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.
4. Why do we collect this information (lawful basis)?
4.1 We rely on the following lawful bases when collecting your information.
(a) You have provided your consent for us to process your information;
(b) The processing is necessary for the performance of a contract between you and us (or in order for us to take steps at your request prior to entering into a contract with us);
(c) The processing is necessary for compliance with a legal obligation to which we are subject;
(d) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
5. How do we use this information?
5.1 We use your information to:
(a) Provide services to you;
(b) Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us;
(c) To enforce legal rights or defend or undertake legal proceedings;
(d) Customise our website and its content to your particular preferences based on a record of your selected preferences or on your use of our website;
(e) Retaining and evaluating information on your recent visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive or to check our website is working as intended;
(f) Communications with you not related to marketing, including about changes to our terms or policies or changes to the or other important notices;
(g) Protecting the security of systems and information used to provide the services;
(h) Statistical analysis to help us understand our customer base;
(i) Updating and enhancing customer records;
(j) Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business, e.g. to record and demonstrate evidence of your consents where relevant;
(k) To share your information with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. In such cases information will be anonymised where possible and only shared where necessary.
5.2 We may also use your information for marketing purposes. Please see the section titled ‘Marketing’ for further information.
6. How long do we keep the information?
6.1 We will not keep your information for longer than we need it for the purpose for which it is used. Different retention periods apply for different types of information.
6.2 Following the end of the of the relevant retention period, we will delete or anonymise your information.
6.3 Further details regarding our retention periods can be:
(a) found in the relevant applicable privacy notice;
(b) be provided upon request.
7. Do we share your information with other parties?
7.1 We routinely share information with:
(a) Third parties we use to help deliver our services to you (e.g. payment service providers);
(b) Other third parties we use to help run our business (e.g. marketing agencies, website hosts, analytic providers).
7.2 We only allow those third parties to handle your information if we are satisfied that they take appropriate measures to protect your information.
7.3 We impose contractual obligations on these third parties to ensure they can only use your information to provide services to us and to you.
7.4 We or the third parties mentioned above occasionally also share information with:
(a) our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
(b) our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
(c) law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
(d) other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your information will be bound by confidentiality obligations.
8. Marketing
8.1 We may use your information to send you updates (by email, text message, telephone or post) about our services.
8.2 You have a right to opt out of any of these marketing communications at any time by:
(a) Contacting marketing@jmw.co.uk; or
(b) Selecting the ‘Unsubscribe’ link in any emails you receive; or
(c) Or responding with ‘STOP’ in any text messages you may receive.
8.3 We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
8.4 We will always treat your information with the utmost respect and never sell or share it with other organisations outside of the JMW group for marketing purposes.
9. Cookies
Privacy Notice for Other Individuals
1. Who does this privacy notice apply to?
1.1 This privacy notice applies to individuals that are not within scope of the other privacy notices available on our website.
1.2 We seek to ensure that our information collection and processing is always proportionate and will notify you of any changes to information we collect or to the purposes for which we collect and process it.
1.3 If you have any queries regarding this privacy notice, please contact us using the contact information listed above.
2. Suppliers (including expert witnesses)
2.1 For clarity, reference to ‘supplier’ in this notice shall refer to individuals who provide a service and/or individual representatives of an organisation who provides a service to us or our clients.
2.2 We collect and process information about suppliers who supply services to JMW or its clients, including members of the Lawshare network and our selected Lawsave partners.
2.3 The information we collect from suppliers generally consists of personal data only, including:
(a) Your name;
(b) Your job role including employer/organisation;
i. This can also include work and/or education history when providing an expert witness statement.
(c) Business contact details including telephone number or email;
(d) Payment information.
2.4 We will usually collect this information directly from:
(a) the suppliers themselves;
(b) information found online (e.g. websites) or via a third party who recommends the supplier to us.
2.5 We rely on the following legal bases for processing this information:
(a) The processing is necessary for the performance of a contract between you and us (or in order for us to take steps at your request prior to entering into a contract with us);
(b) The processing is necessary for compliance with a legal obligation to which we are subject;
(c) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
2.6 We use any information primarily to contact the supplier – on behalf of JMW or its clients – in order to manage the relationship and ensure that the services are delivered under the supply contract.
2.7 This information will be retained either;
(a) for the duration of the working relationship with JMW, and for a reasonable period following the end of that working relationship; or
(b) Where related to a specific matter, for the duration of that matter plus the applicable retention period that follows.
2.8 We may share your information with third parties, such as our clients, the courts and other solicitors, however this will depend upon the nature of our working relationship.
3. Non-expert witnesses
3.1 We collect and process information about individuals who have agreed to be a witness in a matter where JMW has been instructed.
3.2 We will generally collect this information from yourself directly or from a party involved in the matter (e.g. our client, police etc.) where you had provided said party with your contact details in order to provide a witness account of the incident.
3.3 The information initially provided to us will generally be your name and contact information which can include your postal address, email address and/or telephone number.
3.4 If we believe your account is critical to our investigation and you are willing to provide a witness statement, we may be required to collect further information about you. We will provide a justification for this when obtaining your witness statement.
3.5 Under data protection law, we require a legal basis for processing your information. In your case we rely on the following legal bases for processing this information:
(a) The processing is necessary for compliance with a legal obligation to which we are subject (for example the Civil Procedure Rules which govern how claims are handled through the courts);
(b) The processing is necessary for the purposes of the legitimate interests pursued by us (except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of information).
3.6 We use the information collated to obtain, discuss and create witness statements in support of our client's matter.
3.7 This information will generally be retained for the duration of the legal matter it applies to plus the retention period following closure of the matter.
3.8 We may be required to share your information with the following third parties:
(a) Our client for the purposes of discussing your witness statement;
(b) Other solicitors/parties involved in the matter;
(c) The courts and experts where your statement is disclosed as part of the disclosure process or you are called to attend court as a witness.
(d) Third party service providers (may be used to obtain your witness statement and/or arranging formal signature of said witness statements).
4. Contacts
4.1 We manage a database of contacts using a customer relationship management (“CRM”) system. Each record on the CRM system contains the individual’s name, business (if applicable) and contact details.
4.2 Information is processed through the CRM system for our legitimate business interests. Our primary aim is to stay in touch with our contacts and keep them updated with news and details of upcoming events.
4.3 Information is processed according to the contact’s preferences and contacts may at any time opt-out of future communications.
4.4 Contacts’ records are never shared with third parties unless permitted by law and the records are retained for no longer than necessary.
5. Office visitors
5.1 Various security measures are in place at our office sites that involve the processing of information. These processes include:
(a) Visitor records: All visitors to our offices are required to sign in and out. Basic information such as the visitor’s name and business are recorded. If you are parking in one of the office car park spaces you may be asked to provide your car registration number. The sign-in records are stored electronically and deleted after a short period of time. These records are only accessed if we need to investigate an incident.
(b) CCTV: Our registered office (1 Byrom Place) has various CCTV cameras installed. The images are securely stored and the data is overwritten after set amount of time. These records are only accessed if we need to investigate an incident and may be disclosed to the authorities.
(c) WIFI: Guest WIFI is available for visitors to our offices. In order to monitor traffic and detect intrusion attempts, we collect information about the devices used to connect to our guest WIFI networks. No personal data is collected and the records are deleted after a set period of time.
5.2 We consider the above measures are necessary and proportionate for the safety of our people and visitors, as well as the detection and prevention of crime.
5.3 Our reasons for processing this personal data are to comply with our legal and regulatory obligations and/or for our legitimate interests, e.g. to protect the security of our buildings and premises.
6. Referees
6.1 As part of our recruitment processes, we may ask successful candidates to provide details of individuals who we can contact to ask for a reference.
6.2 For those individual referees, we will hold contact details, correspondence relating to reference checks and a copy of any reference on the relevant personnel file for a reasonable period from the date that their employment or contract began.
6.3 The legal basis for processing personal data from individuals providing references is either consent or that it is necessary to protect our legitimate business interests and, in some cases, to comply with our legal and regulatory obligations.
7. Other individuals
7.1 In the course of delivering legal services to our clients, or otherwise operating our business, we collect information relating to individuals who do not fall into any of the categories listed above. For example you may be an individual who has contacted us for information.
7.2 The information collected depends on which area of our business is responsible for the processing, but may include:
(a) your name and contact information, including address, email address and telephone number(s).
(b) Information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin.
(c) your gender information.
(d) your billing information, transaction and payment card information.
(e) information about your business(es) or employment.
(f) details of your assets and financial position.
7.3 Such processing is necessary in order to protect our legitimate business interests, deliver a proper standard of service to our clients and to comply with our legal and regulatory obligations.
7.4 Sometimes we share information with selected third parties if necessary to comply with our legal and regulatory obligations. For instance, we may as part of customer due diligence and fraud prevention measures carry out identity or screening checks in respect of third parties and require information regarding their financial circumstances.
7.5 In the vast majority of cases such information will be collected as part of a client matter and the information will therefore be held in accordance with the retention period that applies to that area of law.
7.6 We will also, where practical, make efforts to redact and anonymise data where it is not necessary for individuals to be identified as part of any processing activities.
These privacy notices were last reviewed and updated on 17th December 2024