Alberto Pérez Cedillo Spanish Lawyers & Solicitors Limited (“the Firm”) is committed to safeguarding your personal information.

This Privacy Policy will inform you how we gather, store and use your personal data when you use our website, which are your privacy rights and how the legislation protects it.

Table of contents

1.      The purpose of this policy.

2.      Data protection principles.

3.      The type of personal information we collect.

4.      How we collect your personal information.

5.      Why we collect your personal information.

6.      How we use your personal information.

7.      Information about criminal convictions.

8.      Sharing your personal information.

9.      Data security.

10.  Retaining your information.

11.  Your data protection rights.

12.  Changes to this privacy policy.

1. The purpose of this policy

This privacy policy outlines how we gather, store and use your personal information in compliance with the applicable data protection regulation. It applies to clients, third parties and visitors to our website. It is not a part of any contractual obligation to provide services.

When you use our website, our Privacy Policy applies.

Alberto Pérez Cedillo Spanish Lawyers & Solicitors Limited is the ‘data controller’ for the personal information you share with us.

It is important that you read this privacy notice so that you are fully aware of how and why we are using your data.

2. Data protection principles

We shall act in accordance with data protection law, which require that any personal information we hold about you must comply with the following principles:

(a)   Processed lawfully, fairly and in a transparent manner.

(b)   Collected for specified, explicit and legitimate purposes and not used in ways that do not align with those purposes.

(c)   Collection of personal data must be adequate, relevant and limited to those purposes.

(d)   Accurate and, where necessary, kept up to date.

(e)   Store personal data as long as necessary for the reasons it was collected.

(f)    Process personal data securely to protect its integrity and confidentiality.

The Firm will maintain the confidentiality of your information unless legal or professional regulatory duties require its disclosure.

3. The type of personal information we collect

We may collect, store and use the following information about you:

·         Personal identifiable data such as first name, surname, title, gender and date of birth.  We may collect ‘special categories’ data such as your race or ethnic origin, religious beliefs, political opinions, sexual orientation, biometric data and information about your health, including any medical condition and medical records.

·         Contact data such as email address, telephone number and postal address.

·         Financial data such as bank account and card details.

·         Technical data such as your internet protocol (IP) address, browser type, location and operating system.

·         Usage data regarding how you use our website.

·         Communications data which includes your personal preferences in receiving information from us and our third parties.

·         Additional personal data obtained when instructed in a particular matter.

4. How we collect your personal information

We usually gather personal information about our clients when we receive their instructions or have been instructed on behalf of them. We also collect personal data from third parties related to those instructions. Throughout our representation of clients and general business management, we collect personal data. Specifically, we may gather information:

·         From publicly available sources such as Companies House.

·         From a third party such as:

–          financial institution or advisor

–          legal and other type of professionals, we may consult in relation to a matter

–          doctors and health professionals

·         Via the firm’s website in accordance with our Cookies Policy.

·         Through our information technology (IT) systems, including:

–          case management, document management and time recording systems.

·         As we initiate our business intake procedures while offering you legal assistance.

·         Your personal interactions with us, which may include in-person meetings, telephone calls, written correspondence, various forms of electronic communications and your use of our website.

5. Why we collect your personal information

The firm requires personal information from clients to provide the requested legal services. If you do not provide some personal information, we may not be able to act on your behalf or represent you.

6. How we use your personal information

Your personal information will exclusively be used for the purposes it was collected. Should there be a necessity to use your personal information for a different purpose, we will notify you and clarify the legal basis that permits this action. Be aware that there are circumstances where we might process your personal information without your awareness or consent if it is required in accordance with the law.

Your personal information may be used for the following purposes:

a) When it’s required for the performance of the contract agreement, we’ve entered into with you.

b)      To customize our services to better suit your specific needs.

c)      When compliance with legal obligations is required.

d) To interact with you and supply information about a specific service upon your request.

e) To prevent financial crimes, money laundering and terrorist financing before they occur.

f)       Where it is required for our legitimate interests (or the interests of a third party), as long as they do not override your interests and fundamental rights.

g)      Where it is necessary to protect your interests (or the interests of a third party).

h)      Where it is necessary to protect public interests.

i)       To send communications information we think you may be interested in.

‘Special category personal data’ require special justification for collecting, storing, and using this type of personal data. ‘Special category personal data’ will be used for the following reasons:

a)      In limited circumstances with your explicit written consent.

b)      Where it is necessary to fulfil our legal and regulatory obligations.

c)      When it is in the public interest.

d)      When it is essential for legal claims.

e)      While managing a complaint, claim, or legal proceedings on your behalf.

f)       To safeguard your legitimate interests (or those of a third party).

g)      If the information has been made public by you.

For more information, please consult the Information Commissioner’s Office (ICO) website at www.ico.org.uk

7. Information about criminal convictions

We may only use data concerning criminal convictions if permitted by the law or if you have explicitly consented to it. Such usage generally arises when it is necessary to carry out our legal and regulatory obligations.

We might occasionally process information regarding criminal convictions when it is necessary for legal claims or proceedings, to safeguard your interests (or those of a third party) when you are not able to give your consent, or if the information has been made public by you.

We will gather information regarding criminal convictions only when it is appropriate for the circumstances and when we are enabled legally.

8. Sharing your personal information.

We may need to disclose your personal data to external parties, including service providers. These third parties are obligated to uphold the confidentiality of your data and handle it in compliance with the law. Should your personal data be transferred outside the UK, we will ensure that it receives a similar level of security and protection. Any party receiving personal information will be subject to confidentiality obligations.

You may wonder why your personal data would be shared with external entities. We will only share your information with third parties if the law requires it, if it is essential to manage our business, or when we have a legitimate interest in taking this action.

Upon your request, we can provide you with information about the parties processing your data. We typically share personal data with:

• Professional advisers like barristers, medical professionals, accountants, and tax advisors whom we might consult or refer you to for expert advice.
• Other third parties necessary for executing your instructions, for example, Companies House, or HM Land Registry during property transactions.
• Our banks.

We permit our service providers to process your personal data exclusively when we are confident in their protective measures regards your data.

We may disclose and exchange information with law enforcement and regulatory authorities to adhere to our legal and regulatory obligations and for fraud prevention.

Our third-party service providers must implement appropriate security measures to safeguard your personal information according to our policies. We prohibit third party service providers from using your personal data for their own purposes. They are only authorized to process your personal data for specific purposes in accordance with our instructions.

Occasionally, it may be necessary to transfer your personal data to parties beyond the UK’s borders. In such cases, we will ensure that these countries offer an appropriate level of data protection, as required by UK GDPR standards.

9. Data security

We integrate security measures to safeguard your personal information. Only authorized third parties may process your data, strictly following our instructions and under obligations of confidentiality and security. Should a data breach occur, we have procedures in place to respond, and we will duly inform you and any relevant authorities as required by law.

We implement measures to ensure the security of your personal information, protecting it against unauthorized access, use, loss, alteration or disclosure.

10. Retaining your information

We will retain your personal information only whilst it is necessary for the purposes abovementioned. We assess diverse factors to determine how long to keep personal data, including the data’s volume, type, and sensitivity, the risk of harm from unauthorized disclosure, our processing purposes, and the applicable legal requirements.

We will retain your information to adhere to our legal obligations. Subsequently, your personal data will be securely discarded in accordance with our policies.

11. Your data protection rights

We acknowledge your rights regarding your personal data. These rights, which may be exercised at any time by contacting us at cedillo@apcedillo.com, include:

·         Accessing your data.

·         Correcting and updating your data.

·         Limiting how we use your data under specific conditions.

·         Asking for your data to be erased in certain situations.

·         Objecting to our use of your data, in some cases.

·         Withdrawing consent for data use.

·         Transferring your data elsewhere, in certain cases.

These rights are not exhaustive, and you can find further information from the ICO, which website details are mentioned above.

We may need to request specific information to verify your identity and ensure your right to exercise any of the mentioned rights. This security measure prevents the disclosure of your personal data to anyone not authorized to receive it.

12. Changes to this privacy policy

We reserve the right to modify this privacy policy at any time, and we will provide you with a new privacy policy whenever we make any substantial updates. Additionally, we may inform you through other means regarding the processing of your personal information.

Should you have any concerns regarding the confidentiality of your personal information, or if you need further details on how we handle your personal data, please get in touch with us.