Introduction

Hayes Connor Group helps victims of data breaches, online offences and personal injury to secure the justice they deserve. To do this, we offer legal services and support to private individuals and businesses across the UK. We do this as Hayes Connor Solicitors (data breach and cybercrime) and Hayes Connor Law (personal injury).

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed.

  • The Data Controller is Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ
  • We are registered on the Information Commissioner’s Office Register of Data Controllers under registration number ZA039803

Hayes Connor is committed to protecting and respecting your privacy and rights. As such, we observe UK data protection legislation. This Privacy Notice sets out the different ways in which we collect, manage, process, store and share information about you. It also provides information about how you can control the use of your data.

What information do we collect?

As a necessary part of our business, we collect and manage client and non-client data. We do this so that we can:

  • Administer our relationship with you and provide services
  • Respond to enquiries
  • Facilitate business development including sending legal updates
  • Process employment applications
  • Send requested information to you about our services and our subsidiaries
  • Ensure the billing of any services and obtain payment
  • Process and respond to any complaints
  • Meet the legal and other regulatory obligations imposed on us
  • Audit usage of our websites.

We also process sensitive classes of information that includes:

  • Physical or mental health details, and
  • Racial or ethnic origin.

We will seek your permission if we need to record any of your sensitive personal data on our systems.

How do we collect this information?

We collect this information in a number of different ways. For example:

  • You may provide this data to us online, over the telephone, or by letter. Where appropriate we may voice record our interactions with you. Should we do this, any information captured will automatically be stored, for training and monitoring purposes
  • When you visit our websites, cookies will be used to collect information about you. This could include your Internet Protocol (IP) address, the pages you viewed or searched for, etc. We do this so that we can measure the performance of our websites and make improvements
  • Cookies are also used to enhance this website’s functionality and personalisation, which includes sharing data with third party organisations. You can control this by adjusting your cookies settings.

How do we use your information?

We use the data collected from you for the specific purposes listed below. The following table includes the legal basis for processing your data and in what circumstances – if any – your data will be shared with a third-party organisation.

Purpose for processing data Legal basis Third-party organisations with whom data is shared
To administer our relationship with you, to provide services, and to respond to enquiries. To meet the requirements of a contract and provide you with requested information. None.
To bill for services and obtain payment. To meet the requirements of a contract. Government VAT and tax inspectors, external auditors, internal auditors.
To communicate with you about legal updates, news, and events that are relevant to your interests and in line with your preferences. Explicit consent will be sought prior to sending this information. None.
To provide support by telephone (includes recording conversations for monitoring and quality purposes). To fulfil contractual obligations before and during a contract. None.
To process and respond to complaints. To meet a legal obligation. None.
To monitor and record information relating to the use of our services and website. To meet a legitimate interest in order to improve the services and experience we provide. Web service providers and cookie providers.
To capture photographs and videos to be used in marketing and promotional material for our firm. Explicit consent will be sought prior to collecting and using this information. None.
To ensure our offices and stored information is secure. To meet the requirements of a contract. CCTV service providers.
To conduct HR administration including assessing suitability, eligibility and/or fitness to work. To fulfil contractual obligations before and during entering into a contract. Disclosure and Barring Service.

Hayes Connor is not aware of any valid reasons that would constitute a legitimate reason for objecting to the way we process or control your personal information. None of the information that we collect, process or store is transferred outside of the European Economic Area (EEA). This includes data that is exchanged with the third-party organisations described above.

Understanding your rights

Under current UK data protection legislation, you have the following rights regarding the information we collect, process and store about you:

  • Right to be informed. This Privacy Notice, together with our Cookies Policy, fulfils our legal obligation to tell you about how we use your information
  • Right to access. You have the right to ask for a copy of any personal data that we hold about you. Except in exceptional circumstances (which we will discuss with you), we will provide this information free of charge. We will send you a copy of this information within 30 days of your request. To make Subject Access Request, please write to our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ
  • Right to rectification. If any of the information that we hold about you is inaccurate, you can contact us on 0330 995 0070 or contact our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ or via email at enquiries@hayesconnor.co.uk
  • Right to be forgotten. You can ask that we erase all the personal information we hold about you. Where it is appropriate your request will be fully actioned within 30 days. For further information, please contact our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ or via email at enquiries@hayesconnor.co.uk
  • Right to object. You have the right to object to withdraw your consent for any purpose listed above for which consent is identified as the lawful basis for processing. You can do this at any time. However, we have the right to the continued use of your data for any purpose listed above for which the lawful basis of processing is that it has been deemed legitimate.
  • Right to restrict processing. You can ask us to restrict the use of your data for any of the following reasons. To do this, please contact our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ or via email at enquiries@hayesconnor.co.uk
    • You think it is inaccurate but this will take time to validate
    • You believe our data processing is unlawful but you do not want your data erased
    • You want us to retain your data in order to establish a legal claim
    • You have objected to the processing of your data, but we have yet to conclude whether this is appropriate
  • Right to data portability. If you want to move, copy or transfer the electronic personal data that we hold about you to another organisation, please contact our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ or via email at enquiries@hayesconnor.co.uk
  • Rights related to automated decision-making. If you want to object to automated decision making without any individual involvement, and to the profiling of your data, please contact our Group Data Protection Officer at Hayes Connor, Suite 5.5 St Hugh’s House, Stanley Road, Bootle, L20 3QQ or via email at enquiries@hayesconnor.co.uk.

How long do we retain your information for?

Hayes Connor typically retains information for a period of seven years. This is due to regulatory reasons and ensures that our business records maintain the necessary levels of insurance to protect our clients and non-clients.

Data privacy and security

At Hayes Connor, we seek to protect the availability, confidentiality and integrity of all our data. As such, we make data protection a crucial consideration of all new and existing IT systems. Where any concerns, risks or issues are identified, we conduct impact assessments to determine any actions that are necessary to ensure the required privacy levels are maintained.

This helps us to:

  • Protect against confidentiality breaches
  • Protect against damage, loss and misuse
  • Ensure everyone within our business has an awareness and understanding of the requirements of information security; including their specific responsibilities
  • Ensure the optimum security of our websites.

General

Questions and comments regarding this Privacy Notice are welcomed, and should be sent to our Group Data Protection Officer at enquiries@hayesconnor.co.uk. Alternatively, you can write to our Group Data Protection Officer at Hayes Connor Suite 5.5 Stanley Road Liverpool L20 3QQ

You can also contact our Group Data Protection Officer if you have any concerns or complaints about the ways in which your personal data has been handled as a result of you using this website.

Alternatively, you have the right to lodge a complaint with the Information Commissioner’s Office who may be contacted at Wycliffe House, Water Lane, Wilmslow SK9 5AF or https://ico.org.uk.