Privacy

Privacy

 

USE OF WEBSITE PRIVACY NOTICE

 

Keeping your information safe and secure

 

We are committed to keeping personal information safe and confidential. If you apply for a product or service we will use your personal data in accordance with the consents that you give us when you apply.

 

Disclosures

 

We will not disclose your information to other parties and can assure you that the information given will only be used for internal purposes.

 

Cookies

A cookie is an information file that we store on your computer. The cookie records information such as, how often and at what times you visit the website.

Your browser will allow you to disable cookies. However, if you do disable cookies you may find that your use of the site is impaired. If you wish to disable cookies, please follow these steps:

 

Microsoft Internet Explorer

 

1.  Select Tools

2.  Select Internet Options

3.  Select the Privacy tab and choose Advanced Options button

4.  Check the Override Automatic Cookie Handling tick box

5.  Disable the First Party cookies by choosing the Block option

6.  Disable the Third Party cookies by choosing the Block option

7.  Uncheck the option to 'Always allow session cookies'

8.  Select OK to confirm changes

 

Site tracking information

 

We use independent companies to measure and analyse how people use this site. We collate information like the number of pages viewed on the site, the number of visitors and common ways of arriving at or leaving the site. Doing this enables us to keep our content and navigation fresh and useful.

 

This generic, non-personal information is collated using cookies. We do not and will not link any information collected with any personal information collected about you on the website.

The Law At Work website is committed to improving the service and information we are able to provide our users. We are therefore continually seeking ways of improving and upgrading the website. With this in mind, we reserve the right to change the way this site operates and how we process information. However, we will continue to respect the privacy and preferences of all users.

 

Live chat

 

We use live chat software on our website, this is provided by Click4Assistance, a third party UK based Software Company. Information regarding how the data is processed and stored can be viewed here.

 

 

LAWMAIL AND MARKETING PRIVACY NOTICE

 

Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times. Law At Work will ensure that data is always processed in accordance with the provisions of relevant data protection legislation, including the General Data Protection Regulation (GDPR).

 

Purpose of data processing

 

If you have been contacted by us or received marketing communications or LAWmail updates from us, the purpose of our use of your information is to tell you about our services and keep you up to date with relevant developments in the fields of HR, Employment Law and Health and Safety. This privacy notice sets out how we use your information and details your rights under applicable data protection laws. If your organisation is a client of Law At Work, we may use your personal data for other purposes relating to the performance of our contract with the organisation. You should refer to the terms of the contract for further details.

 

Fair and lawful processing of data

 

In processing personal data, the following principles will be adhered to. Personal data will be:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that are clearly explained and not used in any way that is incompatible with those purposes;
  • Relevant to specific purposes and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the specified purposes; and
  • Kept securely.

 

Personal information (including sensitive personal data) will only be processed when we have a lawful basis for doing so. No personal data provided to us will be the subject of automated decision making. We believe we have a legitimate interest in processing data for the purposes set out above. However, should you wish us to stop contacting you, you can tell us at any time. To do so, you can “opt out” by clicking the clearly labelled link in our email communications. Alternatively, you can contact our administration department at LAW, Kintyre House, 205 West George Street, Glasgow G2 2LW, by email at info@lawatwork.co.uk or by telephone at 0141 271 5555.

 

Storage of data

 

Data will be stored securely within Law At Work’s IT system. We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

 

Data sharing

 

Data will be shared internally only with those personnel who require to access it for the purposes stated above. The data will also be sent to a digital marketing company for the limited purpose of administering our mailing lists and for no other purpose. We require external third-party processors to adhere to high standards of data security when processing your personal data.

 

Data retention

 

Law At Work will retain data subjects’ personal information when it is necessary to do so and only for as long as required to fulfil the purposes it was collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will retain your data and use it for the purpose of marketing communications or sending you LAWmail or unless and until you opt out of receiving such contact. Thereafter we will retain your data in order to add you to a “do not contact” list so that you do not receive any further communication from us.

 

Your rights

 

Law At Work will conduct regular reviews of the information held by it to ensure the relevancy of the information it holds. If you have concerns about the accuracy of personal data held by Law At Work, you should contact us immediately to request an amendment to the data. We have put in place procedures to deal with any data security breach and will, as soon as reasonably practicable, notify you and any applicable regulator of a suspected breach where legally required to do so.

You have the right to access personal data and to request its erasure, rectification or transfer. You also have the right to object to processing, automated decision making or request that processing is restricted. If you are dissatisfied by the way in which we process your data, you are entitled to make a complaint to the Office of the Information Commissioner at any time.

 

 

CLIENT DATA PRIVACY NOTICE

 

Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times. Law At Work will ensure that data is always processed in accordance with the provisions of relevant data protection legislation, including the General Data Protection Regulation (GDPR).

 

Law At Work requires you to provide the personal data of the people you wish to be authorised users of our services in order for us to fulfil our contract with you. In addition, it may be necessary for you to disclose personal data (including sensitive or “special category” data) about your employees, workers, contractors, volunteers, interns, directors, board members, job applicants, clients, customers and suppliers (collectively “your staff”) as part of our delivery of services. 

Data Processing Activity 

 

Fair processing of data

 

In processing personal data, the following principles will be adhered to. Personal data will be:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that are clearly explained and not used in any way that is incompatible with those purposes;
  • Relevant to specific purposes and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the specified purposes; and
  • Kept securely.

 

Personal information (including sensitive personal data) will only be processed when there is a lawful basis for doing so and only on your instructions. No personal data provided to us will be the subject of automated decision making. The specific lawful bases on which we will process information you give to us are set out in the table below. 

 

Lawful processing of data

 

It is your responsibility as Data Controller to advise your staff that their data may be transferred to third party processors such as Law At Work and to seek any necessary consent in respect of that processing. 

 

Please be aware that we will add the personal data of authorised users to our mailing list so we can send newsletters, updates and invitations to seminars or other events by phone, letter or e-mail. This is part of our contractual commitment to ensure that your authorised users are kept up to date with relevant developments in the fields of HR, Employment Law and Health and Safety. We also believe that we have a legitimate interest in contacting you for this purpose, both during the currency of your contract with us and thereafter.

 

However, should any authorised user wish to stop receiving such information from us they can ask us to remove their details from our mailing list at any time. To do so, they can “opt out” by clicking the clearly labelled link in our email communications. Alternatively, they can contact our administration department at LAW, Kintyre House, 205 West George Street, Glasgow G2 2LW, by email at info@lawatwork.co.ukor by telephone at 0141 271 5555.

 

Collection and retention of data

 

Law At Work will collect personal information about authorised users and other contacts within your organisation at the outset of our relationship and any time you tell us to add new authorised users during the currency of our contract. We will also collect personal data of your staff as and when you disclose it to us while we are providing you with advice or other services under this contract. 

 

Law At Work will retain data subjects’ personal information when it is necessary to do so and only for as long as required to fulfil the purpose(s) it was collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of personal information are set out in the table below. 

 

When determining the appropriate retention period for personal data, Law At Work will consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which the personal data is processed, whether Law At Work can achieve those purposes through other means, and the applicable legal requirements. 

 

On termination of our contract with you, you may request that we delete personal data or return it to you. We will do so without delay unless there is a lawful basis for us to continue to process it. Otherwise, we will securely destroy data subjects’ personal information after the relevant data retention period has expired.

 

Data security and sharing

 

Law At Work has put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Security measures include password protection, IT encryption and access controls. Access to personal information of your staff and authorised users is limited to those employees, contractors and interns of Law At Work who have a business need to know. They will only process personal information on Law At Work’s instructions and are subject to a duty of confidentiality. We require staff to handle personal data lawfully to take steps to safeguard personal data.

 

We will share personal data with third parties where it is necessary to administer our contract with you and where we have your general or express authority to do so, unless we are required by law to share the data without your authority. Where data is shared to a third party sub-processor we will contractually require the sub-processor to respect the security of data subject data and to treat it in accordance with the law. Third parties with whom we may share data with your general authority under the terms of this contract include:

  • Employment Practices Liability Insurer (currently AIG);
  • Legal counsel (for the purposes of obtaining a legal opinion or legal representation);
  • Advice, Conciliation and Arbitration Service (Acas);
  • Office of the employment tribunal;
  • Legal representatives of a claimant or prospective claimant; and
  • Tribunal witnesses (including expert witnesses).

 

Personal data of client contacts and authorised users will also be sent to a digital marketing company for the limited purpose of administering our mailing lists and for no other purpose. Where there is a significant change to the identity of any sub-processor, we will tell you and allow you to object before we share any personal data.

 

Your rights and obligations

 

Law At Work will conduct regular reviews of the information held by it to ensure the relevancy of the information it holds. You are under a duty to inform Law At Work of any changes to lists of authorised users and any changes to personal information held about your staff. If you have concerns about the accuracy of personal data held by Law At Work, you should contact us immediately to request an amendment to the data.

 

You should also contact us if any data subject (including contacts, authorised users and other members of your staff) indicates that they to exercise rights in respect of personal data we hold, including the right to: 

  • Request access to personal information;
  • Request erasure of personal information;
  • Object to processing of personal information;
  • Request the restriction of processing of personal information; and 
  • Request the transfer of personal information to another party.

 

Depending on the nature of the request, Law At Work may have good grounds for refusing to comply with a request. If that is the case, we will provide an explanation. If we receive any direct request to exercise rights in respect of personal data we process on your behalf, we will notify you before we respond to the request.

 

Our rights and obligations

 

Law At Work undertakes to assist you in meeting your obligations under data protection legislation in relation to the security of processing, notification of data protection breaches and data protection impact assessments. We have put in place procedures to deal with any data secuiryt breach, and will, as soon as reasonably practicable, notify you, the data subject(s) and any applicable regulator of a suspected breach where legally required to do so. 

 

We will also assist you in providing subject access and allowing data subjects to exercise their rights in respect of the personal data we hold. This assistance will extend to submitting to audits and inspections and providing information you require to satisfy your obligations. We undertake to tell you if we are asked to do anything which would infringe data protection legislation. Law At Work will have regard to the principles of this policy and relevant legislation when designing or implementing new systems or processes. 

 

Nothing in this policy relieves Law At Work of its own responsibilities and liabilities under applicable data protection legislation. Law At Work has nominated the following members of staff as key contacts for the purposes of data protection compliance:

  • Heather Maclean, Senior Employment Solicitor, Law At Work Limited, Kintyre House, 205 West George Street, Glasgow, G2 2LW, heather.maclean@lawatwork.co.uk, 0141 271 5572;
  • Margaret Anne Clark, Head of Employment Law, Kintyre House, 205 West George Street, Glasgow, G2 2LW, margaret.clark@lawatwork.co.uk, 0141 271 5572; and
  • Susie Lockhart, Senior Employment Solicitor, Law At Work Limited, Empire House, 117 Grandholm Drive, Bridge of Don, Aberdeen, AB22 8AE, susie.lockhart@lawatwork.co.uk, 01224 001 711.

 

If you have any questions about this policy or how Law At Work handles personal information, you can contact any of the above staff members. You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.