Privacy Policy

Introduction

Welcome to the Kremers Privacy Notice, in compliance with the General Data Protection Regulations.

This Privacy Notice is based upon the Law Society’s GDPR Guidance, Checklists 1-12, dated April 2018.

Our firm respects your privacy and is committed to protecting your personal data.

This Privacy Notice informs you how we look after your personal data when you visit our website and tell you about your privacy rights generally, and how the law protects you.

Awareness (Checklist 1)

The firm is aware of the issues identified by the GDPR and has updated its Privacy Notice accordingly.

Information We Hold (Checklist 2)

Name and contact details of the firm and Data Protection Officer

Controller

Boris Kremer, of Kremers Solicitors Limited (collectively referred to as “Kremers”, “we”, “us”, or “our” in this Privacy Notice), is the controller and responsible for your personal data.

As the Data Protection Officer (DPR), Boris Kremer is also responsible for overseeing questions in relation to this Privacy Notice.

If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

Contact details

Our full details are:

  • Full name of legal entity: Kremers Solicitors Limited
  • Name and title of DPO: Boris Kremer, solicitor
  • Email address: boris AT kremers.co.uk
  • Telephone number: 0845 021 2222.

Purposes of data processing, description of categories of individuals and categories of personal data, and categories of recipients of personal data

To summarise, we seek to collect information about you to allow the following:

  • Manage our relationship with you, provide services and respond to enquiries
  • Deliver requested information to you about our services
  • Ensure the billing of any legal services and obtain payment
  • Process and respond to any complaints
  • Enable us to meet our legal obligations
  • Enable us to meet our regulatory obligations
  • Monitor the usage of our website.

The information that we need for these purposes is known as your “personal data”. This includes:

  • your name
  • your home address
  • your email address
  • your telephone and other contact numbers
  • your financial information.

We collect this in a number of different ways. For example, you may provide this data to us directly or over the telephone, or when corresponding with us by letter.

When you visit this website, our Google Analytics cookies will be used to collect information such as:

  • your internet protocol (IP) address
  • your browser type and version
  • your time zone setting and location
  • your browser plug-in types and versions
  • your operating system and platform.

These cookies do not enable us to identify individual users.

Google provides further information about Analytics. To prevent Google Analytics cookies being set, you may install the Google Analytics Opt-Out Browser Add-On. For general information about cookies visit: www.allaboutcookies.org.

On occasions, our cookies are used to analyse Aggregated Data, such as statistical or geographical useage, but this is not considered “personal data” in law, as this data can never directly or indirectly reveal your identity.

We do not collect any Special Categories of personal data about you, such as:

  • your race or ethnicity
  • your religious or philosophical beliefs
  • your sexual orientation
  • your political opinions
  • your health and genetic and biometric data
  • any criminal convictions and offences.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract. In that case, we may have to cancel a service you have with us, but we will give you reasonable notice.

We share the data collected from you for the following purposes, on the following legal bases, and with the following organisations:

Managing your claim

  • Legal basis: To meet the requirements of your contract for legal services
  • Data shared with: Medical experts, external switchboard, counsel, interpreters (where required).

Billing and payment

  • Legal basis: To meet the requirements of your contract for legal services
  • Data shared with: Government VAT and tax inspectors, external auditors.

Dealing with complaints

  • Legal basis: To meet the requirements of your contract for legal services
  • Data shared with: Legal Ombudsman, if complaint not resolved internally.

Photographs

  • Legal basis: Marketing and promotional material for the firm, including our website, subject to your consent
  • Data shared with: Website visitors.

Communicating privacy information (Checklist 3)

In compliance with GDPR, the firm’s client care letter draws attention to this Privacy Notice.

Individual’s rights (Checklist 4)

Under the GDPR, you have the following rights:

Right To Be Informed
This Privacy Notice fulfils our obligation to tell you about the ways in which we use your information.

Right To Access
You have the right to ask us for a copy of any personal data that we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost. We will send you a copy of the information within 30 days of your request. To make Subject Access Request, see below.

Right To Rectification

If any of the information that we hold about you is inaccurate, you can either:

  • Telephone us on 0845 021 2222
  • Write to us at Cottes Way House, 8 Cottes Way, Hill Head, Fareham PO14 3NE
  • Email us at boris AT kremers.co.uk.

Right To Be Forgotten
From 25 May 2018, you can ask that we erase all personal information that we hold about you. That said, for insurance purposes we must retain your file for 7 years after case conclusion.

Right To Object
You have the right to object to the continued use of your data for any purpose listed above for which consent is identified as the lawful basis for processing i.e. you have the right to withdraw your consent at any time.

Right To Restrict Processing

If you wish us to restrict the use of your data because:

  • you think it is inaccurate but this will take time to validate
  • you believe our data processing is unlawful but you do not want your data erased
  • you want us to retain your data in order to establish, exercise or defend a legal claim
  • you wish to object to the processing of your data, but we have yet to determine whether this is appropriate,

please contact us as above.

Right To Data Portability
If you would like to move, copy or transfer the electronic personal data that we hold about you to another organisation, please contact us as above.

Rights Related To Automated Decision Making
Our firm does not undertake automated decision making.

Subject access requests (Checklist 5)

As stated above, you have the right to ask us for a copy of any personal data that we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost. We will send you a copy of the information within 30 days of your request.

To make a Subject Access Request, please contact us as follows:

  • Telephone us on 0845 021 2222
  • Write to us at Cottes Way House, 8 Cottes Way, Hill Head, Fareham PO14 3NE
  • Email us at boris AT kremers.co.uk.

Lawful basis for processing personal data (Checklist 6)

Under the GDPR, there are 6 lawful bases, as follows:

  • Consent
  • Performance of a contract
  • Compliance with a legal obligation
  • The vital interests of the data subject
  • The legitimate interests of the data controller
  • Public interest or exercise of official authority.

As stated above, for processing personal injury claims, our lawful basis for processing your personal data is the performance of a contract.

Consent (Checklist 7)

To process your data, this firm relies upon the performance of a contract.

Children (Checklist 8)

This firm does not act for children.

Data breaches (Checklist 9)

The firm undertakes regular backups of all personal data, to minimise the risk of data loss.

Any data breaches will be notified to the Information Commissioner within 72 hours

Data protection by design (Checklist 10)

Under the GDPR, data protection by design requires the following:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We typically retain information for a period of 7 years. This is due to regulatory reasons and to ensure our business records are adequate to maintain the requisite levels of insurance to protect our clients.

A data protection impact assessment is not required in the case of an individual lawyer or healthcare professional.

Data protection officers (Checklist 11)

As a sole practitioner, Boris Kremer is the data protection officer.

International (Checklist 12)

The firm does not undertake any cross border processing.

**********

• Back to home page •