Privacy Policy
Privacy Notice for John Ross & Son Solicitors LLP

We want you to know that when you use our organisation you can trust us with your information. We are determined to do nothing which would infringe your rights or undermine your trust. This Privacy Notice describes the information we collect about you, how it is used and shared and your rights regarding it.
Data Controller
We are registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that we hold and process. Our registered address is 30 Frances Street, Newtownards, BT23 7DN, our registration number is ZA218160.. Our Data Protection Officer can be contacted at our registered office.
Data Collection
The vast majority of the information that we hold about you is provided to us by yourself when you seek to use our services. We will tell you why we need the information and how we will use it.
Our Lawful Basis for processing your information 
The General Data Protection Regulation (GDPR) requires all organisations that process personal data to have a Lawful Basis for doing so. The Lawful Bases identified in the GDPR are:
• Consent of the data subject 
• Performance of a contract with the data subject or to take steps to enter into a contract
• Compliance with a legal obligation
• To protect the vital interests of a data subject or another person
• Performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
• The legitimate interest of ourselves, or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
Examples of legitimate interests include:
• Where the data subject is a client or in the service of the controller;
• Transmission within a group of undertakings for internal administrative purposes;
• Processing necessary to ensure network and information security, including preventing unauthorised access;
• Processing for direct marketing purposes, or to prevent fraud;
• Reporting possible criminal acts or threats to public security.
Our Lawful Basis is for the supply and provision of legal services and our Legitimate Interest is as legal advisers.
We use your information to:
• To carry out our obligations arising from any contracts entered into between you and us and to provide you with the legal information, products and services that you request from us;
• To provide services and information.
• Process or support payments for services.
• Comply with our statutory obligations.
• To provide you with information about other services we offer that are similar to those that you have already purchased or inquired about; You may opt out of receiving emails and other marketing messages from us by notifying us at office@john-ross.co.uk.
• To notify you about changes to our service;
We do not use automated decision-making in the processing of your personal data.

Examples of information we collect:
We collect and process both personal data and special categories of personal data as defined in the GDPR. This includes but is not limited to:

Customer/client data
Name, email, phone number, address, photographic ID; payment or bank details, Date of Birth, national Insurance number, location details, health records.

Employee Data
Name, email, phone number, address, payment or bank details, Date of birth, Family & next of kin details, national insurance number, health information.

We may share your personal data with:
• Barristers, expert witnesses, other parties to proceedings;
• Our legal advisers in the event of a dispute or other legal matter;
• Law enforcement officials, government authorities or other third parties to meet our legal obligations;
• In connection with or during negotiations of any merger, sale of partnership or acquisition of some or all of our business by another firm;
• Any other party where we ask you and you consent to the sharing.
• Third party suppliers engaged by us for the effective management of the business

Transfers to third countries and international organisations
We may transfer personal data to third countries or international organisations using identified safeguards when required to do so to carry out our obligations as identified herein. We will ensure that we have satisfied ourselves that such transferred data is fully protected and safeguarded as required by the GDPR.

We retain your personal data while you remain a client/employee unless you ask us to delete it. Our Retention and Disposal Policy (copy available on request) details how long we hold data for and how we dispose of it when it no longer needs to be held. We will delete or anonymise your information at your request unless:
• There is an unresolved issue, such as a claim or dispute:
• We are legally required to retain it;
• We are required to in compliance with guidance issued by our regulatory body, the Law Society of Northern Ireland
• There are overriding legitimate business interest, including but not limited to fraud prevention and protecting clients’/employees’ safety and security.

Your Rights
The General Data Protection Regulation gives you specific rights around your personal data. For example, you have to be informed about the information we hold and what we use it for, you can ask for a copy of the personal information we hold about you, you can ask us to correct any inaccuracies with the personal data we hold, you can ask us to stop sending you direct mail, or emails, or in some circumstances ask us to stop processing your details. Finally, if we do something irregular or improper with your personal data you can seek compensation for any distress you are caused or loss you have incurred. You can find out more information form the Information Commissioner’s website and this is the organisation that you can complain to if you are unhappy with how we deal with you.

Accessing and Correcting Your Information
We are committed to ensuring that your personal information is kept accurate and up to date. However, we can only make changes to your personal information if you notify us. It is your responsibility to let us know if there are inaccuracies or changes to your personal data. You may request access to, correction of or a copy of your information by contacting us by email at office@john-ross.co.uk.

Cookies
Cookies are small text files that are stored on your browser or device by websites, apps, online media, and advertisements. We use cookies to:

• To administer our site, to improve it and to ensure that content is presented in the most effective manner for you and your computer, tablet or mobile device;
• As part of our efforts to keep our site safe and secure;
• To measure or understand the effectiveness of advertising we provide to you and others, and to deliver relevant advertising to you;
• To analyse site visits and trends:

We will occasionally update our Privacy Notice. When we make significant changes, we will notify you of these. We will also publish the updated Notice on our website.

Share by: