PRIVACY POLICY

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

When we use your personal data, we are regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom), and we are responsible as ‘controller’ of that personal data for the purposes of the GDPR. Our use of your personal data is subject to your instructions, the GDPR, other relevant UK and EU legislation and our professional duty of confidentiality.

If you would like this policy in another format (for example audio, large print, braille) please contact us.

Contents

1.	Key terms
2.	Purpose of this policy
3.	Who are we and what do we do
4.	How to contact us
5.	What personal data we collect about you
6.	How we collect your personal data
7.	How and why, we use your personal data
8.	Who we share your personal data with
9.	Where your personal data is held
10.	Where do we transfer your data to
11.	How long do we keep your personal data
12.	Confidentiality and the security of your personal information
13.	How to access your information and your other rights
14.	Keeping your personal data secure
15.	Collection of information by third-party sites and sponsors
16.	Changes to this privacy policy
17.	How to complain

1.	Key terms

We, us, our	KD Law Limited trading as KD Law Solicitors and Notary Public.
Our data protection officer	Nasreen Kherdin.
Personal data	Any information relating to an identified or identifiable individual.
Special category personal data	Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, or trade union membership. Genetic and biometric data. Data concerning health, sex life or sexual orientation.
Services	Legal, notarial, or other services provided by KD Law.
Us/we	KD Law
Website	KD Law website – https://kd-law.co.uk

2.	Purpose of this policy

This Privacy Policy explains our approach to any personal information that we collect from you, or we have obtained about you from a third party, and the purposes for which we process your personal information. It also sets out your rights about processing of your personal information.

This Privacy Policy will inform you of the nature of your personal information that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it.

This Privacy Policy is intended to assist you in making informed decisions when using the website and our services and/or to understand how your personal information may be processed by us because of providing the services to third parties or when you apply to work at KD Law. Please take a moment to read and understand it.

Please also note that this Privacy Policy only applies to the use of your personal information obtained by us.

3.	Who are we and what do we do

KD law is a boutique law firm based in London, UK. We offer a range of services including family law; immigration law; debt recovery; wills & probate. We also offer a range of notarial services.

4.	How to contact us

Please contact us by post, email, or telephone if you have any questions about this privacy policy or the information, we hold about you.

Our contact details are:

KD Law, Mayfair Point, South Molton Street, London, W1K 5RG, UK.

+44 (0) 020 7409 5134

nasreen@kd-law.co.uk

https://kd-law.co.uk

5.	What personal data we collect about you

We may collect personal information from you during our business, including through your use of our website, when you contact or request information from us, when you engage our legal or other services or because of your relationship with one or more of our staff or clients.

Our primary goal in collecting personal information from you is to help us:

Verify your identity.
Deliver our services.
Improve, develop, and market new services.
Carry out requests made by you on our website or in relation to our services.
Investigate or settle enquiries or disputes.
Comply with any applicable law, court order, other judicial process, or the requirements of a regulator.
Enforce our agreements with you.
Protect the rights, property, or safety of us or third parties, including our other clients and users of our website or services.
Use as otherwise required or permitted by law.
To undertake these goals, we may process the following personal information:

If you are a visitor to the website:

Name and job title.
Contact information including the company you work for, email address and social media account where appropriate.
Demographic information such as your address, preferences, and interests.
Electronic contact details, eg your email address and mobile phone number.
Information relating to the matter in which you are seeking our advice or representation.
Areas or topics that interest you.

If you are an individual client or business in receipt of our services or prospective individual client or business:

Name and job title.
Contact information including the company you work for and email address, where provided.
Payment information.
Information that you provide to us as part of us providing the services to you, which depends on the nature of your instructions to KD Law.
Relevant information as required by Know Your Client and/or Anti-Money Laundering regulations and as part of our client intake procedures. This may include evidence of source of funds, at the outset of and from time to time throughout our relationship with clients, which we may request and/or obtain from third party sources.
Information you provide to us for the purposes of attending meetings and events, including dietary requirements which may reveal information about your health or religious beliefs.
Other information relevant to provision of services.

This is a non-exhaustive list which is reflective of the varied nature of the personal information processed as part of a law firm providing legal services.

This personal data is required to enable us to provide our service to you. If you do not provide personal data we ask for, it may delay or prevent us from providing services to you.

For clients and prospects, we also collect information to enable us to market our products and services which may be of interest to you. For this purpose, we collect:

Name and contact details.
Other business information such as job title and the company you work for.
Areas or topics that interest you.
Additional information may be collected such as events you attend and if you provide it to us, dietary preferences which may indicate data about your health or religious beliefs.
Additional information may be collected such as events you attend and if you provide it to us, dietary preferences which may indicate data about your health or religious beliefs.
Other information relevant to the provision of services

If you are a potential recruit to join KD Law:

Name and job title.
Contact information including email address.
Curriculum vitae, including your age and/or gender if you provide it to us, your education, employment history and similar matters and similar information that you may provide to us.
Other information relevant to potential recruitment to KD Law.

6.	How we collect your personal data

We collect most of this information from you directly. However, we may also collect information from:

Publicly accessible sources e.g Companies House or HM Land Registry.
Directly from a third party, e.g. sanctions screening providers; credit reference agencies; client due diligence providers.
Third parties with your consent, e.g. your bank or building society, another financial institution or advisor.
Consultants and other professionals we may engage in relation to your matter.
Your employer and/or trade union, professional body, or pension administrators.
Your doctor, medical and health professional(s).
Cookies on our website (for more information on cookies, please see our Cookies policy).
Our information technology (IT) systems, e.g. case management, document management and time recording systems.
Door entry systems and reception logs.
Automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email, and instant messaging systems.

7.	How and why, we use your personal data

Under data protection law, we can only use your personal data if we have a proper reason for doing so, eg:

To comply with our legal and regulatory obligations.
For the performance of our contract with you or to take steps at your request before entering into a contract.
For our legitimate interests or those of a third party or Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

When we may use your information

What is our legal basis

Fulfilment of Services

We collect and maintain personal information that you voluntarily submit to us during your use of the website and/or our services to enable us to perform the services. Please note also that our Terms of Business apply when we provide the services.

It is necessary for us to process your information to perform our obligations in accordance with any contract that we may have with you. It is in our legitimate interest or a third party’s legitimate interest to use your personal information in such a way to ensure that we provide the very best client service we can to you or others.

Client services

Our website uses various user interfaces to allow you to request information about our services including electronic enquiry forms and a telephone enquiry service. Contact information may be requested in each case, together with details of other personal information that is relevant to your service enquiry. This information is used to enable us to respond to your requests.

It is in our legitimate interest or a third party’s legitimate interest to use your personal information in such a way to ensure that we provide the very best client service we can to you or others.

Business administration and legal compliance

We use your personal information for the following business administration and legal compliance purposes:

to comply with our legal obligations (including any Know Your Client or Anti-Money Laundering or Anti-Bribery, conflicts or similar obligations including, but without limitation, maintaining regulatory insurance);

· to enforce our legal rights.
· to protect the rights of third parties; and
· in connection with a business transaction

such as a merger, or a restructuring, or sale.

Where we use your personal information in connection with a business transition, to enforce our legal rights, or to protect the rights of third parties it is in our or a third party’s legitimate interest to do so. For all other purposes described in this section, it is our legal obligation to use your personal information to comply with any legal obligations imposed upon us.

Recruitment

We use your personal information for the following recruitment purposes:

To assess your suitability for any position for which you may apply at KD Law whether such application has been received by us online, by email or by hard copy or an in-person application.

To review KD Law’s equal opportunity profile in line with applicable legislation to ensure that we do not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability, or any other basis covered by local legislation. All employment related decisions are made entirely on merit.

Where we use your personal information in connection with recruitment it will be in connection with us taking steps at your request to enter a contract, we may have with you, or it is in our legitimate interest to use personal information in such a way to ensure that we can make the best recruitment decisions for KD Law. We will not process any special category data except where we are able to do so under applicable legislation or with your explicit consent.

Marketing communications

We carry out the following marketing activities using your personal information:

· Postal marketing
· Email marketing

We use information that we observe about you from your interactions with our website, our email communications to you and/or with services to send you marketing communications.

It is in our legitimate interest to use your personal information for marketing purposes.

We will only send you marketing communications where you have consented to receive such marketing communications or where we have a legal right to do so.

Client insight and analysis

We may analyse your contact details with other personal information that we observe about you from your interactions with our website, our email communications to you and/or with our services such as the services you have viewed.

Where you have given your consent (where lawfully required), we use cookies, log files and other technologies to collect personal information from the computer hardware and software you use to access the Site, or from your mobile. This includes the following:

· an IP address to monitor website traffic and volume.
· a session ID to track usage statistics on our website.
· information regarding your personal or professional interests, demographics, experiences with our products and contact preferences.

Our web pages contain ‘cookies,’ ‘web beacons’ or ‘pixel tags’(‘Tags’). Tags allow us to track receipt of an email to you, to count users that have visited a web page or opened an email and collect other types of aggregate information. Once you click on an email that contains a Tag, your contact information may subsequently be cross-referenced to the source email and the relevant Tag. In some of our email messages, we may use a ‘click-through URL’ linked to certain website administered by us or on our behalf.

By using this information, we can measure the effectiveness of our content and how visitors use our website and our services. This allows us to learn what pages of our website are most attractive to our visitors, which parts of our website are the most interesting and what kind of offers our registered users like to see.

We also use this information for marketing purposes (see the marketing section above for further details.

Where your personal information is not in an anonymous form, it is in our legitimate interest to use your personal information in such a way to ensure that we provide the very best products and services to you and our other clients.

Any other purposes for which we wish to use your personal information that are not listed above, or any other changes we propose to make to the existing purposes will be notified to you using your contact details, where available.

The above table does not apply to special category personal data, which we will only process with your explicit consent.

8.	Who we share your personal data with

We routinely share personal data with:

Professional advisers who we instruct on your behalf or refer you to, eg barristers, medical professionals, accountants, tax advisors or other experts whether based her or in the EEA and out.
Other third parties where necessary to carry out your instructions e.g. mortgage providers; HM Land Registry; Companies House; the Police.
Credit reference agencies.
Our insurers and brokers.
External auditors, eg in relation to ISO or Lexcel accreditation and the audit of our accounts.
Our bank(s).
External service suppliers, representatives, and agents that we use to make our business more efficient, eg typing services, translators, interpreters, marketing agencies, document collation or analysis suppliers;
Bookkeeping and Accounts Software Providers.
Third party service providers to assist us with client insight analytics, such as Google Analytics.
Third party postal or courier providers who assist us in delivering our postal marketing campaigns to you, or delivering documents related to a matter.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers relating to ensure they can only use your personal data to provide services to us and to you.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

We will not share your personal data with any other third party without your express consent.

Please note this list is non-exhaustive and there may be other examples where we need to share with other parties to provide the Services as effectively as we can.

9.	Where your personal data is held

Information may be held at our offices and third-party agencies, service providers, representatives and agents as described above (see ‘Who we share your personal data with’).

Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below.

10.

Where do we transfer your data to

To deliver services to you, it is sometimes necessary for us to share your personal data outside the European Economic Area (EEA), eg:

With your and our service providers located outside the EEA.
If you are based outside the EEA.
Where there is an international dimension to the matter in which we are advising you.

These transfers are subject to special rules under European and UK data protection law.

The following countries to which we may transfer personal data have been assessed by the European Commission as providing an adequate level of protection for personal data:

Andorra

Argentina

Faroe Islands

Guernsey

Isle of Man

Israel

Jersey

New Zealand

Switzerland

Uruguay

Except for the countries listed above, or where countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all personal data will be secure.

If you would like further information, please contact us.

11.

How long do we keep your personal data

We will keep your personal data after we have finished advising or acting for you. We will do so for one of these reasons:

To respond to any questions, complaints or claims made by you or on your behalf.
To show that we treated you fairly.
To keep records required by law.

We will not retain your data for longer than necessary for the purposes set out in this policy.

Different retention periods apply for different types of data.

When it is no longer necessary to retain your personal data, we will delete it.

For visitors to the website, we will retain relevant personal information for at least three years from the date of our last interaction with you and in compliance with our obligations under the EU General Data Protection Regulation or similar legislation around the world, or for longer if we are required to do so according to our regulatory obligations or professional indemnity obligations.

For service provision to any client, we will retain relevant personal information for at least six years from the date of our last interaction with that client and in compliance with our obligations under the EU General Data Protection Regulation or similar legislation around the world, or for longer as we are required to do so according to our regulatory obligations or professional indemnity obligations. We may then destroy such files without further notice or liability.

If personal information is only useful for a short period e.g. for specific marketing campaigns, we may delete it.

12.

Confidentiality and the security of your personal information

We are committed to keeping the personal information provided to us secure and we have implemented appropriate information security policies, rules, and technical measures to protect the personal information that we have under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.

All of our partners, employees, consultants, workers and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of such personal information.

13.

How to access your information and your other rights

You have the following rights in relation to the personal information we hold about you:

Your right of access

If you ask us, we will confirm whether we are processing your personal information and, if necessary, provide you with a copy of that personal information (along with certain other details). If you require additional copies, we may need to charge a reasonable fee.

Your right to rectification

If the personal information we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified. If you are entitled to rectification and if we have shared your personal information with others, we will let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

Your right to erasure

You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to erasure and if we have shared your personal information with others, we will let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

Your right to restrict processing

You can ask us to block or suppress the processing of your personal information in certain circumstances, such as where you contest the accuracy of that personal information, or you object to us. If you are entitled to restriction and if we have shared your personal information with others, we will let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

Your right to data portability

You have the right, in certain circumstances, to obtain personal information you have provided us with and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

Your right to object

You can ask us to stop processing your personal information, and we will do so, if we are:

Relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing.
Processing your personal information for direct marketing purposes.

Your right to withdraw consent
If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time.

Your right to lodge a complaint with the Supervisory Authority

If you have a concern about any aspect of our privacy practices, including the way we have handled your personal information, you can report it to the relevant Supervisory Authority.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

Email, call or write to us – see below: ‘How to contact us.
Let us have enough information to identify you (eg your full name, address and client or matter reference number).
Let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill).
Let us know what right you want to exercise and the information to which your request relates.

14.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, used, or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach.

We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

You can find detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

15.

Collection of information by third-party sites and sponsors

The website contains links to other sites whose information practices may be different than ours. Visitors should consult the other sites’ privacy notices as KD Law has no control over information that is submitted to, or collected by, these third parties.

16.

Changes to this privacy policy

We may change this privacy policy from time to time.

It is your responsibility to regularly check this policy for any changes or updates.

Our website contains links to other websites. This Privacy policy applies only to this website so when you access links to other websites you should read their own privacy policies.

Through opting into our services, you consent to the use of the information you provide in that connection as set out in this privacy policy and you expressly consent to our using that information for the purpose given.

17.

How to complain

We hope that we can resolve any query or concern you may raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at:

Website: https://ico.org.uk/concerns

Telephone: 0303 123 1113.

PRIVACY POLICY

PRIVACY POLICY

Quick Links

Useful Links

Working Hours

Monday – Friday

09:30 am - 05:30 pm