Privacy Policy

We are committed to providing a high-quality legal service to our clients.

In this Privacy Policy the terms, ‘we’ or ‘us’ is North Star Law.

Your privacy is important to us and we are committed to keeping your information secure and managing it in accordance with our legal responsibilities under applicable data protection laws. We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZA126978.

Please read this Privacy Statement carefully as it contains important information to help you understand how and why we process any personal information that you give to us.

What Information We Collect

We process personal information which you give us:

As a client to provide you with legal services.
Whilst servicing your account by email, in writing or over the phone.
If you request information or assistance from us.

What personal information we process

This may include:

Personal details such as your date of birth, address, national insurance number, telephone number and email address.
Identity information such as your passport, driving licence, utility bills or national identity card.
Credit history and records relating to you, your partner or anyone else you are financially linked with (we obtain this information from credit reference and fraud prevention agencies).
Family, lifestyle, financial and social circumstances.
Financial details such as your income and information about your bank accounts.
Employment/self-employment details.

Special Categories of Personal Data

Special categories of personal data include information about an individual’s health and other categories of personal information which are closely protected.

We do not generally process such information unless you have voluntarily provided this to us, or it is relevant to the legal service you have asked us to provide you with. For example, where you have advised us of an issue, such as your health, which could mean that you may be classed as a “vulnerable client” i.e. due to your personal circumstances or personal characteristics you are particularly vulnerable to financial detriment. We will process sensitive information where you have provided this information to us and have agreed that we can use this information to deliver products and services to you. Where possible we shall seek to minimise the collection and use of such special categories of personal data.

How we use your Information

We use your information to:

Provide legal services to you.
Provide and service your relationship with us.
Comply with legal obligations for the prevention of financial crime and money laundering.

We will process your information to meet our contractual obligations to you, where we have a legitimate interest to do so, where we are permitted by law or to comply with applicable laws and regulation.

Providing a service and internal processing	Legal basis
To assess your needs and provide you with suitable products and services	Contractual obligation to provide you with, or a proposal including costs estimate Where special categories of personal data are processed, these are necessary to assess your needs
To service and administer your matter including billing and compliance with the Conveyancing Quality Scheme (‘CQS’)	Legitimate interests to provide and manage the service
To verify the identity of our clients	To comply with legal obligations to prevent money laundering
To confirm, update and improve our client records	To comply with legal obligations in the Data Protection legislation
To provide you with any information on the services that you have requested	To meet our contractual obligation to provide information on the services you have requested

Relationship management	Legal basis
To manage and develop our relationship with you	Legitimate interest to service your matter and improve our service to you
To inform you of products and services that may be of interest to you, where you have chosen to be made aware of this	With your consent

Training and development	Legal basis
For training purposes and to improve our service to you	Legitimate interests to improve our services and develop our employees

Complying with legal obligations	Legal basis
To prevent, investigate and prosecute crime, fraud and money laundering	To comply with legal obligations for prevention of financial crime and money laundering
For auditing purposes, including maintaining accreditations such as CQS	To comply with our legitimate interest to conduct audits
If we are obliged to disclose information by reason of any law, regulation, or court order	To comply with legal obligations

Other	Legal basis
To transfer information to any entity which may acquire rights in us	Legitimate interests for commercial interests
For any other purpose to which you agree	With your consent

How we retain your personal information

We will retain your personal information in accordance with applicable laws. We will take reasonable steps to destroy or anonymise personal information we no longer need for the purposes we have set out above.

Our retention periods are:

Type of personal Information	Retention period
General personal data which includes your normal personal data, personal identity and personal financial data	We obtain your consent to retain such documentation for the same duration as the file retention period, which vary depending on the type of matter (see this table for file retention periods below)
Client Due Diligence Material which includes copies of your Passport, Driver’s Licence, copies of electronic ID checks, Bank Statements and any associated documents and explanations you have given to us to prevent fraud, financial crime and money laundering	We obtain your consent to retain such documentation for the same duration as the file retention period, which will vary depending on the type of matter (see this table for file retention periods).
Special categories of personal data	6 years after the end of our relationship with you
Client files – property sale	7 years from date of closure of file
Client files – property purchase and mortgage	12 years from date of closure of file
Client files – leasehold and tenancy, including lease agreements, licence agreements, variations, surrenders, assignments, licences to assign/sublet/underlet, licences for alterations, tenancy agreements	Length of term plus 7 years
Client files – immigration	7 years from date of closure of file
Client files – business, including company/partnership, formation, insolvency	7 years from date of closure of file We may consider keeping for longer if there are complex issues
Client files – general litigation	7 years from date of closure of file Longer if the client is under a disability
Client files – wills and probate	Indefinitely (if keeping with a will or trust) or 21 years from date of closure of file unless superseeded by a new Will then only 6 years
Client files – trusts	6 years after the end of the trust period
Private client non-litigation advice, for example, employment, Lasting Powers of Attorney, change of name	7 years from date of closure of file

How we share your information

Where necessary or required we share information with:

Regulatory authorities to comply with our legal obligations.
Credit reference agencies to check your identity in accordance with our legal obligations.
Property search companies to identify any issues that might influence your decision to buy or sell a property.
Insurers for the purpose of providing you with appropriate financial cover for an identified insurable risk, or in connection with any claim made by you against us.
Property agents, brokers, lenders, other solicitors involved in your transaction representing other party(ies) in your matter to enable them and us to fulfil our obligations to you.
Other Government Departments such as HMRC, Companies House, Probate Registry, Court of Protection or HM Land Registry to fulfil your and our legal obligations.
HM Treasury:
- If you are purchasing a property through the Help to Buy ISA Scheme, HM Treasury will be the Data Controller of any relevant personal data that is given, via the Eligible Conveyancer, to HM Treasury and to the Administrator and / or any sub-contractor of HM Treasury or of the Administrator, for the purposes of the Help to Buy: ISA Scheme.
- The information will be disclosed to HM Treasury and the Administrator for the purposes of verifying the eligibility of a Help to Buy: ISA Bonus payment and payment of Bonus funds, carrying out audits of Eligible Conveyancers and any investigations or compliance work in accordance with the Scheme Rules.
- We serve your legitimate interests in disclosing your relevant personal data to HM Treasury, the Administrator and / or to any sub-contractor of HM Treasury for the purposes of verifying the eligibility of a Help to Buy, ISA Bonus payment and payment of Bonus funds; carrying out audits of Eligible Conveyancers; and any investigations or compliance work in accordance with the Scheme Rules.
Experts and Barristers required to work on your matter.
Our outsourced providers and third-party companies who provide us with services to help us function as a business such as our outsourced IT, cyber security and marketing companies.
Auditors and external assessment bodies to achieve and maintain any regulatory or Quality Assurance Standards and accreditations which meet our legal obligations and enable us to provide quality legal services to you.

Transferring personal data outside the European economic area (eea)

Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. We may therefore transfer the personal data we collect about you to the countries outside of the EEA e.g. India, USA and New Zealand in order to perform our contract with you. As there is not an adequacy decision by the European Commission in relation to India it will not be deemed to provide an adequate level of protection for your personal information for the purpose of the Data Protection Legislation. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield. Should you require further information about these protective measures, please contact us using the contact details outlined below

Information Security

We invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.

Updates

We will keep this Privacy Policy under review and make updates from time to time. Any minor changes to this Privacy Statement will be posted on this page and we will communicate any major changes to you.

Cookies

Our website uses cookies (including Google Analytics cookies to obtain an overall view of visitor habits and visitor volumes to our website).

Your Rights

You have the right to request copies of your personal information and where we have requested your permission to process your personal information, or you have provided us with information for the purposes of entering a contract with us, to receive the personal information you provided to us in a portable format, if technically feasible. If you think any of the personal information, we hold about you is inaccurate, you may also request it is corrected or erased. You also have a right, in certain circumstances, to object to our processing of your personal information, to require us to stop processing your personal information and/or to withdraw your agreement to processing based on ‘consent’, but this does not apply where we have other legal justifications to continue processing your data or an overriding legitimate interest.

In relation to all these rights, please contact us on the firms details below.

Complaints Process

If you have a complaint about how we have handled your personal information you may contact us using the details below and we will investigate your complaint. You also have the right to complain to the Information Commissioner’s Office – (www.ico.org.uk).

Contact Us

You can contact us by email at: [email protected]

Telephone queries can be made 0203 355 9610