Watson & Lyall Bowie ("we", "us, "our") respects your privacy and are committed to protecting your personal data. This Privacy notice sets out the ways in which we collect and use your personal data. It also explains what rights you have to access or change your personal data.
Watson & Lyall Bowie is a partnership having our place of business at Union Bank Building, Coupar Angus PH13 9AJ and regulated by the Law Society of Scotland.
You can contact us at the above address, addressing any request to the Data Protection Officer. You can also reach us by email at email@example.com.
How we collect your personal data
We are a full service law firm and collect data from a wide range of sources.
We may collect data from you directly. Where you are a client or prospective client, we may also collect data from representatives or people who are providing you with other services.
We collect data from the following sources:
- From you or your representatives directly where you contact us in writing, by email, in person, by telephone, at meetings with us or by any other method, we will collect data directly from you.
- From relatives, agents or third parties where you may be involved in a matter we are instructed in for example as a beneficiary, trustee, buyer, seller, debtor, defender, pursuer, witness, employee or employer.
- From other organisations which have referred you to us, for example, other solicitors, accountants, financial advisers, insurance companies, financial institutions.
- From your doctor or other health service provider.
- Online public sources or registers such as Companies House.
- Where you apply for a position with us, we may receive information about you from a recruitment agent, your current and/or former employers and/or referees.
- Providers of identity verification and compliance services.
What personal data do we collect
|Data Type||Information Collected|
|Contact Data||Name, postal address, email address, phone numbers, occupation and your relationship to other persons.|
|Identity Data||Date of birth, photograph, passport number, driving licence number and other identity evidence as required to meet our regulatory obligations.|
|Special Category Data:-
race, ethnic origin, politics, religion,
trade union membership, genetic,
biometric, sex, life, sexual orientation
|This information is not routinely collected but may be needed for certain types of legal work (employment, family, litigation).|
|Health & Medical Information||This information will be needed for certain types of legal work personal injury claims, employment, matrimonial, elderlycare, vulnerable clients (for those arranging power of attorney) and other forms of dispute resolution.|
|Criminal History Data||This type of personal information may be processed in relation to litigation cases, employment, matrimonial and other cases.|
|Financial Data||Information about your financial affairs, assets and liabilities may be required if it is relevant to matters upon which you wish us to advise you or to enable us to comply with our regulatory obligations relating to anti-money laundering.|
|Personal Informationc ontained in correspondence||Copies of letters, emails received or sent by us, and information you have provided to us in letters, emails, texts and audio recordings taken in relation to personal injury matters. We may also keep notes and records of matters we discuss or advise upon.|
|Payment Details||In order to pay and transmit funds in the course of client transactions or collection of our own fees. We adhere to PCI-DSS standards and do not store credit or debit card details.|
|Recruitment Information (including special category data)||CVs and covering letters Completed application forms which may include contact details, career history, qualifications and skills. Information communicated in job interviews or through our recruitment processes.|
How we use your personal data
We will use your information for the purposes listed below on the basis of:
- Your consent (where we request it);
- Where we need to comply with our legal obligations or to perform a contract with you; or our legitimate interests.
- Our legitimate interests.
|Purpose||Basis or Processing|
|To communicate with you regarding your instructions, questions, concerns or complaints and to provide you with legal advice and other information where you are a client.||Performance of Contract/Legitimate interests.|
|Sharing information with other professionals (advocates, expert witnesses, accountants, medical professionals, other solicitors acting as local agents etc)||Performance of Contract (where necessary to ensure appropriate representation or information-gathering) Legitimate interests (where appropriate to provide the most cost-effective service)|
|To prevent financial crime:-
comply with our legal obligations to prevent financial crime including money laundering under Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017
|Compliance with Law
Legitimate interests in ensuring our business is run in compliance with the law.
|Record Keeping||Legitimate Interests|
|Debt recovery – we may give your personal data to and receive personal information from third parties where necessary to recover debts due by you to us, for example Sheriff Officers||Legitimate interests|
|IT and Security - we may use personal data to administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting data)||Legitimate Interests|
|Recruitment – We will use the personal information we collect about you to; assess your skills, qualifications, and suitability for the role; carry out background and reference checks where applicable; communicate with you about the recruitment process; keep records related to our hiring processes; comply with legal or regulatory requirements, make decisions on your suitability for shortlisting for interview, interview and offer of the role.||Consent|
Where we store your personal data and information security
We take appropriate technical and organisational measures to secure your personal information and protect it against unauthorised or unlawful processing as well as against its accidental loss or destruction or damage. Some of these measures include:
- Using secure servers to store your personal data.
- Verifying the identity of individuals that access your personal data.
- Regular review of our Information Security policies and procedures.
- Utilising a number of anti-virus and anti-malware systems at the gateway, on email and on endpoints to protect against cyber threats and encryption technologies to protect personal data where appropriate.
Unfortunately the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, our firm cannot guarantee the security of your personal information transmitted.
Once we have received your personal data, we will use strict procedures and security features as outlined to try to prevent unauthorised access to your personal data. As above, we cannot be held responsible for the security of your personal data collected by websites that our site may link to. Such third parties shall have their own privacy notices and you should read these carefully.
Sharing personal data
If we share personal information with external third parties, we shall keep this to a minimum and take reasonable steps to ensure that recipients shall only process the disclosed data for those purposes and in accordance with our instructions.
In the course of certain types of work, we may be required to share your personal information with advocates, other solicitors, expert witnesses and other professional persons who may be controllers of that data. We may also require to instruct local agents to handle certain court-based activities from time to time for reasons of cost-effectiveness and efficiency.
We will not transfer your personal data to anyone else without your permission, except:
- Where we are obliged by law or regulatory obligations.
- Where we are required to share your information with any external third parties who provide services to us.
- Where some or all of our assets are purchased by a third party.
We will never sell your information or disclose it for direct marketing purposes.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes.
The types of organisations/groups that we may share personal data with are set out below:
- Service providers.
- Financial organisations.
- Government departments.
- The Courts.
- Other professional advisers and consultants.
- Regulatory authorities.
We do not transfer your personal data outside the European Economic Area (EEA) unless you provide us with specific consent to do so.
How long we will keep your personal data for
We do not hold information for longer than is necessary. We have an internal records retention policy which sets out the periods and rules for retaining and reviewing all data that we hold. This sets out different retention periods depending upon the nature of the information. In some cases the Law Society, which regulates us, recommends minimum periods of record retention and we comply with those. This can be made available on request.
Changes in personal information
It is important that the personal data we hold about you is accurate and up-to-date. Please keep us informed if your personal information changes during your working relationship with us.
Questions and concerns
If you have any questions or concerns on how we collect, handle, store or secure your personal data, please contact our Data Protection Officer by email at firstname.lastname@example.org or by post to the Data Protection Officer, Watson & Lyall Bowie, Union Bank Building, Calton Street, Coupar Angus PH13 9AJ.
You have the right to lodge a complaint with the information Commissioners Office (ICO) if you think we have infringed your rights. The ICO's contact details are as follows:-
Information Commissioner's Office
Tel. 0303 123 1113
You have various rights under data protection law. As an individual you have the following rights:
|Right to be informed||This Privacy Notice provides you with the details as to how we collect and use your personal data.|
|Right to access||You have a right to request access to the personal data we hold about you by making a "subject access request". You will be provided with a copy of all personal information that we hold about you.|
|Right of rectification||You have a right to request that we correct or complete any inaccurate or incomplete personal data we hold about you.|
|Right of erasure||You have the right to ask us to delete your personal data where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for retaining it. If we are required to keep your personal data to comply with our legal or regulatory obligations or legitimate interests in legal proceedings or claims, then we may have to decline your request.|
|Right to restrict processing||You have the right to request that we restrict the processing of your personal data that we hold about you for specific reasons.|
|Right to data portability||You have a right to obtain and reuse the personal data that we hold about you for you for your own purposes in certain circumstances.|
|Right to object||You have a right to object to us processing your personal data.|
Changes to our privacy notice
We may require to update this Privacy Notice from time to time. The up-to-date version will always be on our website and we will communicate material updates to our clients from time to time. We will not process your personal data for purposes other than those set out in this document or which may be prejudicial to your interests without letting you know giving you the opportunity to review and object to any such amended processing.