Privacy Notice

This privacy notice sets out our commitment to safeguarding the privacy of all clients and individuals that interact with us.

This privacy notice explains how Savage Silk applies the Data Protection principals and rights afforded by the General Data Protection Regulations (GDPR) to the personal data that we process.

When we refer to Savage Silk we are referring to the multi-disciplinary legal practice comprising SSH Group Holding Company Limited and its subsidiaries and subsidiary undertakings which practice using the name Savage Silk.  You can see full details of the Group in our Legal Notices, which together with the Data Controllers section of this notice, provide further information on the Group entities that control and process personal information.

Your Personal Data means any information that describes or is related to your personal circumstances, for example name, address, date of birth, telephone number, email address, bank account details or documents that verify your identity.

Your Personal Data may also identify you indirectly, for example your employment situation, your physical and mental health history, or any other information that could be associated with your cultural or social identity.

Generally, the data is collected in person by a member of our team, by email messaging services, via telephone or other similar communication systems.

By making a request in writing or verbally, you have the right to obtain a copy of your personal data and supplementary information which we may hold.  Any request would need to be responded to within one month of the date that the request is made, and any information supplied is provided free of charge.

You have the right to have any inaccurate/incomplete personal data updated and corrected.  Much like the Right to Access, you may make such a request either in writing or verbally, which will be responded to within one month of the request being made.

You have the right to obtain and reuse your personal data.  Any request should be made in writing or verbally.  The relevant data will be provided in a structured way, such as in Excel, Word, or PDF formats.

The basis upon which our business will deal with Your Personal Data

When we speak to you about the legal assistance which you require, we do so on the basis that both parties are entering into a contract for the supply of services.  To perform that contract, we have the right to use Your Personal Data for the purposes detailed below.

Alternatively, either during initial discussions with you or when the contract between us has come to an end for whatever reason, we have the right to use Your Personal Data provided if it is in our legitimate business interest to do so and your rights are not affected.  For example, we may need to respond to requests from mortgage lenders, insurance providers and our compliance service providers relating to the advice we have given to you, or to make contact with you to seek feedback on the service you received.

On occasion, we will use Your Personal Data for contractual responsibilities we may owe our regulator (the Solicitors Regulation Authority), or for wider compliance with any legal or regulatory obligation to which we might be subject.  In such circumstances, we would be processing Your Personal Data in order to meet a legal, compliance or other regulatory obligation to which we are subject.

We will collect and record Your Personal Data from a variety of sources, but mainly directly from you.  You will usually provide information during our initial meetings or conversations with you to establish your circumstances and needs.  You will provide information to us verbally and in writing, including emails.

We may also obtain some information from third parties, for example credit checks and searches of information in the public domain such as the voter roll.  If we use technology solutions to assist in the collection of Your Personal Data, for example software that is able to verify your credit status, we will only do this if we have consent from you for us or our nominated processor to access your information in this manner.  With regards to electronic ID checks, we would not require your consent but will inform you of how such software operates and the purpose for which it is used.

In the course of handling Your Personal Data, we will record and store Your Personal Data in our paper files, mobile devices and on our computer systems (websites, email, hard drives and cloud facilities).  This information can only be accessed by employees and consultants within the business and only when it is necessary to provide our service to you and to perform any administration tasks associated with or incidental to that service.

From time to time Your Personal Data may be shared with third parties who we believe will be able to assist us with your matter, or who are able to support your needs as identified.  These third parties will include, but may not be limited to, our compliance advisors, estate agents, providers of legal services such as estate planners, banks, financial institutions, accountants, surveyors and valuers (in each case where we believe this is to be required due to particular circumstances).  In each case, Your Personal Data will only be shared for the purposes set out in this notice.

We do not envisage that the performance by us of our service will involve Your Personal Data being transferred outside the European Economic Area.

Your privacy is important to us and we will keep Your Personal Data secure in accordance with our legal responsibilities.  We will take reasonable steps to safeguard your privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted depending upon their nature and only using secure method of postage when original documentation is being set to us.  We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.

Your Personal Data will be retained by us either electronically or in paper format for a minimum of five years, or in instances whereby we have legal right to such information we will retain records indefinitely.

Your rights in relation to Your Personal Data

You can:

  • Request copies of Your Personal Data that is under our control;
  • Ask us to further explain how we use Your Personal Data;
  • Ask us to correct, delete or require us to restrict or stop using Your Personal Data (details as to the extent to which we can do this will be provided at the time of any such request);
  • Ask us to send an electronic copy of your Personal Data to another organisation should you wish;
  • Change the basis of any consent you may have provided to enable us to market to you in future (including withdrawing any consent in its entirety).

If you have any questions or comments about this document, or you wish to make contact in order to exercise any of your rights set out within it please contact Helen Casely at helen.casely@sshbusiness.co.uk

If we feel we have a legal right not to deal with your request, or to action it in a different way to how you have requested, we will infirm you of this at the time.  You should also contact us as soon as possible on you becoming aware of any unauthorised disclosure of Your Personal Data, so that we may investigate and fulfil our own regulatory obligations.

If you have any concerns or complaints as to how we have handed Your Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to the Information Commissioner’s Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF