Privacy Policy

Keoghs Legal Services Privacy Notice

Introduction and General Terms

Keoghs LLP is a limited liability partnership registered in England and Wales, registration number OC321124 and are authorised and regulated by the SRA number 573546, we are subject to the Solicitors Code of Conduct and are registered with the Information Commissioner’s Office Data Protection Register under number Z6508550.

All services in Scotland are delivered under Keoghs Scotland LLP; a limited liability partnership registered in Scotland (registered number SO305857) which is authorised and regulated by the Law Society of Scotland and are registered with the ICO under registration ZA253630.

Wherever you see the words “Keoghs”, “we”, “us”, “our”, in the Notice, these words refer to Keoghs LLP and Keoghs Scotland LLP.

At Keoghs, we respect the privacy of all personal information we process and are committed to protecting our data. This privacy notice tells you about the information we process as part of providing legal services.

In collecting this information, we can operate in different capacities; as such we may act as data processors or joint-controllers. This Notice sets out relevant information about how Keoghs may collect and use your personal data, about why and how we use the data we process, and about the rights you have over your data.

This Privacy Policy is intended to assist you in making informed decisions when using our Services and to understand how we may process your personal information as a result of providing the Services to third parties. Please take a moment to read and understand it.

Please also note that this Privacy Notice only applies to the use of your personal information obtained by us.

The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. We collect only that personal data from you that we require to enable us to provide legal services to our clients.

In the field of claims dispute resolution, this could be because you are, but not limited to:

  • an indemnified policyholder;
  • a policyholder for whom indemnity has been refused or reserved;
  • an insured driver;
  • an uninsured driver;
  • an employee or representative of an insured or self-insured company;
  • an employee or representative of a non-indemnified company;
  • a claimant or prospective claimant;
  • a third party or prospective third party;
  • an employee or representative of a claimant or prospective claimant;
  • an employee or representative of a third party or prospective third party;
  • a witness, including expert witness;
  • an external legal service provider, including but not limited to Counsel, Loss Adjusters, or Claims investigators
  • an employee or representative of an insurer or self-insured client;
  • a representative of the Court Service; or
  • any other individual viably connected to a claim upon which we are instructed to act.

Depending on your relationship with us, we may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:

Contact Data     

includes name, email address, telephone number

Technical Data

includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Usage Data        

includes information about your use of our service, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); elements you viewed or words you searched for; page response times; download errors; length of visits; interaction information (such as scrolling, clicks, and mouse-overs).

Communications Data

includes emails, notes of conversations, etc.

Certain categories of data are considered Sensitive Data and are subject to additional safeguards.  The categories of Sensitive Data which we may process directly or indirectly relate to the following:

Sensitive Data: includes racial or ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, criminal convictions, physical and mental health and/or sexual orientation.

The lists set out above are not exhaustive, and there may be other personal data which Keoghs processes in the context of our relationship with you.  We will update this Notice from time to time to reflect any notable changes in the categories of data which are processed.

Where your personal data may come from

The personal data which we process will be collected from a number of sources including (but not limited to) the following:

  • our clients
  • claimants
  • insurers or their insureds
  • defendants
  • 3rd parties
  • third party data providers/search systems
  • witnesses
  • counsel
  • insurance industry databases
  • experts
  • other solicitors
  • law enforcement agencies
  • insurance companies
  • social media
  • loss adjusters and claims investigators
  • intermediaries (claims management suppliers etc)
  • industry regulators, including but not limited to the SRA, FCA, PRA and ICO
  • fraud prevention agencies and organisations

How we may use your personal data

We will use your personal data only when legally permitted. We may use your data in a variety of ways that enables us to provide legal advice and/or to conduct legal proceedings on behalf of our clients and/or to assist in the prevention of fraud; where it is necessary for our legitimate interests (or those of our clients or a third party) and your interests and fundamental rights do not override those interests; or where we need to comply with a legal or regulatory obligation.

We have set out below, in a table format, a description of the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

 

 

Where ‘legal services’ above includes (but not limited to) the following:

  • insurance based legal services
  • legal advice
  • claims handling services
  • advising on and negotiating legal contracts
  • training and legal updates
  • day to day operations of our business
  • managing court or legal proceedings including prospective legal proceedings
  • Engaging with law enforcement agencies and regulatory bodies


Again this list is not exhaustive and Keoghs may undertake additional processing of personal data in line with the purposes set out above. We will update this Notice from time to time to reflect any notable changes to the purposes for which your personal data is processed.

Sharing your personal data

We may share your personal information with other organisations as required in order to provide our legal services. These may include the following:

  • other solicitors
  • Professional Indemnity and other relevant insurers
  • professional advisers
  • cost draftsmen
  • witnesses
  • Lexcel and other quality accreditation providers
  • mediators
  • document processors
  • printers
  • translation services
  • confidential waste disposal
  • IT systems or software providers
  • document archiving providers
  • IT support service providers
  • experts
  • fraud prevention agencies
  • government organisations
  • regulators (including SRA, FCA, ICO, PRA)
  • Legal Ombudsman or Financial Services Ombudsman
  • external legal service providers, including but not limited to Counsel, Loss Adjusters, or Claims investigators
  • regulators (ICO etc)

We require all third parties to respect the confidentiality and security of your data and to treat it in accordance with the data protection laws. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes and by our instructions.

Change of purpose

We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent in compliance with the above rules, where this is required or permitted by law, for example for the purpose of the detection and prevention of crime.

If you fail to provide personal data

Where we need to collect personal data by law or under the terms of a contract for legal services we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our contractual relationship with you, but we will notify you if this is the case at the time.

Automated decision making

We do not use the information you provide to make any automated decisions that might affect you.

International transfers

We do not knowingly transfer any personal data outside the European Economic Area (EEA).

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Also, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Changes to the privacy notice and your duty to inform us of changes

This version of our privacy policy was last updated on 24 May 2018.

We may make changes to this Privacy Policy from time to time. We may make changes as required to comply with changes in applicable law or regulatory requirement and we encourage you to review this Privacy Policy periodically to be informed of how we use your personal information.

It is vital that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Your rights over your information

By law, you can ask us what information we hold about you, request to have access to it, and you can ask us to correct it if it is inaccurate. In those cases where we process your information for contractual reasons, you can ask us to give you a copy of the information.

If you believe we are not using your information lawfully, you can ask us to stop using it for a period. In some circumstances, you may have the right to ask us to erase your personal data.

To submit a request by email, post or telephone, please use the contact information provided below.

Contacting us

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details below.

Phone:

01204 678660

Email:

Report@keoghs.co.uk

Address:

QRC & Data Protection Officer

Keoghs Bolton (Headquarters)

2 The Parklands

Bolton

BL6 4SE

 

Your right to complain

If you have a complaint about our use of your information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Commissioner’s Office as below:

Address:

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Website:

www.ico.org.uk/concerns

 

 

 

Keoghs Website Privacy Notice

Introduction and General Terms

At Keoghs LLP, we respect your privacy and are committed to protecting your data. This privacy notice tells you about the information we collect from you when you use our website.

In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data and about the rights you have over your data.

Wherever you see the words “Keoghs”, “we”, “us”, “our”, in the Notice, these words refer to Keoghs LLP.

This Privacy Notice explains the data we collect about you and how we use your information:

  • When you use our website
  • When you submit an enquiry via our website

The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. We collect only that personal data from you that we need to provide you with the services you request and otherwise, to operate our business in the way that you would anticipate.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:

Contact Data     

includes name, email address, telephone number

Technical Data

includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Usage Data        

includes information about your use of our service, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); elements you viewed or words you searched for; page response times; download errors; length of visits; interaction information (such as scrolling, clicks, and mouse-overs).

Communications Data

includes emails, notes of conversations, etc.

When you use our website

When you use our website to browse our services and view the information we make available; some cookies are used by third parties and by us to allow the website to function, to collect useful information about visitors and to help to make your user experience better.

Some of the cookies we use are strictly necessary for our website to function, and we do not ask for your consent to place these on your computer. However, for those cookies that are useful but not strictly necessary, we will always ask for your consent before placing them.

See our Cookies Policy for more information on what a cookie is and how we use them on our website.

When you submit an enquiry via our website

When you submit an enquiry via our website, we ask you for standard Contact Data. We use this information to respond to your query, including providing you with any requested information about our services. We will do this based on our legitimate interest in providing accurate information as requested.  

We do not use the information you provide to make any automated decisions that might affect you.

How we use your personal data

We will use your personal data only when legally permitted. The most common uses of your personal data are to perform the contract between us or to send you information or resources which you’ve requested; where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or where we need to comply with a legal or regulatory obligation.

We have set out below, in a table format, a description of all the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity            

Type of data     

The lawful basis for processing

To provide our services:

 

(a) Contact

(b) Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests

To manage our relationship with you

(a) Contact

(b) Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to tailor our services appropriately, to keep our records updated and to study how clients use our services)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Contact

(b) Technical

 

 

Necessary for our legitimate interests (to study how clients use our services, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, our services, marketing, customer relationships and experiences

(a) Usage

(b) Technical

 

Necessary for our legitimate interests (to define types of clients for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

 

Note that we may process your personal data for more than one legal ground depending on the specific purpose for which we are using your data.

Sharing your personal data

We may have to share your personal data with select third parties, for example:

= website hosting and content management providers

= professional advisers and consultants

= regulators (SRA, ICO etc)

 

 We require all third parties to respect the confidentiality and security of your data and to treat it in accordance with the data protection laws. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes and by our instructions.

International transfers

We do not knowingly transfer any personal data outside the European Economic Area (EEA).

Linking

We may link to other websites which are not within our control. Once you have left our website, we cannot be responsible for the protection and privacy of any information which you provide. You should exercise caution and look at the privacy statement applicable to the website in question.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Also, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

If at any point you suspect or become aware of a security incident (i.e. your password is stolen, or you receive suspicious communication from someone holding themselves out to be a Keoghs employee or from a dupe website claiming to be affiliated with Keoghs), please let us know using the contact information provided below.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Changes to the privacy notice and your duty to inform us of changes

This version of our privacy policy was last updated on 24 May 2018.

It is vital that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Your rights over your information

By law, you can ask us what information we hold about you, request to have access to it, and you can ask us to correct it if it is inaccurate. In those cases where we process your information for contractual reasons, you can ask us to give you a copy of the information.

If you believe we are not using your information lawfully, you can ask us to stop using it for a period. In some circumstances, you may have the right to ask us to erase your personal data.

To submit a request by email, post or telephone, please use the contact information provided below.

Contacting us

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details below.

Phone:

01204 678660

Email:

Report@keoghs.co.uk

Address:

QRC & Data Protection Officer

Keoghs Bolton (Headquarters)

2 The Parklands

Bolton

BL6 4SE

 

Your right to complain

If you have a complaint about our use of your information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Commissioner’s Office as below:

Address:

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Website:

www.ico.org.uk/concerns

 

 

Keoghs Recruitment Privacy Notice

Introduction and General Terms

At Keoghs LLP we respect your privacy and are committed to protecting your data.

This privacy notice tells you about the information we process about you while you are an applicant for a position of employment at Keoghs as part of our recruitment process. In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights, you have over your data.

Wherever you see the words “Keoghs”, “we”, “us”, “our”, in the Notice, these words refer to Keoghs LLP and Keoghs Scotland LLP.

This Privacy Notice explains the data we collect about you and how we use your information as part of the recruitment process.

The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. We collect only that personal data from you that we need to manage the recruitment process (including any pre-employment checks) and operate our business in the way that you would anticipate.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:

Contact Data     

includes first name, last name and email address, telephone number, residential address.

Other Identifier Data

includes passport details, driving licence, date of birth, job, National Insurance number and employment details.

Sensitive Data

includes information about your physical health, disabilities, mental health, and sexual orientation (to the extent we have details about your spouse or partner).

Professional data

includes qualifications, certifications, employment performance and employment history.

Communications Data

includes emails, notes of conversations, etc.

 

As part of the recruitment process

As part of the recruitment process, Keoghs LLP collects and processes personal data relating to job applicants. As part of our recruitment process, we are likely to process contact data as well as sensitive, professional and other identifier data.

We collect this information in a variety of ways. Data might be contained in application forms, CVs or resumes, covering letters, obtained from a passport or other identity documents, or gathered through interviews or other forms of assessment processes, including group exercises, case studies and online tests or personality questionnaires. This information is collected in hard copy or electronically.

We also collect personal data about individuals from third parties, such as references supplied by former employers, information from employment background check providers and information from criminal records checks. We will seek information from third parties only once a job offer has been made and will inform the applicant that we are doing so.

Information about your application for employment with us is stored and processed within a third-party applicant management system which is hosted within the European Economic Area (EEA). The provider of this system is contractually bound to provide adequate safeguards over your personal data.

Data is subsequently stored in a range of different places, including on an initial application record, in our HR database and on other IT systems (including email communication).

We will use and retain your information on the grounds of our legitimate interest, which is to ensure that we undertake adequate steps to ensure that applicants are suitably skilled to fulfil their roles within the business.

Personal data will be shared internally for the recruitment exercise. This includes members of the HR department, partners, hiring managers and other staff appropriately trained and involved in the recruitment process.

We will not share personal data with third parties unless an individual’s application for employment is successful and we make a formal offer of employment. We will then share an individual’s data with former employers to obtain references, employment background check providers to obtain necessary background checks and obtain necessary criminal records checks.

For unsuccessful applicants we will keep information about your recruitment with us for a period of no more than six months after your application has ended. If we feel that there may be a suitable opportunity at Keoghs in the future we may request to hold your details on record longer. In this case we will only do so with your explicit consent and will not retain your data for any longer than two years.

For successful applicants, we will keep information about your recruitment with us for as long as you are an employee, and for a period of six years after your employment has ended, unless we are required to retain specific information by law.

Sharing your personal data

We may have to share your personal data with select third parties, for example:

  • recruitment portals
  • background and criminal record checks
  • your appointed referee(s)
  • our regulators

We require all third parties to respect the confidentiality and security of your data and to treat it in accordance with the data protection laws. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes and by our instructions.

Automated decision making

We do not use the information you provide to make any automated decisions that might affect you.

International transfers

We do not knowingly transfer any personal data outside the European Economic Area (EEA).

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Also, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Changes to the privacy notice and your duty to inform us of changes

This version of our privacy policy was last updated on 24 May 2018.

It is vital that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Your rights over your information

By law, you can ask us what information we hold about you, request to have access to it, and you can ask us to correct it if it is inaccurate. In those cases where we process your information for contractual reasons, you can ask us to give you a copy of the information.

If you believe we are not using your information lawfully, you can ask us to stop using it for a period. In some circumstances, you may have the right to ask us to erase your personal data.

To submit a request by email, post or telephone, please use the contact information provided below.

Contacting us

We are required to have a Data Protection Officer, as mandated by Data Protection Legislation, and any enquiries about our use of your personal data should be addressed to the contact details below.

Phone:

01204 678660

Email:

Report@keoghs.co.uk

Address:

QRC & Data Protection Officer

Keoghs Bolton (Headquarters)

2 The Parklands

Bolton

BL6 4SE

 

Your right to complain

If you have a complaint about our use of your information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Commissioner’s Office as below:

Address:

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Website:

www.ico.org.uk/concerns