Information presented on this website is advertising in nature

GDPR Compliance

Our commitment to data protection under UK GDPR

Westminster Legal Services is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines our approach to data protection and your rights under these regulations.

Our Role as Data Controller

For personal data collected through this website and in connection with our legal services, Westminster Legal Services acts as the data controller. This means we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with data protection law.

Data Protection Principles

We adhere to the following principles when processing personal data:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes
  • Data minimisation: We ensure data is adequate, relevant, and limited to what is necessary
  • Accuracy: We keep personal data accurate and up to date
  • Storage limitation: We retain data only for as long as necessary
  • Integrity and confidentiality: We process data securely with appropriate protection
  • Accountability: We demonstrate compliance with these principles

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right to Be Informed

You have the right to be informed about how we collect and use your personal data. This is provided through our Privacy Policy and this GDPR information page.

Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month of receiving your request.

Right to Rectification

If you believe any personal data we hold is inaccurate or incomplete, you have the right to request correction. We will respond within one month.

Right to Erasure

In certain circumstances, you can request deletion of your personal data. This right is not absolute and applies only where specific conditions are met, such as when data is no longer necessary for its original purpose.

Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances, such as when accuracy is contested or processing is unlawful.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you can request your data in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision Making

You have rights concerning automated decision-making and profiling. We do not currently make decisions about you based solely on automated processing.

Exercising Your Rights

To exercise any of these rights, please contact us in writing at:

Data Protection Enquiries
Westminster Legal Services
45 Chancery Lane
London WC2A 1JF
United Kingdom

Email: [email protected]

We will respond to requests within one month. In complex cases, we may extend this by a further two months, but we will inform you if this is necessary.

Complaints

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF

Website: ico.org.uk

International Transfers

We do not routinely transfer personal data outside the United Kingdom. Where such transfers are necessary for the provision of legal services, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) where processing is likely to result in a high risk to individuals' rights and freedoms, ensuring risks are identified and mitigated.

Last updated: January 2024