When you employ Lavelle Solicitors to provide legal services to you, you are giving us permission to hold information and personal data for our records.
This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
The following is a statement of our practices regarding your personal data and how we will treat it. The applicable law is the Data Protection Acts 1988 and 2003 (as amended) and from 25 May 2018, the General Data Protection Regulation (the GDPR).
The categories of your personal data that we may collect includes, but is not limited to the following: contact details (including names, postal addresses, email addresses and telephone numbers), financial and tax data, correspondence by phone and/or email.
We collect this information to provide you with legal services. You have provided consent for the processing for the purpose of representing you in relation to our engagement and retainer. Processing is necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract. Processing is necessary in order to protect the vital interests of you and for the purposes of the legitimate interests which we pursue in providing you with legal services
If your case involves the processing of special categories of data such as medical or health data we will only process such personal data or special category of personal data for the establishment, prosecution or defence of your case and for no other purpose.
We shall keep any personal data, information and documents relating to you or your business confidential, except where disclosure is required by law or regulation or in other exceptional circumstances. In the same way we must respect the confidentiality of information and documents which we hold for our other clients. We cannot, without their express written permission, disclose any of that material to you.
In the normal course of running a solicitor’s practice and in the course of carrying out our obligations to you we may need to share/disclose your personal data to a third party/parties such as:-
- Revenue Commissioners,
- Law Society of Ireland,
- Local Authority,
- Courts Service,
- Workplace Relations Commission,
- Department of Social Security,
- Property Registration Authority
We also use professional and other services including specialist IT service providers, which will involve some access to files including:
- Risk management auditors – Institute of Legal Research & Standards [Q1000/Q3000/Q6000/Q9000]
- Quality control companies,
- IT maintenance contractors
- Cloud storage providers
- External file storage companies
This allows us to manage our firm properly. We always try to make sure that the provider of the services is reputable and can provide sufficient guarantees to implement appropriate technical and organisational measures in such a way that your personal rights are protected. We require them to sign letters of confidentiality and/or a written contract.
When we store files off site, whether electronic or hard copy, we will take all reasonable steps to make sure we keep your information confidential.
What are your rights with respect to the processing of personal data?
Please note that you have the following rights in respect of your personal data:
The right to access the personal data we hold about you.
The right to require us to rectify any inaccurate personal data about you without undue delay.
The right to have us erase any personal data we hold about you in circumstances where the processing of data was not carried out in accordance with the GDPR.
The right to object to us processing personal data about you such as processing for profiling or direct marketing.
The right to data portability in certain circumstances such as where the processing is based on consent, processing is necessary for the performance of a contract and the processing is carried out by automated means.
The right to request a restriction of the processing of your personal data.