Montagu Evans takes the protection of your personal data seriously. This privacy notice details the types of personal data we collect, how we look after it and your rights under the GDPR (General Data Protection Regulation). More information about the GDPR can be found by visiting the Information Commissioners Office (the UK regulator) www.ico.org.uk
About us and contact information
Montagu Evans LLP is the data controller and we are responsible for your personal data.
Our main contact address is: – 70 St Mary Axe, London, EC3A 8BE.
For any enquiries regarding this privacy notice or for further information please email [email protected]
What personal information do we collect?
Personal data means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you. The summary below highlights the different types of information we collect when you contact us or use our services.
Identity and Contract Information – such as first name, last name, username, contact address, billing address, delivery address, email address and telephone numbers.
Financial and Transactional Information – includes bank account, details about payments to/from you and data about the services we have provided to, or bought from you.
Marketing and Communications Information – includes your preferences in receiving marketing from us and our third parties.
CCTV images – in some situations it may be appropriate for us to process CCTV footage for the following legitimate interests:
- keeping our staff, visitors and property safe and secure.
- detecting and preventing crime and assisting law enforcement agencies.
- CCTV footage may be shared with the police or other law enforcement agencies, or our insurers where necessary in relation to a claim, as well as any other third parties in connection with legal proceedings or emergency situations.
How is your personal data collected?
When you use our website or interact with us directly we may collect personal information in a number of ways. This includes when you fill in online forms, or correspond with us by phone, email, post or otherwise.
Third-party links from our website may take you to sites that allow third parties to collect or share data about you. We do not control third-party websites and encourage you to read the privacy notice of every website you visit.
We may also receive personal data about you from third parties or publicly available sources such as marketing databases, search information providers and analytics providers.
How we use your information
We will use your information in a number of ways in order to provide you with the service(s) you have requested and contracted with us for; to conduct marketing activities that you have agreed to or to comply with legal or regulatory obligations.
We use your personal information for our legitimate interests to enable us to deliver the services we are contracted to provide to you and to conduct day-day business activities such as general administration, IT services, financial transactions and enhancing our marketing, communications and client relationships.
Generally we do not rely on consent as a legal basis for processing your data other than in relation to sending third-party communications to you via email.
Our marketing and communications
We may send you marketing and communications messages as part of our engagement strategies. You can request us to stop sending you marketing messages at any time by emailing [email protected]
Who do we share your information with?
We may share your personal data with sub-contractors/consultants who are engaged by us to assist in delivering services to you. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We will not transfer your data outside of the European Economic Area.
How we protect your information
We have implemented appropriate security measures to help protect your personal data from being accidentally lost or used in an unauthorised way. We limit access to your personal data to only those employees, agents, contractors who have a specific need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have procedures to deal with a suspected data breach and will notify you and the ICO of a breach as required by law.
How long do we retain your information?
Montagu Evans will only keep your personal data for the necessary period to deliver services to you or for the purposes of satisfying any legal, accounting, or reporting requirements. We will assess the retention periods on an annual basis.
Your rights under GDPR
Under certain circumstances you have legal rights under GDPR:
- Request access to your personal data.
- Correction of errors in your personal data.
- Request erasure of your personal data.
- Object to the processing of your personal data. If you object to us processing your data we may be unable to deliver the services you have requested.
There is generally no fee for managing requests however the GDPR permits us to make a reasonable charge if your request is clearly unfounded, repetitive or excessive and we may refuse to comply with your request in these circumstances. We will aim to respond to all legitimate requests within one month but it may take us longer for more complex requests or for large numbers of requests – we will keep you informed if your request(s) will take longer to complete.
Further information, requests and complaints
For further information about our privacy notice, to make a general privacy enquiry or to make an access request please email [email protected]
For further information about the GDPR please visit www.ico.org.uk