Privacy notices

Get in touch

This page contains the privacy notice for DMH Stallard LLP and links to the privacy notices for DMH Stallard Trust Corporation Limited and RB Trust Corporation Limited.

Privacy notice for DMH Stallard LLP (see below)
Privacy notice for DMH Stallard Trust Corporation Limited
Privacy notice for RB Trust Corporation Limited
Privacy notice for job applicants

Privacy notice for DMH Stallard LLP

We are committed to protecting your privacy and complying with data protection legislation. This Privacy Notice contains important information about us, how and why we collect, store, use and share personal data, your rights in relation to your personal data and how to contact us and the Information Commissioner’s Office (ICO), in the event you have a complaint.

If you are reading this Privacy Notice on our website www.dmhstallard.com (our site), please also refer to our Cookie policy which explains the use of cookies via our site.

Who we are

We are DMH Stallard LLP, a limited liability partnership registered in England (registered number OC338287). Our registered office is Griffin House, 135 High Street, Crawley, West Sussex, RH10 1DQ and we are authorised and regulated by the Solicitors Regulation Authority.

We collect, use and are responsible for processing certain personal data about you. When we do so we are regulated under the retained EU law version of the General Data Protection (EU) 2016/679 (UK GDPR), and the Data Protection Act 2018 (DPA 2018), and we are responsible as ‘controller’ of that personal data for the purposes of those laws.

The personal information we collect and use

Information collected by us
Where you interact with the site and/or in the course of us providing legal, planning and/or other services, we may collect and process the following personal data about you:

Information provided by you

Identity information such as your name, previous names, marital status, tax details, title and date of birth.
Contact information such as, address, phone number and email address or personal data relating to other people within your organisation (where applicable).
Financial information including details of your bank account and payment card details.
Information which may identify you which is required to assist us with providing a service to you or is relevant or incidental to the legal advice/services we provide.
Information to enable you to attend a seminar, webinar of other event hosted by us.
Information from filling in forms on our site or that we otherwise provide to you. This includes information you provide when you subscribe to a newsletter, search for a service, complete a survey, when you report a problem with our site or where further information is required to enable us to provide our services.
Special categories of personal data, for example, in connection with your attendance at a seminar, webinar or other event hosted by us to identify disabilities or dietary requirements or where such information is required in connection with the services we provide, for example where there is an employment related matter details of medical information or trade membership registration may be required.

Information obtained by us

Publically available information about you or your business (including through electronic sources).
CCTV footage of you attending our offices and access logs.
When you visit our site, the Internet protocol (IP) address used to connect your computer to the Internet, your browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Other technical information, including usage information when you visit our site, such as data from cookies and other similar technologies. If you are reading this privacy notice online, further information is set out in our Cookie Policy.

How do we collect your personal data?
We may collect personal data about you or your organisation in a number of circumstances, such as:

When you enquire or obtain legal or planning advice or services from us;
When you or your organisation offer to provide or provide services to us;
When you use, browse, make an enquiry or otherwise interact on our site;
Through use of our guest Wi-Fi services;
When you attend our offices; and
When you attend a seminar, webinar or other event.

Information we receive from other sources

We may receive personal data about you from people liaising with us in relation to the services or events (to include webinars, seminars, networking events, etc.) we are providing to you. For example, accountants, financial advisors, business partners and other professional advisors.

We may also obtain your personal data from others acting on your behalf, with your consent, for example, under a Power of Attorney, executors or trustees.

As we work closely with third parties including, for example, sub-contractors in technical, payment and delivery services, analytics providers, search information providers, and credit reference agencies we may also receive information about you from them.

Personal data about other people which you provide to us

If you provide personal data or other information to us about someone you must ensure that you are entitled to disclose that personal data and information to us and that, without us taking any steps to verify this, we may collect, use and disclose that personal data as described in this Privacy Notice. It is your responsibility to inform the individual concerned of this Privacy Notice, where required to do so.

How we use your personal data

We process your personal data in the following ways:

to carry out our obligations arising from any contracts entered into between you and us (including but not limited to setting you up as our client and processing payments) and to provide you with the information and services that you request from us;
to comply with our legal and regulatory obligations;
to analyse and improve our services and communications to you and notify you of any changes to our services;
to protect the security of and managing access to our premises, IT and communication systems, online platforms, the site and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
for our insurance purposes;
for monitoring and assessing compliance with our policies and standards;
for investigating and resolving actual and potential claims and complaints against us;
to comply with court orders and to exercise and/or defend our legal rights;
to ensure that content from our site is presented in the most effective manner for you and for your computer;
to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
to allow you to participate in interactive features of our service, when you choose to do so;
to provide you with information about other services we offer that are similar to those that we have already provided to you or which you have enquired about; and
For any purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to us.

Collectively, we refer to the above as the Services in the remainder of this Privacy Notice.

We may use your personal data to send you marketing communications. You may receive marketing communications from us if you have requested information from us or instructed us to provide Services and you have not opted out of receiving that marketing. We will obtain your express opt-in consent before we share your personal data with any third party for marketing purposes. You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.

It may be that from time to time, we need to use your personal data for other specific purposes. In such instance, we will provide you with a fair processing notice detailing such use of your personal data.

How we use Information we receive from other sources

We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for our provision of the Services.

We may also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. We may use such data for analytical and research purposes.

Who we share your personal information with

We may share your personal data with other entities within the DMH Stallard Group all of which are based within the United Kingdom including:

DMH Stallard Trust Corporation Limited (Company number 02872937), acting as a processor and controller;
RB Trust Corporation Limited is a limited company registered in England (registered number 10257894), acting as a processor and controller; and
DMH Stallard Service Company Limited (Company number 01832830) acting as a processor.

We may also share and/or disclose your information with selected third parties including:

Business partners, professional advisers, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
Barristers, mediators, arbitrators (or other legal specialists), experts, consultants or any equivalent in connection with your matter;
Foreign law firms for the purposes of obtaining foreign legal advice (based in the EEA and other countries);
Service providers acting as processors based within the EEA and who provide IT and system administration services to us;
Any law enforcement agency, court, regulator, government authority (including HM Revenue & Customs) or other third party where we believe this is necessary to comply with a regulatory obligation or otherwise to protect our rights or the rights of any third party;
The Solicitors’ Regulation Authority and other regulators of our business and the Legal Ombudsman;
Business partners, professional advisers with whom we may co-host seminars, webinars, networking events or other events;
Our insurers and any legal provider appointed by our insurers;
Analytics and search engine providers that assist us in the improvement and optimisation of our site;
Quality standards bodies such as Lexcel;
Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you or for verifying your existence and address. The credit reference agency may keep a record of that information. They may check your personal details against any particulars on any database (public or otherwise) to which they have access. They may also disclose your personal details and the fact that a search was made to its other customers for the purposes of assessing the risk of giving credit and occasionally to prevent fraud, money laundering and to trace debtors;
Third parties who assist us with our compliance obligations, such as third parties who undertake identity and sanctions checks;
On a confidential basis, to business development consultants for the purposes of collecting your feedback on our Services;
If we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
If DMH Stallard LLP or substantially all of its assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets; and
In order to enforce or apply the terms of use for our website (available here if reading this online website terms of use) and other agreements; or to protect the rights, property, or safety of DMH Stallard LLP, our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers who act as processor to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Whether information has to be provided by you, and if so why

The provision of certain personal data may be required from you to enable us to provide the Services. For example, we may require personal data to process your instructions and to comply with our regulatory obligations. We will inform you at the point of collecting information from you whether you are required to provide the information to us. If you are unable to provide the required personal data we may not be able to provide you with the Services.

How long your personal information will be kept

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements which includes investigating any legal claims that may be made against us.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Please contact us if you require further detail regarding our retention policy.

Reasons we can collect and use your personal information

We will process your personal data for one or more of the following lawful grounds:

Where we need to perform the contract we are about to enter into or have entered into with you to provide you with the Services.
Where it is necessary for our legitimate interests (or those of a third party). A legitimate interest is when we have (or a third party has) a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
Where we need to comply with a legal or regulatory obligation.
Where we rely on your consent – for example, where you agree we can send you information about our seminars, webinars or other events, or where you agree we can share your information with selected third parties.

Where we process special categories of personal data (racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or condition, sexual life or sexual orientation, genetic data or biometric data) we do so as necessary for the establishment, exercise or defence of legal claims, to assist you and/or your organisation in fulfilling the rights and obligations of applicable employment or social security laws, or where we have your explicit consent. For example, where you are involved in a dispute involving alleged discrimination, information about medical conditions, race, religion and/or sexual orientation may be relevant to us representing you.

We may process criminal offence data either as necessary for the establishment, exercise or defence of legal claims or where we have your explicit consent. For example, if we represent you in a criminal case, we will collect information about the alleged offences and any related criminal history and or international sanctions.

If you would like any further information regarding the grounds upon which we process your personal data, please contact our Data Protection Officer whose details are below.

Transfer of your personal data out of the UK

The data that we collect from and about you may be transferred to, and stored at, a destination outside the United Kingdom (UK). This may include countries which do not provide the same level of protection as the data protection laws governing the UK. We will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the UK GDPR or other relevant laws.

We will require all agents, consultants and sub-contractors and others who are outside the UK and to whom we transfer your personal data to ensure a similar level of data protection. When doing so we will comply with applicable data protection requirements and take appropriate safeguards to ensure the security and integrity of your personal data.

You may contact us anytime using the contact details below, if you would like further information on such safeguards.

Your rights

Under the UK GDPR and DPA 2018 you have a number of important rights, subject to certain conditions. In summary, those include rights to:

Request access to personal data held by us about you (also known as Data Subject Access Request);
Request correction of personal data held by us about you;
Require us to erase personal data held by us about you where there is no lawful reason to continue to process it or retain it;
Restrict our processing of personal data held by us about you;
Receive personal data, which you have provided to us, in a structured, commonly used and machine readable format. You also have the right to require us to transfer this personal data to another organisation, at your request;
Object to our processing of personal information held by us about you where we are relying on a legitimate interest as the legal basis for the particular use or where we are processing your personal data for the purposes of sending marketing materials to you;
Request the transfer of your personal data to you or to a third party;
Withdraw your consent, where we are relying on it to use your personal data; and
Not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

For further information on each of those rights, including the circumstances in which they apply, please refer to the guidance and resources available on the Information Commissioner’s Office website.

If you would like to exercise any of those rights, please contact, our Data Protection Officer, using the details below:

Address:
DMH Stallard LLP
1 Jubilee Street
Brighton
East Sussex
BN1 1GE

Email: dataprotection.officer@dmhstallard.com

In order to process your request, you will need to provide:

sufficient information to identify you, that is your name, address and contact details;
proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
sufficient explanation of your request relating to the rights set out above.

If you would like to unsubscribe from any electronic marketing material that may have been sent to you, you can simply click on the ‘unsubscribe’ button found at the bottom of all our marketing material or if reading this Privacy Notice online, click here. Please note that it may take up to 28 days for this to take place.

Keeping your personal data secure

We have appropriate security measures in place to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

You have the right to make a complaint at any time to the ICO, the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to this Privacy Notice and your information

This Privacy Notice was published in May 2018 and updated in April 2024. We may change this Privacy Notice from time to time to reflect any changes to the way in which we process your personal data and to meet our legal requirements. Any such change to the Privacy Notice will be published on our website will take effect as soon as they are posted.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.

How to contact us

Please contact our Data Protection Officer, using the details above, if you have any questions about this Privacy Notice or the information we hold about you.

If you would like to receive this Privacy Notice in another format, for example, large print or Braille, please contact us using the details above.

Updated April 2024.

Announcements

Legal insights

Media spotlight

Podcasts

Resources

Videos

Whats it like working at DMH?

Brighton Jubilee Street