1. Introduction
    1. Fladgate LLP (“we” “our” or “us”) or a member of our Group processes personal data of a number of different categories of individuals where we are the data controller. This information is provided to individuals whose data we process (“you” or “your”) to comply with our obligations under Articles 13 and 14 of the UK GDPR (as applied under the Data Protection Act 2018).
    2. As Fladgate LLP are a firm of solicitors, we are not required to give you information in certain circumstances where personal data we process is collected and processed by us in the context of our work advising and representing our clients. For more details see the Exemption page. Because of these exemptions, the information in this notice is in many cases deliberately non-specific and illustrative.

To make this information clear, we have divided the data we receive into the following groups - Please click on the links below to access the information that is relevant to you.

Data about individuals who are our clients

Data about directors, shareholders, consultants, employees or other personnel of our clients, or family members, executors, trustees or beneficiaries of our clients

Data about contacts who are not currently clients or personnel of clients

Data about third parties who are involved, directly or indirectly, in matters (including cases or transactions) in relation to which we are asked to advise or represent our clients

Data about our suppliers and supplier personnel

Data about individuals who apply for employment, work experience or partnership with the firm.

Data about partners and staff of the firm, and former partners and staff and other individuals who spend time at the firm (such as consultants and secondees).

    1. In addition to the above, individuals who interact with the firm in any of the above capacities should also refer to the following:

Data collected about staff and visitors to our office

Data collected through recording of Fladgate-arranged telephone conference calls

  1. Data Controller details
    1. Fladgate LLP is a limited liability partnership, registered in England and Wales with registered number OC334334.
    2. This Notice also applies to companies or entities are our wholly-owned subsidiaries (Group) who process personal data as part of their businesses as data controller. These include:
      1. Walgate Family Office Limited, registered in England and Wales with registered number 12353486;
      2. Walgate Governance Limited , registered in England and Wales with registered number 12356351; and
      3. Walgate Trustees Limited, registered in England and Wales with registered number 03139076.
    3. Our address is 16 Great Queen Street, London WC2B 5DG, UK (please mark any correspondence for the attention of the Head of Risk and Compliance. Our telephone number is +44 (0) 20 3036 7000. Our email address is (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).
  2. Collection, use and disclosure of data
    1. You can access more information using the links above to pages which explain:
      1. What categories of information we collect and retain;
      2. Where we will get the information from;
      3. The purpose and legal basis of processing; and
      4. Who we will disclose the information to.
  3. International Transfers

We will not transfer personal data relating to you to a country which is outside the European Economic Area unless:

    1. The country or recipient is covered by an adequacy decision of the Commission under GDPR Article 45;
    2. Appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 by us or by our client (on whose behalf we would transfer the data); or
    3. One of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):
      1. The transfer is necessary to perform, or to form, a contract to which we are a party:
        1. with you; or
        2. a third party where the contract is in your interests;
      2. The transfer is necessary for the establishment, exercise or defence of legal claims;
      3. You have provided your explicit consent to the transfer; or
      4. The transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.
  1. Retention of personal data
    1. Our retention and deletion policy can be found here.
  2. Your rights
    1. You have certain rights under UKGDPR:
      1. right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs);
      2. right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete;
      3. right to erasure/“right to be forgotten”: where the processing of your information is based on your consent, the right to withdraw that consent and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we do not rely on your consent to carry out the processing or if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);
      4. right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;
      5. right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and
      6. right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.
    2. Please note that if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to provide you with access to all or parts of our services.
    3. Please also note that some of the rights above may not be applicable to you (or to all of the information about you that we are processing) due to the application of one or more of the Exemptions.
    4. If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. Please see further information on their website:
  3. What happens if we do not receive the information or consents we need from you?
    1. If we do not receive the information we require in order to verify the identity of our client or the individuals who control or own our client, we cannot act for that client.
    2. We will not be able to act for an individual if we do not receive the personal data we require to communicate with that individual.
    3. In some cases we will ask partners, staff and candidates to provide consent to us or our processors to enable us to carry out certain aspects of the pre-employment checks or random checks of existing staff, in accordance with our policy. If this consent is not provided, then we will not be able to complete the checks, and this will (for existing partners and staff) trigger a review under the Fladgate policy and (for candidates) mean we cannot pursue your application any further. The consents that may be required are as follows:
      1. to third parties (such as educational establishments) to release details of your educational. professional and employment history; and
      2. to us or our service providers to export some of your personal data outside the EEA, where the party who can verify your information is located outside the EEA.
  4. Automatic decision making

We do not make decisions based solely on automated data processing, including profiling.

January 2021