Privacy Policy

1. Introduction

Abraham Baron Solicitors is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services or visit our website.

We are registered with the Information Commissioner's Office (ICO) as a data controller. This means we are responsible for deciding how we hold and use personal information about you.

2. Information We Collect

We may collect and process the following types of personal data:

2.1 Personal Identification Information

• Full name, date of birth, and gender
• Contact details (address, email, telephone numbers)
• National Insurance number
• Identification documents (passport, driving licence)
• Employment details and financial information

2.2 Sensitive Personal Data (Special Categories)

Depending on the nature of your legal matter, we may need to process sensitive personal data, including:

• Health and medical information (particularly for personal injury and housing disrepair claims)
• Criminal convictions or allegations
• Information about legal proceedings

2.3 Information About Third Parties

You may provide us with information about other individuals (e.g., witnesses, family members, opposing parties). You must ensure these individuals are aware that you are providing their information to us.

2.4 Technical Information

• IP address and browser type
• Device information
• Website usage data through cookies
• Communication records (emails, letters, phone calls)

3. How We Collect Your Information

We collect personal data through:

• Direct interactions with you (in person, by phone, email, or post)
• Contact forms on our website
• Client intake questionnaires
• Third parties such as medical professionals, experts, or other parties involved in your matter
• Publicly available sources
• Automated technologies (cookies and similar tracking technologies)

4. How We Use Your Information

We use your personal data for the following purposes:

4.1 Providing Legal Services

• Conducting client identification and verification (AML/KYC requirements)
• Advising you on your legal matter
• Preparing legal documents and correspondence
• Representing you in negotiations, court proceedings, or other forums
• Instructing third parties on your behalf (e.g., barristers, experts, medical professionals)

4.2 Business Administration

• Managing client accounts and billing
• Maintaining accurate records
• Responding to enquiries and complaints
• Quality assurance and training purposes

4.3 Legal and Regulatory Compliance

• Complying with our obligations under the Solicitors Regulation Authority (SRA) Standards and Regulations
• Meeting anti-money laundering and counter-terrorism financing requirements
• Complying with court orders and legal obligations
• Preventing and detecting fraud or crime

4.4 Marketing (with your consent)

• Sending information about our services
• Providing updates on legal developments relevant to you

5. Legal Basis for Processing

We process your personal data under the following legal bases:

• Contractual Necessity: Processing is necessary for the performance of our contract with you
• Legal Obligation: We must process your data to comply with legal and regulatory requirements
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., record-keeping, quality assurance) provided this does not override your rights
• Consent: You have given explicit consent for specific processing activities (e.g., marketing communications)
• Vital Interests: In rare cases, to protect your vital interests or those of another person

For sensitive personal data, we rely on specific conditions such as legal claims, explicit consent, or where processing is necessary for reasons of substantial public interest.

6. Sharing Your Information

We may share your personal data with the following categories of recipients:

• Legal Representatives: Barristers, expert witnesses, and other legal professionals instructed on your behalf
• Third-Party Service Providers: IT service providers, document management systems, cloud storage providers
• Medical Professionals: Doctors, medical experts for medical reports and assessments
• Courts and Tribunals: As required for legal proceedings
• Opposing Parties and Their Representatives: As necessary for the conduct of your legal matter
• Insurance Companies: Where relevant to funding arrangements
• Regulatory Bodies: SRA, Legal Ombudsman, ICO, or other regulatory authorities
• Law Enforcement: Where required by law or to prevent/detect crime
• Professional Advisors: Accountants, auditors, insurers

We ensure that all third parties respect the security of your data and treat it in accordance with the law. We only permit them to process your data for specified purposes and in accordance with our instructions.

7. International Transfers

We primarily store and process your data within the United Kingdom. If we need to transfer your data outside the UK, we will ensure appropriate safeguards are in place to protect your information in accordance with UK GDPR requirements.

8. Data Security

We have implemented appropriate technical and organisational security measures to protect your personal data, including:

• Encrypted data storage and transmission
• Secure access controls and authentication
• Regular security assessments and updates
• Staff training on data protection
• Confidentiality agreements with staff and third parties
• Secure document destruction procedures

While we take all reasonable steps to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including:

• While we are providing legal services to you
• To comply with legal, regulatory, and professional obligations (minimum 6 years from conclusion of matter)
• To establish, exercise, or defend legal claims
• For legitimate business purposes such as quality assurance

When we no longer need your personal data, we will securely delete or destroy it in accordance with our data retention policy.

10. Your Rights

Under UK GDPR, you have the following rights:

• Right of Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can ask us to correct inaccurate or incomplete data
• Right to Erasure: You can request deletion of your data in certain circumstances
• Right to Restriction: You can ask us to limit how we use your data
• Right to Data Portability: You can request your data in a portable format
• Right to Object: You can object to certain types of processing
• Rights Related to Automated Decision-Making: You have rights relating to automated decision-making and profiling

Please note that some of these rights may be limited where we have an overriding legal obligation or legitimate interest. For example, we cannot delete your file if we are required to retain it for regulatory purposes.

To exercise any of these rights, please contact us at contact@abrahambaron.com. We will respond within one month.

11. Cookies and Website Analytics

Our website uses cookies to improve your browsing experience. Cookies are small text files stored on your device.

We use the following types of cookies:

• Essential Cookies: Necessary for the website to function properly
• Analytics Cookies: Help us understand how visitors use our website
• Functional Cookies: Remember your preferences and settings

You can manage cookie preferences through your browser settings. However, disabling cookies may affect website functionality.

12. Marketing Communications

We will only send you marketing communications if you have consented to receive them. You can opt out at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Contacting us at contact@abrahambaron.com
• Calling us on 0330 133 0777

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read their privacy policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the updated policy on our website with a revised date. Please review this policy periodically.

15. Complaints

If you have any concerns about how we handle your personal data, please contact us first. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):