Jason Elliott Associates Limited
Data Protection Policy
Jason Elliott Associates Limited takes your privacy very seriously. This is because, in our view, providing an outstanding professional service includes handling your data carefully and responsibly.
This Policy contains important information about how and why we collect, store, use and share your personal data. It also sets out your rights regarding your personal data and how to contact us and supervisory authorities in the event you have a complaint.
Our aim is for this guide to be easily accessible and understandable so our clients are aware of our obligations concerning their personal data. If you have difficulty understanding this guide, or have any queries, please get in touch via the ‘contact us’ section.
|A data controller determines the purpose and means of processing personal data. For the purpose of providing a service to you, we are data controllers.
|A data processor is responsible for processing data on behalf of the controller. We will process your data in the course of providing our service.
|A data subject is an individual on whom data is held. For the purpose of providing our service, you are a data subject.
|Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
|Sensitive Personal Data
|Special categories of personal data. Data relating to criminal convictions and offences is not sensitive personal data but similar safeguards apply to its processing.
Personal data we collect about you
An important part of the GDPR is promoting transparency regarding personal data.
If we act for you under legal aid, most of the personal data we collect is gathered using official legal aid forms. These forms have been updated to be GDPR compliant.
Personal data we may collect from you includes:
To be GDPR compliant, we must have a lawful ground for processing your personal data. The data we collect and process about you is done with your consent. We require a clear expression of consent as a precursor for us acting on your behalf. Additionally, it is often necessary for us to process and share your personal data to provide our services to you.
We aim to keep the personal data we hold on you to a minimum and we only process your personal data where it is necessary to provide our services to you.
How we collect your personal data
Most of the personal data we collect is provided by you. A large amount of the personal data we collect is provided by you in official legal aid forms. These forms have been updated to reflect the GDPR.
Why we collect your personal data
One principle of the General Data Protection Regulation is ‘Purpose Limitation’. We only collect the data which is necessary for us to provide our services to you. The personal data we collect about you is necessary for us to act on your behalf, progress your case and gather information from third parties.
This includes applying for financial assistance on your behalf, contacting yourself, your family members and your previous advisers.
The personal data we collect about you is not processed in any way which is incompatible for the purposes for which we collected the data.
With whom do we share your personal data?
We sometimes share your personal data with third parties. Given the nature of our services, any information we share about you is done with your authority. A form of authority is included in our information packs and we often cannot act for you without a form of authority to do so.
We may share your data with:
Where do we store your personal data?
The information we hold on you is stored at our office. We can transfer your file upon your request once you inform us of any arrangements you make. This is often carried out by courier services.
Under the law we must hold your file for a period of 6 years. After this time your file will be returned to you or destroyed.
The table below sets out your rights in relation to the data we hold about you.
|Right to be informed
|You have a right to be informed about the collection and use of your personal data
|Right to access
|You have a right to be provided with a copy of your personal data
|Right to rectification
|You have a right to have inaccurate personal data rectified or completed if incomplete
|Right to erasure
|You have a right to have your personal data erased. This is not an absolute right and only applies in certain circumstances
|Right to restrict processing
|You have a right to restrict or prevent the processing of your personal data. This is not an absolute right and only applies in certain circumstances
|Right to data portability
|You have a right to obtain and reuse your personal data without affecting its usability
|Rights in relation to automated decision making and profiling
|You have a right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you
For further information regarding your rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on an individual’s rights under the General Data Protection Regulation.
If you would like to make a request in relation to your rights please see the ‘contact us’ section below.
We have effective security measures in place to ensure your personal data is kept safe and to prevent your personal data from being lost or used or accessed unlawfully.
We limit access to your personal data to those who have a genuine business need to access it. You can be assured that those using and processing your personal data do so in an authorised manner and are subject to a duty of confidentiality.
We have procedures in place to address suspected data breaches. In some circumstances we are legally required to report any suspected breach involving your personal data.
If you wish to make a complaint regarding the way your personal data is handled, please get in touch via the ‘contact us’ section.
The General Data Protection Regulation gives you the right to complain to a supervisory body. The supervisory body for the UK is the Information Commissioner who can be contacted by visiting: https://ico.org.uk/make-a-complaint/ or by contacting: 0303 123 1113.
18 Albion House
West Percy Street
Newcastle Upon Tyne
0191 447 4389
Data Protection Officer
0191 447 4389