Privacy Policy

Privacy Notice

In this privacy notice the terms EMG Solicitors/EMG/we/our/us means EMG Solicitors Ltd. Under the UK’s data protection regulations, you have the right to be informed about the collection and use of your personal data and we have legal responsibilities to tell you what we do with your data and how we keep your data safe.

Who we are.

In terms of the GDPR, we are data controllers, bound by the UK’s data protection laws. This means that we determine the purpose and means for processing your personal data. We are registered as a data controller with the UK Information Commissioner’s Office (ICO) under registration number ZA065429.

Contacting Us

Emma Rickaby is responsible for data protection within our company, please contact Emma if you have any queries about this privacy notice. Email: [email protected] Post: Emma Rickaby, EMG Solicitors Ltd, Abbey House, Abbeywoods Business Park, Durham, DH1 5TH

Your Data

Your rights

Regardless of how we hold your personal data, you have the right to request a copy of the information that we hold about you. We also want to make sure that your personal information is accurate and up to date and you may ask us to correct or remove information which you think is inaccurate. In certain circumstances you have a right to object to the processing of your personal information and can ask us to delete personal data that we hold about you, but this does not apply where we have a legal justification to continue processing your data or an overriding legitimate interest.

You have a right at any time to stop us from contacting you for marketing purposes. Please let us know by using the contact details above or by emailing [email protected]. Please contact Emma Rickaby if you have any questions about information we hold about you.


What categories of personal information do we process?

Depending on why we are collecting your personal data, we may process your:

– Contact details (for example your name, telephone number and address)
– Vehicle registration
– Date of birth
– National insurance number
– Proof of identity documents, like your passport, driving licence, armed forces card, utility bills or bank statements
– Financial information like banking, tax, pay, pension and asset information
– Personnel information like absence, performance, employment history, training and qualification information
– Special categories of personal data, for example trade union association, ethnicity, health related data or data relating to a child
– Digital footprint, for example IP address
– Video recording and or live broadcasting though web streaming services
– Video recording through CCTV at the branch offices


How we keep your data secure

To help prevent against unauthorised processing of your personal data, we run a paperless office – meaning we process your information digitally. We use firewalls and anti-virus software, our computers are encrypted and we use password protection access for all of our systems. We follow the government’s National Cyber Security Centre guidelines with regard to the safe storage of your data and password protection procedures. We also have the functionality to send and receive emails securely using an encrypted data transfer service. Please let us know if you would like to use this service in our correspondence with you.


Using third parties to process your personal data

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes unless they are required to determine how they process your data, for example, an occupational therapist would need to determine how they record and use your personal information to carry out their specific role, in these cases they are joint controllers of your information. Please note that our website, www.emgsolicitors.com and other digital platforms may contain links to third party websites/digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms and therefore we recommend that you check the privacy and security policies of each and every other website/digital platform that you visit.

If you are a potential client or looking for information or assistance.

When you make an enquiry over the phone or through our enquiry email address, we take your contact details so that we can respond to your request. Our legal basis for processing your information is consent if you have voluntarily made contact with us, or contractual if we are processing your information in order to take steps, at your request, prior to entering into a contract.

We will retain the information collected at this point for one year before destruction of our records. If you contact us through our website there is a section below about how we manage personal data gathered from this medium.

If you are a client.

As a client, so that we can provide you with a legal service, we will ask and record personal questions about you. We will only process personal data which is necessary for the performance of our contract with you.

As a client we may be required to share your personal and sometimes sensitive information with:

  • Regulatory authorities to comply with our legal obligations, like the Office of Financial Sanctions, The National Crime Agency, or the Solicitors Regulation Authority.
  • Credit reference agencies to check your identity in accordance with our legal obligations.
  • Property search companies to identify any issues that might influence your decision to buy or sell a property.
  • Insurers, for the purpose of providing you with appropriate financial cover for an identified insurable risk, or in connection with any claim made by you against us.
  • Property agents, brokers, lenders, and other solicitors involved in your transaction representing other party(ies) in your matter, to enable them and us to fulfil our obligations to you.
  • Other government departments such as HMRC, Companies House, HM Probate Registry, the Court of Protection or HM Land Registry to fulfil your and our legal obligations.
  • Experts and barristers required to work on your matter.
  • Case managers, tradesmen, therapists, carers, property agents, brokers, lenders, banks, and other solicitors employed as a result of Court appointed deputyships and trusts.- Our auditors and external assessment bodies to achieve and maintain any regulatory or quality assurance standards and accreditations which meet our legal obligations and enable us to provide legal services to you.

Generally, our legal basis for processing your information is contractual, but we also process your information to comply with our legal requirements. For example, to prevent against money laundering, terrorist financing or financial crime, we may also be obliged to disclose information by court order.

If we have been appointed by the Court of Protection to the role of deputy, we are legally responsible for acting and making decisions on behalf of a person who lacks capacity to make those decisions for themselves. In this case, our legal basis for processing your information is to exercise the official authority vested in the deputy and to protect your vital interests (or the vital interests of another person).

As a client we will retain your personal information in accordance with applicable laws and for no longer than is necessary to:

  • carry out services for your matter,
  • respond to any questions, complaints or claims made by you or on your behalf and
  • to keep records required by law to comply with our legal obligations and our duties to the regulator.

Further information about the actual retention period will be provided to you when your matter concludes. After the retention period we will destroy all data.

From time to time we would like to send you information about the services that EMG Solicitors Limited offer, using your contact information. Our legal basis for processing this information will be either direct consent or legitimate interest. As an example, if there has been a change in law relating to your matter we might contact you and our legal basis for doing so would be your legitimate interest.

If you have applied for a job with us.

We will ask you for your contact details and work-related history so that we can carry out our selection process prior to inviting you to interview. We may also collect information about you by reference or word of mouth, for example, you may be recommended by a friend or former colleague. Our legal basis for processing your information is a legitimate interest in finding a work opportunity within our firm and you consent to the processing of your data when you make an application.

We will hold your contact details, work history and interview notes for one year if you are unsuccessful in the selection process, and for 6 years after our contract is terminated if we enter into a contract of employment.

We use third party suppliers to collate information throughout the recruitment process. We only share data necessary for the third party to perform their function and obtain a copy of their own privacy notice or a confidentiality agreement for assurance that they process your data in line with the UK’s data protection regulation.

If we employ you.

When you start to work for us, we ask for your personal data so that we can carry out the terms within our contract of employment, for example, we ask for your bank details to pay your salary. Our legal basis for processing your data is contractual.

We also have legal requirements to report tax information to the HMRC and have a duty to make reports to the Solicitors Regulation Authority (SRA). Our legal basis for processing this information is our legal obligations.

So that we can carry out our duty of care, we may share your personal data internally with management and first aiders, or externally, with, for example, paramedics. Our legal basis for processing your information for this purpose is protecting your vital interests.

We may use third party suppliers to carry out business functions which we outsource for example; IT support, financial advisor, HR consultant, pension provider and payroll provider. We only share data necessary for said third party to perform their function and ensure they process your data in line with the UK’s data protection laws.

We store your information for the duration of your employment plus 6 years after our contract is terminated.

If you are a third party on a client matter

We take details as the result of you being one of the following, although the list is not exhaustive:

  • Beneficiary of an estate
  • Advocate
  • Official Solicitor
  • Barrister
  • Expert witness
  • Other parties
  • Family members (who are not parties)
  • Other solicitors

We will take your contact details and store them on our case management system.  Our legal basis for processing this information is to carry out our contractual duties to which you are a party or to comply with our legal obligations from our regulator, the Solicitors Regulation Authority.

Further information about the actual retention period is provided to the client when the matter concludes which ranges from 15 to 80 years.  After the retention period we will destroy all data.

If you are a third party supplier

We take your contact details so that we can enter into a mutual agreement and make payment for your services, reporting to HMRC as required. Our legal basis for processing your information is contractual and also to comply with our legal obligations.

We may use your contact information to invite you to attend one of our specialist seminars or events if we think there is a legitimate interest in the subject matter.

If our contract terminates then we will keep your personal details on record until we destroy the data after a 6 year period from termination of contract.

If you are not a client but complain to us.

If you are not a client of ours but you complain to us about how we have processed your personal information or you seek to exercise a data protection right such as a data subject access request, we will retain details of your complaint or request. We will only use the personal information we collect to process the complaint or request, to audit the level of service we have provided and to provide information to our insurers or regulator.

We will keep information in connection with the complaint or request in line with our retention policy. In most cases this means we will retain the information for six years.

If you are a delegate at one of our hosted events.

If you sign up to one of our events, we take your contact details to provide you with event details, our legal basis for processing your information is to carry out our contractual terms.

We may share your contact details with an outsourced event planning company so that they can arrange table seating.

We may also use this contact information to send out invitations to any future events which you might like to attend, or if you have directly requested this information.

We will destroy your personal data if you have not made contact with us for 5 years.

If you are a speaker at our meetings you may be audio and video recorded and/or live broadcasted through web streaming. Each speaker is contacted to agree on the collection and on the processing of your personal data and on the publication of the audio and video recordings and/or web streaming. We will destroy the audio and video recordings within one year of recording.

If you visit our offices.

We use CCTV to provide a safe and secure environment for staff and visitors, for the prevention, identification and reduction of crime, to prevent the loss or damage to EMG Solicitors’ or visitors’ property and protect against data security breaches.

We consider the expectations of privacy in the areas where we have installed CCTV and in addition there is no sound functionality.

We record images accessible only by directors and senior management, the data is erased according to our CCTV policy which is available upon request. Monitoring will only be used for wellbeing and security purposes stated above unless it leads to the discovery of a health and safety breach. We display signs to alert people where the cameras are.

If you digitally sign a document.

We use a third party service to send and receive documents for digital signing, part of this process is to record all signees’ digital footprint, this provides a secure audit of the signing process. All data with the third party is purged on a regular basis and kept for no longer than is necessary.

If you are a visitor to our website.

Our website is operated by EMG Solicitors Ltd, and we use a third party to host and maintain the live chat service. We collect information about you when you voluntarily complete our enquiry form, send us a message or contact us by any other means of communication. By voluntarily making contact with us, the legal basis for processing your information is consent. We will destroy your personal data which we hold from your website enquiry after one year.

Use of cookies.

What exactly are cookies?

In order to collect the information including personal data as described in this Notice, we use cookies and similar technology on our website. A cookie is a small piece of information which is sent to your browser and stored on your computer’s hard drive, mobile phone or other device. Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information, this is referred to as clickstream data. This information is used to track visitor use of the website and to compile statistical reports on website activity. You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not. However, some of the Services offered through our website may not function properly if your cookies are disabled.

Cookies can be first party or third-party cookies.

  • First party cookies – cookies that the website you are visiting places on your device.
  • Third party cookies – cookies placed on your device through the website but by third parties, such as, Google.

Through the use of cookies we record anonymous IP address information which your computer provides, so that we can use the data for analytics. We use cookies so that we can give you a better experience when you return to our website. Google Analytics store the data on servers outside of the European Union, however they adhere to the EU-US Privacy Shield Framework, making sure they comply with certain security standards approved by the EU.

We use the following cookies on our website:

Cookie consent and opting out.

You have the ability to accept or decline cookies when you visit our webpage. If you choose to decline cookies, you will not be able to fully experience the interactive features of our website, our platforms and Services.

When you arrive on our website a pop-up message will appear asking for your consent to place cookies on your device. In order to provide your consent, please click ‘Accept’. Once your consent has been provided, this message will not appear again when you revisit. If you, or another user of your device, wish to withdraw your consent at any time, you can do so by clearing your cookie data in your browser settings and your browsing permission for collecting cookie data will be reset. The next time you visit our website you will be asked once more to accept or decline cookies when you visit our webpage. For more information please visit www.allaboutcookies.org and http://www.youronlinechoices.com/uk/

To clear cookies that have previously been placed on your browser, you should select the option to clear your browsing history and ensure that the option to delete or clear cookies is included when you do so.

Website security

The electronic systems on our website are protected through the use of firewalls and anti-virus software. All data is further protected and held securely. However, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the internet and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.

Other Websites

Our website contains links to other websites. This privacy notice only applies to this website so when you link to other websites you should read their own privacy notice or privacy policy.

Data protection registration

Data protection law in the UK is regulated by the ICO. We are accountable to the ICO in relation to all of our personal data processing activities. You have the right to make a complaint to the ICO using the following methods:

  • On line at: https://ico.org.uk/make-a-complaint
  • In writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
  • By telephone on: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

Changes to our privacy notice

Our privacy notice is regularly reviewed and at least annually. This privacy policy was last updated on 05.04.2024.