• Jump to Content [Accesskey 'c']
  • Jump to Navigation [Accesskey 'n']
  • Jump to Homepage [Accesskey '0']
TLT Solicitors
  • Data Protection
  • Accessibility
  • Disclaimer and Privacy
  • Contact
  • Sitemap
  • Send to a colleague/friend
  • Print this page
  • Home
  • Expertise
  • Sectors
  • People
  • Careers
  • Resources
  • About TLT
  • Contact

Page Content

Data Protection

Introduction 

TLT LLP needs to collect and use data (information) for a variety of purposes about its clients and other individuals who come into contact with us.

Any reference to "we", "our" or "us" in this Policy means TLT LLP and its successors. Any reference to "you" means the individual person in relation to whom we hold personal information.

Legal background

The Data Protection Act 1998 ("the Act") places a number of obligations on us in relation to the way in which personal information is collected, used and disclosed.

Objective

This Policy sets out the requirements placed on us by data protection legislation and the steps that we must take in order to comply with those requirements.

The purpose of this Policy is to ensure that we comply with the data protection legislation and ensure that data is collected and used fairly, stored safely and not disclosed to any other person unlawfully.

Definitions

Various terms are used in this Policy which have very specific meanings. These include:

  • "personal data" (or "personal information");
  • "processing";
  • "sensitive personal data" (or "sensitive personal information"); and
  • "Data Protection Officer".

The meanings of these terms are set out below:

"Personal data" (or "personal information"): this means information about a living individual (which could include our clients, suppliers and contractors, their officers and employees and our employees) which can be identified from that information or from that information and other information held by us. Personal data is data which is held electronically and in some manual records and can include an opinion about an individual or any indication as to our intentions in respect of an individual;

"Processing": this means obtaining, recording, organising, retrieving, using, disclosing and simply holding information and "process" and "processed" should be construed accordingly;

"Sensitive personal data ( or "sensitive personal information")": this means personal information which relates to:

  • racial or ethnic origin;
  • physical or mental health or condition;
  • sexual life;
  • political opinions;
  • religious beliefs or other beliefs of a similar nature;
  • trade union membership;
  • criminal record or proceedings;
  • the commission or alleged commission of any offence.

"Data Protection Officer": this means the person we have appointed to ensure that we comply with the Data Protection Act 1998. The Data Protection Officer's role includes assisting and advising our staff with any queries about data protection and dealing with requests for accessing personal information.
Scope

This Policy applies to all personal data collected and processed by us.

Data Controller

We are a data controller under the Act and our Data Protection Officer is ultimately responsible for implementation of and compliance with the Act and dealing with day-to-day matters.

In accordance with the requirements of the Act, we are registered as a data controller with the Office of the Information Commissioner under reference: Z5378293.

Legal requirements

Data Protection Principles

In collecting and using personal data, we must comply with the eight Data Protection Principles. These principles state that personal data MUST:

  • be processed fairly and lawfully;
  • be obtained only for specified and lawful purposes and shall not be processed in any manner incompatible with those purposes;
  • be adequate, relevant and not excessive for those purposes;
  • be accurate and kept up to date;
  • not be kept for longer than is necessary for those purposes;
  • be processed in accordance with the individual's rights under the Act;
  • be kept safe from unauthorised access, accidental loss or destruction; and
  • not be transferred to a country outside the European Economic Area, unless we ensure that there are measures in place to ensure adequate protection for personal data.

We must ensure that whenever we or any of our staff process or use any personal information that we follow these principles at all times.

Your rights

All individuals whose personal information that we process have a number of rights under the Act.

You have a right to know and, in most instances, have a copy of the personal information we hold about you. All such requests should be made to the Data Protection Officer. We are entitled to request sufficient details to assist us in responding to a request and will make a charge of £10 on each occasion a request is processed.

You also have a right to request that no personal information relating to you should be used for direct marketing. If you do not want to receive marketing communications from us, please contact the Director of Risk, at One Redcliff Street, Bristol, BS1 6TP.

Our responsibilities

We maintain personal data in secure conditions and process and disclose personal data only within the terms of our notification to the Information Commissioner.

Where personal information is collected, we will ensure that we:

  • make the purpose for which it is collected clear to you and will give you any other information which in the circumstances would be required to make the processing fair;
  • ensure that you have given your consent to the processing of your information (unless we are otherwise satisfied that we are processing the information lawfully);
  • collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or comply with legal requirements;
  • seek to ensure the quality of information used;
  • apply strict checks to determine the length of time information is held;
  • ensure that the rights of individuals are capable of exercise in compliance with the Act;
  • apply appropriate technical and organisational security measures to safeguard personal information; and
  • ensure that personal information is not transferred abroad without your consent or suitable safeguards.

In addition, we will ensure that:

  • there is someone with specific responsibility for data protection. The person currently nominated is John Verry, Director of Risk;
  • everyone managing and handling personal information understands that they are responsible for adhering to good data practice;
  • queries about handling personal information are promptly and courteously dealt with;
  • a regular review and audit is made of the way personal information is managed; and
  • methods of handling personal information are regularly assessed and evaluated.

Further information

Any questions or concerns about the interpretation or operation of this Policy should be referred to the Data Protection Officer. 

Related information

  • Need to know

© 1999 - 2010 TLT LLP, TLT LLP is a Limited Liability Partnership