General

This notice provides information on how we collect, use, store, share and retain your personal information; and your rights in relation to this.

We may update this Privacy Notice from time to time. You should check this notice periodically to ensure you are aware of the latest information.

We take the protection of this personal information seriously and this statement sets out a summary of how we use this information.

Please contact us using the details below if you have any questions on this statement or the way in which we use your personal information.

Who we are

Hayward Moon Limited is registered in England & Wales under company number 06056782 and is regulated by the Council for Licensed Conveyancers under number 11212. Our ICO Registration is ZA535427.

All references to ‘us’ or ‘we’ throughout this statement are to Hayward Moon Limited.

Under the UK General Data Protection Regulation (UK GDPR) and other relevant UK and EU legislation,, Hayward Moon Limited is the data controller of the personal information described in this Privacy Notice.

What information we hold about you

During the course of our business it is necessary for us to process personal information about a range of individuals.

This information is called ‘personal data’, and may take the form of personal details, financial details, business activities of the data subject, or any other personal information that is collected during the course of business with us.

Under Data Protection Laws we must apply a strict approach to confidentiality and legal privilege, and any information you provide us with in connection with legal advice is protected accordingly.

Information about our clients

We collect personal information from our clients and those making enquiries with Hayward Moon Limited to the extent necessary to provide our services to you. In addition to information that you may provide directly to us, we may receive information about you from professionals engaged by you, other parties involved in the legal matter, people connected to you and public sources.

We will need to obtain certain identification information from you in order to act for you. In order to verify this information we may undertake checks with third parties which may include providing them with information that you have given to us. If you do not provide this information we may be unable to act for you, or have to cease acting for you.

Information about others

We may collect personal information from you and others in the course of providing services to our clients. You may be another party in a legal matter on which we are advising our client, or an employee, director, partner, trustee, attorney, donor (gifting or loaning funds), beneficiary, witness or other person connected to our client or the legal matter on which we are advising. In addition to information that you may provide directly to us, we may receive information about you from a variety of sources including our client, others involved in the legal matter and public sources.

Information about those who want to work with us

We will collect personal information that you provide to us as part of any application that you make to work with us. We may also receive information about you from third parties such as recruitment consultants, referees and public sources.

Special categories of personal data

We may need to use information revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, or information about your health, sex life or sexual orientation.

Marketing information

We will hold your contact details and other information that you provide to us in relation to any enquiry that you make with us or if you ask to be added to any of our mailing lists. You can always opt out of receiving further marketing communications from us by contacting us at any time using the contact details below or the unsubscribe instructions in our emails.

Website, cookies and online enquiries

If you use our website or online services, we may collect additional information. Further details about how we use cookies may be set out in a separate Cookie Policy available on our website at: https://www.haywardmoon.co.uk/cookie-policy/

How we obtain your information

The usual means of obtaining your personal data are:

  • From you directly
  • Provided by third parties connected with a transaction
  • Public registers or government entities
  • Third party agents that form part of our engagement with a client

How we use your information

Our primary use of personal data will be where necessary to perform our contract with our clients. We may also use it for purposes such as:

  • Processing payments
  • Marketing
  • Where you have provided consent, provided that you can withdraw this consent at any time
  • Where it is required by law including our obligations under the Council for Licensed Conveyancers Code of Conduct, anti-money laundering and criminal financing legislation, court rules and other laws that apply to us from time to time. Processing under our Regulator, anti-money laundering legislation, professional conduct rules, and court or regulatory requirements Is done so under Legal Obligation.

Lawful basis for processing

Under data protection law, we must have a lawful basis for processing your personal data. The table below explains the main ways in which we use personal data and the lawful bases we rely on:

  • Providing conveyancing and legal services to clients – legal basis: Contract
  • Identity verification and anti-money laundering checks – legal basis: Legal obligation / legitimate interests
  • Conflict checks and risk management – legal basis: Legal obligation / legitimate interests
  • Administration and management of our business – legal basis: Legitimate interests
  • Insurance, compliance, risk management – legal basis: Legal obligation / legitimate interests
  • Establishing, exercising or defending our legal rights – legal basis: Legitimate interests/legal obligation/performance of contract/public task
  • Improving and developing our services – legal basis: Legitimate interests
  • Marketing communications to existing clients – legal basis: Legitimate interests
  • Marketing communications to non-clients – legal basis: Consent (where required)

Where we rely on legitimate interests, we have considered whether those interests are overridden by your rights and freedoms. In all cases, we only process personal data to the extent that is necessary and proportionate.

Processing ‘special category’ data

We will only use this kind of information in the following ways, where:

  • We have your explicit consent
  • It is necessary for us to use this information to protect your vital interests or those of another person where it is not possible to obtain consent
  • It is necessary for us to do so in connection with the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
  • In exceptional circumstances, another of the grounds specified in law for processing special categories of personal data are met.

Who we might share your information with

We may disclose your information to others where necessary for the following purposes:

  • To our infrastructure and service providers for them to provide these services to us
  • To our regulatory bodies and external auditors
  • With our client and others as necessary to progress a matter that we are advising on including insurers, counsel, experts, other professional advisers, courts and other parties involved in the legal matter or connected to our client
  • To a third party as part of a sale of some or all of our business
  • To law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by law.

How we keep information secure

We will use appropriate technical and organisational measures to safeguard your personal data. We store your personal data on secure servers to prevent personal information being accessed in an unauthorised way. Access to your personal data is limited to approved staff.

We have procedures in place to deal with any potential or confirmed data security breach should it arise; and you will be notified if necessary if your data is compromised.

Transfers outside the EEA

Your information is primarily stored and processed within the United Kingdom. However, some of our third-party service providers may process personal data outside the United Kingdom.

Whenever we transfer personal data outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect your information and to ensure that it receives a level of protection that is substantially equivalent to that provided under UK data protection law.

We may transfer personal data to:

  • Countries that have been recognised by the UK Government as providing an adequate level of protection for personal data (known as “adequacy regulations”);
  • Organisations that have entered into appropriate contractual arrangements with us, including the UK International Data Transfer Agreement (IDTA) or the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses; or
  • Other recipients where a lawful transfer mechanism or exemption permitted under UK data protection law applies.

If you would like further information about the safeguards used when transferring personal data outside the United Kingdom, please contact us using the details set out in this Privacy Notice.

How long we keep your information

We retain information in accordance with our Terms of Business.  Retention periods vary depending on the nature of the matter, legal obligations and regulatory requirements.

Your rights

You have rights under data protection laws, in certain circumstances, including to:

  • Request access to your personal data
  • Require correction of inaccurate or incomplete personal information
  • Request erasure of your personal information in certain circumstances
  • Request restriction of processing in certain circumstances.
  • Object to our processing of your personal information where we rely on legitimate interests.
  •  Request transfer of your personal information to another organisation where applicable.
  • Withdraw consent at any time where processing is based on consent.
  • Not be subject to a decision based solely on automated processing where such rights apply.

These rights are subject to certain exemptions and limitations under data protection law.

If you wish to exercise any of these rights, you should put your request in writing and provide us with enough information to identify you. If we need further information we will let you know.

Data Protection Complaints

If you have any concerns about how we collect, use, store or otherwise process your personal information, you have the right to make a data protection complaint directly to us.

Our Data Protection Complaints Procedure explains how complaints can be made and how they will be handled. A copy of this procedure is available on our website.

We will investigate all data protection complaints fairly and without undue delay and will keep you informed of the outcome.

You also have the right to complain to the Information Commissioner’s Office (ICO) at any time. However, the ICO may ask you to raise your concerns with us first before they investigate your complaint.

More information on the Information Commissioner’s Office and your rights is available at www.ico.org.uk.

More information

For any questions on this statement or the way that we handle your personal information please contact:

  • The Data Protection Manager, Hayward Moon Limited, Connexions, 159 Princes Street, Ipswich, IP1 1QJ
  • Email gdpr@haywardmoon.co.uk