At MGAP LLP we take privacy seriously and we are committed to protecting it.
This policy explains when and why we collect personal information about individuals, how this information is used, the conditions under which it may be disclosed to others and how it is kept secure.
This policy may change from time to time so please check this page occasionally to ensure that you’re happy with any changes. This policy was last updated on 24 May 2018.
MGAP London LLP (company number OC403646) registered office at 1 Fore Street, London, London, EC2Y 9DT, UK.
Our Firm is a data controller in relation to the processing activities described below. A “data controller” is an organisation that decides why and how your personal information is processed.
Where this policy refers to “we”, “our” or “us” or “MGAP” below, it’s referring to MGAP London LLP.
We collect information about you that you give to us by corresponding with us by phone, post, email or otherwise and is provided entirely voluntarily. This includes your contact information, identification information and banking/billing information.
We may collect the information about your visits to our website, including the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect any personal information, which you allow to be shared that is part of your public profile or third party social network.
We may receive information about you from third parties in connection with our services. For example, we may:
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are explained below.
Where it is required to complete a CONTRACT
We may use and process your personal information where we have supplied you (or continue to supply you) with any services, where we have arranged for the supply of another company’s products or services to you, or where you are in discussions with us about any new product or service. We will use this information in connection with the contract for the supply of services when it is needed to carry out that contract or for you to enter into it. Please see Personal information we collect and how we collect it about you above for details of the types of personal information we process for these purposes.
We may use and process your personal information where you have consented for us to do so for direct marketing purposes. Please see section 8 below for further information.
You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent for further details.
We will use your personal information (including your identification information) to comply with our legal obligations: (i) to carry out any anti-money laundering checks as required by the Money Laundering Regulations 2017 or other public authority or criminal investigation body; (ii) to identify you when you contact us; and/or (iii) to verify the accuracy of data we hold about you.
We may use information about to which we collect from publically available or other sources to verify the information that you give to us for this purpose.
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, or that of a third party, for the following purposes:
We may share your information with others in order to manage your case.
We may also pass your personal data with our attorneys or other professionals acting on our behalf for your case unless explicitly instructed not to do so.
In the course of instructing foreign attorneys it will be necessary to pass details of you to them to enable them to assist us with your case and/or take other actions on your behalf.
Third parties who provide products and services
When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions or for a specified purpose.
Credit/debit card payment processors
Where you elect to pay an invoice by way of bank transfer, your credit/debit card payment is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us using the details at the end of this policy.
Other ways we may share your personal information
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers. We will always take steps with the aim of ensuring that your privacy rights continue to be protected.
Some of the information you provide to us may be transferred to countries outside the European Economic Area (EEA).
By way of example, this may happen where if any of our servers or those of our third party service providers are from time to time located in a country outside of the EEA, or where we have shared your information with other attorneys, agents and law offices outside the EEA for the purposes of managing your cases and/or enquiries. These countries may not have similar data protection laws to the UK.
If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on the recipient of your personal
information or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.
If you use our services whilst you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under How we use your personal information above. The only exceptions to this are where:
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website and any transmission is at your own risk. Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Where we collect any sensitive personal information we will apply additional security controls to protect that data.
Our website may contain links to other websites run by other organisations. This policy does not apply to those other websites‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links that we may provide. In addition, if you linked to our website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
It is possible to switch off cookies by setting your browser preferences.
We may collect your preferences to receive marketing information directly from us by email, SMS, phone or post if you subscribe to our newsletter.
We may contact you with marketing information by post or by telephone or with targeted advertising delivered online through social media and platforms operated by other companies by using your personal information, or use your personal information to tailor marketing to improve its relevance to you, unless you object.
We may also contact you with marketing information by text or email. However, where you deal with us in your capacity as an individual (rather than through your company or organisation), we will only contact you by email or text with direct marketing material if:
We will only share your information with our third party partners or marketing agents in order for them to send marketing materials on our behalf or capture any requests to unsubscribe from our newsletter.
From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.
You have the right to opt-out of our use of your personal information to provide marketing to you in any of the ways mentioned above. Please see Withdrawing your Consent and Objecting to our use of your personal information and automated decisions made about you below for further details on how you can do this.
You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.
Accessing your personal information:
You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool.
Erasing your personal information or restricting its processing:
You may also ask us to restrict processing your personal information where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Transferring your personal information in a structured data file: Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under How we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file. You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Complaining to the UK data protection regulator: You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our website, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our website. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our services.
Please direct any queries about this policy or about the way we process your personal information to Sergei Grachev.
The email address for data protection queries is GDPR- firstname.lastname@example.org
If you would prefer to speak to us by phone, please call +44 (0)7952 810 622