1. Introduction
Veritas Solicitors is committed to protecting the privacy and security of personal data. This Data Protection Policy outlines our procedures and responsibilities in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.
2. Data Controller
Veritas Solicitors, with its registered address at 7th Floor, Cardinal House, 20 St Mary’s Parsonage, Parsonage Gardens, Manchester, M3 2LY, is the data controller for the personal data processed in accordance with this policy.
3. Scope
This policy applies to all personal data processed by Veritas Solicitors, whether on paper, electronically, or verbally.
4. Data Protection Principles Veritas Solicitors is committed to upholding the following data protection principles: Lawfulness, Fairness, and Transparency: We will process personal data lawfully, fairly, and transparently.
Purpose Limitation: Personal data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
Data Minimisation: We will only process data that is necessary for the purposes for which it is collected.
Accuracy: Personal data will be accurate, and where necessary, kept up to date.
Storage Limitation: Personal data will be kept in a form that permits identification for no longer than is necessary for the purposes for which it is processed.
Integrity and Confidentiality: We will process personal data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
5. Data Subjects' Rights
Veritas Solicitors respects individuals' rights regarding their personal data. These rights include:
The right to be informed;
The right of access;
The right to rectification;
The right to erasure;
The right to restrict processing;
The right to data portability;
The right to object;
Rights related to automated decision making, including profiling.
6. Lawful Basis for Processing Personal DataVeritas Solicitors will only process personal data when there is a lawful basis for doing so. This includes:
The data subject has given consent;
Processing is necessary for the performance of a contract;
Processing is necessary for compliance with a legal obligation;
Processing is necessary to protect the vital interests of a data subject;
Processing is necessary for the performance of a task carried out in the public interest or the exercise of official authority.
7. Data Security
Veritas Solicitors has implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
The pseudonymisation and encryption of personal data;
The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
The ability to restore the availability and access to personal data promptly in the event of a physical or technicalincident;
A process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
8. Data Breach Notification
In the event of a personal data breach, Veritas Solicitors will report it to the Information Commissioner's Office (ICO)within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.
9. Training and Awareness
Veritas Solicitors provides regular training to employees on data protection principles, GDPR compliance, and the importance of protecting personal data.
10. Data Protection Officer (DPO)
Veritas Solicitors has appointed a Data Protection Officer, Mr Faraz Fazal, who is responsible for overseeing compliance with this policy. The DPO can be contacted at compliance@veritassolicitors.co.uk.
11. Review and Update
This Data Protection Policy will be reviewed annually and updated as necessary to ensure continued compliance with data protection laws and any changes in business processes.
Last updated:
09 March 2020