Who we are
DPM Legal Services Limited (DPM Legal) is a firm of solicitors and and is authorised and regulated by the Solicitors Regulation Authority (SRA), Firm Reference Number 619713.
Please read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities should you have a complaint.
When we collect and use personal information about you we are regulated under the General Data Protection Regulation which applies across the European Union (inlcuding in the UK) and we are responsible as a "controller" of that personal information for the purposes of those laws.
DPM Legal is a controller and processor of the personal data clients provide to us. Our registered office is Sutton House, Weyside Business Park, Catteshall Lane, Godalming, Surrey, GU7 1XE.
The personal information we collect and use
We will collect sufficient personal information from our clients in order to provide legal services to our clients. This includes basic facts such as name, address, dependants' details and contact details and may include financial information. We may also obtain personal information from other professionals and advisers involved in a particular transaction.
The lawful basis of the data processing is that our client (known as the ‘data subject’) is giving their explicit consent that collection of the data is necessary for the performance of a contract with DPM Legal in respect of the products and services provided in accordance with our terms of business.
Who we share your personal information with
We may share client information with other professionals and advisers involved in your transaction as necessary in order to comply with your instructions. We also have a legal obligation to provide information to government departments and regulatory bodies such as the Solicitors Regulation Authority (SRA), Financial Conduct Authority (FCA), Her Majesty’s Revenue & Customs (HMRC), appropriate Ombudsmen and the Information Commissioner’s Office (ICO).
We may also use third party companies to administer and communicate information in respect of our legal and regulatory obligations.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party (unless you specifically request us to do so).
How we hold client personal data
All the personal data we use is controlled by DPM Legal in the United Kingdom. No third parties have access to client personal data unless the law allows them to do so. We have a data protection regime in place to oversee the effective and secure processing of their personal data.
All information at DPM Legal is stored on secure servers. All our data transfers to and from authorised third party recipients have built in security features, including encryption (other than email communications which cannot be secured in such a robust manner), to best protect your personal data.
Clients' basic personal data will be kept for a maximum of 20 years, or as long as is required by the SRA (our regulator), following the end of their business relationship with DPM Legal, after which time it will be destroyed. The reference to the duration of 20 years is because of the type of work we carry out and the limitation periods that are imposed by law on certain types of documents.
If at any point a client believes information that we retain about them is incorrect, the client can request to see this information and have it corrected and possibly deleted. The client may also request that their data be transferred to another data controller in a machine-readable format. Providing clients with their data information is free of charge, but charges may apply for excessive requests.
If a client wishes to raise a complaint on how we have handled their personal data, they can contact either one of the managing directors of DPM Legal: David Kearsley, Derrick Fowler or Ian Stewart, at the above address, who will investigate the matter. Where relevant, clients have the right to withdraw their general and explicit consent at any time, however, without their consent, we will not be able to process the data they have provided. If a client is not satisfied with our response or believe we are not processing their data in accordance with the law, they can complain to the Information Commissioners Office (https://ico.org.uk/).