SGI Legal LLP is registered with the Information Commissioners Office, registration number Z3253346.
SGI Legal LLP is registered with the Solicitors Regulation Authority (SRA). Details can be found here: https://www.sra.org.uk/solicitors/firm-based-authorisation/abs-register/569219.page
Data Protection Complaints Procedure
You have a right under the General Data Protection Regulation (GDPR) to raise a formal complaint if you feel your data has been unlawfully processed. This same right entitles you to obtain details of what information we hold about you. This is known as a Data Subject Access Request (DSAR). Should you have any queries concerning this right or wish to make a complaint, please contact our our registered office, details as follows:
FOA: Data Protection
SGI Legal LLP
South Harrington Building
182 Sefton Street
Alternatively, email: firstname.lastname@example.org
External Complaints procedure (“Supervisory Authority”)
If you feel that your complaint has not been adequately resolved, you are entitled to make a complaint with the “supervisory authority” (the Information Commissioners Office) by navigating to https://ico.org.uk/concerns/ and completing the necessary. Where applicable please reference the SGI Legal LLP registration number: Z3253346.
What & How We Gather Your Information
SGI Legal LLP gathers and stores information in many ways, including but not limited to the following:
Information you give us: We receive and store any information you enter on our website or give us in any other way.
Automatic Computing information: We receive and store certain types of information whenever you interact with us. For example, like many websites, we use “cookies” and we obtain certain types of information when your Web browser accesses sgilaw.co.uk. A number of companies offer utilities designed to help you visit websites anonymously. Although we will not be able to provide you with a personalised experience at sgilaw.co.uk if we cannot recognise you, we want you to be aware that these tools exist.
Normal course of business: When you contact SGI Legal LLP, we may keep a record of your communication to help solve any queries or issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
Marketing and communications channels: SGI Legal LLP may use Twitter, Facebook, LinkedIn or other social media outlets to market and promote its offerings and services. Any communications you make with SGI Legal LLP using these media may be used by SGI Legal LLP in accordance with this notice.
Consent (“Lawful Basis”)
By submitting your personal information within our contact forms found on this website, you “Consent” to SGI Legal LLP processing it on your behalf. You have the right to withdraw this “Consent” at any time in writing to email@example.com
Suppliers, or Other Access to your Information
We may provide access to your personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures. We will always seek your “Consent” before doing so.
Legal Access to Your Information
We may share personal information with companies, organisations or individuals outside of SGI Legal LLP if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
• meet any applicable law, regulation, legal process or enforceable governmental request.
• detect, prevent, investigate or otherwise address fraud, security or technical issues.
• protect against harm to the rights, property or safety of SGI Legal LLP, our users or the public as required or permitted by law.
Log Files. As is true of most Web sites, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, referring/exit pages, operating system, date/time stamp, and clickstream data. We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). We use this information to analyse trends, to administer the site, to track how visitors interact with the site.
Cookies. A cookie is a small file that is stored on a user’s computer for record-keeping purposes. SGI Legal LLP typically uses both session ID cookies and persistent cookies. We use session cookies to make it easier for you to navigate our site. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time, and can be used when you return to our site to help identify you or allow you to log in, or on other third-party sites to communicate to you via online-marketing channels. You can remove persistent cookies by following directions provided in your Internet browser’s help file.
If you fail to accept cookies, you may still use our website, but your ability to use some areas of our site may be affected.
How We Protect Your Personal Information
SGI Legal LLP safeguards the security of the data you send us with physical, electronic, administrative and managerial procedures. Likewise, we urge you to take every precaution to protect your personal data when you are on the Internet. These precautions include storing passwords in a reputable password manager, using unique passwords for every website or application, changing your password often, using a combination of letters, numbers and symbols, and using a secure browser over a secured network.
This website is hosted from within the United Kingdom, and will never be hosted outside of the European Economic Area (EEA).
The SGI Legal LLP website currently uses at least TLS v1 encryption on all web pages where personal information is submitted. This is designed to protect the confidentiality of your personal information as it is transmitted to us over the Internet.
Right to be Forgotten / Data Retention
(This Website) You have a right to be forgotten. We only retain your name and email address as submitted by yourself when using our contact forms. This data is retained for a period of 12 months, after which it is purged and made irretrievable from our databases.
Right to Rectification
At your own submission, we will only store or process your name and email address as per the website contact details. If you enter this incorrectly you may request that we amend this for you, otherwise we will assume the information you have input is accurate.
Automated Decision Making & Profiling
SGI Legal LLP does not sell or trade your personal information, and does not process your information automatically without your “consent”. Under no circumstance will SGI Legal LLP sell or trade your personal information with any third party or profile character using your personal data.
This Privacy Notice tells you what to expect in relation to personal information about you which is collected, handled and processed by SGI Legal LLP.
We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws in force from time to time. The General Data Protection Regulations (“GDPR”) applies.
The information we may collect
The information about you we may collect, hold and process is set out below:
(A) Information collected and processed for finding you a suitable role is as follows:
(B) your name, address and contact details, including email address and telephone number;
(C) details of your qualifications, skills, experience and employment history;
(D) information about your current level of remuneration, including benefit entitlements;
(E) whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process;
(F) information about your entitlement to work in the UK; and
(G) equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief.
How we use the information
The organisation needs to process data to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you.
In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.
Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. The organisation may also need to process data from job applicants to respond to and defend against legal claims.
The organisation may process information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. This is to carry out its obligations and exercise specific rights in relation to employment.
The organisation will not use your data for any purpose other than the recruitment exercise for which you have applied.
Who has access to data?
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.
The organisation will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment.
How does the organisation protect data?
The organisation takes the security of your data seriously. It has internal policies such as Information Security Policy and Information Security End User Policy and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties
For how long does the organisation keep data?
If your application for employment is unsuccessful, the organisation will hold your data on file for 6 months or 12 months for those candidates who has been short listed after the end of the relevant recruitment process. At the end of those periods or once you withdraw your consent, your data is deleted or destroyed and made it irretrievable.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to the organisation during the recruitment process. However, if you do not provide the information, the organisation may not be able to process your application properly or at all.
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we decide to change our privacy notice, we will post those changes to this privacy statement, the homepage, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
If you have any questions or suggestions regarding our privacy notice, please contact us at: firstname.lastname@example.org