I, Rachel Kapila, am a data controller and can be contacted at Cloth Fair Chambers, 39-40 Cloth Fair, London EC1A 7NT or by telephone on 020 7710 6444 or by email at firstname.lastname@example.org. My Data Protection Policy can be found here.
All personal data that I process is for the purposes of providing legal services, conducting conflict-checks, marketing, defending potential complaints, legal proceedings or fee disputes, keeping anti-money laundering records, training other barristers and pupils and when providing work-shadowing opportunities, and/or exercising a right to a lien. The types of data I process vary upon the nature of the legal matter in relation to which I am engaged to advise, but can include names, contact details, biographic details and ‘special category personal data’ (such as details of racial or ethnic origin, political opinions, religious or philosophical beliefs, health, sex life and criminal convictions and proceedings).
Depending upon the circumstances of the case, the legal bases upon which I process personal data are (i) the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract, (ii) the processing is necessary to comply with legal obligations to which I am subject, or (iii) the processing is necessary for the legitimate interests set out above, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subjects which require protection of personal data, in particular where the data subject is a child. When I rely on (iii) legitimate interests, my ‘Legitimate Interests Assessment’ can be found here. When I process data which has not be obtained directly from the data subject (e.g. personal data contained in evidential materials), it will have been supplied to me as part of my instructions in circumstances covered by legal professional privilege.
Depending upon the circumstances of the case, I may share the personal data with:
- my Chambers, which supplies professional and administrative support to my practice;
- Courts and other tribunals to whom documents are presented;
- my lay and professional clients;
- potential witnesses, in particular experts, and friends or family of the data subject;
- solicitors, barristers, pupils, mini pupils and other legal representatives;
- ombudsmen and regulatory authorities;
- current, past or prospective employers;
- education and examining bodies;
- business associates, professional advisers and trade bodies.
I normally retain personal data for no longer than 7 years after the case has come to an end or as otherwise required by law or justified by the particular circumstances of the case. Examples of cases justifying a longer retention period are:
- domestic criminal proceedings in which custodial sentences longer than 7 years have been passed: records will retained until the end of the sentence;
- extradition cases in which there is a realistic prospect of future proceedings involving the same requested person: records will be retained indefinitely.
I do not intend to transfer data to any country which is not either within the European Union, ‘white listed’ by the EU or otherwise permitted by EU law (e.g. to the USA under the provisions of the ‘Privacy Shield’).
Under the GDPR, data subjects whose personal data I process have the right to request from me access to, and rectification or erasure of, their personal data, the right to the restriction of processing concerning them, the right to object to processing as well as the right to data portability. Data subjects also have the right to lodge a complaint with the Information Commissioner’s Office (ico.org.uk).
In cases where there is a contract between me and the data subject, the provision of personal data is a contractual requirement and the data subject is obliged to provide the personal data in order that I can supply legal services. A failure to provide such data may mean that I will not be able to provide the legal services.
Rev 1.1 – 01.04.2019