Geoffrey Grace Solicitors

020 4511 9159 info@geoffreygracesolicitors.co.uk Request Consultation

Privacy Policy

Last updated: 13 March 2026

Privacy Policy

Geoffrey Grace Solicitors is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect personal information when you visit our website, contact us, make an enquiry, or instruct us in relation to legal services.

1. Who we are

GEOFFREY GRACE SOLICITORS
SRA ID: 651483 | SRA Regulated
Address: 1 Ballards Lane, Finchley, London, N3 1UX, England
Telephone: 02045119159
Email: info@geoffreygracesolicitors.co.uk

For the purposes of UK data protection law, Geoffrey Grace Solicitors is the data controller of the personal data processed through this website and in connection with our legal services.

2. The personal data we collect

We may collect and process the following personal data:

  • identity and contact information, such as your name, address, email address and telephone number;

  • enquiry information you provide through our website, by email, by telephone or in person;

  • matter-related information, documents and correspondence connected to legal advice or representation;

  • billing, payment and administrative information;

  • identification and verification information required for client onboarding, compliance and regulatory purposes;

  • technical and usage information relating to your use of this website, including IP address, browser type, device information and website interaction data;

  • any other information you choose to provide to us.

Depending on the nature of your matter, we may also process special category data or other sensitive information, for example data relating to health, ethnicity, family circumstances, safeguarding issues or other highly personal matters. In some cases, we may also process information relating to alleged or actual criminal matters where this is relevant and lawful.

3. How we collect your personal data

We collect personal data:

  • directly from you when you complete an enquiry form, contact us, instruct us or provide documents or information;

  • from third parties involved in your matter, where appropriate and lawful, including courts, tribunals, public authorities, other legal professionals, experts, opponents or representatives;

  • automatically through your use of our website, including through cookies and similar technologies where applicable.

4. How we use your personal data

We may use your personal data to:

  • respond to enquiries and requests for information;

  • decide whether we are able to act for you;

  • carry out conflict checks, client due diligence and regulatory or compliance checks;

  • provide legal advice and legal services;

  • communicate with you about your matter;

  • manage documents, billing, administration, file management and internal record-keeping;

  • comply with legal, regulatory, professional, insurance and risk-management obligations;

  • maintain the security and functionality of our website and systems;

  • improve our website, services and client communications.

The ICO requires privacy notices to explain what data you collect, why you use it, your lawful bases, who you share it with, how long you keep it and what rights people have.

5. Lawful bases for processing

We rely on one or more of the following lawful bases under Article 6 UK GDPR, depending on the circumstances:

  • Contract: where processing is necessary to take steps at your request before entering into a retainer, or to perform our contract with you;

  • Legal obligation: where processing is necessary for compliance with legal, regulatory or professional obligations;

  • Legitimate interests: where processing is necessary for the legitimate interests of Geoffrey Grace Solicitors or a third party, provided those interests are not overridden by your rights and interests;

  • Consent: where we rely on your consent for a specific activity, such as certain marketing communications or certain optional website technologies.

Where we process special category data, we also rely on an additional condition under Article 9 UK GDPR and, where required, the Data Protection Act 2018. In legal services work, this may include processing that is necessary for the establishment, exercise or defence of legal claims, or another applicable legal condition depending on the matter.

Where we process criminal offence data, we do so only where there is a lawful basis and an applicable condition under the Data Protection Act 2018, and only where such processing is necessary and lawful in the context of the work involved.

6. Special category data and confidential legal information

As a law firm, we may process highly sensitive personal data provided in confidence by clients or potential clients. We handle such information carefully and in accordance with our legal, professional and regulatory duties, including duties of confidentiality. We ask that you do not send unnecessary sensitive information through the website enquiry form at the initial stage unless it is essential to explain your enquiry.

7. Who we may share your personal data with

Where necessary and lawful, we may share personal data with:

  • courts, tribunals and public authorities;

  • barristers, experts, interpreters, costs professionals and other professional advisers;

  • opponents, their representatives, or other parties involved in your matter where appropriate;

  • IT, hosting, email, case-management, transcription, archiving, secure storage or administrative service providers;

  • insurers, auditors, accountants and professional advisers to the firm;

  • regulators, law enforcement or other bodies where we are legally or professionally required to do so.

You should replace this section with the actual providers you use where possible, especially if your site uses named processors such as a hosting provider, form provider, anti-spam tool, analytics provider or cloud email platform. The ICO expects privacy notices to identify recipients or categories of recipients clearly enough for users to understand who may receive their data.

8. International transfers

We do not intend to transfer personal data outside the UK except where necessary for a service provider or system we use and only where an appropriate safeguard is in place.

Replace this paragraph with the actual position for your website and firm systems.
If any provider stores or accesses personal data outside the UK, you should identify that and state the safeguard relied upon, such as adequacy regulations or approved transfer mechanisms.

9. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, regulatory, professional indemnity, complaints-handling, insurance, anti-money laundering, limitation, tax and record-keeping purposes.

As a guide, we may retain information for periods such as:

  • general website enquiries that do not become client matters: up to 12 months after the last contact;

  • conflict check and onboarding information: for as long as reasonably necessary for compliance and record-keeping purposes;

  • client matter files: for the period set out in our file retention policy, which will depend on the nature of the matter and our legal, regulatory and insurance obligations;

  • billing and accounting records: for the period required by law and regulatory obligations.

If you already have a file retention policy, insert the actual periods here. If not, use this as a framework and align it to your internal retention schedule and insurer expectations. The ICO says you should tell people the retention period or the criteria used to determine it.

10. Your rights

Subject to the law, you may have the right to:

  • request access to your personal data;

  • request correction of inaccurate or incomplete personal data;

  • request erasure of your personal data in certain circumstances;

  • request restriction of processing;

  • object to processing in certain circumstances;

  • request portability of personal data where applicable;

  • withdraw consent where consent is relied upon.

These rights are not absolute and may not apply in every situation, particularly where legal professional privilege, confidentiality, legal obligations or the rights of others are relevant.

11. Marketing

We do not send electronic marketing communications unless permitted by law. Where consent is required, we will obtain it before sending such communications, and you may opt out at any time. PECR and the UK GDPR both apply to electronic marketing and cookies.

12. Website data, cookies and similar technologies

Our website may use cookies and similar technologies. Some are strictly necessary for the operation of the website. Others, such as analytics or embedded third-party tools, may only be used where valid consent has been obtained. Please see our Cookies Policy below for more information.

13. Security

We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

14. Complaints

If you have concerns about how we handle your personal data, please contact us first so that we can review the matter.

You also have the right to complain to the Information Commissioner’s Office (ICO).

15. Contact us

If you have any questions about this Privacy Policy or our use of personal data, please contact:

Geoffrey Grace Solicitors
Email: info@geoffreygracesolicitors.co.uk
Telephone: 02045119159
Address: 1 Ballards Lane, Finchley, London, N3 1UX, England

error: Content is protected !!
Scroll to Top
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.