PRIVACY POLICY
1. INTRODUCTION
1.1. DTM Legal LLP (“we”, “us”, “our”) is committed to protecting the privacy and personal data of our clients, prospective clients, and website visitors.
1.2. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Solicitors Regulation Authority (SRA) Code of Conduct.
2. WHO WE ARE
2.1. We are a law firm regulated by the Solicitors Regulation Authority (the “SRA”). Our registered office is at 2nd Floor, Knights Court, 1 Weaver Street, Chester, CH1 2BQ. For data protection purposes, we are the “data controller” of your personal data.
3. WHAT PERSONAL DATA WE COLLECT
3.1. We may collect and process the following categories of personal data:
(a) Identity data (e.g., name, date of birth, national insurance number)
(b) Contact data (e.g., address, email, phone number)
(c) Financial data (e.g., bank details, payment information)
(d) Case-related data (e.g., legal documents, correspondence)
(e) Special category data (e.g., health, ethnicity, criminal records) where necessary for legal proceedings
4. HOW WE COLLECT YOUR DATA
4.1. We collect data:
(a) Directly from you (e.g., via forms, emails, phone calls)
(b) From third parties (e.g., courts, regulatory bodies, other legal professionals)
(c) Through our website (e.g., cookies, contact forms)
5. LEGAL BASIS FOR PROCESSING
5.1. We process your personal data under the following legal bases:
(a) Contractual necessity – to provide legal services;
(b) Legal obligation – to comply with regulatory duties;
(c) Legitimate interests – for business operations and client relationship management; &
(d) Consent – where required for specific processing activities.
6. HOW WE USE YOUR DATA
6.1. We use your personal data for the following purposes, each aligned with our legal and professional obligations:
| Provision of Legal Services | We use your data to deliver legal advice, represent you in legal matters, draft documents, and communicate with third parties on your behalf. This includes processing sensitive information where necessary for legal claims or court proceedings. |
| Client Relationship Management | We maintain records of your case history, preferences, and communications to ensure continuity and quality of service. This helps us tailor our advice and maintain a professional relationship with you. |
| Regulatory & Legal Compliance | As a regulated law firm, we are required to comply with laws such as anti-money laundering (AML) regulations, the SRA Code of Conduct, and tax reporting obligations. This may involve verifying your identity, conducting due diligence, and retaining records for audit purposes. |
| Internal Business Operations | We use data to manage our firm’s operations, including billing, accounting, IT support, and staff training. This ensures efficient service delivery and helps us monitor performance and compliance. |
| Quality & Risk Controls | We analyse data to identify risks, improve our services, and ensure we meet quality standards. This may include anonymised data reviews or audits. |
| Website & Digital Services | If you use our website, we may collect data through cookies and analytics tools to improve functionality, security, and user experience. This includes tracking usage patterns and responding to enquiries submitted online. |
| Marketing
(With Consent) |
Where you have opted in, we may use your contact details to send you information about our services, legal updates, or events. You can withdraw consent at any time. |
7. SHARING YOUR DATA
7.1. We may share your data with:
(a) Courts, tribunals, and regulatory authorities;
(b) Third-party service providers (e.g., IT, ID verification, document storage);
(c) Other legal professionals involved in your matter; &
(d) Others with your consent or where legally required
7.2. All our third party service providers are bound by confidentiality and data protection obligations.
8. DATA RETENTION
8.1. We retain personal data only as long as necessary for the purposes for which it was collected, including legal, regulatory, and accounting requirements. Typically, client files are retained for 6 years after the matter concludes.
9. YOUR RIGHTS
9.1. You have the right to:
(a) Access your personal data;
(b) Rectify inaccurate data;
(c) Erase data (subject to legal exceptions);
(d) Restrict or object to processing;
(e) Data portability; &
(f) Withdraw consent (where applicable).
9.2. To exercise your rights, contact us at clientservices@dtmlegal.com
10. SUBJECT ACCESS REQUESTS (DSARS)
10.1. You will not have to pay a fee to access your personal data, unless we believe your request to be unfounded, unreasonable or excessive.
10.2. We aim to respond to requests for data within one month of receipt.
10.3. Requesting your data does not entitle you to a copy of documents held on file. Data is extracted from documents and provided in a report format.
11. DATA SECURITY
11.1. We implement appropriate technical and organisational measures to protect your data from unauthorised access, loss, or misuse. This includes encryption, secure servers, and access controls.
12. INTERNATIONAL TRANSFERS
12.1. We do not routinely transfer personal data outside the UK. If we do, we ensure appropriate safeguards are in place.
13. COMPLAINTS
13.1. If you have concerns about how we handle your data, please contact us first. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk
14. UPDATES TO THIS POLICY
14.1. We may update this policy from time to time. The latest version will always be available on our website.
