Privacy Policy - Euclid Law

EUCLID LAW LTD – PRIVACY POLICY

Euclid Law Ltd (registered in England and Wales under number 09177736) and its wholly owned subsidiary Euclid Law Srl (registered in Belgium under number 0795492842) (“we”, “our” and “us”) are committed to protecting and respecting your privacy. This policy explains how we collect and process any personal data that you provide to us or that we have received from a third party source.

References in this notice to “data protection law” means all applicable data protection and privacy legislation in force from time to time in the EU and UK (where applicable) including the General Data Protection Regulation ((EU) 2016/679), the UK Data Protection Act 2018 (and regulations made thereunder), the UK GDPR (as defined in the Data Protection Act 2018) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426).

References in this notice to “sensitive personal data” and “personal information” shall have the same meaning as “special categories of data” and “personal data”, respectively, under data protection law. References to “information” shall also include “sensitive personal data”, where applicable.

1. OUR DETAILS

We are the data controller with conduct of your personal information.

Our Data Protection Officer (DPO) is Jayne McIver.

You can contact us by post at: 34 Settles Street, London, E1 1JP, United Kingdom.

You can also contact us by email at: privacy@euclid-law.eu.

2. HOW WE USE YOUR PERSONAL INFORMATION

This part of the policy explains what information we hold about you, why we are processing that information, the legal basis for processing, the duration for which we keep your information and (if applicable) who your information will be shared with and where those recipients are based.

The following table explains how we use your personal information in our business. Different sections apply depending on your relationship to us. Please read each section carefully as more than one section may apply to how we use your information.

Scenario	Categories of personal data we process	Lawful basis
Visitors to our website
You submit information to us through our website contact form.	Name and email address.	We rely on your consent within the contact form. If you are contacting us so that we can provide you with legal services then we process your personal information as part of our pre-contract processes.
You agree to the use of cookies on our website.	IP address, approximate location, technical information relating to your device and browser.	We process the information we collect from those cookies based on our legitimate interest in monitoring how our website users interact with our site and services and using that information to improve our website and business.
Clients (including former clients, and employees, officers or representatives of our clients) and prospective clients
You make an enquiry about instructing us to provide legal services or you provide us with personal information so that we can provide legal services to you or your organisation. Alternatively, we receive personal information about you from a third party who has sent them to us so that we can provide legal services to you or your organisation. This includes referrals from: your colleagues or business associates;your (or your organisation’s) professional advisers;the court; andother third parties, such as family members.	Name, job title, place of employment, contact address, home address, telephone number, email address, unique file reference. Where we obtain photographic identification from you for the purpose of verifying your identity in accordance with our anti-money laundering procedures (as set out in section 5 below) then, depending on the form of ID you provide to us, we will also store information relating to your date and place of birth, photograph, nationality and confirmation of your sex.	The processing is necessary for the performance of the contract between you and us (or your organisation and us) for the provision of legal services. In some situations, the processing is necessary for us to comply with our legal obligations, such as the prevention of fraud, detection and/or prevention of crime or for us to comply with our professional duties as solicitors and legal professionals. We have a legitimate interest in: passing the details of your enquiry to an appropriate person within the business so that we can respond to your enquiry;conducting administrative and operational processes within our business, including keeping a record of past and current instructions we receive from clients, billing and keeping records of correspondence with clients and third parties;administering any dispute or potential dispute which may arise between us. With your consent, making submissions to legal directories to promote the breadth and quality of work we do.
Attendees to our training sessions, seminars and events
You, or somebody acting on your behalf, make a booking with us for a training session, seminar or event.	Name, job title, place of employment, contact address, telephone number, email address.	We have a legitimate interest in: passing the details of your enquiry to an appropriate person within the business so that we can respond to your booking;conducting administrative and operational processes within our business, including keeping a record of past and current bookings we receive, billing and keeping records of correspondence with attendees and their organisations; oradministering any dispute or potential dispute which may arise between us. If you are paying to attend then the processing is necessary for the performance of the contract between you and us for the provision of our services.
You attend an event which is being recorded. (Please note: we may occasionally record events and, if attending, there is a possibility that you may feature in the recording. We will inform you in advance if we are recording the event and you will be given the opportunity to exclude yourself.)	Your likeness, your name, details of any comments you make during the recorded session.	We have a legitimate interest in recording our events for internal review and for republication or sharing with attendees.
You provide us with details of your dietary requirements, accessibility requirements or any other medical information so that we can accommodate you at our event.	Health and medical information, information about your religion.	We process this information based on your explicit consent.
Suppliers, contractors and their employees / representatives
You or your organisation supplies or offers to supply goods or services to us.	Name, contact information, payment details, details of staff involved in delivery of goods/services.	This processing is necessary for us to perform our contract with you. Otherwise, if the contract is with your organisation, then we have a legitimate interest in processing your personal information for the purpose of managing the contractual relationship between your organisation and us. In each case, this includes taking pre-contractual steps such as obtaining a fee quote from you. We have a legitimate interest in keeping a record of the contract between us (or your organisation and us) for the administration of our business and to address any disputes which may arise between us.
Marketing for visitors to our website, clients (including former clients, and employees, officers or representatives of our clients) and prospective clients, and attendees to our training sessions, seminars and events
You submit information to us through our website contact form, attend one of our seminars or training events or are a prospective, current or former client.	Name, job title, place of employment, contact address, telephone number, email address.	If you have asked us to send you marketing communications then we do so based on your consent. In other circumstances we may send you marketing communications about services which are identical or similar to those which you have received from us. This is known as the soft opt-in. In this situation we have a legitimate interest in keeping you informed about our services.
Other people, including counterparties in legal disputes
You are a counterparty in a legal matter or dispute.	Name, job title, place of employment, contact address, home address, telephone number and email address. Depending on the nature of the matter/dispute, we may also process sensitive personal information about you which could include your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and/or information about your genetic data, health, sex life or sexual orientation. We may also process information about your personal finances. We may also process information about criminal convictions you may have.	We have a legitimate interest in processing your information in order to discharge our instructions and professional obligations to our client. Processing is necessary for the establishment, exercise or defence of legal claims Processing is necessary for the administration of justice.

3. HOW LONG WE KEEP YOUR INFORMATION FOR

We only keep your information for so long as is reasonably necessary. The retention period will vary depending on the nature of the purpose for which the personal data is held.

Upon expiry of the applicable retention period we will either:

take appropriate steps to return any original documentation submitted by you to us containing your personal information to you; and/or
securely destroy your personal data in accordance with applicable laws and regulations; or
anonymise your personal data so that you can no longer be identified from it.

4. WHO IS YOUR INFORMATION SHARED WITH?

We share your personal information with third parties only where we are required to do so to comply with the law, to protect our rights, to perform our contractual obligations or to efficiently operate our business. In order to achieve these purposes, we share your data with the following people or groups of people:

our external contractors and service providers. This includes software providers, marketing consultants and IT support providers. Our external contractors and service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times;
our professional advisers, including our auditors (details for which can be found in our accounts) and external legal advisers. These third parties are subject to professional duties of confidentiality;
regulatory and government bodies, where we have a legal obligation to do so. These organisations have a legal duty to protect your information;
in litigation, to the Court, which is subject to its own legal duty to maintain the confidentiality and security of your personal information, and to counsel, who is subject to a professional duty of confidentiality;
voluntary accreditation bodies. These organisations have a contractual duty to protect your information; and
any other person who you instruct us to share your personal information with or with whom we may reasonably be expected to share it with in order to deal with your enquiry.

If you are a client of ours (including former clients and employees, officers or representatives of an organisation which is a client of ours) we will also share your data with the following people or groups of people:

if you ask us to instruct counsel (including foreign counsel), mediators or other third-party professional service providers on your behalf, or you instruct us to take pre-contractual steps (such as obtaining fee estimates) from them, then we will share your information with such persons and organisations as is necessary to comply with your instructions;
the persons identified in section 5 (Anti-money laundering procedures), below;
if you are raising a complaint with the company, the complaint will be shared with our insurers and insurance brokers, the legal ombudsman and (in anonymised form) the SRA;
legal directories, who are subject to strict obligations of confidentiality unless we have received your permission for your information to be published; and
where you have given us permission to use any comments for testimonial and marketing purposes, your name, organisation and job title may be shared on our website and other marketing material.

If the recipient of your information is based outside of the UK or EU and is not based in a country which offers equivalent protections for personal data then your data will be safeguarded by the use of standard contract clauses in conjunction with an international data transfer addendum where applicable which each party will sign, or other appropriate safeguards permitted by data protection law.

5. ANTI MONEY-LAUNDERING PROCEDURES

We have a legal obligation to comply with anti-money laundering laws and regulations. Broadly, money laundering can arise if a person acquires, retains, transfers, uses or controls the proceeds of a crime for the benefit of a criminal activity. In this section, references to money laundering include references to similar financial offences committing in relation to terrorism.

In order to fulfil our legal obligations, we must verify the identity of new clients, and in certain circumstances existing clients. Additionally, from time to time our internal procedures may also require us to conduct background checks on new and existing clients.

This means that, if you are an individual client or prospective individual client of ours then we will need to verify your identity using a secure and confidential ID checking service operated by an external service provider. For individual clients, these identity and background checks may require us to take a copy of your photographic identification and a recent utility bill.

For clients or prospective client which are not individuals, such as companies, we may need to verify the identity of directors, other officers, shareholders, beneficial owners and instructing employees or representatives of the organisation. The checks conducted on these persons are broadly the same as those we conduct on individual clients. We may require a copy of the person’s photographic identification and a recent utility bill in order to complete the verification process. In the case of organisations having a different corporate structure, equivalent requirements will apply and we will notify you of these where applicable.

For both individuals and corporate clients (including prospective clients) we may require evidence of source of funds at the outset of our instruction and possibly from time to time throughout our relationship. We may request and/or obtain this information from third party sources. The sources for such verification may comprise documentation which we request from the client (or prospective client) and/or through the use of online sources.

In some circumstances we may decline to, or may not be permitted to, proceed to act until such procedures have been completed. In other circumstances we may agree to commence acting whilst these procedures are carried out. We reserve the right to decline to act or, if appropriate, cease to act should these procedures not be completed to our satisfaction. We may also be required to make detailed enquiries of any unusual transactions such as the transfer of large amounts of cash and such enquiries may result in us processing additional personal information.

Grounds for processing your data for anti-money laundering purposes

We process your information in the manner set out above on the following legal grounds:

processing is necessary for the performance of a contract between you (as a private individual) and us, including where processing is necessary for us to take pre-contractual steps. This will be the case where we are legally prevented from acting for you until the relevant checks and procedures have been completed;
where we have a contractual relationship with the organisation you work for or represent, because we have a legitimate interest to process your information to ensure that we are not involved in or otherwise facilitate money laundering activity and such interests do not outweigh your rights and freedoms as a data subject;
processing is necessary for our compliance with our legal obligations under anti-money laundering laws and regulations; and/or
should the processing we conduct in line with our anti-money laundering procedures exceed the minimum level of processing required by the relevant law and regulations, because we have a legitimate business interest in taking additional precautions to ensure that we are not involved in or otherwise facilitating money laundering activity. In accordance with data protection law, we have considered your fundamental rights and interests as a data subject and are satisfied that our processing is lawfully justified.

Disclosure of your information to third parties for anti-money laundering purposes

For the purposes of carrying out our electronic ID checks, we may share your information with our external ID check providers. Such providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times.

Your information may be transferred outside of the UK and the EU depending on which of our internal systems your information is stored within. However, any such transfers are carried with appropriate safeguards in place. These transfers will typically be safeguarded by the use of standard contract clauses in conjunction with an international data transfer addendum where applicable which upholds the level of protection given by UK and EU data protection law.

In certain circumstances, we may process your personal information without further notification to you. This applies, for example, where we make a report in good faith under the UK Terrorism Act 2000 or Proceeds of Crime Act 2002. Such processing is justified under data protection law on the basis that it is in the substantial public interest.

Retention of personal data for anti-money laundering purposes

We are legally obliged to retain your personal information for anti-money laundering purposes for 5 years from the end of the business relationship or transaction between us. Please refer to our retention periods set out in the section 3 above for further details.

6. YOUR RIGHTS

Under UK and EU data protection law you have the following rights:

The right to be informed about what we do with your information. This Policy provides you with this information. Please note that, as set out in the above section 5 (Anti-money laundering procedures), in certain circumstances we are legally obliged not to disclose certain processing information to you.
If we are processing your data on the basis of your consent then you have the right to withdraw that consent at any time. Consent can be withdrawn:
- by notifying us using the details set out at the start of this policy;
- in respect of marketing communications, by following the steps outlined in that communication, such as clicking the ‘unsubscribe’ link in the marketing emails we send; or
- by speaking to the lawyer who is working on your matter,

please note that the lawfulness of our historic processing based on your consent will not be retrospectively affected by your withdrawal of consent. Furthermore, we may have a legal obligation or right to retain your information on our files notwithstanding that you have withdrawn your consent to our processing. Should this be the case, we will notify you around the time we acknowledge your withdrawal of consent.

The right to access a copy of your information which we hold. This is called a ‘data subject access request’. Additional details on how to exercise this right are set out in section 7 (Access to Information) below.
The right to prevent us processing your information for direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or by contacting us using the details set out at the start of this policy.
The right to object to decisions being made about you by automated means. We will inform you if your information is subject to automated processing.
The right to object to us processing your personal information in certain other situations.
The right, in certain circumstances, to have your information rectified, blocked, erased or destroyed if it is inaccurate.
The right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law.
The right, in certain circumstances, to request that we erase, rectify, cease processing and/or delete your information.
The right, in certain circumstances, to request the information we hold on your in a machine readable format so that you can transfer it to other services.

7. ACCESS TO INFORMATION

You have the general right to complain to us in the first instance if you are not happy with how we are processing your personal information. If you are not satisfied by our response then you can complain to the Information Commissioner’s Office (ICO) via www.ico.org.uk or your local data protection regulator.

Under UK and EU data protection law you can exercise your right of access by making a written request to receive copies of some of the information we hold on you. You must send us proof of your identity, or proof of authority if making the request on behalf of someone else, before we can supply the information to you. Requests should be sent to us using the contact details set out at the start of this policy.

You do not need to pay a fee to exercise this right unless you are requesting copies of documents you already possess, in which case we may charge our reasonable administrative costs. We are also allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you if your request is clearly unfounded or excessive. In very limited circumstances, we are entitled to refuse to comply with your request if it is particularly onerous.

In certain circumstances, you are entitled to receive the information in a structured, commonly used and machine-readable form.

8. COOKIES

For information about how we use cookies on our website, please refer to our Cookies Policy at https://euclid-law.eu/cookies-policy/.

9. CCTV POLICY

The Company routinely operates a CCTV system to assist in the prevention of crime and to ensure the safety of staff and visitors.

The CCTV system records data in the immediate vicinity of the entrance to our London office at 34 Settles Street, London E1 1JP.

Signs are displayed to inform staff, visitors and members of the public that CCTV is in operation. The CCTV system is run in compliance with GDPR. All images recorded by the CCTV system remain the property and copyright of Euclid Law Ltd. Retention of the CCTV recordings is dependent on the memory capacity of the system; recordings are typically retained for approximately 22 days.

The Practice Manager is responsible for the overall management and operation of the CCTV system, including activities relating to installations, recording, reviewing, monitoring and ensuring compliance with this policy.

10. CHANGES TO OUR PRIVACY POLICY

This notice was last updated in January 2023. Any material changes we may make to our privacy notice in the future will be uploaded to our website and if the change is significant then we will tell you about it by email or via another appropriate means of notification.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

We are the go-to firm for any company looking to overcome regulatory hurdles in the UK and EU. Our lawyers offer real solutions based on real experience.