GDPR Compliance and Data Protection at Spectrum Solicitors Limited | GDPR Legal Advice & Data Security

The General Data Protection Regulation (GDPR) mandates that organizations provide clear and transparent information on how they collect, store, and use personal data. At Spectrum Solicitors Limited, we take data protection seriously, ensuring that your personal information is handled with the utmost care, security, and diligence.

Why We Collect Your Personal Data and How It Benefits You

To serve as your trusted legal advisors, we must collect certain personal information to handle your case efficiently. Rest assured, we never share, sell, or disclose any sensitive or confidential information without your explicit written consent.

Our Data Protection Officer and GDPR Compliance Oversight

Our appointed Data Protection Officer (DPO), Catherine Rattray, ensures compliance with GDPR and safeguards your data rights. If you have any concerns or inquiries, you can reach her via:

How We Collect Your Personal Data and Secure It | GDPR Data Collection & Security

To provide legal services, we collect data in accordance with our Engagement Letter and Terms and Conditions of Business. Your information may be gathered through:

  • Face-to-face meetings
  • Telephone conversations
  • Administrative forms

We store your data securely, both physically and electronically, using internal systems and servers.

What Personal Information We Collect and Why It Matters | GDPR Personal Data Categories

The type of personal data we collect depends on your legal matter and may include:

  • Personal details (name, date of birth, address, email, phone number)
  • Identification evidence (passport, driving license, utility bills, bank statements)
  • Financial information (bank details, National Insurance number, tax references)
  • Case-specific information relevant to your legal needs

How We Use & Share Your Data for Legal Purposes | GDPR Legal Data Processing

We use your personal information to:

  • Facilitate legal transactions and provide legal advice
  • Communicate with necessary third parties (e.g., estate agents, financial advisors, regulatory bodies)
  • Process payments securely
  • Submit mandatory filings to HM Revenue & Customs, Companies House, and other regulatory authorities
  • Work with trusted service providers (e.g., IT support, document shredding services) under strict contractual obligations

Keeping Your Data Secure and Preventing Breaches | GDPR Cybersecurity & Data Protection

To ensure the highest level of security, we take the following measures:

  • Annual risk assessments to identify vulnerabilities
  • Advanced IT security systems with firewalls and virus protection
  • Restricted data access to authorized personnel only
  • Secure premises to prevent unauthorized access
  • Compliance with GDPR reporting obligations in case of data breaches

Your Rights Under GDPR and Data Protection Laws | GDPR Privacy Rights

Under GDPR, you have the right to:

  • Access your data – Request copies of the information we hold
  • Request corrections or deletions – Modify or remove incorrect data
  • Restrict or object to data processing – Control how we use your data
  • Transfer data – Request your data in a machine-readable format
  • File a complaint – Contact us or the Information Commissioner’s Office (ICO) if you believe your privacy rights have been violated

How Long We Keep Your Data and Our Retention Policy | GDPR Data Storage & Retention

We retain records for varying periods depending on your legal matter:

  • Property sales – 7 years
  • Property purchases, leases, and re-mortgages – 15 years
  • Wills, Powers of Attorney, Probate, and Matrimonial cases – 15 years

Once the retention period expires, we securely dispose of data through shredding and electronic deletion.

Data Processing Outside the UK and Cloud Storage Security | GDPR International Data Transfers

We do not process data outside the UK. However, our cloud-based servers are backed up by a provider located in Ireland.

Handling Data Breaches and Responding to Cyber Threats | GDPR Compliance & Risk Management

Although we implement stringent security measures, potential breaches may occur due to:

  • Cyberattacks or hacking
  • Human errors, such as sending data to the wrong recipient
  • Lost or stolen devices

In the event of unauthorized disclosures, we promptly report incidents to the DPO, the ICO, and affected individuals, ensuring full compliance with GDPR regulations.

Raising Concerns, Complaints, and Contacting the ICO | GDPR Complaints & Legal Support

If you have concerns about how we handle your personal data, we encourage you to:

  1. Contact your solicitor directly.
  2. Reach out to our Data Protection Officer.
  3. If unresolved, escalate your complaint to the ICO:

At Spectrum Solicitors Limited, we remain committed to protecting your privacy and ensuring full compliance with GDPR regulations. If you have any questions, please contact us today.