Skip to main content

GDPR & Privacy

OUR PRIVACY POLICY

This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service. Malekin Law Limited t/a MD Law takes its customer privacy seriously. It undertakes to respect it and considers its policy to be in compliant with the legislation on the processing of personal data, governed by the (United Kingdom General Data Protection Regulation) and better known with the acronym UK-GDPR. By using the Service, you agree to the collection and use of information in accordance with this policy.

DEFINITIONS

  • Service
    Legal service accessed through the website, the premises of MD Law, communication by electronic and / or telephone, and social media.
  • Personal Data
    Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
  • Usage Data
    Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies
    Cookies are small files stored on your device (computer or mobile device).
  • Data Controller
    Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Data Processors (or Service Providers)
    Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
  • Data Subject (or User)
    Data Subject is any living individual who is using our Service and is the subject of Personal Data.

INFORMATION COLLECTION AND USE

We collect several different types of information for various purposes to provide and improve our Service to you.

TYPES OF DATA COLLECTED

Personal Data
Whilst using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:

  • First name and last name
  • Date of birth
  • Email
  • Address
  • Phone number
  • Payment details to collect payment and to process transactional and contractual activities
  • Identity and client due diligence records to comply with legal and statutory requirements
  • Other personal information considered relevant to assist in proving a legitimate and / or contractual service to you.

How we may use your data
We may use the collected data for various purposes:

  • To provide our legal service to you
  • To notify you about changes to our service
  • To provide customer/client support
  • To monitor the usage of our service
  • To gather analysis or valuable information so that we can improve our service
  • To detect, prevent and address technical issues
  • To comply with our business risk assessment and compliance obligations
  • To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. However, you may opt out of receiving any, or all, of these communications from us by following the unsubscribed link instructions

LEGAL BASIS FOR PROCESSING PERSONAL DATA UNDER THE GENERAL DATA PROTECTION REGULATION (UK-GDPR)

Legal and Contractual Requirements
Our basis for collecting and using the personal information described in this Policy will depend on the Personal Data we collect and the specific context in which we collect it.

We may process your Personal Data because:

  • It is in our legitimate interests (to provide you the service), and it is not overridden by your rights
  • We have a contractual agreement with you (whether in writing or other)

Other legitimate and contractual reasons and not limited to can be:

  • You have given us permission to do so
  • For payment processing purposes
  • To comply with the business risk management and compliance requirements
  • To comply with taxation rules set out by HMRC
  • Under certain circumstances to comply with the law or in response to valid requests by public authorities (For example, (and not limited to) law enforcement, insurance, regulatory, and legal bodies)

YOUR DATA PROTECTION RIGHTS UNDER THE UK-GDPR

Under the UK-GDPR you have certain data protection rights:

The right to access, update or delete the information we have on you. Whenever made possible, you can access, update and in some circumstances request deletion of your personal data.

The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.

The right to object. You have the right to object to our processing of your personal data.

The right of restriction. You have the right to request that we restrict the processing of your personal information.

The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.

The right to withdraw consent. You have the right to withdraw your consent at any time where we have relied on your consent to process your personal information.

Enforcing your rights
Please note, enforcements of rights would need to be reasonable and legitimate. We reserve the right to object or refuse if we have reasonable legitimate grounds.

If you wish to be informed about what personal data we hold about you, or you wish to exercise your rights, we ask that you request the same in writing to Amy Palmer who is the Data Protection Officer: amy@mdlaw-cardiff.co.uk Please note, that we may ask you to verify your identity before responding to such requests. If your request is considered to be unfound or excessive, we may exercise charges.

You have the right to complain to a Data Protection Authority (Information Commissioner’s office) about our collection and use of your Personal Data and / or if you consider your rights have been violated. They can investigate whether organisations are keeping to data-protection law. See https://ico.org.uk

RETENTION OF DATA

We will retain and use your Personal Data to the extent necessary to comply with our legal and business obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and compliance policies.

TRANSFER OF DATA

We will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, and no transfer of your Personal Data will take place to an organisation or a country unless there are legitimate reasons, and we consider there to be adequate controls in place including the security of your data and other personal information.

SERVICE PROVIDERS

From time to time we may employ third party companies and individuals to facilitate our Service ("Service Providers"), provide the Service on our behalf, perform Service-related services or assist us in analysing how our Service is used. These third parties may have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

CHILDREN'S PRIVACY

We do not knowingly collect personally identifiable information from anyone under the age of 18. If we become aware that we have collected Personal Data from children without verification of parental or guardian consent, we take steps to remove that information from our servers.

IT TRACKING & COOKIES DATA

We may use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

SECURITY OF DATA

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot always guarantee its absolute security.

LINKS TO OTHER SITES

Our service may contain links to other sites (so-called third party sites). Please note that we do not perform any access or control over cookies, web beacons and other user tracking technologies that may be used by third party sites that the user can access from the Site. We do not carry out any checks on the contents and materials published by or obtained through third party sites, nor on the related methods of processing the user's personal data, and expressly disclaims any related liability for such eventualities. The user is required to check the Privacy Policy of third-party sites accessed through the Site and to inquire about the conditions applicable to the processing of their personal data. This Privacy Policy applies only to the Site as defined above.

UPDATES

Any updates will take effect as soon as they are posted on our website. This privacy policy was updated on the date of 1 April March 2022.