Skip to main content

GDPR & Privacy


Your privacy is very important to us. To comply with new GDPR regulations we have enforced new procedures to help our staff better look after your information.

Who are we?

Malekin Law Limited is a registered company based in Wales under company number 05852219. Our trading name is MD Law and our registered office is 57 Merthyr Road, Whitchurch, Cardiff, CF14 1DD. Our Data Protection Officer (DPO) is Kim Anthony whose contact details are provided at the end of this document.

What personal information is being collected?

Personal information may include but is not limited to full name, contact information, identification and any relevant information to allow us to provide you with legal representation and fulfil our contract with you.

How is data collected?

Directly from clients – majority of information is collected in writing through our client questionnaire. In some instances, information may be collected in other formats such as telephone, email, in person, via the website enquiry system or through social media.

From third parties – we gather information from other relevant parties to legal transactions such as estate agents, mortgage advisers and other law firms.

How will it be used?

To communicate with you – this will include communication in relation to your legal transaction, marketing communications and asking for feedback.
Compliance with applicable laws and regulations
Progressing legal transactions

Who will it be shared with?

We will not share any of your personal information without your consent, other than when there is a legal requirement to do so.

We may have to share information with third parties in order to provide you with our legal services and fulfil our contract with you.

These third parties may include but are not limited to:

  • HMRC
  • Land Registry
  • The Law Society
  • Barristers
  • Solicitors
  • Office of the Public Guardian
  • Solicitors Regulation Authority
  • Consultant Solicitors

Your information will not be shared for marketing purposes. Your information will not be shared with any other countries unless upon your request.

What happens if you choose not to provide us with personal information?

If you choose not to provide us with personal information, we may not be able to continue the agreement we have entered into with you.


Here at MD Law, the security of your data is very important to us. We place high priority on protecting and managing data in accordance with accepted standards.

Retention & Destruction

We will hold your information for as long as is necessary, our retention policy is in place to ensure we meet our regulations in accordance with the Solicitors Regulation Authority. Once we are no longer required to hold your information as per our regulations, all data will be confidentially destroyed.

Your Rights

Right to be informed – this privacy policy is our way of informing you about the data we hold

Right of access – you have the right to subject access, if you put in a subject access request we will respond with the relevant information within one month. You will not be charged for this.

Right of rectification – if we hold inaccurate or incomplete data, you are able to request that this data be updated and we will deal with your request within one month.

Right to erasure – you have the right to request for us to “forget” your information, however this may not be possible in all cases as we need to comply with our own retention regulations

Right to restrict processing – if you request restriction, we will be able to store your information but not use it

Right to object – you have the right to object to us processing your data

Policy Review

We review our policy annually and where necessary update processes.


If you are not happy with this notice and believe we have unfairly processed your data, please contact our Data Protection Officer on the details below. Alternatively, if you feel that we still have not dealt with your complaint adequately, you have the right to contact the Information Commissioners Office.

Data Protection Officer (DPO)
Kim Anthony
MD Law
57 Merthyr Road, Whitchurch
Cardiff, CF14 1DD
Tel: 02920 625835

Information Commissioners Office (ICO)
Wycliffe House
Water Lane
Cheshire SK9 5AF