This privacy notice explains how PCD Solicitors Ltd. collects, uses, stores and shares personal data, and explains your rights under UK data protection law. Under the UK GDPR, organisations must provide information including their identity, purposes, lawful bases, recipients, retention periods, rights and how individuals can complain to the Information Commissioner’s Office (ICO).

1. Who we are

PCD Solicitors Ltd. is the controller of your personal data for the purposes of UK data protection law.

Contact details

PCD Solicitors Ltd.

Registered office and trading address: The Maltings, 100 Wilderspool Causeway, Warrington, WA4 6PU Telephone: 0151 705 8488

Email: info@pcdsolicitors.co.uk

Data protection contact

Paula Shaw, Head of Operations Email: info@pcdsolicitors.co.uk

2. The personal data we collect

We may collect and use the following categories of personal data:

  • identity information, such as your name, date of birth and identification documents;
    • contact information, such as your address, email address and telephone number;
    • matter-related information you provide to us or that is provided on your behalf;
    • financial information, billing information and payment records;
    • correspondence, attendance notes and communications with you;
    • website and technical data, such as IP address, browser type, device information and cookie-related information;
    • recruitment information, if you apply to work with us.

Because we are a criminal defence firm, we may also process special category data and information relating to criminal allegations, proceedings, convictions or offences, where this is necessary for legal work and permitted by law.

3. How we collect your personal data

We may collect personal data:

  • directly from you;
    • from family members, employers or other people acting on your behalf;
    • from courts, police, prosecution agencies, experts, barristers, witnesses and other legal representatives;
    • from legal aid authorities or other public bodies;
    • from our website, including through enquiry forms and cookie technologies if you consent where required.

4. Why we use your personal data and our lawful bases

We use personal data for the following purposes:

4a. To provide legal services and manage your matter

This includes taking instructions, advising you, corresponding with third parties, preparing documents, and representing you.

Lawful bases may include:

  • performance of a contract;
    • compliance with legal obligations;
    • legitimate interests;
    • establishment, exercise or defence of legal claims;
    • and, where applicable, substantial public interest or other conditions permitting the use of special category or criminal offence data.

4b. To manage our business and comply with regulation

This includes file management, complaints handling, auditing, regulatory compliance, anti-money laundering checks where applicable, professional indemnity matters, quality assurance and risk management.

Lawful bases may include:

  • compliance with legal obligations;
  • legitimate interests;
  • establishment, exercise or defence of legal claims.

4c. To communicate with you and respond to enquiries

This includes answering website enquiries and arranging appointments. Lawful bases may include:

  • taking steps at your request before entering into a contract;
  • legitimate interests.

4d. To run and improve our website

This includes using essential website technologies and, where you consent, analytics cookies and similar technologies. The ICO states that analytics cookies are not exempt and generally require consent.

4e. To recruit staff

If you apply for a role with us, we process your information to assess your application and manage the recruitment process.

5. Who we share your personal data with

We may share your personal data where necessary and lawful with:

  • barristers, experts and other professional advisers;
    • courts, tribunals, police forces, the Crown Prosecution Service and other public authorities;
    • legal aid and funding bodies;
    • IT, case management, hosting, website, telephony and administrative service providers;
    • auditors, insurers, bankers and accountants;
  • regulators, including the SRA, where required;
    • the Legal Ombudsman or the ICO where relevant;
    • translation, interpretation or document handling providers;
    • payment service providers.

We do not sell your personal data.

6. International transfers

We may use service providers who store or access personal data outside the UK. Where we transfer personal data internationally, we will ensure that appropriate safeguards are in place in accordance with UK data protection law.

Your existing notice refers to the EEA and says there is an adequacy decision “for the USA” in broad terms. That wording is outdated and over-generalised. Current ICO guidance requires you to explain international transfers and safeguards accurately.

7. How long we keep personal data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, regulatory, accounting, insurance and professional obligations, to handle complaints, and to establish, exercise or defend legal claims. Retention periods may vary depending on the type of matter, funding arrangements, regulatory requirements and limitation periods. The ICO requires privacy information to explain retention periods or the criteria used to determine them.

8. Your rights

Subject to the law and any applicable exemptions, you may have the right to:

  • request access to your personal data;
    • request correction of inaccurate personal data;
    • request erasure in certain circumstances;
    • request restriction of processing in certain circumstances;
    • object to processing based on legitimate interests;
    • request transfer of certain data in a portable format;
    • withdraw consent at any time, where we rely on consent;
    • complain to the Information Commissioner’s Office.

9. Complaints to the ICO

If you have concerns about how we use your personal data, please contact us first by using the details above.

You also have the right to complain to the Information Commissioner’s Office: Website: ico.org.uk

The ICO is the UK regulator for data protection. The ICO expects privacy notices to explain how people can complain.

10. Cookies and similar technologies

Our website uses cookies and similar technologies. For more information, please see our Cookie Notice. The ICO explains that PECR covers cookies and similar technologies used to store or access information on user devices.

11. Changes to this notice

We may update this privacy notice from time to time. The latest version published on our website will apply.