Skip to main content

Privacy & Cookies

The Walker Morris Group, comprising Walker Morris LLP (we/us/our) and Walker Morris Resources Limited is committed to protecting and respecting your privacy.  This Privacy and Cookies Notice (Notice) (together with our Terms of Use, terms of business and any other documents referred to within them) set out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us and the purpose for our collection of it.  Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

References to we/us/our in this Notice will also include Walker Morris Resources Limited when used in relation to our processing of our employee data.

Data protection

For the purpose of the Data Protection Act 2018 (the Act) and the provisions of Regulation (EU) 2016/679 as transposed into UK law under the the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (the UK General Data Protection Regulation or UK GDPR), Walker Morris LLP is the data controller of your personal information and is entered in the Information Commissioner’s Office (ICO) Register of Data Controllers with registration number Z3377061.  For employees only, Walker Morris Resources Limited is also a data controller of your personal information and is entered in the ICO Register of Data Controllers with registration number Z6629971.

This Notice explains how we may collect and process personal data about:

  • Clients and prospective clients.
  • Visitors to www.walkermorris.co.uk (our Website) and subscribers to our online services.
  • Images from the CCTV system in and around our office premises (see CCTV section below).
  • Individuals who meet specific job requirements.
  • Job and work experience applicants and current employees.

Depending on our relationship with you this notice may be supplemented with additional information relating to our use of your personal data included, for example, in our Terms of Business and engagement letter (for clients) and our application form and employment contract (for job or work experience applicants and employees).

What personal information do we collect and why do we collect it?

We may collect and process the personal information about you including information:

  • That you provide by filling in forms on our Website or by submitting material to us through any other online sites such as but not limited to professional networking sites e.g. LinkedIn, job boards or recruitment sites, posting material, requesting further services or reporting a problem with our Website.
  • That you provide when you use our professional services as a client.
  • Received in correspondence that you send to us.
  • Provided to us as part of a job or student placement application you make.
  • Received during certain calls to and from us (see under ‘Call Recording’ below).
  • Concerning your visits to our Website (including but not limited to traffic data) and the resources that you access.
  • Published on law firm websites and news stories in the public domain.

We may also collect information about you in other ways, for example:

  • If you are a customer of one of our clients, and we are undertaking legal services on our client’s behalf.
  • If you have any other dealings with one or more of our clients which are related to legal services which we are providing to our client or on our client’s behalf.
  • Indirectly, through one of our people, a client or a third party.
  • If you are a supplier of ours, from that supplier relationship.
  • If you are an employee, in the course of your employment with us.
  • From publicly available sources, for example the electoral roll or Companies House.
  • From third party data sources, including databases, where they have a legal basis for providing information to us.
  • Where you attend events or functions that are organised or sponsored by us, including where images of you are captured by photography or videography during such events or functions or for general marketing purposes.

Where you receive a marketing email, event invitation or other direct mailing from us, we may collect information about you in the following ways:

  • Opening emails: if you open the email either by downloading images in the email or clicking in a link, we log such activity on our database.
  • View as web page: If you click on the “view as a web page” link, a tracking code is passed in the link so that the web page is personalised in the same way as the email.
  • Links to web pages: If you click on any web link, we pass a tracking code in the link to the web page which we use to log such activity on our database
  • Unsubscribe: If you click unsubscribe, we will automatically log this information on our database.
  • If you unsubscribe from any email invitation or alert, we will continue to store your personal data on a “marketing suppression list” so as to record your preference.
  • Event RSVP buttons: In our event invitations and confirmations we provide buttons to allow you to accept, decline, cancel (and register if you are not the original recipient of the invitation) for that event. Clicking on these buttons will pass a tracking code so we can record your choice in our database to help us manage the event.

How we use your personal data

The way we process your personal data we collect as set out above varies depending on our relationship with you.  In each case the purposes for which we request the information will be clear from the context in which it is acquired. These include:

  • Providing our services to you or an entity for which you work.
  • Verifying your identity.
  • Keeping a record of the services you have subscribed to and deliver services you may have requested.
  • Administration, billing and record-keeping purposes.
  • Communicating with you by telephone, email, fax or post.
  • Meeting our legal, regulatory and contractual obligations arising from any our relationship with you (for example under anti-money laundering legislation or employment law).
  • Providing and improving customer service and support.
  • Administering our Website, enhancing operational capabilities and for internal operations.
  • Verifying or enforcing compliance with this Notice and applicable laws.
  • To inform you of legal developments that may affect you or to inform you of other products, services or events which we think may be of interest to you (unless you have opted out of receiving such marketing communications).
  • To enhance our understanding of the legal market and support our recruitment activities; and
  • Handling your webinar participation and communications, processing your registration, and providing relevant follow-up materials.

Disclosure of your personal data

We will only disclose your personal information to another person or organisation where we:

  • Need to share the information to provide a product or service you have requested.
  • Need to send the information to persons or organisations who engage us to conduct legal services on their behalf, including where you are that third party’s customer.
  • Need to send the information to persons or organisations that work on our behalf to provide a product or service to you. Where such a person or organisation does work on our behalf we will ensure that they are contractually required to take appropriate technical and organisational measures to protect your personal information against unauthorised or unlawful processing and against accidental loss or destruction of, or damage to, personal information and only use the information in order to provide a product or service on our behalf.
  • Are required to disclose the information in order to comply with the law or the requirements of a regulatory authority; and
  • With your consent, we may share your personal data with co-organisers for event coordination, including your registration details, contact info, and preferences.

Our legal basis for using your personal data

Our use of your personal data as outlined above is subject to different legal bases for processing, including where necessary for:

  • The purposes of the performance of any contract we enter into with you or to take steps at your request prior to entering into a contract with you.
  • Our legitimate interests, for example in providing legal services to an entity you work for, managing and monitoring our website operation, preventing fraud and for our business promotion and compliance purposes.
  • Compliance with our legal and regulatory responsibilities.

If you do not agree to provide your personal data to us we may not be able to provide you with legal services or process your application for other services or employment. Where our use of your data is not necessary for one of the purposes outlined above we may use it in a particular way with your consent (for example if you have registered to attend an event we are hosting or to receive legal updates). Where we ask for your consent you are free to refuse our use of your personal data for those purposes and you may withdraw your consent at any time by contacting us using the details set out below.  This shall not affect the lawfulness of any processing that was based on your consent before you withdrew it.

CCTV

This section relates specifically to our use of CCTV and in particular:

  • How we obtain your personal data.
  • The type of personal data we use.
  • How we use your personal data.
  • The lawful basis for our use of that personal data.

How we obtain your personal data:

  • Our CCTV cameras monitor our office premises both internally and externally, including the reception area, entry and exit points, the external courtyard, the underground carpark and the elevator foyer on each floor. The underground carpark also has a camera with ANPR technology at its entrance.
  • The cameras monitor 24 hours a day and this data is continuously recorded.
  • Camera locations are chosen to minimise the capture of images which are not relevant to the legitimate purposes of the monitoring.
  • Surveillance systems are not used to record sound.
  • The CCTV captures live images which are recorded on a video recording device in our security office. The images are monitored in real time by authorised security personnel.
  • Live feeds from cameras and recorded images are only viewed by approved members of our staff whose role requires them to have access to such data. This may include Facilities staff who manage the CCTV system and HR staff involved in disciplinary or grievance matters.
  • No surveillance cameras will be placed in areas where there is an expectation of privacy (for example, in changing rooms) unless, in very exceptional circumstances, it is judged by us to be necessary to deal with very serious concerns.
  • We do not carry out covert monitoring or surveillance (that is, where you are unaware that the monitoring or surveillance is taking place) unless, in highly exceptional circumstances, there are reasonable grounds to suspect that criminal activity or extremely serious malpractice is taking place and, after suitable consideration, we reasonably believe there is no less intrusive way to tackle the issue.
  • Any covert monitoring or surveillance will be carried out for a limited and reasonable period of time consistent with the objectives of the monitoring or surveillance and will relate only to the specific suspected criminal activity or extremely serious malpractice.

The types of personal data we use, our legal bases for processing and sharing of such data:

We use the personal date we acquire via CCTV, namely images of the interior at exterior of our offices from which individuals are identified or identifiable to prevent and detect crime, protect our property and the property of those person who use our offices and to ensure their health and safety and to assist in the resolution of disputes including litigation.  We do so on the basis of our legitimate interests and those of third parties, with the consent of the data subject and in order to comply with our legal obligations.

  • We may share images from our CCTV system with third parties, including other occupants or visitors to our building and law enforcement agencies where it is appropriate to do so and there is a legal basis for doing so as outlined above.
  • We will keep a record of all disclosures of CCTV footage.

Call recording

As a law firm our work is largely regulated by the Solicitors Regulation Authority. We are often engaged by businesses that provide financial services that are in turn themselves regulated by the Financial Conduct Authority (the FCA).  As part of our legal work on their behalf, we are required to follow certain FCA rules, including recording telephone calls in respect of certain customer transactions that we deal with.  We may share any customer call recordings with the relevant financial services business of which you are, or may previously have been, a customer.  This recording is undertaken for regulatory compliance, training and quality purposes.

Storage and transfer of your personal data

The personal information that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom or the European Economic Area (EEA).  It may also be processed by staff operating outside the United Kingdom or the EEA who work for us or one of our suppliers or in circumstances where your instruction has international considerations and/or parties related to your matter are located overseas.  Before we transfer your personal data outside the United Kingdom or EEA we will take all steps reasonably necessary to ensure that any such transfer is made securely and that there is adequate protection in place in order to protect your personal data, as required by the Act and Chapter V of the GDPR.

Retention of your personal data

In most cases, we will retain your personal information for a minimum of six years for hard copy information, and 10 years for electronic/digital data and so long as is reasonably necessary for the purpose for which it was obtained and in accordance with our legal obligations and follow our data destruction policy and processes thereafter.

CCTV Footage

Unless required for evidential purposes, the investigation of an offence or as required by law, CCTV images will be retained for no longer than 120 days from the date of recording. Images will be automatically overwritten after this point.

Links to other websites

This Notice only extends to our Website, which is owned and operated by Walker Morris LLP and does not, therefore, extend to your use of, provision of information to and collection of information on any website not connected to Walker Morris LLP to which you may link by using the hypertext links within our Website.

Your rights

Your personal information is protected under data protection law and you have a number of rights (see below) which you can seek to exercise. Please contact us in writing, by email or telephone using the details shown under ‘Contact and Complaints’ below if you wish to do so, or if you have any queries in relation to your rights. Please note these rights do not apply in all circumstances.

Right of access – subject to certain exceptions, you have the right of access to your personal data that we hold.

Right to rectify your personal information – if you discover that the information we hold about you is inaccurate or incomplete, you have the right to have this information rectified (i.e. corrected).

Right to be forgotten – you may ask us to delete information we hold about you in certain circumstances. This right is not absolute and it may not be possible for us to delete the information we hold about you, for example, if we have an ongoing contractual relationship or are required to retain information to comply with our legal obligations.

Right to restriction of processing – in some cases you may have the right to have the processing of your personal information restricted. For example, where you contest the accuracy of your personal information, its use may be restricted until the accuracy is verified.

Right to object to processing – you may object to the processing of your personal information (including profiling) when it is based upon our legitimate interests. You may also object to the processing of your personal information for the purposes of direct marketing and for the purposes of statistical analysis.

Right to data portability – you have the right to receive, move, copy or transfer your personal information to another controller when we are processing your personal information based on consent or on a contract and the processing is carried out by automated means.

IP addresses

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to collect aggregate information for us to use.  This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies

What are cookies?

Cookies are small text files that are created and stored on your browser or the hard drive of your computer by websites that you visit. Cookies are often placed on your computer to enable the website to operate properly, to ‘remember’ who you are, and to monitor website traffic and usage.  Cookies are generally only visible to the website that serves them and not to other websites.

How to manage cookies

Most internet browsers accept cookies automatically. However, you can accept, delete or disable cookies through your browser if you wish. To learn more about controlling the placement of cookies through your browser settings, please review the options available in your internet browser’s ‘Help’ menu, or alternatively visit the All About Cookies (https://allaboutcookies.org/).

To ensure that you have maximum control over how cookies are placed on your computer, we also operate a cookie banner which appears when you first visit our Website, but can also always be accessed through the dedicated link at the bottom of the homepage. This enables you to set your preferences with respect to certain cookies used in connection with the operation of the Website. For more detailed information about the specific types of cookies used, please visit the cookie settings in the footer of the website.

Cookies we use

Cookies are used on our Website for different reasons. Sometimes cookies are necessary for the operation of the Website, for example to ensure its security, or to ‘remember’ your Cookie preference information so that we can make sure those preferences apply to your next visit. Other cookies may serve a different purpose, for example to provide analysis of how the Website is used and to improve functionality for users.

If you click through from one of our emails or landing pages to our website we use additional cookies on our website to connect your e-marketing journey with your website journey. This is to help us to provide you with the best user experience and relevant content across our digital marketing channels

Unless strictly necessary for the functioning of our Website or for the transmission of communications, we will only place cookies where you have previously provided your consent. If you do not provide your consent then you can still access and use our Website, however certain functions or features may be disabled which could negatively affect your user experience.

Our Website uses the following types of cookies:

Necessary – necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Preferences – preference cookies enable a website to remember information that changes the way the website behaves or looks, like you preferred language or the region you are in.

Statistics – Statistic cookies help us to understand how visitors interact with our website, which in turn helps us to improve the way it works and to help visitors find the right information easily. This is done by collecting and reporting information anonymously.

Marketing – Marketing cookies are used to track visitors across websites. The intention is to make our website more relevant to your interests.

Unclassified – unclassified cookies are cookies that are in the process of being classified.

For full details visit the Cookie Settings page here.

Advertising

Walker Morris sometimes advertises products, services and vacancies on third party websites such as LinkedIn. To enable us to target and monitor such advertising we use cookies from those third parties on our websites to tell us which pages you’ve clicked on and interacted with. Each third party website uses its own tracking cookies. These cookies are not under our control so if you are on any third party websites which carry advertisements or otherwise promote Walker Morris, you should check their cookie policies for details of how you can manage your cookie preferences. If you don’t want to be shown targeted advertising, some third party sites allow you to request not to see messages from specific advertisers.

Security

Walker Morris LLP takes great care to ensure the security of our Website and your personal information.  Only authorised personnel and contractors have access to your information.  We will keep your information secure by taking appropriate technical and organisational measures against unauthorised or unlawful processing, accidental loss, destruction and damage. We are also Information Security ISO27001 certified.

Unfortunately, the transmission of information via the internet is not completely secure.  Although we will do our best to protect your personal information we cannot guarantee the security of your personal information transmitted to our Website; any transmission is at your own risk.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Changes to this Notice

We may change this Notice at any time by amending this page.  You are expected to check this page from time to time to take notice of any changes we have made, as they are binding on you.  If we make any substantial changes in the way we use your personal information we will notify you by posting a prominent notice on our Website.

Contact & complaints

If you have any questions about how we treat your personal data and protect your privacy, or if you have any comments or wish to seek to exercise any of your rights as outlined above, to opt-out of receiving marketing communications from us or to complain about our use of your personal data, please write to Risk & Compliance at Walker Morris LLP, 33 Wellington Street, Leeds LS1 4DL, by email at dataprotection@walkermorris.co.uk.

You may also lodge a complaint with the ICO by writing to the Information Commissioner’s Office, Water Lane, Wilmslow, SK9 5AF telephone 0303 123 1113. www.ico.org.uk/.

All rights reserved.  Design and content © Walker Morris LLP 2005-2024.

Last updated: 07 August 2024