Skip to main content

Data Driven Legal Privacy Notice

This Privacy Notice applies to information we collect about individuals who interact with our organisation. It explains what personal data we collect and how we use it. 

In this Privacy Notice, "we", "us" and "our" refer to Data Driven Legal and when we refer to "personal data" we mean any information relating to an identified or identifiable natural person and an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Our Details

This website is owned and operated by Bryan Plenty Ltd trading as “Data Driven Legal” a company registered in England and Wales with company number 13052306 and registered office at 95 Colney Heath Lane, St Albans, Herts AL4 0TN.

If you have any comments or questions about this Privacy Notice, please feel free to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..

The key elements of this Privacy Notice:

  • We take very seriously our responsibilities to respect your legal rights and keep your data safe
  • You have a number of data protection rights which we can help you exercise
  • We collect some personal data from you
  • We use your personal data to assist you with your enquiries, provide the services you request from us and comply with our legal obligations
  • When we no longer need your personal data we delete it
  • We may share your personal data but we will let you know before we do (unless the law tells us not to)

The type of personal data we collect, how we get the personal data, why we have it and the lawful bases we rely on for processing this information

We are the controller of the personal data we collect about you.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity and Contact Data, including your name, address, telephone number, date of birth, marital status, passport number, employment history, educational or professional background, tax status, employee number, job title and function, and other personal data concerning your preferences relevant to our services;
  • Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Business Information, including information provided in the course of the contractual or client relationship between you or your organisation and Data Driven Legal, or otherwise voluntarily provided by you or your organisation;
  • Information relevant to our legal advice, including personal data relevant to any legal advice or services we have been asked to provide to you;
  • Technical Data, including information collected during your visits to our website(s), the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform. Our use of cookies or similar technology can be managed in the cookie management tool;
  • Usage Data including information about how you use our websites(s), including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs). Our use of cookies or similar technology can be managed in the cookie management tool;
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

How do we collect your personal data?

The circumstances in which we can collect personal data about you include:

  • when you or your organisation seek legal advice from us or use any of our online client services;
  • when you or your organisation offer to provide, or provides, services to us;
  • when it is provided to us by a third party because you are the subject of, or your data is otherwise included in, legal advice we are asked to provide to that third party client (for example, where we are asked to provide advice in a data subject access request)
  • when you correspond with us by phone, email or other electronic means, or in writing, or when you provide other information directly to us, including in conversation with our lawyers, consultants and staff;
  • when you or your organisation browse, complete a form or make an enquiry or otherwise interact on our website or other online platforms;
  • when you attend our seminars or other events or sign up to receive personal data from us, including training or our social events;
  • by making enquiries from your organisation, other organisations with whom you have dealings such as former employers and educational institutions, or from third party sources such as government agencies, a credit reporting agency, information service providers or from publicly available records.

If you fail to provide personal data

Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.

How we use your data

We use your personal data only for the following purposes:

  • To fulfil a contract, or take steps linked to a contract, with you or your organisation. This includes:
    • to register you as a client of Data Driven Legal;
    • to provide and administer legal services or other services or solutions, as instructed by you or your organisation;
    • to process payments, billing and collection; and
    • to process applications for employment.
  • As required by Data Driven Legal to conduct our business and pursue our legitimate interests, in particular:
    • to administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship including identifying persons authorised to represent our clients, suppliers or service providers;
    • to carry out background checks, where permitted;
    • to analyse and improve our services and communications and to monitor compliance with our policies and standards;
    • to protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;
    • for insurance purposes;
    • to exercise or defend our legal rights or to comply with court orders;
    • to provide legal advice and legal services to our clients; and
    • to communicate with you to keep you up-to-date on the latest developments, announcements, and other information about our services and solutions (including briefings, newsletters and other information), events and initiatives; to send you details of client surveys, marketing campaigns, market analysis, or other promotional activities; and
    • to collect information about your preferences to personalise and improve the quality of our communications with you.

For example, we may use your personal data to:

  • reply to enquiries you send to us;
  • fulfil the service contract you have entered into with us;
  • send you marketing communications by email relating to our business which we think may be of interest to you.

When we share your data

We will only pass your data to third parties in the following circumstances:

  • if we have collected your personal data in the course of providing legal services to any of our clients, we may disclose it to that client, and where permitted by law to others for the purpose of providing those services;
  • on a confidential basis with third parties for the purposes of collecting your feedback on the firm’s service provision, to help us measure our performance and to improve our services
  • with companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such personal data is shared;
  • with courts, law enforcement authorities, regulators, government officials or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process;
  • with service providers who we engage within or outside of Data Driven Legal, domestically or abroad, e.g. shared service centres, to process personal data for any of the purposes listed above on our behalf and in accordance with our instructions only.

In addition, we will only pass data to third parties outside of the UK and/or EU when appropriate safeguards are in place as defined by the General Data Protection Regulation (“GDPR”) Data Protection Act 2018 and UK GDPR, as applicable.

Where third party recipients are providing us with services that involve processing personal data on our behalf, they are our data processor.

How we store your data and for how long

We will only ever ask for the minimum amount of data required for the associated purpose. It is stored on servers in the UK and we delete that data promptly once it is no longer required.

Data collected through enquiries/communications will be kept for 3 years following the date of the most recent contact between you and us. Data collected through a contractual relationship with you will be retained for six years following the end of the contractual relationship.

Please note that we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject to.

Your data protection rights

Under data protection law, you have a range of rights over your data, including:

  • the right of access - you have the right to ask us for copies of your personal data.
  • the right to rectification - you have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete data you think is incomplete.
  • the right of deletion - you have the right to ask us to erase your personal data in certain circumstances.
  • the right to restriction of processing - you have the right to ask us to restrict the processing of your personal data in certain circumstances.
  • object to processing - you have the right to object to the processing of your personal data in certain circumstances.
  • request data portability - you have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
  • where data processing is based on consent, you may revoke this consent at any time.
  • lodge a complaint with the Information Commissioner if you feel your rights have been infringed.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. if you wish to make a request.

How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us at This email address is being protected from spambots. You need JavaScript enabled to view it..

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address is Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Their helpline number is 0303 123 1113 and their website is available at www.ico.org.uk.

Modifications

We may modify this Privacy Notice from time to time and will publish the most current version on our website. If a modification meaningfully reduces your rights and we hold your personal data, we will notify you.