Abstract of glass building

RPC LLP (England) Client Privacy Notice

Reynolds Porter Chamberlain LLP (ICO registration Z6620421) herein referred to as “RPC LLP”/“we”/ “us”/“our” is a data controller responsible for processing the personal data you provide to us.

RPC LLP is committed to managing personal data securely and effectively.  We will only keep the personal data required to undertake our business processes and will only share or transfer the data you provide to us for the purposes outlined below.  We will always provide you with the ability to opt-out of electronic direct marketing and provide options to select which news and information you receive.

Our Data Protection policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation and applicable national law. 

What information do we collect and from whom?

We collect and process personal data about you when you interact with us, including when you seek legal advice from us, use our website, sign up to our newsletters or attend seminars and events, when you purchase services from us or agree to provide services to us.  We may also collect personal data about you in the course of advising and representing our clients.  The personal data we process may include:

  • your name;
  • your home or work address, email address and/or phone number;
  • your job title;
  • your payment details, including billing addresses;
  • information about you that is relevant to our instructions and/or matters, which could include information about your conduct, your beliefs, your medical information etc;
  • your IP address and information related to the browser or device you use to access our website and other analytics data;
  • your username and password when accessing restricted website content;
  • any other information you may provide, whether directly or via your legal representatives.

We will store data we receive from you, your legal counsel or other advisors, data that is publicly available and data from third parties such as Client Due Diligence (CDD) agencies. 

How do we use this information and what is the legal basis for this use?

We process the personal data listed in the above section for the following purposes:

  • as required to establish and fulfil a contract with you, for example, if you enter into an agreement to provide or receive services, or if you seek to be employed or engaged by us.  This may include verifying your identity, undertaking conflict or due diligence checks, billing and payments, communicating with you and arranging the delivery or other provision of products or services.  We require this information in order to enter into a contract with you and are unable to do so without it;
  • to comply with applicable law and regulation;
  • in accordance with our legitimate interests in managing and protecting RPC LLP's business interests and legal rights including but not limited to use in connection with legal claims, compliance, regulatory, conflict and due diligence checks and investigative purposes (including disclosure of such information in connection with legal process or litigation);
  • for the provision of legal advice to our clients and for the establishment, exercise or defence of legal rights or claims, which may include alternative dispute resolution processes on behalf of our clients in accordance with the legitimate interests of our clients and RPC LLP;
  • to manage our relationship with you, in accordance with our legitimate interests;
  • to manage risk for RPC LLP;
  • to respond to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others about our website or our services;
  • we may use information you provide to personalise (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
  • to monitor use of our websites and online services and  to use your information to help us check, improve, promote and protect our products, content, services and websites, both online and offline, in accordance with our legitimate interests;
  • we may also use third parties to assist us in carrying out customer due diligence checks in accordance with our requirements under the Money Laundering Regulations.  These third party companies provide us with online due diligence tools to assist us in completing the appropriate checks required, with the purpose of establishing who our client is;
  • in circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests
  • we may use your information to invite you to take part in market research or surveys, where you have consented to us doing so.

We may also send you direct marketing in relation to our relevant products and services or other products and services provided by us.  We will always provide the ability to opt-out of electronic direct marketing and to select your preferences for receiving news and information.  You will be able to continue to opt-out of electronic direct marketing at any time by following the instructions in the relevant communication.

With whom and where will we share your personal data?

RPC LLP may share your personal data with other RPC Businesses[1] for the purposes of proper and effective management of their businesses.  Such purposes include conflict checking and compliance with applicable legal and regulatory requirements.  Further information about the RPC Businesses may be found on our website (www.rpc.co.uk) in the section headed "Legal and regulatory notices".

We may also share the personal data you provide with the below third parties where this is necessary for legal or regulatory reasons and to  provide our services to you or our clients and undertake our business processes.  These third parties may include:

  • our auditors and external legal and financial advisors;
  • barristers, solicitors, other legal representatives and experts engaged in a matter in which we are acting, which may include foreign law firms;
  • our suppliers, business partners and sub-contractors;
  • government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if necessary for the legal protection of our legitimate interests in compliance with applicable laws;
  • entities providing feedback and legal ranking services.

Personal data may also be shared with third party service providers who will process it on behalf of the RPC Businesses for the purposes above.   

In the event that our business or any part of it is sold or integrated with another business, your details will be disclosed to our advisers and those of any prospective purchaser and will be passed to the new owners of the business. 

How long will you keep my personal data?

We will not keep your personal information for any purpose(s) for longer than is necessary and we will only retain the relevant personal information that is necessary in relation to the purpose.  We are also required to retain certain information by law or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. 

We will retain client files for the period defined in the table below, unless we agree with you to retain these for a longer period.

Record type

Description

Trigger

Retention

General matter files

All files not covered in the exceptions below

Date of file closure

7 years

Employment

Any files dealing with employment advice or settlement of an employment dispute

Date of file closure

12 years

Real Estate

Any files dealing with real estate or conveyancing

Date of file closure

12 years

RPC ongoing role

RPC has an ongoing role eg as company secretary or trustee

Date of file closure

100 years

Trademarks and intellectual property

Material evidencing the use of trademarks, including brand bibles and intellectual property title documents

Date of file closure

100 years

Wills

Including testamentary disposition and powers of attorney etc

Date of file closure

100 years

 

We may retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any disposal to take place.

Where is my data stored?

The personal data that we collect from you may be stored on a mix of RPC and various cloud provider platforms and may be transferred to, and stored outside the European Economic Area (EEA).  It may also be processed by staff operating outside of the EEA who work for us, one of the RPC Businesses or one of our suppliers.  Where we do so, the third country's data protection laws will have been approved as adequate by the European Commission or other applicable safeguards  will be in place.  

Where such transfers occur outside of the EEA, we ensure the confidentiality and protection of all data is preserved through compliance with legal requirements and the current Data Protection legislation.  This is managed by all RPC Businesses, including those outside of the EEA by entering into Data Transfer Agreements with each other, which all contain the model clause agreements approved by the relevant regulatory authority.  Data encryption, integrity and confidentiality are enforced by following best practice.  RPC LLP also ensures that cryptographic controls are implemented following industry best practice, through the use of VPN tunnels, TLS and by conducting regular testing.

What are my rights in relation to my personal data?

You have the right to ask us not to process the personal data you provide for direct marketing purposes.  You can exercise your right to prevent such processing by ticking certain boxes on the forms we use to collect your data, clicking the unsubscribe button on any communication we have sent to you or by contacting us. 

Where you have consented to us using your personal data, you can withdraw that consent at any time. 

If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.

You also have the right, with some exceptions, to ask us to provide a copy of any personal data we hold about you.

Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine readable format. If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved.  In some circumstances you can ask us to erase your personal data if you withdraw your consent and it is no longer necessary for us to use your personal data, where you object to the use of your personal data and we don't have a good reason to continue to use it, or we haven't handled your personal data in accordance with our obligations.

Where can I find more information about how RPC businesses handle my data?

If you have any queries please contact us on data-enquiries@rpc.co.uk or by writing to Reynolds Porter Chamberlain LLP, Tower Bridge House, St Katharine's Way, London E1W 1AA.

If you are not happy with our response, you can contact the Information Commissioner's Office: https://ico.org.uk/.

This privacy notice may be amended from time to time.  You may access and obtain a copy of this privacy notice at any time from https://www.rpc.co.uk/privacy-policy/client-privacy-notice-uk so that you are always informed of the way we collect, use, store and handle personal data.

[1] The RPC Businesses are a network of affiliated firms, comprising Reynolds Porter Chamberlain LLP, Reynolds Porter Chamberlain Consulting LLP in England, Reynolds Porter Chamberlain in Hong Kong, RPC Premier Law Pte Ltd in Singapore and RPC France SAS in France.