2.1. Here are the details that we as 'data controller' are required to give to you in accordance with Data Protection Legislation (please note this means the Data Protection Act up to and including 24th May 2018 and from 25 May 2018 and onwards the General Data Protection Regulation (GDPR) and any other applicable law which relates to the protection of individuals rights with regard to the processing of personal data):
2.1.1. Our Website address is: www.lawbite.co.uk
2.1.2. Our company name is: Lawbit Ltd
2.1.3. Our registered address is: Lawbit Ltd trading as LawBite, WSM LLP, Connect House, 137 Alexandra Road, London, SW19 7JY
2.1.4. Our Trading/postal address is LawBite, Unit 2.14 Grand Union Studios, 332 LadBroke Grove, London, W10 5AD
3.1. We may collect, use, transfer and process the following data about you including:
3.1.1. information you put into forms, when entering a competition, promotion or surveys on our Platform at any time. This includes information provided at the time of registering to use our Platform, subscribing to our service, creating an account on our Platform, posting material or requesting further services.
3.1.2. requests that marketing material be sent to you;
3.1.3. information you may provide via our social media platforms; and
3.1.4. information you may provide to us when you contact us by email, phone or otherwise.
3.2. We may also ask for your information when you report a problem with our Platform or provide other feedback and we will collect the following data to enable us to provide our Services to you;
3.2.1. a record of any correspondence between us;
3.2.2. details of transactions you carry out through our Platform
3.2.3. details of your visits to our Platform and the resources you use
3.2.4. any information that you upload to our Platform and any other form of interaction data you may provide; and
3.2.5. information about your computer (e.g. your IP address, browser, operating system etc) for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and does not identify any individual.
3.3. Please note that we do not store credit card details and we do not share customer details with any third parties without the customer's your consent.
3.4. Depending on your circumstances and the products and services selected the personal information we gather about you may include: your name; address; email address; phone number; financial information; personal identification information and any further personal information as may be required as part of the service or product provided or which you share through our Platform.
5.1. We use information about you to:
5.1.1 present Platform content effectively to you;
5.1.2 provide information on and allow you to use, products and services that you request, or (with your consent) those services which we think may interest you to personalise your experience;
5.1.3. allow us to better our service to you by responding to your customer service requests;
5.1.4. take steps at the request of you prior to entering into a contract or to carry out our contractual obligations and provide you with the products and services under the terms of our contractual arrangement with you;
5.1.5. allow you to use our interactive services if you want to;
5.1.6. to administer a contest, promotion, survey or other Platform feature;
5.1.7. tell you about changes to our service;
5.1.8. we will contact you electronically about similar products and services to those previously sold to you;
5.1.9. with your prior consent, tell you about other goods and services that might interest you; and
5.1.10. we may want to allow selected third parties to contact you directly. We will ask for your consent each time, before passing on your details, and will not do so unless your consent is given.
5.2. In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you, such as combining your name with your geographic location or your browsing or purchasing history.
5.3. If you do want to be contacted for marketing purposes, please tick the relevant box that you will find on screen when we collect your data.
5.4. You can update your preferences at any time by updating your contact preferences in your LawBite My Account area.
5.5. Please note: we don't identify individuals to our advertisers (if any), but we may give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience.
5.6. Please note, that if you no longer wish for us to process your personal data for marketing purposes, you can contact us at firstname.lastname@example.org and we will update our systems. However, in doing you acknowledge that this may limit the products and services we can provide to you. In some cases, the collection and retention of personal data may be a statutory or contractual requirement.
5.7. In addition to 5.1 we will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
5.7.1. Where we need to perform the contract we are about to enter into or have entered into with you.
5.7.2. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
5.7.3. Where we need to comply with a legal or regulatory obligation
5.8. Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to our marketing communications or sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by updating your contact preferences in your LawBite My Account area, and we will move your data to our "unsubscribe list". However, you acknowledge this will limit our ability to provide the best possible services to you.
6.1. We may transfer your collected data to third parties for storage outside the European Economic Area (EEA) in connection with the above purposes. For example, your personal data may be processed outside the EEA to fulfil your order and/or it may be processed to administer payment.
6.3. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see the European Commission: EU-US Privacy Shield.
6.4. Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Platform. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
6.5. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
6.6. We have implemented security measures such as a firewall to protect any data and maintain a high level of security.
6.7. Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet and you take the risk that any sending of that data turns out to be not secure despite our efforts.
7.1. We will not collect more personal data than we need for the purposes set out in Paragraph 5. We will retain such personal data for the life of your contractual arrangement with us and for a period of up to seven years after your relationship with us has ended. We may however be required to retain personal data for a longer period of time to ensure we comply with our regulatory and legislative requirements. We regularly review our data retention obligations to ensure we do not keep personal data for longer that we are legally obliged to.
7.2. We do not store credit card details, other than storing them momentarily on the App until they have been dispatched to our payments provider.
8.1. We are allowed to disclose your information in the following cases:
8.1.1. if we want to sell our business, or our company, we can disclose it to the potential buyer;
8.1.2. if we want to sell or buy any business, or assets, we can disclose your personal data to the potential buyer or seller of such business or assets;
8.1.3. we can disclose it to other businesses in our group, which means our subsidiaries, our ultimate holding company and its subsidiary as defined in Section 1159 of the UK Companies Act 2006;
8.1.4. we can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights;
8.1.5. in connection with legal proceedings (including prospective proceedings);
8.1.6. in order to establish or defend our legal rights; and
8.1.7. we can exchange information with others to protect against fraud or credit risks.
8.2. Through the Platform we may facilitate the provision of legal advice to you by consultancy lawyers ('LawBriefs') from Lawbriefs Limited. We will share the appropriate level of personal and non-personal data with Lawbriefs Limited and the applicable LawBrief to enable the LawBrief to contact you, understand your needs and to assist them in providing legal advice to you and your particular set of circumstances. We do however take reasonable steps to ensure our LawBriefs handle your information securely and in accordance with our obligations and those of the applicable LawBrief and LawBriefs Limited under Data Protection Legislation.
8.3. In addition, we may engage third parties to assist us in carrying out certain functions on our behalf. These include companies to assist with payment processing, search engine facilities, advertising and technology services. We only share the appropriate level of personal data to enable the supplier to provide their services. Where your data is required to be shared we will take all reasonable steps to ensure your data is handled safely and securely and in accordance with our and the suppliers' obligations under Data Protection Legislation.
8.4. Companies who have access to personal data include:
Web hosting: Amazon Web Services Legal Health Check survey: Survey Monkey Online reviews platform: Feefo e-Signing provider: Adobe Regulated law firm: LawBriefs Chat and ticketing management: Deskpro Credit Reports/ID checks: Creditsafe
Other providers include: SMS alerts, IT and software development, Online advertising management, Accountants
9.1. You have a number of rights under the Data Protection Legislation;
9.1.1. The right to request a copy of the information we hold on you. When you request this information, this is known as a Subject Access request (SAR). In most cases, this will be free of charge however in limited circumstances we may apply an administration charge. For example, where repeated requests are made;
9.1.2. The right to have personal data we hold about you transferred securely to another service provider in an electronic form;
9.1.3. The right to have inaccurate personal data corrected;
9.1.4. The right to have any out of date personal data deleted once there's no business need or legal requirement for us to hold it;
9.1.5. The right to object or restrict some processing, in limited circumstances and only when we don't have legitimate grounds for processing your personal data;
9.1.6. The right to object to personal data being used to send you marketing material. As mentioned above, we will only send you marketing material where you have given your consent to do so. You can remove your consent at any time.
9.1.7. You can ask us not to use your data for marketing. You can do this by not ticking the relevant boxes on our forms, or by contacting us at any time at email@example.com
9.1.8. The right to ask for a decision to be made manually, where a decision is made using automated means and this adversely impacts you.
9.1.9. The Data Protection Legislation gives you the right to see information we hold about you. To exercise any of these rights please contact firstname.lastname@example.org.
10.1. We are committed to ensuring your personal data is protected and held securely. However, the internet is not a secure medium and we cannot accept responsibility for the security of an email during transmission or non-delivery of that email.
11.1. If you believe we have not processed any of your personal data in accordance with Data Protection Legislation or you have been affected by non-compliance you can make a complaint to Richard Royce at email@example.com.
11.2. If you are not satisfied with our response you can raise a complaint with the UK's Information Commissioner's Office, the UK's independent authority set up to enforce Data Protection Legislation.
14.1. In the event that we use personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing their own point of view, and obtaining an explanation of the decision from us.
14.2. The right described in section 14.1 does not apply in the following circumstances:
14.2.1. the decision is necessary for the entry into, or performance of, a contract between the you and us;
14.2.2. the decision is authorised by law; or
14.2.3. you have given you explicit consent.
14.3. Where we use your personal data for profiling purposes, the following shall apply:
14.3.1. Clear information explaining the profiling will be provided, including its significance and the likely consequences;
14.3.2. Appropriate mathematical or statistical procedures will be used;
14.3.3. Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
14.3.4. All personal data processed for profiling purposes shall be secured in order to prevent discriminatory effects arising out of profiling.
17.2. If any such dispute cannot be settled amicably through ordinary negotiations between the parties, or either or both is or are unwilling to engage in this process, either party may propose to the other in writing that structured negotiations be entered into with the assistance of a fully accredited mediator before resorting to litigation.
17.3. If the parties are unable to agree upon a mediator, or if the mediator agreed upon is unable or unwilling to act and an alternative mediator cannot be agreed, any party may within 14 days of the date of knowledge of either event apply to us to appoint a mediator under the LawBite Mediation Procedure.
17.4. Within 14 days of the appointment of the mediator (either by mutual agreement of the parties or by LawBite in accordance with their mediation procedure), the parties will meet with the mediator to agree the procedure to be adopted for the mediation, unless otherwise agreed between the parties and the mediator.
17.5. All negotiations connected with the relevant dispute(s) will be conducted in confidence and without prejudice to the rights of the parties in any further proceedings.
17.6. If the parties agree on a resolution of the dispute at mediation, the agreement shall be reduced to writing and, once signed by the duly authorised representatives of both parties, shall be final and binding on them.
17.7. If the parties fail to resolve the dispute(s) within 60 days (or such longer term as may be agreed between the parties) of the mediator being appointed, or if either party withdraws from the mediation procedure, then either party may exercise any right to seek a remedy through arbitration by an arbitrator to be appointed by us under the Rules of the LawBite Arbitration Scheme.