Online Privacy Notice - Updated March 2022
This Data Privacy and Data Protection Policy refers to information (The Data) we obtain about individuals (The Data Subjects) and the use we make of it (The Data Processing) in accordance with the UK General Data Protection Regulations (UK-GDPR) the Data Protection Act 2018 (DPA) the Privacy & Electronic Communications Regulations 2003 (PECR) and associated relevant Data Protection statutes and Regulations.
A) Regulatory Notice:
This Privacy Notice applies to two websites owned by Transition Law.
1) www.transitionlaw.com; and
B) Other Regulatory Matters:
B1. We understand the pervasive effect of Data Protection considerations across all aspects of business and wish to create a Culture of Compliance by design within our Organisation.
B2. Consequently, we have made assessments regarding certain other Regulatory areas which require data protection scrutiny to determine whether they affect our Organisation.
B3 Anti-Money Laundering
B3.1 We have assessed our responsibilities under the Money Laundering, Terrorist
Financing and Transfer of Funds Regulations 2017 (The Regulations) as follows:
B3.2. We are not a Regulated Organisation registered with HMRC or The FCA.
B3.3. We are not an exempted Organisation under Article 15 of The Regulations.
B3.4 We are not an Organisation described in Article 8(2)a–8(2)k of The Regulations.
B3.5 We are not required to engage a Money Laundering Reporting Officer (MLRO).
B3.6 We do not receive payments for goods in cash generally and specifically we will not accept payments in cash in excess of €10,000 either paid directly to us or into a bank account controlled by us.
B4 Modern Slavery
B4.1 We have assessed our responsibilities under the Modern Slavery Act 2015 (The Act) as follows:
B4.2 We fully support the aims and objectives of The Act.
B4.3 We are not required to publish a Modern Slavery & Human Trafficking statement under Section 54 of The Act.
B4.4 During recruitment of our staff we ensure adherence to all regulations including the proof of right to work in the UK requirement.
B4.5 We remain vigilant for evidence of Modern Slavery & Human Trafficking within our Organisation and supply chains and maintain a zero tolerance policy towards such activity.
This website may from time to time include information or opinions relating to the law and legal developments. Such information is based upon the law of England and Wales unless expressly stated otherwise. The information contained in and the opinions expressed on this website are provided for general information purposes only and are not intended to be a comprehensive study, nor constitute legal or other professional advice. Furthermore, you should seek appropriate legal advice before taking or refraining from taking any action in respect of any particular legal problem.
Whilst we endeavour to ensure that the content of our website is accurate and up-to-date, we do not make any representations nor give any warranties of any kind (express or implied) with respect to the contents or operation of this website, and any such representations and warranties are expressly excluded.
This website is made available on the basis that (except in respect of fraud or of death or personal injury caused by our negligence), all liability whatsoever for any losses, claims, actions or damage, whether direct or indirect, arising out of or in connection with your use of this website, or your reliance upon the contents of this website, are excluded to the fullest extent permitted by law including but not limited to any liability for computer service or system failure, access delays or interruption, data non delivery or mis-delivery, computer viruses or other harmful components, breaches of security or unauthorised use of the system arising from “hacking” or otherwise.
We do not warrant that use of this website will be uninterrupted and error free. If we discover any typographical, clerical or other error or omission in any page posted on this website then such error shall be subject (as soon as practicable) to correction or deletion (as appropriate) without any liability on our part.
We reserve the right to make changes to this website and these Terms and Conditions at any time without notice and it is your responsibility to revisit this page from time to time to re-read this notice. Any revised terms shall take effect as at the date of its posting on this website.
The content of this website, any dispute arising out of this website, and your relationship with us are governed by English law and shall be subject to the exclusive jurisdiction of the English Courts.
When I visit your website, what information do you gather about me?
We ask for the information we need to provide the service you’ve requested. As a result, the answer to this question depends almost entirely on how you choose to make use of our website and its services.
Currently website clients provide information for the following reasons:
Contact Forms: Used for sending Transition Law details of themselves so we can contact them to discuss legal advice, legal products and services.
Purchases: Name, address, phone, e-mail and credit card information are necessary for purchase of our Legal
Products. Please note that credit card information is not stored beyond the period of transaction and is processed by a third party (E.g. Paypal) not ourselves, we can neither see nor access your financial information.
Will you ever disclose my data to any other organisations?
Transition Law will only supply your personal data to a third party or organisation:
• Where we need to share or send the information to third parties or organisations who work with us or on our behalf to provide a product or service to you, which you have requested. We will have contractual agreements in place with such organisations covering their use of your Personal Data such persons or organisations may only use this information in order to provide such product or service and not for any other purpose;
• Where we are required to forward the information or data in order to comply with any regulatory or legal process. Other than in the circumstances stated above, third parties will not have access to your personal data.
1.1 This Privacy Notice applies to Personal Data we process when you visit or use our website. Further Privacy
Policy statements and documents may apply Offline and these are available, if relevant, on request.
1.2 This site is owned by Transition Law whose office is situated at The Barn, 36 High Street, Pershore,
Worcestershire WR10 1DP
1.3 We are the ‘data controller’ of any personal information you provide to us.
1.4 We are registered with the Information Commissioners Office.
1.5 Our ICO registration number is: ZA 298185
1.6 You can contact us at our postal address given above or via email at firstname.lastname@example.org
if you have any queries regarding this policy.
1.7 As a Data Controller, we will take all the necessary steps to comply with the GDPR and Data Protection Act 2018
and relevant legislation when handling any personal data which you may provide to us.
We are responsible for ensuring that data is processed:
1.7.1 Fairly and lawfully processed
1.7.2 Processed for limited purposes
1.7.3 Adequate, relevant and not excessive
1.7.4 Accurate and Secure;
1.7.5 Not kept longer than necessary
1.7.6 Processed in accordance with your rights
1.7.7 Not transferred to countries outside the UK without safeguards.
1.7.8 In a manner that ensures appropriate security of the personal data.
1.8 We are committed to protecting and respecting your privacy when visiting our website and providing us with
from you before, during or after you use our site and what we will do with them.
1.9 Use of Third Party Computer Applications for Video conferencing: Where we engage with you Online using a
Video Conferencing Application the lawful basis will be our Legitimate Interests and the following will apply:
1.9.1 All participants in Video conferencing will be given specific log in details.
1.9.3 As Data Controller we will manage the Personal Data shared by participants and restrict or control access as
necessary for the security of other participants and to prevent cyber security issues such as Phishing.
1.9.4 Password access will be controlled by the Moderator and individual passwords issued where an increased risk
is perceived such as large groups or public access.
1.9.5 A Legitimate Interest Assessment Test on Video Conferencing was conducted which concluded the use of Video
Conferencing was in our legitimate interests:
18.104.22.168 To facilitate efficient business video and telecommunications.
22.214.171.124 To protect the safety of our employees and participants on the call from unnecessary real world
126.96.36.199 To support our primary business objectives.
1.10 Please Note: This Online Privacy information is a precis of our detailed written policies which are held at our
business premises. Please contact our Data Contact if you require further information regarding our data
protection compliance procedures.
2. Our Privacy Notice and Data Protection policies:
2.1 We are committed to protecting your personal privacy and, in accordance with relevant data protection laws,
we uphold strict security procedures for the collection, storage, use and disclosure of your personal
2.2 We have described below the personal information we may gather about you, the purposes we will hold it for
and the limited categories of people to whom we may disclose it.
3. What information do we collect and how may we use it?
3.1 During your visit to our site, we will only collect personal information that you choose to provide. If, for
example, you contact us with an enquiry or request us to provide you with further information.
3.2 If you share other people’s data with us, for example if you refer professional business to us on behalf of
another, you will need to check you have lawful authority to do so. E.G. The other party has consented to you
providing us with their information. In such a case you are responsible for ensuring the transmission to us of
the information is lawful and we may ask you for documentary evidence of this.
3.3 We may process data about you from various sources and use it to contact you if it is in our Legitimate
Interests to do so and we have completed the necessary formalities required under the data protection
legislation and guidelines.
3.4 In all cases, the purpose of our contacting you will be made clear and you will be provided with information
with which to contact us if you would like us to stop processing your data.
4. We may use the information you provide us with in the following ways:
4.1 To administer your Client account with us.
4.2 To perform our contractual obligations to you.
4.3 To respond to your queries and requests.
4.4 To communicate with you.
4.5 To ensure that the content of our site is presented in the most effective manner.
4.6 To provide you with any information, products and/or services requested from us.
4.7 To provide you with helpful information about our products or services.
4.8 To make improvements to the service we provide you.
4.9 We may disclose personal data relating to our clients, their employees and agents to other legal specialists
including barristers, mediators, arbitrators, consultants or experts engaged in a matter.
4.10 We reserve the right to disclose your personal information where we are required to do so by law, such as to
assist in any disputes, claims or investigations relating to your account or contracts with us and to detect and
prevent fraudulent transactions.
4.11 E-mail correspondence with us via our website and email addresses accessible through or obtained from this
site may be recorded and/or monitored.
5. How do we store and protect your data?
5.1 We have robust information security management systems in place to protect your personal data. We take the
security of your information seriously and have implemented appropriate technical and organisational
security measures to protect it against any unauthorised or unlawful processing and against any accidental
loss, destruction, or damage.
5.2 Data we receive and process is held by us in secure electronic devices and separate back up devices and
5.3 Personal Data may also be held in encrypted 3rd party ‘Cloud’ Servers.
5.4 Further encrypted back ups of data may be held securely in offsite locations which are also subject to physical
security at their location.
5.5 We will not sell, rent or otherwise disclose the personal information you provide to us through the site to third
parties (other than as listed below) unless we are required to do so by law.
5.6 The Main Establishment for all of our Data Processing is the UK. We do not generally operate or transfer
Personal Data outside of the United Kingdom.
5.7 Due to the operation of the Internet and other computer based applications Personal Data under our control
may transit countries outside of the UK.
5.8 We will only transfer data outside the UK if adequate safeguards are in place in the destination country.
5.9 Where Personal Data is transferred to a third country or an international organisation we will ensure that an
adequacy decision or similar authority exists between the UK and the relevant country or area.
5.10 Where no adequacy decision exists and we rely on the provisions of Standard Contractual Clauses or Binding
Corporate Rules evidence of the safeguards provided thereby will be available upon request.
6. Third parties who provide services on our behalf
6.1 We may share your personal information with certain third parties who provide services on our behalf.
6.2 Such 3rd Parties only have access to the personal information they need to perform those services.
6.3 Such 3rd parties are bound by contractual arrangements with Ourselves in accordance with Data Protection
legislation and are required to keep your personal information secure and confidential. They may only use it as
permitted by us in accordance with our Privacy Policies.
6.4 If you have contracted with us we will share data only to the extent necessary for the performance of the
contract, otherwise we will obtain specific additional consent from you before sharing your data.
6.5 The third parties who provide services on our behalf fall into the following categories:
6.5.1 Our partners providing logistics and external service support.
6.5.2 Our business partners or advisors for the purposes of completing or investigating a transaction with you.
6.5.3 Marketing agencies appointed to provide services to us.
6.5.4 The service providers operating this site on our behalf.
6.5.5 Accountants, auditors, law firms, payment processors, information technology support providers.
6.5.6 Advertising services, analytics services, Computer Application and content providers.
7. How long do we store your data?
7.1 We will not keep your data for longer than is necessary for the relevant purposes set out in this Privacy Notice
or our Company Compliance Policies.
7.2 Where you have purchased a product or service from us, we will hold your relevant personal details to enable
us to administer the contract and provide such professional and client care services as may be required.
7.3 We also store personal data in line with Regulatory and legal requirements in accordance with the law.
8. Your Rights
8.1 Under the UK General Data Protection Regulation (UK GDPR) and The Data Protection Act 2018 (DPA) you have
a number of rights with regard to your personal data. To exercise any of your rights contact our Data
Contact using the details given above.
8.2 You have the right to request from us access to and rectification or erasure of your personal data; the right to
restrict processing; the right to object to processing as well as in certain circumstances the right to data
portability as below.
8.3 In the event that you provide your data directly to us for the purpose of a contract, or in circumstances where
you have provided your data by consent, you have the right to be provided with your data in a structured,
machine-readable format. This is known as Data Portability.
8.4 Following a request relating to Data Portability we will transmit the relevant personal data to the data subject
or their nominated data controller where it is possible and technically feasible for us to do so.
8.5 Where you have provided your data voluntarily by Consent you have the right to withdraw your Consent at any
time. However, withdrawal of Consent does not affect the lawfulness of any processing of your data based on
your Consent prior to its withdrawal.
8.6 You have the right to complain to the Data Regulator at the Information Commissioners Office on 0303 123 1113
or through their website www.ico.org.uk.
8.7 Where we need to process data for the purposes of entering into a Contract with you, if you fail to provide
such data it may mean that we cannot establish legal relations between us and the contract may not be able to
go ahead. We will inform you if this happens.
8.8 Automated decision making and profiling means making decisions without human intervention, usually with
the use of a computer program or software. We do not use automated decision making software.
8.9 Please note we will retain and use your personal information as necessary to comply with our legal
obligations, resolve disputes, and enforce our agreements. If we need to use your data for a reason it was not
collected and you are not aware of this, we will inform you and in appropriate cases obtain your further
consent to such use.
8.10 If we process data about you but we have not obtained the data personally from you, we must provide you with
the information described in this Privacy Notice and some additional information.
8.11 The additional information will be provided to you at least by the time we contact you and in any event within
the space of one month after we obtain it.
8.12 You are entitled to know if the processing is based on Legitimate Interests, what and whose Legitimate
Interests they are.
8.13 You are entitled to know the purpose of the processing, whether we or someone else is processing it and the
categories of Personal Data involved.
8.14 You are entitled to know the source of the information and whether the source is publicly accessible.
8.15 There are some exceptions to this additional information rule. If we obtain your Personal Data from a source
other than yourself, the additional information rules will apply unless:-
8.15.1 You already have the information regarding our processing; or
8.15.2 it would take a disproportionate effort or be impossible to provide you with it; or
8.15.3 you are already legally protected under separate provisions; or
8.15.4 we have a legal duty not to disclose it.
8.16 We use the lawful basis of Legitimate Interests for processing data in the following circumstances:
8.16.1 When processing data using Video Conferencing software.
9. Lawful bases for data processing
9.1 We hold and process your data by lawfully allowed means, these include:
9.1.1 Your Consent: Consent is usually given by yourself when you contact us via this Website or personally when we
discuss products or advice with you.
9.1.2 Contractual obligations: This occurs when you purchase products or services from us.
9.1.3 Legal Obligation: When the processing is necessary for us to comply with the Law.
9.1.4 Vital Interests: When the processing is necessary to protect someone's life.
9.1.5 Public Task: When the processing is necessary for us to perform a task in the public interest or for an official
function and the task or function has a clear basis in Law.
9.1.6 Legitimate Interests: When the processing is necessary for our legitimate interests or the legitimate interests
of a third party unless there is a good reason to protect the individual’s personal data which overrides those
N.B. Legitimate Interests can only be used following the application of the prescribed three part Legitimate
Interests Assessment Test and then only when a positive outcome is indicated by the conclusions of the test.
All Legitimate Interests Assessment Tests will be documented, recorded and retained.
10. Children’s data
10.1 Our site is not directed at children and should not be accessed by them.
10.2 We will not knowingly collect information from persons under 13 years of age without their parent's or
10.3 If a Parent or Guardian of a person under 13 years of age discovers their child has engaged with our Website
without their consent, please inform us immediately using the email address email@example.com.
10.4 We have considered the elements of the AADC (Children’s code) in relation to our Online activity and
concluded that we are not a relevant Information Society Service which is likely to be accessed by children.
10.5 We do not provide legal services or advice to Children. There is no information on our Website which could be
detrimental to a child but we have placed a self-certifying 18+ 'Age Gate' on our Website payment page to deter
children from entering in error areas where they can make any purchase decisions.
11. Third Party Websites
11.1 From time to time our site may contain links to and from the websites of our suppliers or other third party
11.2 If you visit any of these sites you should confirm they have their own privacy policies and you should check
these before submitting any personal data on their site. We cannot accept any responsibility or liability for the
policies on any other Websites.
12 Data Access
12.1 You have rights of access to the data we hold about you. Should you wish to exercise these rights please contact
our Data Contact whose details are given above.
12.2 There is usually no charge for the Data Access service. As soon as we are satisfied as to your identity, we will
send you, without delay and in any case within one Month, the Personal Data we hold relating to you, which we
are legally obliged to provide.
12.3 In the event we need more time to gather the requested information we will let you know without delay and in
any event within one month.
12.4 A fee may be payable for Data Access services if the request(s) are manifestly unfounded or excessive or
repetitive in nature. Alternatively, we may choose to ignore this type of request. In these cases we will inform
you of our decision and if applicable any fee that may be required.
12.5 Please contact us if you believe that any personal data or information which we hold about you is incorrect or
incomplete. Any information or data which is found to be incorrect will be corrected as soon as practicable.
12.6 Please contact us if you wish to have your personal data removed entirely from our systems. As soon as we are
satisfied as to your identity and the data is not required to be kept for any other lawful reason or purpose it will
be removed from our systems forthwith.
12.7 If you so wish, your Data will be provided to you electronically in a commonly used format such as email.
12.8 If you are unhappy with any of the responses given to you by us you may complain about us to the regulator at
the Information Commissioners Office on 0303 123 1113 or through their website www.ico.org.uk.
13. Business Transfer or Sale
13.1 In the event our business, or part of it, is taken over, bought or merged with another business we may need to
disclose any personal data we are holding about you to the other Company so they can continue to provide
13.2 It may be necessary to transfer your data to a Company that is negotiating with us for the purchase of our
business but only where it is necessary to evaluate the business purchase transaction. In this case your data
would be kept safe and destroyed by the third party if the sale or merger did not go ahead.
14. What are cookies and do you use them?
14.1 'Necessary' Cookies are small computer tags, which allow our Website to operate properly.
14.2 Before you can use our site you will be asked to select which other Cookies you are prepared to allow.
14.3 A Cookie Banner will Pop Up on the screen so you can make your selection.
14.4 You can also adjust your internet browser settings regarding accepting cookies. Your web browser’s help
function should tell you how to do this. Alternatively, you can find information about how to do this for all the
commonly used internet browsers on the website: http://www.aboutcookies.org/default.aspx. This website will
also explain how you can delete cookies which are already stored on your device.
15. Changes to this policy.
15.1 There may be developments in how we use your data according to changes in the Law.
it is your responsibility to revisit this page from time to time to re-read this policy including any and each time
you visit our website.
15.3 Any revised terms shall take effect as at the date of posting.
15.4 If you don’t find your concern addressed here, feel free to contact us by e-mailing us at the
contact details given above.