- Privacy Notice
1.1 This Privacy Notice sets out how Dickinson Gleeson processes personal data in respect of individuals including clients, intermediaries, existing and prospective members of staff and other third parties Dickinson Gleeson interacts with, or any individual who is connected to those parties. Where the data held is regarding an individual, this document also sets out the rights of those individuals in respect of that personal data.
1.2 Any questions in relation to this Privacy Notice or requests in respect of personal data, should be sent to dataprotection@dgadvocates.com.
- Who we are
2.1 Dickinson Gleeson, also referred to as “we”, “us” and “our” in this Privacy Notice, is a Jersey law partnership engaged in the provision of legal services in Jersey and a data controller.
- The data we hold
3.1 Dickinson Gleeson processes data in order to provide legal services. The type of data we may collect and process includes:
3.1.1 contact details (including names, postal addresses, email addresses and telephone numbers);
3.1.2 information required to meet our legal and regulatory obligations, in particular those in respect of anti-money laundering including information on source of funds and source of wealth;
3.1.3 information provided in the course of the provision of legal services (for example, information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, disputes and court proceedings engaged in);
3.1.4 in certain circumstances, your and others’ signature(s), financial information such as bank account details and payment related information;
3.1.5 the content of any enquiry submitted over our website; and
3.1.6 any other information you may provide to us.
3.2 Dickinson Gleeson may also collect and process personal data regarding people connected to you, either by way of professional (or other) association or by way of family relationship.
3.3 If you apply for a position with us we may collect personal information relating to your past employment, professional qualifications and education, your nationality and immigration/residential status, opinions from third parties about you (such as references) and other details about you which may be gathered during the recruitment process.
3.4 It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.
3.5 In certain instances, the personal data we process may include “Special Category Data” which includes information on a person’s race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, health data, data on a person’s sex life or sexual orientation or data relating to a person’s criminal record or alleged criminal activity. In such instances, the legal basis for processing that data may include the processing being necessary for compliance with a legal obligation or the purposes of legal proceedings or legal advice.
- Purposes of, and legal basis for, processing.
4.1. We process personal data for the following purposes:
4.1.1. to provide and improve legal and other services;
4.1.2. to comply with our legal and regulatory obligations;
4.1.3. to conduct administrative or operational processes within our business;
4.1.4. to manage our client, intermediary and other business relationships;
4.1.5. to perform a contract which we may have with you;
4.1.6. to establish, exercise or defend the legal rights of Dickinson Gleeson or for the purpose of legal proceedings;
4.1.7. to process and respond to requests, enquiries or complaints received from you or someone connected to you;
4.1.8. should you apply for a position with us, to review and process your application; and
4.1.9. for other legitimate business purposes.
4.2. We process personal data on the following legal basis:
4.2.1. to perform a contract to which the data subject is a party;
4.2.2. to take steps at the request of the data subject with a view to entering into a contract;
4.2.3. the processing is necessary for the purposes of Dickinson Gleeson’s legitimate interests including to provide its services to its clients, to ensure its business is conducted efficiently and with a view to enhancing client service, to protect itself and its systems, members of staff and premises from being misused or the victim of any criminal activity, for the purposes of internal know-how and training;
4.2.4. the processing is necessary for compliance with a legal obligation, other than one imposed by contract, to which Dickinson Gleeson is subject including its professional and regulatory obligations;
4.2.5. the processing is necessary for the purposes of legal proceedings, obtaining legal advice or establishing, exercising or defending legal rights; and
4.2.6. the data has been given with consent and is being processed for a specific purpose.
4.3. Typical scenarios are shown in the table below:
| Purpose | Type of data we collect/process | Legal basis for processing |
| To provide and improve our services | 1) Contact details, such as names, residential and e-mail addresses, telephone numbers 2) Financial information such as information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, disputes and court proceedings engaged in 3) Any other information you may provide including Special Category Data | 1) Performance of a contract 2) Legitimate interest 3) Consent |
| To comply with our legal and regulatory obligations, including anti-money laundering legislation | 1) Contact details 2) Financial information such as information on source of funds and source of wealth | 1)Legitimate interest / legal obligation |
| To perform a contract which we may have with you, manage our client, intermediary and other business relationships and conduct administrative or operational processes within our business | 1) Contact details 2) Financial information | 1) Performance of a contract 2) Legitimate interest |
| To process and respond to requests, enquiries or complaints received from you or someone connected to you | 1) Contact details 2) Financial information 3) Any other information you may provide | 1) Legitimate interest 2) Consent |
| Should you apply for a position with Dickinson Gleeson, to review and process your application | 1) Contact details 2) Career information 3) Any other information you may provide including Special Category Data | 1) Legitimate interest 2) Consent |
4.4. We do not use automated decision-making in the processing of your personal data.
- Sources and Recipients of data
5.1. The sources of data may include clients, intermediaries, data subjects directly, third parties connected to the data subject (for example, their employer or another service provider who provides services to the data subject) or publicly available material.
5.2. The following is a list of potential recipients of personal data (in each case including respective employees, directors and officers):
5.2.1. Third parties relevant to the legal and other services that we provide. This may include, but is not limited to, counterparties to transactions or litigation (including law firms acting for other parties), other professional service providers, regulators, law enforcement agencies, governmental institutions, tribunals and courts;
5.2.2. To the extent required by law, regulation or court order, for example, if we are under a duty to disclose your personal information in order to comply with any legal obligation such as our AML obligations;
5.2.3. Third party agents/suppliers or contractors, in connection with the processing of your personal information for the purposes described above. This may include, but is not limited to, IT and communications service providers. It may also include disclosures to our own advisers such as auditors and accountants and any external legal advisors which we may instruct from time to time; and
5.2.4. Should you apply for a position with us, we may disclose your personal information for the purposes of seeking references and confirmation of the details which you have provided.
5.3. Where Dickinson Gleeson is entering into an engagement with a third party pursuant to which data may be processed by that third party, we will enter into an agreement with that third party setting out the respective obligations of each party and will ensure we are satisfied that the third party has measures in place to protect data against unauthorised or accidental use, access, disclosure, damage, loss or destruction.
5.4. In the event that we transfer personal data from one jurisdiction to another, we will ensure, prior to carrying out the transfer, that the third party recipient meets the relevant data protection requirements applicable to the data being transferred. This may include only transferring the data where we are satisfied that:
5.4.1.the recipient has agreed through contract to protect the information in accordance with the Data Protection standards applicable to the data being transferred;
5.4.2.the jurisdiction to which the data is being transferred has Data Protection laws similar to those applicable to the data being transferred
5.4.3.we have obtained consent from relevant data subjects to the transfer; or
5.4.4.if transferred to the United States of America, the transfer will be to organisations that are part of the Privacy Shield.
5.5. We will not rent or sell personal data we hold to any other organisation or individual.
- Your rights as a data subject
6.1. The Data Protection (Jersey) Law 2018 provides you with the following rights:
6.1.1. to be informed how your personal information is being used;
6.1.2. to access your personal information and to have it updated, corrected or erased;
6.1.3. to restrict or object to the processing of your personal data; and
6.1.4. to withdraw consent where this is the basis for processing.
6.2. If you would like more information about any of your rights and how to exercise them, please contact us via dataprotection@dgadvocates.com.
6.3. If you choose not to provide personal information or limit our ability to process your personal data using your rights, we may be unable to provide you with the relevant services. We will notify you of this at the time.
6.4. You also have the right to lodge a complaint about the processing of your personal information either with us or with the Jersey Office of the Information Commissioner (https://jerseyoic.org/).
- Retention
7.1. Dickinson Gleeson only keeps data for as long as necessary to fulfil the purposes (as set out above) for which we collected it. Our policy is to retain data in relation to a client matter for at least 11 years from the conclusion of that matter. This is subject to certain exceptions, including where the matter relates to wills and probate, property and conveyancing and trusts, where records may be kept indefinitely, or in instances where the personal data is relevant to a dispute after closure of the matter or where the data cannot be deleted for legal, regulatory or technical reasons.
7.2. Any requests for further information in relation to the continued processing of specific data, and requests for destruction of data, should be sent to dataprotection@dgadvocates.com.
- Security of data
8.1. We will ensure that the personal information that we hold is subject to appropriate and reasonable security measures.
- Changes to this Privacy Notice
9.1. We keep this Privacy Notice under review and any updates will appear on our website at www.dgadvocates.com/privacy.
9.2. We last updated this Privacy Notice on 30 November 2023.
- How to contact us
10.1. All enquiries in respect of this Privacy Notice or any request to exercise any of the rights set out above should be sent to dataprotection@dgadvocates.com or by post at: Data Protection, Dickinson Gleeson, 3rd Floor, Le Gallais Building, 6 Minden Place, St Helier, JE2 4WQ.