Data Protection Privacy Policy – Joanne Cowie Notary Public Ltd

Introduction

The business of Joanne Cowie Notary Public Limited of LevelQ Offices, Surtees Business Park, Stockton-on-Tees, TS18 3HR, trading as Joanne Cowie Notary Public, (the Business), is registered with the Information Commissioner’s Office (ICO) under reference number ZA483578.

You should read this policy carefully and if you have any questions about this Privacy Notice contact Joanne Cowie at the address above, by telephone 07776264334 or by email jc@joannecowienotarypublic.co.uk

The Business will process your personal information and that of third parties as set out in this Privacy Notice for the purpose of providing you with notarial services and all usual associated services thereto, (the Services). If any changes are made to this Privacy Notice they will be posted on the Business Website and your continued use of the Services will be deemed to be your acceptance and acknowledgment of the amended Privacy Notice.

Indemnity

You shall and you hereby agree to indemnify the Business and any affiliates, officers, employees, agents and sub-contractors, (each of whom is an ‘Indemnified Party’) from and against any claims, losses, demands, actions, liabilities, fines, penalties, reasonable expenses, damages, settlement amounts, including reasonable legal fees and costs, incurred by any Indemnified Party arising out of or in connection with any breach by you of the warranties included in the paragraphs which follow.

What information do we collect?

The Business may process personal information and special categories of personal information about you and other data subjects, which you may provide in connection with the Services.

‘Personal information’ means any information relating to an identified or identifiable natural person, known as a ‘data subject’, who can be identified directly or indirectly. This may include name, address, email address, phone number, IP address, location data, cookies and similar information. It may also include ‘special categories of personal information’, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, and information concerning sexual orientation and behaviour.

For the Business to provide the Services, the provision of certain personal information is mandatory to enable the Business to comply with its statutory compliance obligations. You warrant on a continuous basis that such personal information is accurate, complete and up to date. Failure to do so may result in the documents produced by the Business for you, being rejected by recipient bodies/persons which may result in a delay or the incurring of further costs by you, for which the Business cannot be held responsible.

In respect to the personal information of data subjects, you also warrant to the Business on a continuous basis that, where applicable, you are duly authorised to share that personal information with the Business in connection with its provision of the Services and where another data subject is referred to, that you have obtained explicit consent from that data subject(s) to the inclusion of personal information relating to them and can provide evidence of that consent, if required. You further warrant that such personal information is accurate, complete and up to date and should transfer of personal information to foreign organisations be required in connection with the Services, that you have provided or have explicit consent for the transfer of that personal information on that basis.

How do we use personal information?

The Business will only process personal information in accordance with the applicable law for the following purposes:

Compliance with all applicable law, including but not limited to compliance with Notarial Practice Rules and the prevention of fraud;

Replying to your enquiries, requests and other communications;

Provision of the Services;

Enabling suppliers and service providers acting on behalf of the Business to assist in the provision of the Services, for example, web hosting, email account administration, identity verification, technical support, data storage, postal and courier services, legalisation support and any other functions needed by the Business from time to time to provide the Services;

Compliance with legal obligations;

  • Ensuring security of all aspects of the Business;
  • Running the Business, including development and improvement in the delivery of the Services, complaint resolution and the resolution of any administrative issues;
  • personalisation of content, business information or user experience;
  • account set up and administration;
  • delivering marketing and events communication;
  • carrying out polls and surveys;
  • internal research and development purposes;
  • meeting internal audit requirements.

What legal basis do we have for processing your personal data?

The legal basis for our processing of personal information for the purposes described above will ordinarily include the following:

  • processing needed to fulfil a contract we have with you or other data subjects to provide the Services;
  • Processing needed for our or a third party’s legitimate interests, carried out based on the legitimate interests of the Business to ensure the Services are properly provided and that the security of the Business, its proper administration and the security of its clients is upheld;
  • Processing needed for compliance with all legal obligations to which the Business is subject;
  • Any other applicable legal grounds for processing identified by the Business from time to time.

When do we share personal data?

We will treat personal data confidentially. There are circumstances when we might disclose or share it. For example, when necessary to provide the Services or conduct our business operations or when we are compelled to do so. Examples include:

  • Any subsidiary and associated offices;
  • Our suppliers and service providers to facilitate provision of the Services. Couriers, Consular Agents, identity verification agencies, translation bureaux, IT consultants;
  • Public authorities;
  • Professional organisations;
  • Foreign organisations;
  • Any other third party you authorise;
  • Successor notarial practice, (on a temporary or permanent basis).

The Business has security measures in place to prevent unauthorised access to your personal information.

The security of any information transferred via the internet cannot be guaranteed. Whilst we do what is reasonable to keep our systems secure, we do not have control over all of the processes described and you should consider how best to transfer confidential materials to us before you send them electronically as we cannot and do not accept responsibility for the security of your information which you transmit to us electronically, via the internet.

Where do we store and process personal data?

We may need to transfer your personal information to third party outside of the country in which it was originally collected for the purpose of providing the Services. We may need to transfer your personal information to foreign Embassies and Consulates in the United Kingdom or abroad. Those organisations will process personal information pursuant to the laws to which they are subject. The Business has no control over that processing. If the Business needs to transfer personal information to private organisations outside the United Kingdom, it will ensure your privacy rights are adequately protected by contractual, technical or other lawful means.

How long do we keep your personal data for?

Your personal information will be retained for as long as required for the purposes set out above or as is required by law. The Notaries Practice rules require notarial acts in Public Form to be preserved indefinitely. Other notarial records will be kept for a minimum period of 12 years. Any personal information stored on remote data facilities will be kept in an encrypted form.

Data which is no longer required will be securely disposed of.

Your rights in relation to personal data

Under the GDPR, we respect the right of data subjects to access and control their personal data. Data subjects have a number of rights, which include those set out below. For a full and detailed explanation you can visit the ICO website.

  • Data subjects can make a subject access request (SAR) to access personal information. Requests must be in writing;
  • Data subjects can request correction and deletion of any inaccurate or incomplete personal data;
  • Data subjects can withdraw consent (if processing data on condition of consent) but the lawfulness of any of the Services provided by the Business prior to this withdrawal will not be affected;
  • Data portability enables a request to be made for transfer of personal information by data subjects;
  • Data subjects can request restriction in respect of processing of personal information. The Business will comply so long as there is no legitimate reason for not doing so;
  • Data subjects can lodge a complaint with the Information Commissioner’s Office but if you have any concerns at all, please do not hesitate to ask us and contact us at the address above.

Data subject rights may be limited. For example, if fulfilling the data subject request may expose personal data about another person, or if the Business is being asked to delete data which we are required to keep by law.

Use of cookies and other technologies

Cookies, tracking and similar technologies to store and manage user preferences on the Business website to facilitate advertising, enable content or otherwise analyse user and usage data are used. Please see cookies information which enables you to control and manage them.

Linking to other websites / third party content

Any links to external sites and resources from the Business website, does not constitute endorsement, and we do not take any responsibility for the content (or information contained within) any linked website.