Privacy Notice

MSM Solicitors Limited is committed to protecting your privacy and the confidentiality of your personal information. This privacy notice explains how we collect, use and protect your personal information

  1. Introduction
    1. This Privacy Notice explains your privacy rights and how we gather, use and share your personal information. That includes the personal information we already hold about you now and the further personal information we might collect about you, either from you or from a third party. How we use your personal information will depend on the services we provide to you.
    2. This Privacy Notice provides information about how we use your personal information and will update any previous information we have given you about using your personal information (also referred to as personal data).
    3. We are the controller of your personal information under applicable data protection legislation, unless otherwise stated in this Privacy Notice or otherwise provided for in applicable data protection legislation
    4. If you have any queries regarding our use of your personal information, please contact Graeme W. McGowan at gwm@msmlaw.co.uk or at 51 Moss Street, Paisley PA1 1DR.
    5. If your personal details change or if you change your mind about any of your marketing preferences, please contact us at mail@msmlaw.co.uk, or by post to 51 Moss Street, Paisley PA1 1DR
    6. In this Privacy Notice, the terms “we”, “us” and “our” refer to MSM Solicitors Limited.
  2. Your Privacy Rights
    1. You can exercise any of your rights by contacting us at mail@msmlaw.co.uk, or by post to 51 Moss Street, Paisley PA1 1DR
    2. Any requests received by MSM Solicitors Limited will be considered under applicable data protection legislation. If you remain dissatisfied, you have a right to raise a complaint with the Information Commissioner’s Office at ico.org.uk.
      Right to be informed This Privacy Notice informs you about the collection and use of your personal information.
      Right to access You have a right to request access to the personal information that we hold about you by making a “subject access request”.
      Right of rectification If you believe that any of the personal information that we hold about you is inaccurate or incomplete, you have a right to request that we correct or complete that personal information.
      Right of erasure If you wish us to delete the personal information that we hold about you, you may request that we do so in certain circumstances.
      Right to restrict processing You have a right to request that we restrict the processing of the personal information that we hold about you for specific purposes.
      Right to object You have a right to object to us processing your personal information in certain circumstances.
      Right to portability You have a right to obtain and reuse the personal information that we hold about you for your own purposes in certain circumstances
      Rights related to automated decision-making Where we undertake any automated decision-making and profiling, you have certain rights in relation to such processing.
  3. The categories of personal information we use
    1. MSM Solicitors Limited use a variety of personal information depending on the legal services being delivered.
    2. In all cases, we need to use your name, address, date of birth, contact details and information to allow us to check your identity.
      Contact and socio-demographic information In all cases, we need to use your name and contact details, including your postal address, email address and phone number. We will use this data and your date of birth to allow us to check your identity to meet our legal obligations. We may also use your date of birth to allow us to determine how long we will retain historic wills.
      Race, ethnic origin, politics, religion, trade union membership, sex life, sexual orientation These special categories of personal information may be required in employment cases, for example if you are raising a claim for discrimination or unfair dismissal. They may also be used in matrimonial cases (for example, divorce) and other forms of litigation, criminal defence or mediation.
      Health and medical information This personal information will be used in various cases, including personal injury cases, employment cases, criminal defence, matrimonial cases, cases where we are supporting individuals who have a vulnerability (for example arranging powers of attorney), other forms of dispute resolution.
      Criminal offence data This personal information may be processed in relation to criminal defence, litigation cases, employment cases, matrimonial cases and other cases. This information may also be used in all cases in relation to due diligence required for fraud prevention, and/or anti-money laundering to meet our legal obligations.
      Information relating to financial status or position Funds received from or for an individual or made in relation to a client’s matter (e.g. to pay for the legal service, to pay for outlays incurred by us on your behalf, to pay in settlement of a claim, property purchase/sale, other asset purchase/sale). We do not store credit or debit card details, but will use them to process payments made.
      Information relating to payment, credit and debits. You have a right to object to us processing your personal information in certain circumstances.
      Personal information contained in communications with individuals across different channels. Copies of letters received by or sent to us, information relating to emails received by or sent by us, file notes, other information or logs about when communication has taken place (rather than the content of that communication), and/or information you supply when contacting us through our website.
      Social relationships Personal information relating to an individual’s family and social relationships including status of spouse/partnerships, wider family including parental and caring status may be used in a range of types of cases.
      Open data and public records Personal information relating to individuals that are, or can be, collected from public or open sources. These do not necessarily have to be collected from open data/public records, and may come from other sources (e.g. from you directly, or from your other advisors or solicitors on the other side of the transaction). This may include information about an individual’s bankruptcy, information about a public office held by an individual, information about inhibitions, information about ownership of land held by the Land Register, Register of Inhibitions, Companies House, information from courts or tribunals, information from credit agencies to verify an individual’s identity, information from Royal Mail and/or other data sources which we use to verify the accuracy of our client postal addresses.
      Consents Personal information relating to permissions, consents or preferences given to us by individuals, including marketing permissions, contact permission, marketing preferences, mandates to contact employers, other solicitors, and/or GPs and other medical specialists.
      National Identifiers Unique identifiers attributed to an individual from a government department, such as Tax ID, National Insurance Number, and/or passport number. This information may be used as part of our customer due diligence measures for identifying individuals to meet our legal obligations. The information may also be used in different types of cases including conveyancing, trusts, personal tax, and employment.
      Technical When you visit our websites and use other systems, we may collect personal information to monitor usage. This could include your IP address, operating system and browser type. This will be used to improve our websites, systems, and for research into service delivery.
  4. How we gather personal information
    1. We obtain personal information from a wide range of sources:
      1. Directly from you or your representative, for example when you submit details through our websites, sign up for estate agency mailing lists, sign up to receive marketing communications, contact us in writing, by email, in person, by telephone, or by any other method.
      2. From information you or your representative have made publicly available.
      3. From other people you know, including family members, and people you are financially linked to, and their representatives. This also includes organisations and individuals who are our clients in circumstances where you are party to, or otherwise involved in, a matter on which we are instructed, for example as a witness, beneficiary, guarantor, buyer, seller, debtor, defender, pursuer, employee, or employer.
      4. From other organisations which have referred you to us, for example estate agents, accountants, financial advisers, other solicitors, insurance companies, banks.
      5. From open data and public records, for example from various registers (Land Register, Register of Inhibitions, Companies House, OSCR, etc.) and credit to verify the identity of our clients and beneficial owners to assist us in complying with our legal obligations.
  5. How we use your personal information
    1. How we use your personal information
      1. We use personal information to allow us to respond to you and communicate with you regarding your instructions, questions, comments, support needs, complaints or concerns.
    2. Using client information
      1. When you become our client, we will collect, store and use the personal information that you provide to us in your instructions and during the course of our solicitor/client relationship.
      2. We need to collect personal information so that we can perform our obligations under our service agreement with clients. We will use such personal information to:
        1. provide clients with legal advice, including communicating with them by email, letter and/or telephone, etc. in connection with the services that we provide;
        2. provide clients with legal advice, including communicating with them by email, letter and/or telephone, etc. in connection with the services that we provide;
        3. provide clients with legal advice in respect of the matter(s) upon which we are instructed to provide advice; and/or
        4. process and make payments in connection with such matter(s).
      3. If clients do not provide us with all of the personal information that we need to collect in order to perform our obligations under our service agreement, then this may affect our ability to provide them with legal advice and/or represent them as their solicitors.
      4. We may also process personal information for purposes relating to the provision of services we provide including updating, reviewing and enhancing client records and undertaking analysis for management purposes.
    3. Business clients and other stakeholders
      1. For business clients (including bodies corporate, public bodies and/or charities), we will use personal information about key individuals in the business, so that we can operate and administer the services which we provide
      2. To comply with our legal obligations to prevent financial crime (see 5.4 below) we will complete due diligence steps by using personal information about key individuals who are either a sole trader of the business or are a proprietor, director, company secretary, shareholder, partner, member, committee/board member, trustee, charity trustee, controller, beneficial owner or authorised signatory to the account of the business.
    4. To comply with our legal obligations to prevent financial crime
      1. To comply with our legal obligations to prevent financial crime including money laundering under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, we will use personal data including name, address, date of birth, country of residence/citizenship, personal identification (which may include passport number or driving licence number), information about any criminal convictions, information about roles held in public office, and information about your status as or your relationship and association with a politically exposed person.
      2. We will give personal information to and receive personal information from third parties where that is necessary to meet our legal obligations, including credit reference agencies, fraud prevention agencies, the police and other law enforcement and government agencies, and regulators.
      3. We may use the personal information described in 5.4.1 above in a an electronic identification verification service system to verify the identity of individuals and to check if they are on a Financial Sanctions watch list or if they are a politically exposed person or a relative or close associate of a politically exposed person.
    5. To comply with regulatory obligations
      1. We will provide our regulator, the Law Society of Scotland, with names of individuals for whom our solicitors act under Powers of Attorney.
    6. Other parties
      1. We will process personal information of individuals who are not our client, but have a relationship with our client as described in 4.1.3 above.
      2. We will obtain such personal information from the sources described in 4 above, which will include the same categories of information described in 3 above.
      3. We will use this information to comply with our duty as a legal adviser to our client, which is a regulatory requirement on us as a firm of solicitors regulated by the Law Society of Scotland. We may have a duty to disclose information to our client where relevant to their case (for example information about earnings in a divorce matter).
    7. Financial management and debt recovery
      1. We may give personal information to and receive personal information from third parties where that is necessary to recover debts due by you to us, for example, credit reference agencies and sheriff officers.
    8. To market services to you
      1. We will use contact details provided by our clients and information on the services clients have used to assess what services would be most beneficial to them. For example, where we hold a client’s will, we will use the date of the last will review, and write to the client to advise them to consider updating their will around five years after the last review date.
      2. We may send out invitations to events and seminars that we run, which we think would be of interest.
    9. Automated decision making and profiling
      1. We do not use personal information to make decisions solely by automated means without any human involvement.
      2. As described in 5.4.3 above, we may use a system to evaluate individuals to assist us in complying with our legal obligations under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
    10. Online Activity
      1. Our website may, from time to time, contain links to and from other websites operated by third parties. These are provided for your information and convenience only. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
  6. Our legal basis for using your personal information
    1. We only use your personal information where that is permitted by the applicable data protection legislation. We only use personal information where:
      1. we have your consent (if consent is needed);
      2. we need to use the information to comply with our legal obligations
      3. we need to use the information to perform a contract with you, including taking steps to enter into a contract with you; and/or
      4. it is fair to use the personal information either in our interests or someone else’s interests, where there is no disadvantage to you – this can include where it is in our interests to promote our services by sending clients communications with information for upcoming events and legal updates; inviting clients as guests to our events.
    2. Where we use personal information under 6.1.4 above, you may contact us at mail@msmlaw.co.uk to opt out of receiving communications or select the types of communications that you would like to receive or update your preferences through our client portal.
    3. Where we have your consent, you have the right to withdraw it at any time.
  7. Sharing personal information
    1. We may be required to share personal information with statutory or regulatory authorities and organisations to comply with statutory obligations imposed both upon us and upon you in respect of the matter(s) upon which we advise. Such organisations include the Law Society of Scotland, Department of Work & Pensions, HMRC, Scottish and UK courts, Registers of Scotland and / or local authorities.
    2. We may also share personal data with our or your other professional advisors for the purposes of taking advice and the event of any legal claims.
    3. Where we employ third party suppliers to provide services on our behalf, including cashroom and archiving services, these suppliers may process personal data on our behalf as “processors” and are subject to written contractual conditions to only process that personal data under our instructions and protect it.
    4. We may be required to share personal information with other organisations, which during the course of our providing services on a matter may be contracted to supply a service related to such matter, which we are not in a position to provide. Depending on the nature of your instruction to us, this may include sheriff officers, property search companies, Companies House, expert witnesses, translators, local agents, accountants and / or auditors.
    5. In the event that we do share personal information with external third parties, we will only share such personal data strictly required for the specific purposes and take reasonable steps to ensure that recipients shall only process the disclosed personal data in accordance with those purposes.
  8. Storing personal information
    1. We will protect your personal information in order to prevent unauthorised access to, or use or disclosure of, your personal information through a number of organisational and technical security measures. Your personal information is stored on our systems to which access is both physically and electronically controlled.
    2. For the purposes of IT hosting and maintenance, the personal information we hold is located on servers within the European Union
    3. Our staff receive data protection training and we have detailed data protection and information security procedures in place
  9. How long we keep your personal information for
    1. We will retain your personal information for as long as is required to comply with our obligations set out above, unless you ask us to return any copies of it to you or send it to a third party.
    2. We have a data retention policy that sets out the periods and rules for retaining and reviewing all information that we hold. This sets out different retention periods, which depend upon the nature of the information, and you can request details by contacting us at mail@msmlaw.co.uk.