Privacy Policy
Introduction. Geoffrey Caesar, is committed to safeguarding the personal information entrusted to us by clients and visitors to this website. We manage personal data in accordance with applicable data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This privacy policy outlines how we collect, use, store, and protect your personal data. By using this website or our services, you agree to the collection and use of information in accordance with this policy.
Information we collect. We may collect personal information that you voluntarily provide to us, for example when you fill out contact forms, schedule a consultation, or communicate with us. This information may include your name, contact details (address, email, phone number), and any other details you provide related to your legal matter. We also collect information as part of client intake (such as business details or case information) when you become a client. In addition, our website may automatically collect limited technical information, such as your IP address, browser type, and pages visited, through cookies or similar technologies. (Please see our Cookies notice on this site for more details about cookie use.)
How we use your information. We use personal information to provide and improve legal services to our clients and to respond to inquiries. Specifically, we may use your data to: respond to messages or inquiries you send us; evaluate whether we can assist you with a legal matter; carry out our obligations arising from any contracts between you and us (for example, to perform legal services you have engaged us for); process payments (if you pay through our online system); send administrative information such as updates or appointment reminders; and comply with our legal and regulatory obligations. We will only use your information for the purpose it was collected, and we do not sell your personal data to any third parties.
Lawful basis. Our lawful bases for processing personal data include performance of a contract (where we are providing you legal services), legal obligations (such as record-keeping requirements or compliance with anti-money laundering laws), and legitimate interests (for example, responding to inquiries from potential clients or improving our services). If we ever process your data based on consent (for instance, if you subscribe to a newsletter or marketing communication), you have the right to withdraw that consent at any time.
How we share data. We treat your personal information as confidential. We may share your data with trusted third parties or service providers who help us deliver our services – for example, our practice management software provider (Clio) which securely stores client files and data, or an affiliated law firm if we refer or collaborate on a matter (with your knowledge). Any third-party service providers are contractually bound to handle your data securely and only for our specified purposes. We may also share information if required by law or regulation, such as pursuant to a court order or SRA investigation. Otherwise, we will not disclose your personal information to others without your permission.
Data security. We take data security very seriously. Your information is stored on secure servers and we employ industry-standard encryption technologies to protect data transmitted through our client portal and website. For example, any communications through our online Client Portal or payment system are protected by 256-bit SSL encryption (the same level of security used for online banking). We also implement administrative and technical measures to prevent unauthorised access to data. Despite these measures, please note that no method of transmission over the internet is 100% secure; however, we continually update our security practices in line with industry standards to minimise risks.
Data retention. We retain personal data only for as long as necessary to fulfil the purposes for which we collected it, including any legal, accounting, or reporting requirements. In most cases, for clients, this means we will retain files and personal information for a minimum of six years after the conclusion of your matter, in line with standard legal practice, after which it may be securely destroyed. Information collected from prospective clients who do not engage our services may be kept for a shorter period, unless there is a legitimate reason to retain it longer (for example, to follow up on a query or as required by law).
Your rights. You have certain rights under data protection law in relation to your personal data. These include the right to access a copy of the information we hold about you, the right to request correction of any inaccurate data, the right to request erasure of your data (where applicable), the right to restrict processing of your data, and the right to data portability. You also have the right to object to certain processing (for instance, you can object to receiving any direct marketing, though we currently do not engage in mass marketing). To exercise any of these rights, please contact us using the details below. We may need to verify your identity before fulfilling certain requests.
Contact and complaints. We welcome any questions or concerns about your personal data. If you would like to exercise your rights or have questions about this privacy policy, please contact us (you can reach us through the contact information provided on this website). We will do our best to address your concerns. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO), which is the supervisory authority for data protection issues. The ICO’s website is www.ico.org.uk. Geoffrey Caesar is registered with the ICO under registration number ZB905094.
Updates to this policy. We may update this privacy policy from time to time to reflect changes in the law or our privacy practices. Any updates will be posted on this page with a revised effective date. We encourage you to review this page periodically to stay informed about how we are protecting your information.