HALLIDAY REEVES SOLICITORS – PRIVACY POLICY

Last updated: December 2025

Halliday Reeves Solicitors (“we”, “us”, “our”) is the controller of the personal data we collect. As the controller, we are responsible for deciding how and why your personal data is used. “Processing” includes collecting, storing, using, sharing and deleting your personal data.

This Privacy Policy explains why and how we process your personal data and outlines the rights you have under data protection law.

1. Who We Are

Halliday Reeves Solicitors is authorised and regulated by the Solicitors Regulation Authority (SRA ID: 67788). A list of Partners is available from our registered office.

We are registered with the Information Commissioner’s Office (ICO), registration number Z5234132.

2. The Legal Framework We Follow

We process personal data in accordance with:

• UK General Data Protection Regulation (UK GDPR)
• Data Protection Act 2018
• Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019
• Relevant provisions of the European Union (Withdrawal) Act 2018

References to “GDPR” in this Policy refer to the UK GDPR.

3. What Personal Data We Collect

We may collect the following categories of personal data:

Basic personal data

• Name, address, date of birth
• Contact details
• Identification documents
• Financial information where required for your matter

Special category data

• Racial or ethnic origin
• Religious or philosophical beliefs
• Health or medical information
• Biometric data
• Sexual orientation (where relevant)

Criminal offence data

Where relevant to your immigration or legal matter.

Website and technical data

• IP address
• Browser and device details
• Information submitted through enquiry forms

We may receive information directly from you or from the Home Office, courts, referrers, barristers, experts, or other professionals.

4. If You Do Not Provide Personal Data

If providing personal data is a legal requirement (for example, identity checks) or necessary for providing legal services, we may be unable to act for you if the information is not supplied.

5. Personal Data Received From Third Parties

We may receive personal data about you from:

• Court documents
• The Home Office or UKVI
• Barristers and experts
• Referrers or previous advisers

This data is treated with the same care and protection as data provided directly by you.

6. Why We Process Your Personal Data

We process your personal data to:

• Provide legal advice and representation
• Verify your identity and comply with anti-money laundering laws
• Communicate with you about your matter
• Maintain accurate file and case management records
• Manage payments, invoicing and accounts
• Respond to enquiries or complaints
• Meet our regulatory requirements (SRA, LAA, ICO)
• Operate and improve our website

Legal bases for processing

We rely on the following legal bases under the UK GDPR:

• Article 6(1)(b): performance of a contract
• Article 6(1)(c): compliance with a legal obligation
• Article 6(1)(f): legitimate interests
• Article 9(2)(f): processing necessary for legal claims
• Article 9(2)(g): substantial public interest
• Article 9(2)(a): explicit consent (only where necessary)

Some of the work we undertake requires the handling of special category data related to your matter.

7. Who We Share Your Personal Data With

We may share your data with:

• The Home Office, UKVI and HM Courts & Tribunals Service
• Other legal professionals including Barristers, interpreters, experts and translators
• Our secure IT and cloud service providers
• Financial auditors and SQM assessors
• Confidential waste destruction providers

We never sell personal data.

8. Website Use and Cookies

When you use our website, we may collect technical data such as IP address, browser type and usage behaviour.

Any enquiry form on our website will include a short privacy notice explaining how your data will be used and linking back to this Policy.

Cookies help us to operate and improve our website. You can disable cookies in your browser settings, but some website features may not work correctly.

9. International Transfers

We usually store personal data within the UK or EEA.

Where transfers outside the UK/EEA are necessary (for example, where an overseas Home Office post is involved), we ensure appropriate safeguards, such as:

• Standard Contractual Clauses
• Adequacy regulations
• Additional technical and contractual protections

10. How We Store Your Data

Your personal data may be stored in:

• Secure UK-based servers
• Secure cloud systems within the EEA
• Paper files within our offices

We use access controls, encryption and other measures to protect your information.

11. How Long We Keep Your Data

We retain personal data in line with:

• Statutory obligations
• SRA and Legal Aid Agency requirements
• Limitation periods for legal claims

We will tell you the specific retention period applicable to your matter when your case concludes.

After the retention period expires, we will securely destroy your data unless legally required or justified to retain it longer.

12. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate or incomplete information
• Request deletion of your data
• Object to certain types of processing
• Request restriction of processing
• Request the transfer of your data (data portability)
• Withdraw consent, where consent is relied upon
• Not be subject to automated decision-making or profiling

13. Exercising Your Rights

To exercise your rights or make a data protection enquiry, please contact:

Data Protection Manager: Eddie Simpson
Email: management@hallidayreeves.com

We may request proof of identity before processing certain requests.

14. Complaints to the Information Commissioner

You may complain to the ICO at any time via:
https://ico.org.uk

15. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on our website.