Privacy Statement

Introduction and Contact Information

This privacy statement tells you what to expect when we collect your personal information. We will explain what data we hold about you, how we collect and use your data and whether we share it with other organisations.

We are the data controller for the purpose of data protection legislation and we are registered with the Information Commissioner’s Office. If you want to ask us for information about your data or this privacy policy, please contact the Information Security Officer at Helmont House, Churchill Way, Cardiff, CF10 2HE or by email at and we will respond to you directly.

We have purposely drafted this notice to be clear and concise so it is a summary of how we collect and use your personal information. If you would like more details about how we collect and use your personal information you will find this in our terms of business on our website Terms of Use Policy and in letters or documents we send to you. If you cannot find the information you would like, please contact us.

This privacy notice applies to:

  • Visitors to our websites and use of Cookies
  • Information we obtain about you
  • How we use your information
  • Sharing your information
  • Where we store your personal information
  • International data transfers
  • Your rights of access to information
  • Other rights you might have
  • Complaints
  • Changes to this privacy statement

Visitors to Our Website and Use of Cookies

When someone visits our website we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. Cookies help us to provide you with a good experience when you browse our website and allow us to improve our site. You can read more about how we use Cookies and Google Analytics within our Cookies Policy on our website.

Information About You

You will give us most of the information we will hold about you; this is generally done when you communicate with us and is likely to include your name, address, e-mail address, telephone numbers, financial information and, where relevant, information about any incident or matter in which you may have been involved, including any injuries suffered, other parties involved and further information relevant to the services we offer.

Sometimes information about you will come from other organisations such as those referring your matter to us, an insurer or insurance broker, or someone else who provides you with goods or services. These businesses will be data controllers themselves and we encourage you to read their privacy notices for information about how they deal with information about you. We also work closely with other third parties (including, for example, expert witnesses and other professional advisors) and we may receive information about you from them. We routinely make checks against the Government’s financial sanctions targets list. Any witnesses are also likely to provide information about you.

We hold information about you for at least seven years after the conclusion of all services or, if longer, the conclusion of any other dealings with you and in line with our retention policy. Your information will be held securely.

If we speak with you about the legal services we can provide to you, but you do not subsequently become a client (or the person you represent does not become a client) it is our practice to delete your personal data after 12 months.

How We Use Your Information

Our Services and Products

We use your information to deal with enquiries you make about our services, to provide legal services to you and to notify you about changes to our services.

If we have asked for your consent to use your data you may withdraw that consent at any time by contacting the Information Security Officer via the contact details above.

We will seek feedback about your experience to analyse and improve our services and products.


We may provide you with information about our services that you have used or asked about and our related services. If you do not wish to receive that information, please notify our office in writing.

Sharing Your Information

We have a legitimate interest to share your information with other organisations and we want to make it clear to you when this will happen. Our work for you might require us to give information and data to third parties such as expert witnesses and other professional advisors. Any information you provide to us may also be shared with and processed by our service providers, insurers and regulators. We may share your personal information with any of our group of companies; this means the company that owns us and any companies they own or control, this may be to provide services to you.

As we offer products and services to you that we may not provide ourselves, we share your information with other approved suppliers; sometimes these organisations will supply their services directly to you (typically medical agencies and underwriters of insurance products we distribute), on other occasions they will be our sub-contractors.

We share your information with organisations, such as our business partners which will include organisations that put you in touch with us and who are themselves data controllers, and organisations that process your information on our behalf and under our direction. Where we share your information with other data controllers it is to honour the obligations we have to you or because they or we have some other good reason to do so, such as the provision of management information about how we have supplied services to you or to deal with complaints.

We will tell you who has introduced you to us. If you have any questions or concerns, please get in contact with us using the contact details above.

Other Occasions When We May Share Your Information

All information you provide to us is stored on secure servers. We may from time to time need to store your data on third party servers or to use technical software during your matter hosted by a third party and where necessary data is held on secure cloud based servers.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

International Data Transfers

We do not generally process personal information outside of the European Economic Area but should this occur from time to time (for example our use of Google Analytics involves some personal data being transferred to the USA), it will be done only in a way that complies with current laws and regulations.

Access to Information

You may obtain the information we hold about you by making a written request to us using the contact details above.

Subject to compliance with any laws and regulations, when you ask us about the information we hold on you we will give you confirmation that your data is being processed, access to it and any other supplementary information we consider relevant to your request.

Your Other Rights

In addition to having access to your information (see above) and your right to the information set out in our privacy statements you have the rights to ask us to rectify any incorrect information about you, to delete information we hold about you, to restrict what we do with information about you, to require us to send information we hold about you either to you (or someone you designate) in a commonly used machine readable form, additionally you may object to how we are using information about you and the right not to have automated decisions made about you.

The above rights are not all absolute and whether you can use one of these rights may depend on the way we obtained your information or the legal basis on which we use your personal information. More information about how and when you can exercise these rights is available from the Information Commissioner’s Office.

You can ask us to stop using your information for marketing at any time by notifying our office via the contact details above.

Additionally, if you have provided your consent to process information about you for any other purpose (excluding providing services) you can withdraw your consent by contacting us via the contact details above.


We are committed to protecting and respecting information about you in compliance with relevant laws and regulations and for this reason we take complaints we receive about this very seriously. Please address any concerns to us at the contact address given above for the attention of the Information Security Officer or via We encourage you to contact us directly if you are unhappy, but if you are not satisfied with our response or if you prefer not to raise the issue with us, you may at any time complain to the Information Commissioner’s Office or one of its regional offices.

  • Scotland – Information Commissioner’s Office, 45 Melville Street, Edinburgh EH3 7HL – 0131 244 9001
  • Wales – Information Commissioner’s Office, 2nd Floor, Churchill House, Churchill Way, Cardiff CF10 2HH – 02920 678 400
  • Northern Ireland – Information Commissioner’s Office, 3rd Floor, 14 Cromac Place, Belfast BT7 2JB – 02890 278 757 / 0303 123 1114

Links to Other Sites

This privacy notice does not cover the links within this site linking to other websites. These websites have their own privacy statements and we encourage you to read the privacy statements on the other websites you visit.

Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.