top of page

Privacy Notice

Last updated: February 10, 2025

 

Greymore is committed to safeguarding the privacy and security of personal information collected from website visitors, clients receiving legal or other professional services, and third parties who interact with us or submit information, including but not limited to job applicants (collectively referred to as “you”).

 

We may collect, use, disclose, and otherwise process personal information in accordance with applicable data protection laws when providing legal services, managing our business operations, and operating our website (“Site”) that links to this Notice. 

 

This Privacy Notice ("Notice"), together with any other referenced documents, sets out the types of personal information we collect, how we collect and process that information, with whom we may share your personal data in connection with the legal services we provide, and your rights and choices regarding the protection of such personal information.  

 

In certain cases, we may provide additional privacy notices specific to particular services or processing activities. These notices are intended to supplement this Privacy Notice and should be read in conjunction with it.

 

Please read this Notice carefully to understand how we handle your personal information. If you have any questions about how we process your personal data, please contact us via our Digital Form.

 

Important Personal Information and Who We Are

London Sol Limited (“Greymore”, “we” or “our”) is a company registered in England and Wales under company number 11018305, with its registered office at Unit 3 Fountayne Business Centre, Broad Lane, London, United Kingdom, N15 4AG.

Greymore is the data controller of your personal information. We process personal information in compliance with applicable data protection laws, including, where relevant, the General Data Protection Regulation (EU GDPR) and the retained EU law version of the General Data Protection Regulation as defined in the Data Protection Act 2018 (UK GDPR).

 

Personal Information We Collect About You

The personal information we collect about you depends on the specific activities you engage in through our Site and the legal services we provide. How we use your personal data, and where relevant, our legitimate interests, are detailed below:

 

Legal Services

We may collect personal information to provide legal services to you or your organisation, to fulfil our contractual obligations, and to manage other professional and operational matters on behalf of our clients. Depending on the nature of the services provided, the types of personal information we typically collect include:

 

  • Identity and Contact Information: Your name, postal address, personal and/or work phone number, personal and/or work email address, date of birth, marital status, and other personal data relevant to your preferences in relation to our services;

 

  • Business Information: Details regarding your employer, job title, position, and any information provided during the course of the contractual or client relationship between you (or your organisation) and Greymore, or information otherwise voluntarily provided by you or your organisation;

 

  • Information Relevant to Legal Advice: This may include personal data relevant to the matters for which we have been instructed to provide legal services, such as information related to disputes, grievances, investigations, arbitration, or other legal matters.

 

  • Financial Information: Bank account details, transaction records, and other financial information necessary for billing, invoicing, and related purposes;

 

  • Government Identifiers: Identification numbers, passport information, driver’s licence details, national insurance numbers, or other government-issued identification;

 

  • Regulatory Compliance Information: Information required to meet Know Your Client (KYC) and Anti-Money Laundering (AML) regulatory obligations, including data collected during our client onboarding process. This may include copies of identification documents (e.g., passports), proof of address, and other due diligence documentation.

  • Sensitive information: In the course of providing legal services, we may collect and process sensitive personal data where necessary. This may include information relating to your health, disabilities, criminal records, religious or philosophical beliefs, trade union membership, racial or ethnic origin, and sexual orientation. Sensitive information requires a higher level of protection, and we will process such data only where necessary for legal proceedings, the provision of legal advice, or for the establishment, exercise, or defence of legal claims.

 

We handle all personal data collected from or on behalf of our clients in strict compliance with client confidentiality obligations, legal professional privilege, and the terms of our engagement. To support the efficient management of our legal operations and client data, we may utilise secure, cloud-based platforms that are designed to ensure the highest levels of security and compliance with legal industry standards.

 

Functionality of our Site

When you visit our Site, we may automatically collect, store, and process certain information about your interactions with the Site. We use this information to ensure the Site operates smoothly, securely, and efficiently. This data helps us (i) optimise your browsing experience, ensuring you can easily access the pages you need; (ii) ensure the Site displays correctly and performs effectively across different devices and browsers; (iii) improve the Site’s features over time based on user interaction patterns; (iv) enhance security by detecting and preventing unauthorised access, potential security threats, or interference; and (v) protect our legal rights if issues related to misuse or unauthorised activities arise.

Additionally, we analyse this data to better understand how you use the Site, allowing us to continuously enhance your user experience. The types of Personal Data we may collect may include:

  • Browser and Technical: Your browser type and version, device type and model, internet service provider (ISP) details, Internet Protocol (IP) address, time zone settings, browser plug-in types and versions, and information about your operating system and platform.

 

  • Activities and Usage Data: Information about your interactions with the Site, including the content you view, features you access, how you engage with content, search terms entered, navigation patterns, time spent on specific pages, and any materials you have shown interest in, registered for, or requested.

 

We, along with third-party service providers acting on our behalf, may use cookies and similar tracking technologies to collect information from your device when you access and interact with the Site. For more details on how we use cookies and how you can manage your cookie preferences, please refer to Section 7 Cookies and Similar Technologies.

Recruitment

We collect personal information from applicants and potential candidates as part of our recruitment process. This information may be collected directly from you, through recruitment agencies, job application platforms, or from other third parties involved in the hiring process. 

The types of personal information we may collect during the recruitment process include:

 

  • Identity and Contact Information: Your full name, telephone number, and email address;

  • Resume and Application Information: Details from your CV, cover letter, and other application materials, such as your education, employment history, professional references, qualifications, certifications, position preferences, skills, and areas of interest;

 

  • Interview and Assessment Information: Any information you choose to share with us during interviews, assessments, or other stages of the recruitment process.

 

  • Additional Job Applicant Information: Your gender, date of birth, place of birth (including country and city), and nationality.

 

Where necessary, we may also collect information regarding your health or disabilities to make reasonable adjustments during the recruitment process, such as facilitating job interviews or assessments.

All personal data collected as part of our recruitment process is handled in accordance with applicable data protection laws and is used solely for purposes related to assessing your candidacy, managing the recruitment process, and fulfilling our legal obligations.

 

Communicating with you

We collect information through our communication channels when you contact us via our Digital Form, website, email, or telephone. We collect and use your contact details because we have a legitimate interest in responding to enquiries.

We collect personal information when you contact us through our digital forms, website, email, or telephone. This may include identity and contact information, and any other information you choose to provide during our communications.

 

How We Collect Your Personal Data

We collect personal data about you through a variety of methods, including:

  • When you engage our legal services;

  • When you or your organisation seek legal advice from us or utilise any of our professional services;

  • When you or your organisation offer to provide, or actually provide, goods or services to us;

  • When you are the subject of, or your personal data is otherwise included in, the legal advice we are instructed to provide to a third-party client (for example, in relation to an employment dispute or where you are the subject of an investigation we are conducting);

  • When you correspond with us via telephone, email, or other electronic means, in writing, or when you provide information to us directly, including during conversations with our solicitors, consultants, and staff;

  • When you or your organisation browse, make an enquiry, or otherwise interact with our Site;

  • When you apply for a job with us, including submitting applications, CVs, cover letters, and during the recruitment and interview process;

  • From third-party sources such as regulatory bodies, government agencies, credit reference agencies, information service providers, or from publicly available records, as required or permitted by law;

  • From our clients and their representatives when handling personal data in the course of providing legal services; and

  • From other service providers and information sources that support our legal practice.

 

If you provide us with personal data about another individual, you must ensure that you comply with the relevant legal obligations, including securing any necessary consents, and that we are permitted to use and share that information with our service providers, if required.

 

Our Purposes and Legal Bases for Collecting and Processing Personal Information

We use your personal information to provide, improve, and operate our Services, ensuring a secure, efficient, and personalised experience. In some cases, we also process your data to comply with legal obligations or to pursue our legitimate interests.

Under data protection laws, we must have a lawful basis for processing your personal information. The table below outlines the specific purposes for which we use your data and the corresponding legal bases we rely on.

Privacy_Table.png

* We only process sensitive personal information where it is necessary and permitted by applicable law. This may include fulfilling legal obligations or exercising rights related to employment and social security law, or the establishment, exercise, or defence of legal claims.

 

** Unless otherwise specified in this Privacy Notice, any personal data collected as part of our client due diligence processes will be used solely for the purpose of complying with legal obligations related to the prevention of money laundering, terrorist financing, and proliferation financing. We will not process this data for any other purposes without your consent. Furthermore, we do not engage in automated decision-making or profiling that could produce legal effects or similarly significant impacts on you, beyond what is described above.


 

Disclosures of Personal Information 

We may share your personal information where necessary with the parties listed below for the purposes set out in for the purposes set out in Section 4 Our Purposes and Legal Bases for Collecting and Processing Personal Information for which we will use your personal information above

  • We may disclose your personal data to courts, law enforcement agencies, regulatory bodies (including the Solicitors Regulation Authority), and government officials where required by law, or where reasonably necessary for the establishment, exercise, or defence of legal claims, or for the purposes of a confidential alternative dispute resolution process.

  • We may share your personal data with companies providing services for anti-money laundering checks, identity verification (using secure electronic verification systems), credit risk reduction, and fraud and crime prevention purposes, as well as with financial institutions, credit reference agencies, and relevant regulatory bodies.

  • If we have collected your personal data in the course of providing legal services to any of our clients, we may disclose it to that client, and, where permitted by law, to other parties for the purpose of delivering those services. 

  • We may share your personal data with other legal professionals, such as barristers, consultants, mediators, experts, and foreign legal specialists, as well as with translators, couriers, and other service providers necessary for the delivery of legal services.

  • We may provide your personal data to third-party service providers, such as auditors, IT system providers, professional advisors, insurers, and identity check providers. These third parties process your personal data on our behalf and in accordance with our instructions.

 

Greymore may utilise client relationship management (CRM) tools and secure case management systems to support efficient case handling, facilitate seamless collaboration, and ensure the effective management of client matters. These tools help us organise and manage client files with precision, identify connections and relationships within the firm, integrate relevant data into our systems, and maintain accurate, up-to-date information. By leveraging these systems, we enhance the quality of our legal services, streamline workflows, and deliver comprehensive, well-coordinated support across all client matters.

When we share information with third-party service providers in this capacity, we require them to use your information on our behalf in accordance with our instructions, and terms and only process as necessary for the purpose of the contract.

 

How We Transfer Information Internationally

We are committed to ensuring that your personal data is securely stored and transferred in accordance with applicable data protection standards. In some cases, your personal data may be transferred to countries outside the UK or the European Economic Area (EEA). When this occurs, we ensure that appropriate safeguards are in place to protect your data. These safeguards include Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, the UK Information Commissioner’s Office (ICO) to ensure that your personal data receives an adequate level of protection.

 

Cookies and Similar Tracking Technology

We use cookies and similar tracking technologies to automatically collect information about browsing activity, device type, and similar information within Site. These technologies are used generally to remember your preferences, settings, and customisations for a more personalised experience, to understand how our Site is used and improve functionality, performance, and content, and to enhance security and support authentication processes. For more information about the cookies we use and how to change your cookie preferences, please see Cookie Notice.

 

Manage Your Privacy Preferences

If you do not wish to accept cookies, you can adjust your browser settings to block all cookies or only third-party cookies. You can also delete any cookies that have already been placed on your device. Please note that these settings must be configured separately for each browser and device you use. For more information on how to manage cookies, please refer to our Cookie Notice.

If you prefer not to receive emails regarding the latest developments, announcements, or other information about our services, you can opt out at any time by following the unsubscribe instructions included in each message or by contacting us directly. Please note that even if you opt out of such communications, we may still send you important service-related messages that are necessary for the provision of our services.

 

Data Security

We have implemented appropriate technical and organisational security measures to protect your personal data against accidental, unlawful, or unauthorised destruction, loss, alteration, access, disclosure, or use. We protect your personal data from potential security breaches by implementing specific technological security measures, including encryption, firewalls, and secure layer technology.

In addition, we limit access to your personal data to employees, agents, contractors, and other third parties who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

 

Data Retention

We will not retain your personal information longer than necessary to fulfil the purposes for which the data was collected or to fulfil our legal obligations or necessary for the establishment, exercise of defence of legal claims or resolving disputes. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, accounting or other requirements.

In some circumstances, you can ask us to delete your data. See Section Your Rights for further information.

 

Your Rights

To the extent permitted by applicable data protection laws and regulations, you have the following rights in relation to your personal data:

  • Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

  • Request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). 

  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.

  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.

  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in one of the following scenarios:

(i) If you want us to establish the data's accuracy;

(ii) Where you believe our use of the data is unlawful but you do not want us to erase it;

(iii) Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or

(iv) You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

 

If you wish to exercise any of the rights set out above, please refer to Section 17 How to Contact Us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

 

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

 

Complaints

We hope we will be able to resolve any issues you may have. If you have a concern about how we use your personal data, we would like to work with you to resolve it. 

You have the right to make a complaint at any time to your local data protection authority, such as the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the relevant data protection authority so please contact us in the first instance.

 

Changes to the Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in laws and regulations, new technologies, or updates to our security practices. When changes are made, we will post the updated version on our website and indicate the effective date at the top of the policy to help you identify when revisions have occurred. We encourage you to review this Privacy Notice regularly to stay informed about how we protect your personal information.

It is important that the personal data we hold about you is accurate and up to date. Please notify us promptly of any changes to your personal information during the course of your relationship with us, such as changes to your address, email, or other contact details.

 

How to Contact Us

Questions, comments and requests regarding this Policy are welcomed and should be addressed to Greymore, Data Privacy Team, info@greymore.com 

bottom of page