Data Controller – Mirage and Mole of Oak View Farm, Drointon, Staffordshire ST18 0LX, is the data controller. This means that Mirage and Mole collects and are responsible for the personal information we hold about yourself. When this is carried out, we are the “controller” of the information for the purposes of General Data Protection Regulation (GDPR) and any other applicable laws. Further details are available from www.mirageandmole.com
Data Protection Officer – Lee Moulson is our Data Protection Officer and Lee is responsible for overseeing the aspects of the data information gathered. Lee can be contacted by emailing: firstname.lastname@example.org
Purposes of Processing – Your data will be processed in order to:-
- Provide services under contract to you;
- Provide services to others (insofar as this does not breach client confidentiality);
- Comply with regulatory and other legal obligations; and
- Protect Mirage & Mole against potential claims
Data Subject’s Rights – Where relevant, you have the right (subject to client confidentiality) to:
- The right of access. This is commonly known as a “data subject access request”. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- The right to rectification. This enables you to have any incomplete or inaccurate data we hold about you rectified, though we may need to verify the accuracy of the new data you provide to us.
- The right to erasure. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- The right to object. Where we are relying on a legitimate interest or those of a third party and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
- The right to restrict processing. This enables you to ask us to suspend the processing of your personal data.
- The right to data portability. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
- Right to withdraw consent. You can withdraw consent to us processing your personal data where we are relying on consent to do so. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
- Rights in relation to automated decision making and profiling. We do not use your data in automated decision making and profiling.
If you require some more information about your rights under GDPR, then please look at the Guidance from The Information Commissioners Office on Individual rights under the GDPR.
Legal Basis – Your data will be processed on the basis that Mirage and Mole has a legitimate interest in being able to achieve the aims of processing set out above. Where special category data is provided, the provider of the data warrants that they consent to Mirage and Mole processing that data or that they have obtained written consent from the data subject.
Personal Data Held – As a minimum, Mirage and Mole is required to positively identify their clients. This also includes positively identifying a director in the case of a corporate client. In addition, Mirage and Mole holds whatever information is provided to them by its clients and others. This will rarely include special category data.
Mirage and Mole may collect and store the following personal information regarding yourself:-
- Your name, date of birth and contact details. These will include address, email and contact phone numbers;
- Information regarding your personal circumstances;
- Documents to confirm your identification and proof of address. i.e driving licence, passport and bank/utility statements and similar;
- Details of any goods and services that are relevant to your circumstances which may include any personal information;
- Any personal details included in the matter upon which you are requesting advice about;
- Any financial information about yourself such as your bank details;
- Personal information which may be held on wills, deeds and trust arrangements.
Mirage and Mole may also obtain the information from third parties such so as to assess credit rating.
How We Will Use Your Information – we will use the information obtained for the following reasons:-
- To provide sales and marketing consultancy and virtual assistance services ;
- To comply with our legal responsibilities in providing these services;
- To deal and resolve any queries or complaints you may have about our services;
- To monitor the quality of the services we provide.
Reasons that we obtain your personal information:-
- Legitimate interest – we will rely on legitimate interests act upon your instructions and you may not have signed our Terms of Business.
- Consent – in some instances you will give us consent to use your personal information in a certain way. If you have granted us permission to use your data in a certain way, we will rely on your consent and explain the same to you. You of course have the right to withdraw your consent at any time. To do this you can email the Data Protection Officer (Lee Moulson) at email@example.com
- Legal Consent – the legal obligation is to process information regarding yourself for the purpose of anti-money laundering and to prevent terrorist financing.
Who We Will Share Your Personal Information With:-
- Professional services businesses that help Mirage and Mole to manage the firm, maintain business services and manage compliances within the Regulations.
- Search providers used to perform conflict checks, due diligence searches, anti-money laundering searches, credit checks and any other services to undertake your matter.
We confirm that any instructed experts, suppliers or third parties that we will share your data with will be bound by strict agreements that meet the requirements of the GDPR.
Failure to Provide Data – If you fail to provide Mirage and Mole with the data required you will not receive our services or receive any marketing information.
Data Sources – Mirage and Mole obtains most personal data from their clients and those who have indicated that they have an interest in Mirage and Mole services. Mirage and Mole also obtain some personal data from other correspondents. Mirage and Mole also collects some data from publicly available sources (e.g. Companies House, websites, press releases).
Recipients – Any data provided by a client is treated as confidential to that client and will only be shared with others in so far as this is necessary to provide the services contracted for by the client, to comply with regulatory and other legal obligations and to protect Mirage and Mole against a potential claim. To provide its services, Mirage and Mole relies on the services of certain data processors. These include secure cloud storage for files and emails. In each case, Mirage and Mole ensures that data is processed in compliance with this policy.
Third Countries and Safeguards – Other than where required to provide services as required in individual client matters, data is rarely sent to third countries. Where it is, the relevant devices are password protected and equipped with tracking and remote wipe software. The devices are personally accompanied.
Retention Period – please refer to our terms of business.
Automated Decision Making – None
Further Details – the Data Controller will provide further details of any of the above on request.