Diamond logo

…a girl’s best friend

Heading context image

Want us to call you?

If you'd like us to call you, please fill in your details on our secure form using the following link.

Your Privacy and Security

Introduction

Here in BDE Law Limited, we are totally committed to keeping your personal data safe. We will always treat your personal data with respect and deliver services to our clients with privacy in mind.

This privacy policy will help you understand how we collect, use and protect your personal data.

Who we are

BDE Law, Diamond Law, EUI Law and Elephant Law are trading names of the data controller BDE Law Limited (Registered Number 08023674).

Data we collect

We collect personal data, and may collect special category personal data, as part of providing legal services to our clients.  We may also monitor or record calls, emails, SMS messages or other communications in accordance with UK law.

Types of data we may collect

Personal data

Personal data consists of any information which enables you to be identified as a living individual. Examples of personal data we may collect include:

  • Names and titles
  • Physical address and address history
  • Contact details including telephone numbers and email address
  • Date of birth
  • Gender
  • Lifestyle and other information

Special category personal data

Special category personal data consists of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data which is used to uniquely identify a natural person, concerning health or a natural person’s sex life or sexual orientation. Examples of special category personal data we may collect include:           

  • Medical history
  • Claims history
  • Criminal convictions and CCJs

We may also indirectly collect other special category personal data during the course of any investigations relating to fraud allegations.

Call recording and monitoring

We may monitor or record calls, emails, SMS messages or other communications for:

  • Business purposes such as quality control and training
  • Processing necessary for entering into or performance of a contract
  • Prevention of unauthorised use of our telecommunication systems and websites
  • Ensuring effective systems’ operation
  • Meeting any legal obligation
  • Protecting our client’s vital interests
  • Prevention or detection of crime
  • For our own legitimate interests

When data is collected

We will collect your personal data where:

  • You have confirmed to a referrer that you wish to instruct us to provide legal services
  • You make enquiries about instructing us to provide legal services
  • You provide information to assist us in providing legal services
  • You respond to communication or surveys
  • We obtain information from other bodies or individuals for the purposes of providing legal services
  • We require additional information from you for the purposes of providing legal services

Where we obtain data from

We will collect personal data from a number of organisations or individuals which include:

  • You or other persons assisting our client with their claim such as authorised callers, litigation friends, those acting under a lasting power of attorney, or court appointed deputies
  • Insurers of a party to a claim
  • Parties to a claim
  • Witnesses of fact in a claim
  • Police, the Health & Safety Executive or other bodies providing reports relating to a claim
  • Employers
  • Experts and other professional service providers assisting with a claim
  • Public authorities or bodies responsible for maintaining records in which your personal data has been recorded

How your data is used (Legal Services Clients)

The basis on which we process your personal data:

 

Where you have entered a contract with BDE Law Limited before 25th May 2018, you acknowledge that we have a legitimate business interest in processing your personal data to provide you with the legal services for which you have instructed us, and to enable you to meet the terms of your contract with us.

Where you have entered a contract with BDE Law Limited on or after 25th May 2018, you acknowledge that we have a contractual right to process your personal data under a contract for legal services with us, as set out in your Terms of Business.

We will use your data for:

  • Fulfilling our contract for providing legal services
  • Administering your claim
  • Fraud prevention and detection
  • Verifying your identity when required
  • Statistical purposes
  • Assessment and analysis to enable us to review, develop and improve the services that we offer

Who has access to your data

Apart from us, other individuals or organisations that may have access to your data include:

  • Operations within the Admiral Group which provide service support to BDE Law Limited, such as IT and Human Resources. (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc). Please note that such service provision is governed by strict contractual clauses so that your data remains confidential and is not shared with other companies within the Admiral Group.
  • File Dynamics Limited, which provide case management systems and support services.
  • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
  • Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Legal Expense Insurers.
  • Regulatory bodies where we have a regulatory obligation to cooperate, for example with the Solicitors Regulation Authority, the Information Commissioner’s Office or the Legal Ombudsman.  
  • Other persons or organisations where it is necessary to deliver the products and services for which we have been instructed. We will only disclose information to another party where it is necessary for pursuing your claim. At all times, we will remain the data controller unless we have passed your data to a professional service provider such as an expert, or to a government department, agency or public body; in which case those organisations or individuals will be the data controllers. Examples of organisations or individuals to which we may pass your data include:
    • Other parties to the claim
    • Other parties’ solicitors
    • Other parties’ insurers
    • Authorised callers – where appointed by you
    • Your insurers
    • Witnesses of fact
    • Your employers
    • Motor Insurers’ Bureau (MIB)
    • Driver and Vehicle Licensing Agency (DVLA)
    • Department for Work & Pensions (DWP)
    • Her Majesty’s Revenue & Customs (HMRC)
    • Ministry of Justice (MOJ)
    • Her Majesty’s Courts & Tribunals Service (HMCTS)
    • Legal Expense Insurance providers
    • Health and leisure services
    • Public and private health service providers
    • Domestic service providers
    • Treatment providers
    • Vehicle hire providers
    • Medical reporting organisations
    • Medical experts
    • Other specialists
    • Barristers
    • Forensic accountants
    • Pagination (specialist document organisation) services
    • Investigators / tracing agents
    • CCTV footage providers
    • Costs draughtsman
    • Worksource providers – if you were referred to us by them

Data disclosed to organisations or individuals as part of a process of litigation are not subject to GDPR or the Data Protection Act 1998.

Ask CUE PI 

We may be required to use your personal data to complete a search of the Motor Insurers’ Bureau (MIB) askCUE PI insurance database as part of any claim for damages in a road traffic accident (and we will be unable to pursue a claim for you without this search).

The search is required under the Pre-Action Protocol for Personal Injury claims in Low Value Road Traffic Accidents. Your name, date of birth, National Insurance number and the date of the accident will be used to check the MIB askCUE PI database to retrieve the required information. The information provided will be any records which relate to personal injury/industrial illness incidents reported to insurance companies, which may or may not give rise to a claim.

The data provided by the MIB may be used alongside other information you have provided:

  • To provide advice relating to your claim
  • For anti-fraud purposes

They will not be used for any other purpose, or be made available for anyone else.

Client Extra (CLEX)

Client Extra is operated by BDE Law Limited which is the data controller for the purposes of Data Protection Legislation. Appropriate measures are taken to ensure that personal data is not damaged, destroyed or disclosed to a third party without your permission and to prevent unauthorised access to it. By accessing or using any part of Client Extra you agree to be bound our here.

We may log your IP address (which indicates the location of your computer on the Internet) for the purpose of systems administration and troubleshooting. We may use log files to help us understand how visitors use our site. We may use this information in aggregate for statistical analysis. We may use any e-mail address, which you provide to submit an enquiry, comment or request for further information, to contact you.

Dealing with other people

It is our policy to deal only with the person, as our client, for whom we act. In exceptional circumstances, we may, on a case by case basis agree to communicate with someone acting on your behalf as ‘authorised caller’, once your consent has been given.

How your data is used (Litigation Friends, Persons Acting Under a Power of Attorney or as Court Appointed Deputies)

The basis on which we process your personal data:

We have processed your information on the basis of our client’s legitimate interests to bring or defend legal proceedings, or proposed legal proceedings, in their own name.

This is on the basis that you are required to act for our client in relation to their claim.

We will use your data for:

  • Fulfilling our contract for providing legal services
  • Administering our client’s claim
  • Fraud prevention and detection
  • Verifying your identity when required
  • Statistical purposes
  • Assessment and analysis to enable us to review, develop and improve the services that we offer

Who has access to your data

Apart from us, other individuals or organisations that may have access to your data include:

  • Operations within the Admiral Group which provide service support to BDE Law Limited, such as IT and Human Resources. (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc). Please note that such service provision is governed by strict contractual clauses so that your data remains confidential and is not shared with other companies within the Admiral Group.
  • File Dynamics Limited, which provide case management systems and support services.
  • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
  • Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Legal Expense Insurers.
  • Regulatory bodies where we have a regulatory obligation to cooperate, for example with the Solicitors Regulation Authority, the Information Commissioner’s Office or the Legal Ombudsman.
  • Other persons or organisations where it is necessary to deliver the products and services for which we have been instructed. We will only disclose information to another party where it is necessary for pursuing our client’s claim. At all times, we will remain the data controller unless we have passed your data to a professional service provider such as an expert, or to a government department, agency or public body; in which case those organisations or individuals will be the data controllers. Examples of organisations or individuals to which we may pass your data include:
    • Other parties to the claim
    • Other parties’ solicitors
    • Other parties’ insurers
    • Authorised callers – where appointed by you
    • Our client’s insurers
    • Witnesses of fact
    • Our client’s employers
    • Motor Insurers’ Bureau (MIB)
    • Department for Work & Pensions (DWP)
    • Her Majesty’s Revenue & Customs (HMRC)
    • Ministry of Justice (MOJ)
    • Her Majesty’s Courts & Tribunals Service (HMCTS)
    • Legal Expense Insurance providers
    • Health and leisure services
    • Public and private health service providers
    • Domestic service providers
    • Treatment providers
    • Vehicle hire providers
    • Medical reporting organisations
    • Medical experts
    • Other specialists
    • Barristers
    • Forensic accountants
    • Pagination (specialist document organisation) services
    • Investigators / tracing agents
    • CCTV footage providers
    • Costs draughtsman
    • Worksource providers – if our client was referred to us by them

    Data disclosed to organisations or individuals as part of a process of litigation are not subject to GDPR or the Data Protection Act 1998.

    How your data is used (Witnesses of Fact)

    The basis on which we process your personal data:

    We have processed your information on the basis of our client’s legitimate interests to bring or defend legal proceedings, or proposed legal proceedings, in their own name.

    We will use your data for:

    • Providing a witness statement or statements in relation to our client’s claim.
    • Administering our client’s claim
    • Fraud prevention and detection

    Who has access to your data

    Apart from us, other individuals or organisations that may have access to your data include:

    • Operations within the Admiral Group which provide service support to BDE Law Limited, such as IT and Human Resources. (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc). Please note that such service provision is governed by strict contractual clauses so that your data remains confidential and is not shared with other companies within the Admiral Group.
    • File Dynamics Limited, which provide case management systems and support services.
    • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
    • Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Legal Expense Insurers.
    • Regulatory bodies where we have a regulatory obligation to cooperate, for example with the Solicitors Regulation Authority, the Information Commissioner’s Office or the Legal Ombudsman.
    • Other persons or organisations where it is necessary to deliver the products and services for which we have been instructed. We will only disclose information to another party where it is necessary for pursuing our client’s claim. At all times, we will remain the data controller unless we have passed your data to a professional service provider such as an expert, or to a government department, agency or public body; in which case those organisations or individuals will be the data controllers. Examples of organisations or individuals to which we may pass your data include:
      • Other parties to the claim
      • Other parties’ solicitors
      • Other parties’ insurers
      • Our client
      • Our client’s insurers
      • Motor Insurers’ Bureau (MIB)
      • Ministry of Justice (MOJ)
      • Her Majesty’s Courts & Tribunals Service (HMCTS)
      • Legal Expense Insurance providers
      • Treatment providers
      • Medical reporting organisations
      • Medical experts
      • Other specialists
      • Barristers
      • Forensic accountants
      • Pagination (specialist document organisation) services
      • Costs draughtsman

    Data disclosed to organisations or individuals as part of a process of litigation are not subject to GDPR or the Data Protection Act 1998.

    How your data is used (Authorised Callers)

    The basis on which we process your personal data:

    We have processed your information on the basis of our client’s legitimate interests to bring or defend legal proceedings, or proposed legal proceedings, in their own name.

    This is on the basis that our client has requested your support and assistance in relation to their claim.

    We will use your data for:

    • Fulfilling our contract with our client for providing legal services
    • Administering our client’s claim
    • Fraud prevention and detection
    • Verifying your identity when required

    Who has access to your data

    Apart from us, other individuals or organisations that may have access to your data include:

    • Operations within the Admiral Group which provide service support to BDE Law Limited, such as IT and Human Resources. (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc). Please note that such service provision is governed by strict contractual clauses so that your data remains confidential and is not shared with other companies within the Admiral Group.
    • File Dynamics Limited, which provide case management systems and support services.
    • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
    • Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Legal Expense Insurers.
    • Regulatory bodies where we have a regulatory obligation to cooperate, for example with the Solicitors Regulation Authority, the Information Commissioner’s Office or the Legal Ombudsman.
    • Other persons or organisations where it is necessary to deliver the products and services for which we have been instructed. We will only disclose information to another party where it is necessary for pursuing our client’s claim. At all times, we will remain the data controller unless we have passed your data to a professional service provider such as an expert, or to a government department, agency or public body; in which case those organisations or individuals will be the data controllers. Examples of organisations or individuals to which we may pass your data include:
      • Our client
      • Our client’s insurers
      • Our client’s employers
      • Motor Insurers’ Bureau (MIB)
      • Her Majesty’s Courts & Tribunals Service (HMCTS)
      • Legal Expense Insurance providers
      • Treatment providers
      • Vehicle hire providers
      • Medical reporting organisations
      • Medical experts
      • Other specialists
      • Barristers
      • Forensic accountants
      • Pagination services
      • Investigators / tracing agents
      • Costs draughtsman

    Data disclosed to organisations or individuals as part of a process of litigation are not subject to GDPR or the Data Protection Act 1998.

    How your data is used (Individual Suppliers and Experts)

    The basis on which we process your personal data:

    You agree that we have processed your information on the basis of the contract under which you have been instructed to provide a service for our client. You agree that this is a fundamental term of the contract.

    We will use your data for:

    • Fulfilling our contract with our client for providing legal services
    • Administering our client’s claim
    • Verifying your identity when required

    Who has access to your data

    Apart from us, other individuals or organisations that may have access to your data include:

    • Operations within the Admiral Group which provide service support to BDE Law Limited, such as IT and Human Resources. (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc). Please note that such service provision is governed by strict contractual clauses so that your data remains confidential and is not shared with other companies within the Admiral Group.
    • File Dynamics Limited, which provide case management systems and support services.
    • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party and any organisation appointed to carry out due diligence on their behalf, subject to them signing confidentiality agreements.
    • Auditors of our business, for example for accounting or tax purposes or where necessary under contract such as with our Legal Expense Insurers.
    • Regulatory bodies where we have a regulatory obligation to cooperate, for example with the Solicitors Regulation Authority, the Information Commissioner’s Office or the Legal Ombudsman.
    • Other persons or organisations where it is necessary to deliver the products and services for which we have been instructed. We will only disclose information to another party where it is necessary for pursuing our client’s claim.  At all times, we will remain the data controller unless we have passed your data to a professional service provider such as an expert, or to a government department, agency or public body; in which case those organisations or individuals will be the data controllers. Examples of organisations or individuals to which we may pass your data include:
      • Our client
      • Other parties to the claim
      • Other parties’ solicitors
      • Other parties’ insurers
      • Persons assisting our client with their claim such as authorised callers, litigation friends, those acting under a lasting power of attorney, or court appointed deputies
      • Motor Insurers’ Bureau (MIB)
      • Ministry of Justice (MOJ)
      • Her Majesty’s Courts & Tribunals Service (HMCTS)
      • Legal Expense Insurance providers
      • Treatment providers
      • Medical reporting organisations
      • Medical experts
      • Other specialists
      • Barristers
      • Forensic accountants
      • Pagination services
      • Costs draughtsman

    Data disclosed to organisations or individuals as part of a process of litigation are not subject to GDPR or the Data Protection Act 1998.

    BDE Law Limited’s Legitimate Interests

    There are certain circumstances where we process your personal data for our legitimate business interests.  These can be, for example, to establish or enforce our rights and interests or meet our regulatory obligations. We will always balance our interests against your own to ensure it is fair.

    The following processes rely on legitimate interest:

    • Call recording for quality and monitoring purposes and to confirm facts
    • Fraud and money laundering detection and prevention
    • Engaging and contacting our client throughout the lifecycle of their claim to ensure they have a good experience as a BDE Law Limited client
    • Internally auditing our processes to maintain our high standards
    • Sharing data with external auditors where required under regulation, contracts or agreements
    • Sharing data with selected third parties in order to protect our rights
    • Sharing data with our regulators to meet our obligations
    • The transfer of data to Admiral Law, if instructed by our client, where we can no longer act for them due to a risk of or actual conflict of interest
    • Ensuring network information and security
    • Processing data relating to witnesses, litigation friends, persons acting under a Power of Attorney or as Court Appointed Deputies, to assist our clients with their claims.

    If you have any further questions, don’t hesitate to contact us.

    Our technology

    We collect data about you through the use of technology such as cookies and device fingerprinting. View our full here.

    Your cookie preferences

    Managing, Disabling And Enabling Cookies

    You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.

    To opt out of being tracked by Google Analytics across all websites click here.

    Confidentiality and disclosure of your data

    We will endeavour to treat your personal data as private and confidential. From time to time we may employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction and with benefit of signed agreements.

    We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:

    • Where we are legally compelled to do so
    • Where there is a duty to the public to disclose
    • Where disclosure is required to protect our interest
    • Where disclosure is made at your request or with your consent

    If a complaint is made about the service we have provided, we may be obliged to forward details about the complaint, including personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to the requirements of the GDPR and keep personal data strictly confidential.

    Data subject rights

    You have a number of rights as a data subject. Please note that these rights do not apply in all circumstances.

    Request your data

    In order to access the data we hold about you, you need to make a ‘Subject Access Request’, or SAR. To make a SAR please email us at:

    Compliance@BDELaw.co.uk  

    or write to us at:

    The Compliance Officer For Legal Practice

    Subject Access Request
    Admiral House

    Queensway

    Newport NP20 4AG

    Please provide:

    1. Your name, address, claim reference number and what information you would like.
    2. Identification documents; one which shows your name and signature (e.g. a copy of your passport) and one which shows your name and address (e.g. a copy of a recent bill or bank statement or other official document). We will accept just one identification document if it shows your name, address and signature such as a copy of your driving licence.  (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)

    Please note that if your SAR involves the personal data of other people, or you are making a request on behalf of someone else (such as a parent on behalf of their child), we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.

    Once we have received your written request and identification documents, we will have a month to fulfil your request.  Where for some reason this will not be possible, for instance due to large volumes of data being involved, we are permitted by law to take up to an additional two months to fulfil your request. Where any such delay is anticipated we will inform you of this, along with the reason for the delay, within the first month of receiving your request along with details of when we expect to be able to provide you with the requested documentation.

    Your other rights as a data subject, where applicable, include:

    • The right to be informed about our processing of your personal data
    • The right to have your personal data corrected if it is inaccurate, and to have incomplete personal data completed
    • The right to object to the processing of your personal data
    • The right to have your personal data erased (“right to be forgotten”)
    • The right to move, copy, or transfer your personal data (“data portability”)
    • Rights regarding automated decision making, including profiling

    For more details on these rights and how to exercise them, please contact:

    Compliance@BDELaw.co.uk

    If you have any queries about your rights, or believe that they have not been met by BDE Law Limited, please contact our Compliance Officer for Legal Practice at:

    jharris@bdelaw.co.uk

    or by writing to:

    The Compliance Officer For Legal Practice

    Subject Access Request
    Admiral House
    Queensway
    Newport
    NP20 4AG

    If you have any complaints relating to the processing of your personal data, you also have the right to complain to the relevant Supervisor Authority. In the UK this is the Information Commissioner’s Office (ICO). They can be contacted at:

    Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF

    Retention of your data

    Your personal data will be kept for as long as we require it in order to provide our client with the agreed service. It will continue to be retained after any service has been concluded or otherwise comes to an end in line with our legal and regulatory requirements, and for as long as claims or complaints may legally be brought against us.

    Information Security

    On our CLEX portal we protect any data you have given us by providing you with a User ID and password. We also use industry standard security to encrypt sensitive data in transit to our servers. As an extra precaution, CLEX sessions will ‘time out’ if not used for 60 minutes.

    It is not anticipated that we will need to transfer your personal data to other companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA – but in the event that this is necessary we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.

    Show further information

    Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

    Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates / patches you receive for your system from the supplier.

    Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.

    Changes to this policy

    This privacy policy was last updated on 25th May 2018. We reserve the right to make changes to this policy and you will be prompted of any changes when you next visit our website.

    From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change we will write to you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.