Privacy Policy

Bath Family Law LLP
Effective Date: August 2025

Introduction

This Privacy Policy explains how Bath Family Law LLP (hereinafter referred to as "the Organisation"), a Limited Liability Partnership registered in England under number OC447333, collects, uses, stores, and discloses personal data. This policy complies with the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, and other relevant laws and regulations governing the processing of personal data.

As a legal organisation providing professional McKenzie friend support and paralegal services, Bath Family Law LLP takes its professional and ethical obligations seriously. We operate with full indemnity insurance and adhere to the standards of Resolution, the National Association of Licensed Paralegals, and the Society of Professional McKenzie Friends.

This Privacy Policy is designed to complement and align with the Organisation’s Terms and Conditions, which govern our service provision.

Contact Details

Bath Family Law LLP
Registered Address: 10 Laura Place, Bath, Somerset, BA2 4BL, United Kingdom
Telephone: 01225 941222
Email: team@bathfamilylaw.co.uk

For data protection matters, you may contact us at the email address above.

Types of Personal Data We Collect

In the course of providing services, we collect the following personal data that is relevant and necessary for case management and compliance:

• Client Personal Details: Full names, addresses, telephone numbers, email addresses, dates of birth, and national insurance numbers.
• Sensitive Data: Special category data, including health records, family law-related details (e.g. information about children or relationships), and financial disclosure documents.
• Case-Specific Data: Correspondence, legal documents (e.g. court submissions, wills, property deeds).
• Financial Information: Bank details, payment history, and financial transaction information collected in compliance with anti-money laundering (AML) regulations.
• Professional or Employment Records: Where relevant to the legal matter for which you have engaged us.

We ensure that we only collect data pertinent to the service provided or as required by law. If you provide us with data related to children, additional safeguards will apply as set out below.

How We Collect Personal Data

• Direct Sources: Information provided by clients through consultations, forms, and correspondence.
• Third Parties: Information from other legal professionals, court directives, public records (e.g. Companies House, the Land Registry), or referrals.
• Authorised Representatives: Data received from individuals acting on your behalf.

We ensure that data collection complies fully with UK GDPR standards and remains strictly necessary for the scope of our services.

Legal Basis for Processing Personal Data

The lawful bases on which we process your data are as follows:

• Performance of a Contract: To provide legal or McKenzie friend support services in accordance with our engagement terms.
• Legal Obligations: Compliance with statutory duties such as anti-money laundering checks under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
• Legitimate Interests: To protect our legitimate interests (e.g. protecting legal claims, improving client services) without overriding your rights.
• Consent: In limited cases, where explicit consent is required (e.g. processing sensitive data, disclosures to third parties).

For certain types of data or processing (e.g. sensitive data related to children), additional protections and explicit consent mechanisms may apply.

How We Use Your Personal Data

• Delivering legal services, including advice, preparation, and submission of legal documents.
• Ensuring compliance with regulatory duties (e.g. money laundering or sanctions checks).
• Communicating with clients about case updates, payments, and deadlines.
• Addressing client complaints or resolving disputes.
• Complying with requests from legal authorities or courts.
• Protecting the Organisation against claims or other liabilities.

Data for Minors and Other Vulnerable Parties

When we process data relating to children or vulnerable individuals, we take additional steps to ensure their privacy is protected. This includes:

• Processing only the data strictly necessary for the legal matter.
• Obtaining consent from a responsible parent, legal guardian, or court order, as appropriate.
• Securely storing all data in accordance with heightened safeguards for special categories of data.

Data Retention

• General case files: Archived after six months have passed from the conclusion of our support or the matter itself if not collected or returned to the the client.
• Archived case files: Securely retained and protected and checked periodically, disposing of any file retained longer than six years.

At the conclusion of a case, data is securely stored, deleted, or anonymised unless further retention is required by law. Should you wish to request your data be returned to you or specifically stored, deleted, or anonymised, please make all requests in writing and these will be adhered to as per your request.

Data Security

We employ appropriate security measures to ensure the confidentiality and integrity of your data. These include access controls, encryption, and secure data storage systems.

If transferring data outside the United Kingdom or EEA, we will only do so with appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions.

Complaints and Escalation

You have the right to lodge a complaint regarding our data practices. Please contact our team at team@bathfamilylaw.co.uk for initial resolution. If you remain dissatisfied, you may escalate the matter to:

Information Commissioners Office (ICO)
Helpline: 0303 123 1113
Website: www.ico.org.uk

We aim to resolve all complaints promptly and fairly. Please refer to our Terms and Conditions for more information about our complaints process.

Your Rights as a Data Subject

Under the UK GDPR, you have the following rights:

• Access: Request copies of your data held by us.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of data where it is no longer required.
• Restriction: Limit the processing of your data in certain circumstances.
• Objection: Object to processing based on our legitimate interests.
• Data Portability: Request transfer of your data to another organisation.

To exercise these rights, please contact team@bathfamilylaw.co.uk.

Website Specific Policy

• Website Usage Data: We may collect website usage data, including aggregate and anonymous information about how our website is accessed and used. This data is not used to identify individuals but helps us to monitor and improve site performance.
• Data Retention Note for Analytics Data: Website analytics data (which is anonymised and aggregated) may be retained indefinitely for the purpose of tracking long-term trends. This information does not identify individual visitors.
• Clio Intake Portal: We do not use a contact form on our website. When you choose to submit your details, you are directed to our secure intake portal provided by Clio (operated by Themis Solutions). Clio acts as our data processor under a data processing agreement. Information submitted through this portal is transferred securely to us for assessment and case management. Clio provides hosting within the UK/EU and applies contractual safeguards to ensure compliance with data protection laws.
• Burst Statistics: We use Burst Statistics, a self-hosted analytics tool, to measure website usage. It is configured in privacy-friendly mode, meaning it does not set tracking cookies, does not share information with third parties, and does not collect personally identifiable information. Reports generated are used solely to understand site performance and improve our content.
• Cookies: Our website uses essential cookies necessary for WordPress functionality and security. These cookies do not require consent as they are strictly necessary for the operation of the website. We may also display third-party embedded content (for example, videos), which may set their own cookies once you interact with them.
• Managing Cookies: You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies, or configure them to only accept certain types. You may also use third-party browser tools or extensions to manage or restrict cookies.
• Processors and Suppliers: In providing our services we may rely on certain trusted third-party service providers acting as data processors, including:
  • Clio (case management portal and intake forms)
  • Microsoft 365 (business email and document storage)
  • Web hosting and IT service providers (infrastructure, maintenance, and security)
  All such providers are contractually bound to protect personal data in line with UK GDPR.
• Security: We apply appropriate technical and organisational measures to keep your data secure. These measures include encryption of data in transit, strict access controls, secure configuration of systems, and confidentiality obligations for staff and contractors. We also carry out periodic reviews and updates of our security arrangements to ensure ongoing protection

Linkage to Terms and Conditions

This Privacy Policy forms part of the broader agreement you enter with Bath Family Law LLP, as outlined in our Terms and Conditions. Any questions or concerns regarding the handling of your data should be examined in the context of the Terms to ensure a cohesive interpretation.

Updates to this Privacy Policy

We may periodically update this policy to reflect regulatory changes. The effective date will always appear at the top of the document. Clients will be notified in advance of significant changes.

This Privacy Policy was last updated in August 2025.