PERSONAL DATA THAT WE COLLECT
When you contact us, you may be asked to provide certain information about you and, where relevant, your business, including your name and trading name and your contact details. We may also collect other information about you from e-mails or letters you send to us, or request that you provide us with other information that is relevant to the nature of your enquiry or instructions, such as your date of birth, copies of identification and proof of address documents and the structure and ownership of your business.
For clients to whom we send payments, the data that we hold will include bank account details and for clients for whom we complete applications for grants or payments, for example to the Rural Payments Agency, it will include any numbers or other references by which the RPA or other agencies identify the clients and any log-in details where we access websites on our clients’ behalf. We also hold any personal data that we are required by law to obtain, for example under the Money Laundering Regulations.
The personal data that we hold in respect of clients may be provided to us directly by them or on their behalf by other advisors instructed by them. For some types of work (for example valuations, expert witness and arbitration or other dispute resolution instructions) we may receive personal information from third parties – e.g. solicitors, accountants, lenders or other third parties – relating to parties who are not our clients but who have an interest in the matter in respect of which we are instructed. Examples are the name, address, telephone numbers and e-mail addresses for borrowers where we are instructed to provide a valuation of a borrower’s property for a lender; or similar details for a defendant where we are instructed to provide expert opinion by a solicitor acting for a claimant. In all such cases, we apply an assumption that the personal information that is provided to us by third parties has been provided in compliance with the provisions of the DPA and the GDPR.
We may also obtain personal data from publicly available sources, such as the Land Registry and Companies House and from other websites that provide names, addresses and other contact details.
USE OF PERSONAL DATA
None of our processes or procedures involve automated decision making and we do not therefore process personal data for that purpose.
The personal data that we hold forms part of a filing system. Our filing system comprises paper files and data held on our computers in the UK. We also use a web based document management and time recording system that is provided to us on a contract basis with a third party provider. Our current provider is LEAP, which is a recognised and established provider of these types of systems, particularly to the legal sector.
The personal data that we hold that we do or can use to identify data subjects from our filing system is their name, address, telephone number(s) and email address(es). We do not hold or record other personal data, such as dates of birth, or the numbers of identification documents, in a format that enables us to identify data subjects from that data and that data is not therefore classified as personal data for the purposes of the DPA and the GDPR.
We do not carry out any types of processing of personal data that is likely to result in a high risk to the rights and freedoms of individuals.
DISCLOSURE OF YOUR INFORMATION
The personal data and other related information that we hold is held may be accessed by or given to our staff and third parties who act for us for the purposes set out in this policy or for other purposes approved by you. Those parties may process information, fulfil and deliver contracts and provide support services on our behalf.
If our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
Countries outside the European Economic Area do not always have strong data protection laws. We do not currently knowingly disclose personal data or any other information to countries outside the EEA and we take all reasonable steps to ensure that personal data and other related information is used by third parties only in accordance with this policy.
COOKIES AND WEBSITE CONTACT FORMS
SECURITY AND DATA RETENTION
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We will retain information for as long as we consider it to be reasonably necessary for the purposes of our activities or for as long as we are required to do so by law.
ACCESSING AND UPDATING YOUR INFORMATION
Data subjects are entitled to see the personal data we hold about them you and may ask us to make any necessary changes to ensure that it is accurate and kept up to date. If you wish to do this, please contact us.
ERASURE AND RESTRICTION
In addition to the right to request us to rectify any inaccuracies or errors in the personal data that we hold, data subjects have a right to request erasure of all or part of their personal data that we hold and/or to restrict or to object to the purposes for which we process their personal data. If you wish to make such a request, you should do so via the contact given below.
RIGHT TO LODGE A COMPLAINT
You have a right to lodge a complaint with the Information Commissioner’s Office (ICO) or to another supervisory authority if you have any concerns about the way in which we hold or process your personal data or if you believe we are not complying with our regulatory and statutory obligations. The ways of contacting the ICO are given on its website at the following link https://ico.org.uk/global/contact-us/ Our ICO licence number is ZA093341.
All comments, queries and requests relating to our use of your personal data should be sent by e-mail to email@example.com or by writing to Mark Sanders, Acorn Rural Property (Consultants) LLP, 1b Oaklands Court, Tiverton Way, Tiverton Business Park, Tiverton, Devon, EX16 6TG.
STATUS OF THIS DOCUMENT
This is a formal document prepared for regulatory purposes. It may be published on our website and must be provided to all clients on request. It should be read alongside and in conjunction with all our other published regulatory documents.
Last updated: August 2020