GDPR

GDPR

GDPR & Data Protection

  1. McVey & Murricane are a firm of solicitors based in Scotland who provide legal services to individuals and organisations. The services relate principally to property matters and also to Private Client cases. We are the 'Data Controller' of the personal data you provide to us.
  2. The purpose of this notice is to provide our clients and potential clients with information about the policies we have in place in relation to the use of the personal data we are provided with.
  3. This notice is intended to comply with the terms of the DPA Act 1998 and the GDPR.
  4. The personal data we collect from our clients is required and is necessary to allow us to provide legal services to our clients and to carry out transactions on our client's behalf. We will not collect any personal data from our clients that we do not need in order to provide the particular legal service.
  5. In our role as your solicitors and to allow us to carry out and complete your transactions we require to process your personal data. In terms of the GDPR we rely on certain lawful bases for processing your personal data. We need to process your personal data in order to provide you with legal services in relation to the performance of a contract to which you are a party. We may also need to process your personal data to comply with legal obligations that we have as a member of a regulated profession. Lastly, we may need to process your personal data because it is in the legitimate interests of yourselves or ourselves.
  6. We believe an essential part of the professional service we provide is to ensure that your personal data is secure in both digital and physical form and will only be accessed by those members of staff who are processing your transaction.
  7. During the course of your case in order to complete your transaction it may be necessary to provide designated third parties with your personal data, as a failure to do so, would result in our service to you being compromised and the transaction not proceeding. An example of such third parties might be the company that provides property searches to us or a lender from whom you are obtaining a mortgage. We provide the minimum amount of information in the minimum number of circumstances to ensure that we are able to continue to act in your best interests.
  8. In terms of the DPA legislation and the GDPR we are bound to hold your personal data only for as long as is necessary. We do however have professional and legal obligations to our governing body namely the Law Society of Scotland. These obligations include retaining personal data in the digital or physical form for specific periods of time depending on the type of transaction.
  9. The GDPR provides certain rights for individuals in respect of their personal data as follows; the right to be informed; the right of access; the right to rectification; the right to erasure; the right to restrict processing; the right to data portability; the right to object; rights in relation to automated decision-making and profiling. The GDPR also provides certain exemptions such as the prevention, investigation, detection or prosecution of criminal offences; breaches of ethics in regulated professions and the protection of individual or the rights and freedoms of others.
  10. Our clients have the right to access their personal data so that they are aware of and can verify that we are processing their data lawfully. We will supply the information requested by a subject access request free of charge within one month of the request providing none of the previously mentioned exemptions apply. (If further copies are required there may be a fee due based on the administrative cost of supplying the information)
  11. If a client believes the information we are processing is incorrect then the client can request that the information be corrected or deleted.
  12. If at any time a client is not satisfied with the manner in which we are processing their personal data or that the processing of their personal data is not in accordance with the DPA 1998 or the GDPR then a complaint can be made by the client to the Information Commissioner's Office 
Share by: