Cyber scam alert - A scam targeting solicitors firms known as 'typo-squatting' has come to light, whereby one character from a genuine business email address is changed and individuals could be contacted by criminals pretending to be from the genuine organisation. Please be sure to check all email address carefully to ensure the message from your solicitor is genuine and with no spelling mistakes. Our email addresses are in the format

Data Privacy Notice

Pearcelegal Limited

Our Privacy and Fair Processing Notice describes the categories of personal data we process and for what purposes. We are committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR).

  1. Who are we?

Pearcelegal Limited is a Limited Company registered in England and Wales with Registration Number 05409815. The Company is also authorised and regulated by the Solicitors Regulation Authority with SRA number 423097.

We are based at 2 The Square, Solihull, West Midlands, B91 3RB.

Nicholas Thomas, Director is the data controller for the information we collect from you. Any personal data that we collect will only be in relation to the work we do with you and to satisfy our professional and legal obligations.

2. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in our (the data controller’s), possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

3. How we gather personal information

The majority of the personal information we hold, is provided to us directly by yourself or by third parties such as Estate Agents, other Solicitors, pension providers, mortgage companies, banks and others in connection with your matter or the business. This information is received in either paper form or electronically.

4. How do we process your personal data?

We comply with our obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We process the data to have the ability to contact you and to undertake the business or work you have instructed us to perform for you or on your behalf.

We use personal data for the following purposes: –

  • we collect personal and sensitive personal information in order to be able to :

– properly advise you;

– carry out identity and money laundering checks;

– comply with our professional and legal obligations;

– complete necessary Court/Revenue forms as part of your business;

– carry out your instructions;

– ensure we do not place ourselves or you in a position of conflict;

– such other purposes that enable us to carry out our work for you.

  • To maintain our own accounts and records (including the processing of monies into and out of Client account);
  • To inform you of other services that we provide that may be of relevance and benefit to you or to assist you.

5. What is the legal basis for processing your personal data?

We only use your personal information where permitted by the laws that protect your privacy rights. We only use personal information where:

  1. We need to use the information to comply with our legal obligations
  2. We need to use the information to contact you, regarding your matter;
  3. It is fair to use the personal information in your interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about services provided by the company.
  4. The processing is necessary for the persons legitimate interests or the legitimate interests of our business unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

6. How we store personal data

Personal data is stored in a number of forms including paper and electronic formats such as on computers, spreadsheets, databases. Any third party providers for data storage must demonstrate to us that they are aligned with the GDPR principles.

We are committed to the protection of your personal information.

We generally store personal information in one of two secure digital online database systems, where access to that data is restricted and controlled.

Printed/Paper records

Paper is still used to capture and retain some data for example the following: –

  • New instruction forms
  • Physical paper files
  • Revenue forms
  • Court forms

All paper records are held within our offices which are locked when not in use and protected by RedCare/Dualcomm security systems.

We will ensure:

  1. Transfer of paper is secure, such as physical hand-to-hand transfer or registered post.
  2. Paper files are securely destroyed after use.
  3. Secure destruction will be through a shredding machine or securely burned.
  4. The paper records are at all times kept secure, especially when in transit, by using:-

– a lockable briefcase;

– a lockable filing cabinet if long term stored;

If the paper records are transferred to somebody, we will audit that they return them when the need is complete.

7. Sharing and Transferring Personal Information

We will only normally share personal information within our offices.

We will however share your personal information with others outside our offices where we need to meet or enforce a legal obligation, this may include other Solicitors if they are part of the transaction/business, Estate agents if necessary, HMRC, The Courts and Tribunal Services, our professional indemnity insurers, local authority services and law enforcement, we will only share your personal information to the extent needed for those purposes.

We will never sell your personal information to any third party for the purposes of marketing.

Your personal data will be treated as strictly confidential. We will only share your data with third parties outside of the Company where there is a legitimate reason to do so. We will take steps to anonymise the data we provide (i.e. collective reporting on gender, ethnicity, age, etc.). If identifiable data is to be shared we will seek your consent.

Third Party Data Processors

Pearcelegal Limited utilises the services of the following third-party data processors:-

  • LEAP legal software to maintain a database of information;
  • InfoTrack Searches for our conveyancing searches and such other providers as we may need to use from time to time;
  • Land Registry;
  • HMRC website for example SDLT and tax returns;
  • Personal injury claims portal;
  • Probate Registry;
  • Companies House;
  • Insurance companies in respect of property insurance policies and/or personal injury insurance.

Automated decision making

Pearcelegal Limited does not have any automated decision-making systems.

Transfers outside the UK

Pearcelegal Limited will not transfer your personal information outside of the UK, with the exception where a matter has an element which is taking place outside of the UK and it is necessary to provide personal information to comply with our legal obligations.

8. How do we protect personal data?

We take appropriate measures to ensure that the information discussed with us is kept secure, accurate and up to date and kept only for as long as necessary for the purpose for which it is used.

9. How long do we keep your personal data?

We will retain your personal information for at least 7 years following the end of your matter in order to comply with our Professional Indemnity Insurance requirements. Certain information will be kept indefinitely pursuant to our work for you, such as copy Wills, Powers of Attorneys, property Deeds.

We will also keep any accounts information for the statutory 7 years as required by HMRC.

10. Your rights and your personal data

You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the data protection regulator.

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:-

  • The right to be informed – you have a right to know how your data will be used by Pearcelegal Limited.
  • The right to access your personal data – you can ask us to share with you the data we have about you.
  • The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing.
  • The right to erasure – this means that you have the right to request that we delete any personal data we have about you. There are some exceptions, for example, some information can be held for legal reasons.
  • The right to restrict processing – if you think there’s something wrong with the data being held about you, or you aren’t sure if we are complying with the rules, you can restrict any further use of your data until the problem is resolved.
  • The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with others.
  • The right to object – you can object to the ways your data is being used. This should make it easier to avoid unwanted marketing communications and spam from third parties.
  • Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input.

Please contact our Data Controller for more information, in the first instance.

Whether or not you exercise your new rights is up to you – the main thing to remember is that they’re there if you need them.

11. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

12. Contact Details

To exercise all relevant rights or for queries or complaints please. in the first instance. contact our Data Controller at Pearcelegal Solicitors, 2 The Square, Solihull, West Midlands, B91 3RB or email

You can contact the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Reviewed: 25th May 2018

Expert advice for you Book a free consultation

The team at Pearcelegal will be delighted to discuss your legal matters and give you a no-obligation quote.

Book your free consultation