PRivacy Policy
1. PURPOSE OF THIS NOTICE
This notice describes how we, The Radley Forensic Document Laboratory Limited, collect and use personal data in accordance with and compliantly with the Data Protection Act 1998, the EU General Data Protection Regulation (GDPR) and any other national implementing laws, regulations or secondary legislation, as amended from time to time, in the UK (‘Data Protection Legislation’).
Please read the following carefully to understand our practices regarding the personal data (as defined within the Data Protection Legislation) in our possession and the very limited ways in which we will use it.
2. ABOUT US
The Radley Forensic Document Laboratory Limited (in this Privacy Notice referred to as "we", “us”, “our” and “ours”) provides services in forensic document examination, principally but not exclusively for the purpose of providing expert evidence within civil and criminal legal proceedings (‘Services’).
In the provision of our Services, we collect and retain personal data relating to (a) the solicitors (and other individuals) from whom we take instructions (‘Clients’) and (b) other third party correspondents (for example, other officers of the Court and employees of various other public authorities such as the Police, the Crown Prosecution Service, HMRC, the Probate Registry, the Department for Social Security and Her Majesties Land Registry) (‘Third Party Correspondents’). In relation to these categories of personal data, we are the ‘data controller’ under the Data Protection Legislation which means that we are responsible for deciding how we hold and use the personal data.
Additionally, in the provision of our Services, we collect and retain personal data relating to those individuals whose signatures and/or handwriting are (or who are proposed to be) the subject matter of our forensic analysis and reporting (‘Forensic Examination Subjects’). In relation to this category of personal data, we are a ‘data processor’ under the Data Protection Legislation which means that we only use (so process) the personal data in accordance the professional instructions given to us by our clients.
When we examine documents in the course of delivering our Services, the examination is of a completely non-destructive nature and we undertake all reasonable steps to ensure not to damage or deface the documentation in any way, and to return it on completion of the examination or on demand, whichever is the sooner. Unless or until expressly instructed to do so (or ordered by a court to do so) our services will be delivered to our Clients on a strictly confidential basis and the documentation submitted (and any notes/photographs thereon) will only be used in the preparation of an expert report for our Client’s own use.
Ellen Radley is our Data Protection Point of Contact and is responsible for assisting with enquiries in relation to this privacy notice or our treatment of the personal data which we hold. Should you wish to contact our Data Protection Point of Contact you can do so using the contact details noted below.
3. HOW WE MAY COLLECT YOUR PERSONAL DATA
We obtain personal data from Clients or Third Party Correspondents under the first category referenced above when:
- An individual requests (by telephone, post or email) a proposal from us in respect of our Services; or
- An individual engages us to provide our Services;
- A Client provides us with contact details for those Third Party Correspondents with whom we need to communicate in order to deliver our Services.
We obtain personal data relating to Forensic Examination Subjects when:
- It is delivered to us by our clients;
- It is delivered to us by other Third Party Correspondents.
4. THE KIND OF PERSONAL DATA WE HOLD
The information we hold about Clients and Third Party Correspondents includes the following:
- personal contact details (name, address, telephone numbers and email addresses);
- details of all contact/correspondence we have had in relation to the provision, or the proposed provision, of our Services;
- details of the Services you have received from us;
- details of how our Services have been (or are going to be) funded;
- details of any other forensic document examiners instructed to give expert evidence in relation to the same Signature Subject.
- contact details for those who have introduced our Services to others;
- information about any complaints made about our Services.
The information we hold about Forensic Examination Subjects varies widely and can encompass ‘sensitive personal data’, as defined by the Data Protection Legislation. In order to deliver our Services, it is common, for example, to have possession of passports and other emigration/immigration documents, medical records and financial records (including mortgage documents, loan agreements, cheques, bank cards, other banking book/records and Wills).
5. HOW WE USE THE PERSONAL DATA WE HOLD
Introduction
We only use personal data for the purposes of delivering our Services, on a case by case basis, and for keeping appropriate management and administrative systems in place to support the ongoing delivery of our Services.
The sharing of personal data (in our expert reports) is an integral part of the Services. However, the disclosure of personal data is strictly limited by (a) the instructions given to us by our clients, and/or (b) the strict legal purpose for which our forensic document examination is required, and/or (c) orders of the Court and/or (d) the consent (if required) of the Signature Subject.
We never use personal data for marketing purposes.
In the course of delivering our Services to certain Clients based outside the European Economic Union we receive personal data from those Clients and we transfer exactly the same personal data back to the Clients along with our forensic examination report. In these cases the personal data is transmitted and/or posted outside of the European Economic Union securely and with the same level of privacy and confidentiality which has been imposed upon us by the data controller and/or by the Data Protection Legislation.
Subject to us satisfying the above criteria, we are permitted to process personal data without the consent of a ‘data subject’ (as defined by the Data Protection Legislation).
Data retention
We will only retain personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the Services provided;
- any statutory or legal obligations;
- any professional or regulatory obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
Change of purpose
Where we need to use your personal data for another reason, other than for the purpose for which we collected it, we will only use your personal data where that reason is compatible with the original purpose.
Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.
6. DATA SECURITY
We have put in place commercially reasonable and appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
7. RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION
Your duty to inform us of changes
It is important that the personal data we hold for Clients and Third Party Correspondents is accurate and current. Should personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.
Your rights in connection with personal data
Under the Data Protection Legislation you have the right to:
- Request access to your personal data. This enables you to receive details of the personal data we hold about you and to check that we are processing it lawfully.
- Request correction of the personal data that we hold about you.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this basis. Whilst you also have the right to object where we are processing your personal information for direct marketing purposes, as confirmed above we never use personal data for marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to you or another data controller if the processing is based on consent, carried out by automated means and this is technically feasible.
Please note that your rights to make the above requests (particularly relating to ‘erasure’) do not necessarily create an obligation for us to comply with the requests. There are reasons under the Data Protection Legislation for refusing such requests which we may exercise where appropriate.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
8. RIGHT TO WITHDRAW CONSENT
In the very limited circumstances where express consent is required and given for the collection, processing and transfer of your personal data for a specific purpose you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Ellen Radley at the address given below.
Once we have received notification that you have withdrawn your consent, we will no longer process your personal information (personal data) for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
9. CHANGES TO THIS NOTICE
Any changes we may make to our privacy notice in the future will be updated on our website
This privacy notice was last updated on 25th May 2018.
10. CONTACT US
If you have any questions regarding this notice or about the manner in which we process your personal data, please write to Ellen Radley at the following address:
The Radley Forensic Document Laboratory Limited
Queens Meadow
Oakhurst
Grayshott
Hindhead
Surrey GU26 6JW
10. CONTACT US
If you have any questions regarding this notice or about the manner in which we process your personal data, please write to Ellen Radley at the following address:
The Radley Forensic Document Laboratory Limited
Queens Meadow
Oakhurst
Grayshott
Hindhead
Surrey GU26 6JW
If you believe that we have breached the Data Protection Legislation in relation to your personal data, you have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone - 0303 123 1113 (local rate) or 01625 545 745
Website - https://ico.org.uk/concerns