This policy is made in accordance with the General Data Protection Regulation (“GDPR”).

It explains how JHI Ltd collects, records, stores, uses and discloses personal information about clients, prospective clients and those referring business to JHI ltd.

JHI Ltd is a “Data Controller”.  It is responsible for deciding how personal information is “processed” which includes its being collected, recorded, stored, used and disclosed.

WHAT PERSONAL DATA MAY BE PROCESSED?

JHI may collect, record, store, use and disclose personal information including:

  • Personal contact details such as title, name, address, e-mail addresses and telephone numbers
  • Gender
  • Nationality
  • Religion
  • Date of birth
  • Job title and employment details
  • Details about your family members including your children
  • Medical information
  • National insurance number
  • Criminal convictions and immigration history
  • Photographs
  • Passports, biometric residence cards and other documentation which may contain biometric details

Please let JHI Ltd, referred to below as JHI, know if your personal information changes so that the data stored and used will be accurate and up to date.

WHY IS PERSONAL DATA PROCESSED BY JHI?

Personal data will be processed only for legitimate purposes including:

  • To enter into or to perform a contract:
    • To enable the provision of a quote for legal advice
    • To enable the provision of legal advice
    • To enable the submission of applications to the Home Office
    • To be able to correspond on behalf of clients with the Home Office and other organisations or individuals relevant to assistant with legal advice
    • To enable the submission of appeals and requests for review to the appropriate authorities
  • To comply with legal obligations:
    • To comply with regulatory obligations including those to the Solicitors Regulation Authority
    • To comply with the requirements to undertake identity and Money Laundering Checks
  • To protect the legitimate interests of the business:
    • To defend the business against legal action
    • To comply with the requirements of the insurance providers to the business
  • Where explicit consent has been provided.

HOW WILL PERSONAL DATA BE PROCESSED?

Data will be collected from clients, prospective clients and those who refer business to JHI and will be stored on hard copy files and on JHI’s computer database. Once a client’s case is concluded the hard copy file and the computer file will be archived for 6 years after which they will be destroyed /deleted unless they have been requested by the client in the interim. A prospective client’s data will be stored for no longer than six months should they not become a client.

No data will be transferred to a server outside of the EEA without JHI having an agreement in place to ensure that any organisation involved in the processing of the business’s data has provided appropriate safeguards, that the data subject has enforceable rights and effective legal remedies and that an adequate level of protection is provided to any personal data transferred.

WILL PERSONAL DATA BE SHARED WITH THIRD PARTIES? – CONFIDENTIALITY

JHI will keep all information which you provide confidential and will not generally pass it on to third parties except with your permission or as required by law – to include the undertaking of Anti-Money Laundering Checks.

JHI may need to share information with third parties including the Home Office in order to carry out its contract to provide services to its clients. If you have entered into a contract for the service of JHI submitting an application to the Home Office or for the submission of an appeal or request for a review JHI will assume that permission has been given for the submission of relevant personal information to the Home Office or appropriate authority.

The Solicitors Regulation Authority may audit the work of JHI and an audit may require auditors to have access to a sample of client files.

JHI may outsource the typing or administration work on your file and will obtain a confidentiality agreement from anyone to whom work is outsourced.

JHI outsources it technical support and will obtain a confidentiality agreement from all relevant employees of the relevant company.

SECURITY

JHI has taken appropriate steps to try and ensure the security of data processed but please be aware of the below:

When you provide JHI with fax or e-mail addresses for the sending of material to you it will be assumed that your arrangements are sufficiently secure and confidential to protect your interests.

The internet is not secure and there are risks if you send JHI sensitive information by e-mail or if your request that JHI sends information by e-mail. Data sent by e-mail is not routinely encrypted. Please tell JHI if you do not wish for communications to be sent by e-mail. If JHI becomes aware of actual or threatened interception of messages sent by e-mail you will of course be notified.

JHI uses filtering and firewall software for incoming e-mail and internet communications so you should not assume that e-mails sent by you are received.

FOR HOW LONG WILL PERSONAL DATA BE STORED?

  • Clients’ hard copy files will be archived once a case is concluded and will be stored for 6 years after which they will be destroyed unless a client has requested them.
  • Clients’ electronic records will be stored for 6 years after which they will be destroyed.
  • Prospective clients’ details will be deleted or shredded after 6 months.
  • The details of those who refer business to JHI will be stored until such storage is no longer valid or until JHI is asked to delete them.

WHAT RIGHTS DO YOU HAVE?

In certain circumstances you have the right to:

  • Request access to your personal data – “Subject Access Requests”. You have the right to ask what personal detail is stored about you
  • Request the correction of personal data
  • Withdraw your consent to the processing of data where consent has been requested and obtained
  • Restrict the processing of data
  • Request the erasure of personal data
  • Move, copy and transfer your personal data without affecting its usability (portability of personal data)
  • Object to the processing of personal data

A request can be made verbally or in writing.  A response must be provided free of charge within one month.

If compliance with a request would prevent compliance with JHI’s legal obligations, would harm the legitimate interests of the business or is clearly unfounded or excessive JHI may refuse to comply with all or part of a request.

Jenny Harvey is the Compliance Officer for Legal Practice (“COLP”) and is responsible for compliance with the privacy policy. She can be contacted on info@jennyharveyimmigration.co.uk or on 01865 608328.

JHI has in place a system for reporting data breaches.

You have the right to complain to the Information Commissioners’ Office (“ICO”) which is the UK supervisory authority for data protection issues. They can be contacted on 03031231113.

OUR WEBSITE

Please note that although this website may provide links to other websites it only applies to the webpages hosted under JHI’s domain (i.e. pages with URLs containing jennyharveyimmigration.co.uk).

Cookies:

A website cookie is a piece of text that a web server can store on a user’s system for later retrieval. For example, a website might generate a unique ID number for each visitor and store the ID number on each user’s machine using a cookie file.

Your web browser will have options to show you all the cookies stored and will allow you to delete some/all of them as you wish.

Cookies may be:

Fundamentally necessary for the delivery of the web service you are using

Necessary to benefit from the full functionality of the service, but not essential for some level of service

For the benefit of the service provider or to allow the service provider to better understand its users and thus provide a better service e.g analytical tools so a site can produce statistics on the types of users it has or the sections of its site that are most popular.

For a wide range of other purposes.

Our Content Management System

PHPSESSID, wfvt_*

Set by our content management system in order to provide basic functions

Google Analytics

Used site-wide to help us tracking visitor usage. This is a web analytic service provided by Google.Inc. Google Analytics sets a cookie in order to evaluate use of those services and compile a report for us.