Oakwood Legal Contact

Privacy Policy

Last updated: January 2025

Our Commitment to Your Privacy

At Oakwood Legal, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and handle your personal information when you visit our website or engage with our legal services. We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Address Information

Oakwood Legal

31 Colmore Row

Birmingham, B3 2BS

United Kingdom

Information We Collect

We may collect and process the following types of personal data:

Contact Information: When you submit enquiries through our contact form, we collect your name, email address, and any other information you choose to provide in your message. This information is collected with your explicit consent when you submit the form.

Website Usage Data: We collect information about how you interact with our website through cookies and similar technologies. This may include your IP address, browser type, device information, pages visited, time spent on pages, and referring website addresses.

Client Data: When you engage our legal services, we collect additional personal information necessary to provide those services, including identification documents, property details, and financial information as required for your legal matter.

Communication Records: We maintain records of all communications between you and our firm, including emails, letters, telephone conversations, and meeting notes.

How We Use Your Information

We use your personal data for the following purposes:

Service Provision: To respond to your enquiries, provide legal advice, handle your property transactions, and deliver the legal services you have requested from us.

Legal Obligations: To comply with legal and regulatory requirements, including anti-money laundering regulations, professional conduct rules, and court orders.

Website Improvement: To analyse website usage patterns and improve our online presence, user experience, and content relevance.

Marketing Communications: With your consent, to send you information about our services, legal updates, and other communications that may be of interest to you. You can opt out of marketing communications at any time.

Business Operations: To maintain our business records, conduct internal audits, manage our quality assurance processes, and ensure the security of our systems.

Legal Basis for Processing

We process your personal data under the following legal bases:

Consent: Where you have given us explicit consent to process your data for specific purposes, such as marketing communications or using certain cookies.

Contractual Necessity: Where processing is necessary to perform our contractual obligations to you when providing legal services.

Legal Obligation: Where we are required by law to process your data, such as for anti-money laundering checks or complying with court orders.

Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving our services, maintaining security, or preventing fraud, provided this does not override your fundamental rights and freedoms.

Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

Professional Advisers: We may share your information with barristers, expert witnesses, accountants, and other professional advisers engaged to assist with your legal matter.

Third-Party Service Providers: We work with trusted service providers who help us operate our business, including IT support, cloud storage providers, email services, and website analytics platforms. These providers only process your data on our instructions and are bound by confidentiality obligations.

Legal and Regulatory Bodies: We may disclose your information to courts, tribunals, regulatory authorities, and law enforcement agencies when required by law or to protect our legal rights.

Other Parties to Transactions: In property transactions, we share necessary information with the other party's solicitors, estate agents, mortgage lenders, and relevant authorities such as the Land Registry.

We do not sell or rent your personal data to third parties for marketing purposes.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:

Encryption: We use SSL/TLS encryption for data transmitted through our website and encrypt sensitive data stored in our systems.

Access Controls: We restrict access to personal data to authorised personnel only, based on their role and need to access the information.

Security Training: Our staff receive regular training on data protection and security best practices.

Regular Reviews: We regularly review and update our security measures to address emerging threats and maintain compliance with current standards.

Incident Response: We have procedures in place to detect, report, and respond to data breaches in accordance with legal requirements.

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected:

Client Files: We retain client files and case records for a minimum of six years after the conclusion of your matter, in accordance with professional regulations and limitation periods for legal claims.

Contact Form Enquiries: Information from contact form submissions is retained for up to two years if no client relationship develops.

Website Analytics: Analytics data is typically retained for up to 26 months to help us understand long-term usage patterns.

Marketing Data: Marketing contact information is retained until you withdraw consent or request deletion.

After the retention period expires, we securely delete or anonymise your personal data in accordance with our data retention policy.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website usage. For detailed information about the cookies we use and how to manage your cookie preferences, please see our Cookie Policy.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

Avoid filling out contact forms, account registrations, or any data-submitting features.

Disable cookies through your browser settings (see our Cookie Policy for more details).

Contact us directly to request the deletion of any previously shared personal data.

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided on our Contact page. We will process your request promptly.

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access: You can request a copy of the personal data we hold about you.

Right to Rectification: You can ask us to correct inaccurate or incomplete personal data.

Right to Erasure: You can request deletion of your personal data in certain circumstances, subject to legal and regulatory retention requirements.

Right to Restrict Processing: You can ask us to limit how we use your personal data in certain situations.

Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.

Right to Object: You can object to processing of your personal data for direct marketing purposes or where we rely on legitimate interests as our legal basis.

Right to Withdraw Consent: Where we process your data based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

International Data Transfers

Your personal data is primarily stored and processed within the United Kingdom. If we transfer your data outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions by the relevant authorities.

Children's Privacy

Our website and services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

Contact Us and Complaints

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection issues. You can contact the ICO through their website or by writing to them at their registered address.