When we say 'Brodies', 'we' or 'us' in this notice, it means the entity to which you are submitting a complaint, being either Brodies LLP or Brodies Middle East LLP (ADGM Branch) which is Brodies Middle East LLP's branch in the Abu Dhabi Global Market. That entity (either Brodies LLP or Brodies Middle East LLP (ADGM Branch)) is the 'controller' of your personal information.

We collect, use and store different types of personal information about you, which we have grouped together as follows:

Types of personal information Description
Identity Data ID information including your name, marital status, title, date of birth, gender and National Insurance Number
Contact Data Where you live and how to contact you
Financial Data Your financial position, status and history, including bank details and credit rating
Transactional Data Details about payments to and from you and other details about services you purchase from us
Contractual Data Information obtained by providing legal services to you
Communications Data What we learn about you from letters, emails, call recordings and conversations between us
Publicly Available Data Details about you that are publicly available, such as on Companies House or elsewhere on the internet

How we use your information

The table below outlines how we use your personal information and our reasons. Where these reasons include legitimate interests, we explain what these legitimate interests are.

What we use your information for Our reasons Our legitimate interests
  • To communicate with you in relation to your complaint or legal claim
  • Contractual obligations
  • Legitimate interests
  • To deal with and respond to your complaint
  • To contact and communicate with third parties who may be involved in (or have knowledge of) matters relevant to the complaint or legal claim
  • Legitimate interests
  • To gather evidence relevant to the complaint
  • To notify our insurers and communicate with them in relation to the complaint or legal claim
  • Legitimate interests
  • To comply with the terms of our insurance cover
  • To notify and communicate with regulators concerning your complaint or legal claim
  • Legal obligation
  • Legitimate interests
  • To comply with legal or regulatory obligations
  • To establish, bring or defend legal claims
  • Legal claims
  • Legitimate interests
  • To manage the risk of crime and safety for us, our employees and our clients
  • To develop and improve how we deal with crime
  • To report criminality or the suspicion of criminality for the wider benefit of society
  • To be efficient about how we fulfil our responsibilities generally
  • For marketing and business development activities, including seeking new business, promoting our business and events management
  • Consent
  • Legitimate interests
  • To gather evidence
  • To manage complaints or legal claims
  • To take legal or other professional advice

Where we collect your personal information from

We may collect personal information about you from the following sources:

  • Directly from you
  • Third parties who may be involved in matters relevant to the complaint or legal claim
  • Legal, other professional advisors and enquiry agents
  • Scottish Legal Complaints Commission, the Law Society of Scotland and the Solicitors Regulation Authority

Who we share your information with

We may share your personal information with the following third parties:

  • If you have made a complaint to Brodies Middle East LLP (ADGM Branch), personal data will be shared with Brodies LLP which will act as a (a) processor in relation to its provision of human resource, IT, finance and other services to Brodies Middle East LLP (ADGM Branch) and (b) as a separate controller where Brodies LLP is engaged by BMEL to provide legal advice and/or assistance to respond to your complaint
  • Our insurers
  • Agents and service providers that we use during the course of managing your complaint or legal claim
  • The police and other law enforcement agencies
  • Relevant regulators, including the Information Commissioner's Office in the event of a personal data breach, the Scottish Legal Complaints Commission, the Law Society of Scotland and the Solicitors Regulation Authority
  • a) Subsidiaries or affiliates of Brodies LLP, (b) Brodies Middle East LLP (ADGM Branch), or any of its subsidiaries or affiliates, and (c) Brodies & Co (Trustees) Limited and any of its subsidiaries or affiliates
  • Potential or actual purchasers of any part of our business or assets, or other third parties in the context of a possible transfer or restructuring of our business

If you choose not to give your personal information

If you choose not to give us your personal information, it may delay or prevent us from being able to comply with our own legal obligations. It may also result in us being unable to, or refusing to, deal effectively with your complaint.

Automated decisions

We do not envisage taking any decisions about you based solely on automated processing (i.e. without human involvement), which have a legal or similarly significant effect on you.

How long we keep your personal information

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Where you make a complaint or legal claim against us or any member of our staff we shall retain your personal information in relation to all matters relevant to that complaint or claim until the complaint or claim has been final disposed of and any other matters which may give rise to the prospect of further claims have been disposed of or are time barred. The time periods concerned will vary according to the circumstances.

International transfers

Brodies LLP

We hold all personal information concerning our clients and their affairs within the United Kingdom. This means our document management system, our email servers and our practice management system are all hosted in the United Kingdom.

Brodies LLP will only send your personal information outside the United Kingdom:

  • where you ask us to
  • where we are being instructed on your behalf by someone outside the United Kingdom (for example, another law firm)
  • where that is required to provide the legal services that you have instructed us to provide – for example, in instructing/dealing with foreign solicitors or other advisors on your behalf
  • where we need to do so in order to comply with a legal duty incumbent on us or you
  • where the transfer is necessary for important reasons of public interest
  • where the transfer is necessary for the establishment, exercise or defence of legal claims

We also use ancillary IT systems hosted outside the United Kingdom or where data is backed up in a data centre outside the United Kingdom.

If your information is to be processed outside the United Kingdom, then we will ensure that it is protected to the same standards as if it were being processed within the United Kingdom by using appropriate safeguards, which may include:

  • ensuring that your information is only transferred to countries that have been recognised under data protection law as adequately protecting personal information to the same standards as the United Kingdom (for example, the European Union or European Economic Area).
  • putting in place a contract with the recipient of your information which requires them to protect that information to the same standards as if the information were being processed within the United Kingdom.

The safeguards we use will depend on the location of the recipient, the function they are performing and the personal information being transferred.

Brodies Middle East LLP (ADGM Branch)

Where Brodies Middle East LLP (ADGM Branch) is the controller of your personal data under our notices, personal information will be held within the Abu Dhabi Global Market. We will only send your personal data outside of the Abu Dhabi Global Market to Brodies LLP within the United Kingdom (see Who we share your information with). The United Kingdom is considered an 'adequate jurisdiction' by the Abu Dhabi Global Market Office of Data Protection.