This document explains what personal data Solaris Law Limited (Solaris Law) typically collects about you (whether you are a client or other third party), and what we do with it and why.
Who we are
Solaris Law is a limited liability company registered in England and Wales (company number: 11877562). Its registered office is at Stoneham Gate, Stoneham Place, Southmapton, SO50 9NW.
Solaris Law is a law firm specialising in debt recovery and is authorised and regulated by the Solicitors Regulation Authority with SRA number 668699.
Our main contact details can be found at the bottom of this document, however if you have any specific data protection concerns, please contact us via the office or email dpo@azzurroassociates.com
Information about Solaris Law can be found on our website, including any updates to the following notice https://www.azzurroassociates.com
Solaris Law is registered with the Information Commissioner under registration number ZA771882.
What we collect and why
We process personal data about its clients and other people involved in matters we act on for our clients. Solaris Law decides how and why your personal data is processed.
We collect most of this personal data directly from you—in person, by telephone, text or email. However, we may also collect information:
- from publicly accessible sources, for example, Companies House or HM Land Registry;
- directly from a third party, for example, sanctions screening providers or credit reference agencies; or
- from a third party with your consent.
The information we receive may include your contact details, identification information, financial information, employment information and details included in any correspondence and information about you in connection with any matter on which we are engaged to advise.
Who we may share your data with
We will use your personal data in order to continue the relationship with you. We may carry out further checks at the start of our relationship with you, such as credit checks and searches, in order to confirm the accuracy of the information we have been passed, and to verify your current circumstances.
Your information will be used for the purpose of operating our business and providing services to you and some personal details will be released to third-party organisations, such as other law firms, accountants, counsel, expert witnesses and other professional advisers, who will use your information in connection with your case or matter.
In providing services to our clients and in complying with our legal obligations, we may share the personal data that we obtain about you, insofar as we are permitted by law to do so, with the following third parties:
- members of the Azzurro group;
- third parties involved in any matter, including (without limitation) courts, tribunals, counterparties, experts, private investigators, and other third parties involved in a matter;
- suppliers and service providers used by us in providing services, details of which can be made available on request, including (without limitation) postal services, document storage facilities and IT service providers;
- financial organisations, debt collection, credit reference and tracing agencies;
- our auditors, our own legal and other professional advisors, our banks, insurers and insurance brokers;
- government agencies (including Her Majesty’s Revenue & Customs), regulators and other authorities (including (without limitation) the Information Commissioner and Ombudsmen); and
- our and your trade associations, professional bodies and business associates.
We may also release personal data to regulatory or law enforcement agencies if they require us to do so. We will disclose your personal data where we are permitted and requested to do so by law.
Where you are our client, you may also provide us with personal data about other people. Please ensure you provide them with a copy of this notice, where appropriate to do so.
What we will do with your data
We process personal data for the purpose of providing legal services to our clients and also for our own general business purposes, which can include:
- fraud prevention, anti-money laundering, anti-bribery and for the prevention or detection of crime;
- disclosures to our auditors, our own legal and other professional advisors, our banks, insurers, and insurance brokers;
- providing you, or an entity with which you are connected, with our services;
- accounting, billing and other internal administrative purposes;
- developing and facilitating a business relationship with you or an entity with which you are connected;
- inviting you to events or functions and providing you with updates and publications; and/or
- identifying and informing you of services that might be of interest to you.
We will only use and process your personal data where we have a lawful basis for doing so.
What basis do we have for processing your data
As set out above, we use and process your personal data in relation to the actual or potential supply of legal services. We will therefore use your information in connection with the contract for the provision of services when it is needed to carry out that contract or for you to enter into it; this is generally the lawful basis on which we rely for our processing.
In addition to processing necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract, there are other lawful bases for our processing which include processing that:
- you have consented to;
- is necessary for compliance with our legal, regulatory and/or professional obligations;
- is necessary for the purposes of pursuing our legitimate interests; or
- is necessary for the establishment, exercise or defence of legal claims.
Please note that we may process your personal data for more than one lawful reason, depending on the specific purpose for which we are using your data.
The table below explains what we use (process) your personal data for and our reasons for doing so:
What we use your personal information for |
Our reasons |
To provide services to you |
For the performance of our contract with you or to take steps at your request before entering into a contract |
To prevent and detect fraud against you or your organisation |
For our legitimate interests or those of a third party, i.e. to minimise fraud that could be damaging for us and for you |
Conducting checks to identify our customers and verify their identity Screening for financial and other sanctions or embargoes Other processing necessary to comply with professional, legal and regulatory obligations that apply to our business, for example, under rules issued by our professional regulator |
To comply with our legal and regulatory obligations |
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies |
To comply with our legal and regulatory obligations |
Ensuring business policies are adhered to, for example, policies covering security and internet use |
For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you |
Operational reasons, such as improving efficiency, training and quality control |
For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price |
Ensuring the confidentiality of commercially sensitive information |
For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information To comply with our legal and regulatory obligations |
Statistical analysis to help us manage our business, for example, in relation to our financial performance, customer base, product range or other efficiency measures |
For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price |
Preventing unauthorised access and modifications to systems |
For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you To comply with our legal and regulatory obligations |
Updating and enhancing customer records |
For the performance of our contract with you or to take steps at your request before entering into a contract To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, for example, making sure that we can keep in touch with our customers about existing engagements and new service offerings |
Statutory returns |
To comply with our legal and regulatory obligations |
Ensuring safe working practices, staff administration and assessments |
To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, for example, to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you |
Marketing our services to: —existing and former clients; —third parties who have previously expressed an interest in our services; —third parties with whom we have had no previous dealings. |
For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers |
Credit reference checks via external credit reference agencies |
For our legitimate interests or those of a third party, i.e. to ensure our clients are likely to be able to pay for our products and services |
External audits and quality checks and the audit of our accounts |
For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards To comply with our legal and regulatory obligations |
The above table does not apply to special category personal information, which we will only process with your explicit consent.
We have appropriate security measures to prevent personal data from being accidentally lost, used or accessed unlawfully. Access to your personal data is controlled to ensure that only those with a business-need to view your details or process your personal data can do so.
Information will be gathered during the course of the engagement in relation to account management, and this may include both factual data and formed opinion.
Your rights over this data
You have the right to request a copy of the personal data we hold about you. This is known as a Subject Access Request and if you would like to exercise this right, please contact our Data Protection Officer stating you wish to make a Subject Access Request and we will help you with the process.
We encourage you to exercise your rights to update and correct any inaccurate information we hold on you as decisions should always be made with the most accurate information. Where you identify we have something wrong, you can request that we restrict processing until data is correct again.
You can object to our processing of your personal data, withdraw consent (where we rely on consent rather than a contractual arrangement) and request that personal data we hold about you be deleted at any time. Where such requests are made, a review of the personal data will be made with a view to balancing your rights and request, with any business need of Solaris Law, or our regulatory and legislative requirements to retain such personal data.
Data retention periods
The period of time we retain personal data for depends on a number of factors, such as its relevance, its purpose, its source and any regulatory or legal requirements we must consider.
We will keep your personal data while we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:
- to respond to any questions, complaints or claims made by you or on your behalf;
- to show that we treated you fairly;
- to keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. When it is no longer necessary to retain your personal information, we will delete or anonymise it.
If you have any specific questions about your data, please get in touch via dpo@azzurroassociates.com
How to make a complaint
We aim to treat our clients fairly at all times. However, we recognise that sometimes things can go wrong. If you’ve got an issue, in the first instance please contact us via our “contact us” page or via dpo@azzurroassociates.com
If you’re not satisfied with the outcome of your complaint, you can refer your complaint to the Financial Ombudsman Service or call 0800 023 4567; the FOS are an independent authority for settling complaints between businesses and their customers. However, if you do not take up the problem with us first, any case will be referred back to us by the ombudsman in the first instance.
Where you believe we are acting otherwise in accordance with the law you have the right to lodge a complaint straight to the supervisory authority. For the UK, that would be The Information Commissioner’s Office.
An online service is available at: https://ico.org.uk/concerns/handling/
