Cookies on FrederickRine Solicitors website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this.


  • This policy summarises the key points about how FrederickRine (FR) collects, uses and discloses personal data and ensures compliance with the laws and regulations throughout the UK where we operate.
  • Defined words are in the Appendix at the end of this policy. 

What is Personal data?

  • Personal data is information (including opinions) which relates to an individual and from which he or she can be identified either directly or indirectly through other data which the firm has or is likely to have in its possession. These individuals are sometimes referred to as data subjects. 

FrederickRine is the data controller of the personal data we process and therefore is responsible for ensuring our systems, processes, suppliers and team comply with data protection laws in relation to the information we handle. 
All FR team members must abide by this policy when handling personal data and must take part in any required data protection training. Any breach will be taken seriously and may result in disciplinary action.
Our Compliance Officer for Legal Practice (COLP) oversees compliance with data protection laws and this policy, and provides guidance and advice to the firm and FR as required. In addition our COLP oversees compliance with our professional responsibilities and the reporting of any failures to comply with legislative requirements, including data protection.

Principles of Data Protection.
FR has adopted the following principles to govern our use, collection and disclosure of personal data.   These principles have been established to create a uniform standard in our office.
FR’s core principles provide that personal data must:

  • be processed fairly and lawfully and to the extent required under local law with valid and informed consent;
  • be obtained for specific and lawful purposes;
  • be kept accurate and up to date;
  • be adequate, relevant and not excessive in relation to the purposes for which it is used;
  • not be kept for longer than is necessary for the purposes for which it is used;
  • be processed in accordance with the rights of individuals;  
  • be kept secure to prevent unauthorised processing and accidental loss, damage or destruction; and
  • not be transferred to, or accessed from, another jurisdiction where these core principles cannot be met unless it is adequately protected. 

Collection, Use and Disclosure
As a firm of solicitors, the type of data we collect and process falls into one of the following categories:-

  • personal data obtained and created in relation to providing legal services; and
  • personal data relating to FR team members;
  • The below table provides a summary of how we collect and use personal data:

Providing legal services

Types of data
Collection Use Disclosure
​Information processed for relationship management and file opening procedures such as name, business information and identification documentation.  

Additional personal data will be processed when individuals are named in matters on which we are advising or when the personal data is uploaded onto any of the web based services  
Relationship management and file opening information is collected from you directly and further information (e.g. to verify your identity) may be collected from third parties, such as publicly available sources.

​All additional personal data is collected when supplied to us, or created by us in connection with a particular matter on which we are advising.  
​Relationship management and file opening data is used for providing legal services, administration, commercial purposes (eg creditworthiness) and as required by law (eg anti money laundering). 

All other personal data will be used for the purposes of providing legal services and to comply with our statutory/ regulatory obligations

​Personal data: 

– may be transferred across the UK to our affiliates, and to service providers who support the operation of our business; 

– which is shared with service providers will be limited to that which is required for providing the service and will
be adequately protected.

FR Team members

Types of 
Collection Use Disclosure
​Personal data such as name, address, contact details, education and employment history; background checks (financial and criminal), ID and right to work status; information relating to next of kin/ dependants;  financial information including bank details and identifiers (e.g. National Insurance numbers); records of your use of the firm’s IT systems . Also we may process information revealing sensitive information such as health details, racial origin, religious beliefs and information about offences/ alleged offences. Personal data will be collected from a number of sources including your application form/CV; providers of background checks (eg Experian) and referees; providers of occupational health services; tracking your use of the firm’s IT systems; notes and records kept throughout your employment including absences, expenses claims, questionnaires, performance reviews and details of any grievances/ disciplinary action Personal data will be used for: human resources administration; assessing suitability, eligibility and/or fitness to work;  learning and development; to ensure the firm’s information and offices are secure; and management purposes (including where necessary disciplinary purposes).

Photographs, education and career information may be used in marketing and promotional material for the firm including our website, brochures, bids and tenders.
Your personal data may be:

– may be transferred across the UK to our affiliates, and to service providers who support the operation of our business;

– stored within FR team members’ information systems and within third party software applications and services which have been procured to support the our operation of the HR matters. 

– transferred to other third parties such as our insurers, legal and other professional advisors, regulators, administrators and government departments, who may be acting as data controller; 

– shared with FrederickRine’s  clients for the purposes of tendering for or providing legal services. When information is shared with service providers it is limited to that which is required for providing the service and will be adequately protected.  

Individuals’ Rights
Personal data must be processed in line with individuals’ rights, including the right to:

  • request a copy of their personal data;
  • request that their inaccurate personal data is corrected;
  • request that their personal data is deleted and destroyed when causing damage or distress; and
  • opt out of receiving electronic communications from the FR.

Should you wish to make a request in line with your rights as an individual, please forward it to the 
FR team members must notify or inform the Data Protection Officer immediately if they receive a request in relation to personal data which the firm processes. 

How to Make a Complaint
You should direct all complaints relating to how the firm has processed your personal data to the 
FR team members must inform the Data Protection Officer immediately if they receive a complaint relating to how the firm has processed personal data so the firm’s complaints procedure can be followed.

Information security is a key element of data protection.  The firm takes appropriate measures to secure personal data and protect it from loss or unauthorised disclosure or damage.     
Contact details:
Data Protection Officer, Suite 58, The Enterprise Centre, Cranborne Road, Potters bar, Herts, EN6 3DG   

Appendix Definitions
In the Privacy Policy, the following terms have the following meanings:-

any person or organisation to whom the firm provides a service and who is identified as a client on the firm’s practice management system, regardless of whether time is recorded or a fee is charged; 
“contact”  an individual who is a contact of the firm, including any client, any potential or former client, any supplier, any consultant, or any another professional advisor and any other contact of the firm; 
“data” recorded information whether stored electronically, on a computer, or in certain paper-based filing systems; 
“data controller” a person who or organisation which determines how personal data is processed and for what purposes.
“Data Protection Officer” the person designated as the Data Protection Officer of the firm from time to time who can be contacted at ;
“individual” or “you” the person whose personal data is being collected, held or processed; 
“personal data” please see the what is personal data section of this policy;
“FR team members ‘ means partners, members, consultants, employees, temporary workers, agency and casual workers, contractors, volunteers and those on work placements providing services to/working for the firm;  
“policy” the Privacy Policy as amended from time to time;
“principles” the core data protection principles set out in the Privacy Policy and summarised in the firm’s Data Protection Manual;
“process” or “processing” any activity that involves use of personal data.  It includes obtaining, recording or holding the personal data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it.  Processing also includes transferring personal data to third parties as a result of those third parties having access to it.