Sectors

Services

Privacy Policy

Venner Shipley comprises three legal entities (Venner Shipley LLP registered number OC308202, Venner Shipley Legal Limited company No. 10023283 and Venner Shipley Germany LLP registered number OC444240.) Collectively; Venner Shipley.

Venner Shipley is committed to protecting your privacy. This privacy notice is our privacy policy, it explains what to expect from us in respect of our use of Personal Data.   This policy / notice, may be updated at any time, and so we advise you to check this page from time to time. Most interaction and Personal Data processing by Venner Shipley is via client engagement subject to contract.

We always respect the confidentiality of your information. We process data on permitted legal bases, typically under contractual terms, by consent or legitimate interest.

Any international transfers of your Personal Data outside the EEA and Switzerland are either based on contractual terms that meet data processing requirements, or on your instructions to provide services to you. Please note that in order to provide services to you, or process any application form, we may on occasion be required to share your information with associated firms around the world who provide services on our behalf to you. This will always be subject to our engagement terms with you.

By interacting with our website or any one of our entities you must be willing to be bound by the data practices described in this privacy notice.  If you do not agree with any part of this privacy notice, then you should not engage further with our website, or any other service we provide.

This privacy notice explains how we process Personal Data and is provided in accordance with our obligations under applicable privacy and data protection law, including the Data Protection Act 2018, the UK GDPR (which retains the Regulation (EU) 2016/679 (General Data Protection Regulation), and the Privacy and Electronic Communications Regulations 2003 (collectively the ‘Applicable Data Protection Legislation’).

For the purposes of this privacy notice, the term ‘Personal Data’ means any information which identifies a living individual or which allows them to be identified when combined with other information. It does not include data where identity has been removed (‘Anonymised Data’).

Our contact details

Venner Shipley  (“We” “Us”) is the controller for the Personal Data we process, unless otherwise stated.

There are many ways you can contact us, including by phone, email and post.

Our contact details are as follows:

Postal address: 200 Aldersgate, London, EC1A 4HD, UK.

Email: datacompliance@vennershipley.co.uk

T: +44 (0) 20 7600 4212
F: +44 (0) 20 7600 4188

If you need to contact us about Personal Data please email datacompliance@vennershipley.co.uk if using our postal address please mark the envelope ‘Data Protection Officer.’

What Personal Data we collect

We collect Personal Data when you provide it to us directly and through your use of our website at www.vennershipley.co.uk. The categories of Personal Data we collect will vary depending on the activity you choose to undertake with us.

Personal Data is collated from various sources, including:

  • Contacts made by employees during the course of their business (including, but not limited to the exchange of business cards or contact information; such exchange is done on the basis of consent entitling us to further contact you)
  • Information arising from the submission of application forms on our website
  • Requests from individuals to be added to our mailing lists
  • As part of our day to day business we request information from clients that may include Personal Data to provide legal services to them

Personal Data is mainly given to us in order to carry out contracted services. We may collect information and Personal Data from you from a number of sources.  You may give us Personal Data by corresponding with us by phone, e-mail or otherwise. By way of non-exhaustive example, this includes information you provide when you register to use one of our websites, subscribe to one of our services, submit your CV to us, or any other communication with us.

Personal Data we collect includes:

  • Identity Data; first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender;
  • Contact Data; billing address, delivery address, email address and telephone numbers.
  • Financial Data; bank account and payment card details for employees or clients.
  • Transaction Data; about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data; internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Profile Data; your username and password, other data you share with us such as, your interests, preferences, feedback and survey responses.
  • Usage Data; information about how you use our website, products and services.
  • Marketing and Communications Data; your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your Personal Data but, like Anonymised Data, is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this privacy policy.

Special category Personal Data

We may occasionally collect, and process special category Personal Data but only where you have given explicit consent. We may also carry out screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks) you will need to consent to this and if you provide such information then you will be taken to have consented because you are seeking employment with us and understand why this data processing is being done.  If you have any questions please ask those you are liaising with who will ensure you are fully informed and that you are only consenting on the basis of full understanding.

Personal data we receive from other sources such as clients

We may collect information from public sources and social media platforms and any information gathered through these channels will also be governed by the privacy settings, policies, and/or procedures of the applicable social media platform, which we strongly encourage you to review. We will comply with this policy.

We may receive Personal Data about you from third parties including, for example: Clients and business partners, sub-contractors in technical, advertising networks, analytics providers, search information providers, and credit reference agencies, regulatory authorities, recruitment agencies, information or service providers, publicly available records. We operate on the basis that we contractually expect them to confirm they have informed you of the potential for your Personal Data being shared.  If we need to contact you we shall explain how we came to have your Personal Data and why we are contacting you.

Our Legal Basis for using your Personal Data

We will process Personal Data on the following legal bases:

Performance of a contract: We may need to collect and process Personal Data to fulfil or enter into a contract, and where we respond to your requests and provide you with services in accordance with our terms and conditions.

Compliance with a legal obligation: We may be required to process Personal Data due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable.

Legitimate Interest:  Where we consider use of Personal Data as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose.

Under this lawful basis we may process Personal Data, for these purposes:

  • For our own direct marketing or continued communication;
  • The prevention of fraud;
  • Our own internal administrative purposes;
  • Personalisation of the service(s) we provide to you;
  • Ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or

There may also be circumstances where we might be obliged to report possible criminal acts or threats to public security to a competent authority.

How will we use your Personal Data?

Most commonly, we will use your Personal Data in the following circumstances:

  • To communicate with our clients, foreign counsel and official entities such as Patent Offices, Regulators, or Courts.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • For our business purposes, including data analysis, submitting invoices, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement;
  • If you have applied for a job, the information you provide will be used to determine your suitability for the position and, if applicable, in determining terms of employment or engagement;
  • For the purposes of ensuring the validity of right to work documents and other ID, your details may be disclosed to an identity verification company who will conduct a soft credit check as part of the verification. This check, although present on your credit file, will not affect your credit score;
  • To respond to your enquiries;
  • To provide you on an ongoing basis with information and services, including relevant marketing communications related to us, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us;
  • To deal with legal disputes involving you, or other employees, workers, contractors or clients, including accidents at work;
  • To administer our services and website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • As we believe reasonably necessary or appropriate to; comply with our legal obligations; respond to legal process or requests for information issued by government authorities or other third parties; or protector your, our, or others’ rights.
  • To measure the popularity and effectiveness of services such as newsletters and seminar invitations, in order to improve what we offer to you and other recipients.
  • To maintain and update our records including our database of contacts.

Disclosure

We may exchange your Personal Data with trusted, vetted, third-party service providers where any of the following apply:

  • You have consented to us sharing your Personal Data in this way;
  • We deem reasonably necessary to provide you with the services that you have required at any particular time;
  • Such sharing is provided for under contract;
  • Sharing lawfulfully required to law enforcement bodies or other government authority;
  • We need to enforce or apply our terms and conditions, to which you have agreed (or other terms that have been agreed to apply to our relationship with you or your employing organisation);
  • It is necessary to protect our rights and interests, property, safety or to protect rights and interests, property, safety of our clients or others;
  • We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with a Court Order).

We do not sell, rent, or otherwise share Personal Data that identifies you or your organisation with unaffiliated entities for their independent use.

International Transfers

Sharing of Personal Data sometimes involves cross-border data transfers, including transfers outside of the UK in accordance with the law, and that maybe to locations outside the EEA.  We only transfer Personal Data to fulfill our services to you, and share to entities in third countries that provide appropriate safeguards to ensure that their level of data protection is in agreement with this privacy notice and applicable law.

Where we receive requests to disclose Personal Data from law enforcement or regulators, we carefully validate these requests, including reviewing the legality before any Personal Data is disclosed.

How long do we keep your Personal Data?

Your personal data is retained for as long as we are required to use it to provide services to you or comply with regulatory or legal obligations.  The time varies due to the nature of services that we offer that often require multi-year processing.  We will retain Personal Data in accordance with the our document retention policy, taking into account legitimate business needs to retain such information. A maintained copy of our retention policy is available upon request. We endeavour to permanently erase Personal Data once it reaches the end of its retention period or where we receive a valid request to do so; where erasure is not possible, we seek to put it beyond use or access.

Security

We use up-to-date data storage and security techniques to protect your Personal Data from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. We keep data on secure UK based servers.  All our employees and any third parties we engage to process your Personal Data are obliged to respect the confidentiality of your information.

Your data protection rights

Under English data protection law, and under the EU GDPR, you have rights including:

  • A right of access – to know what Personal Data is held and processed.
  • Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – In some circumstances you have the right to ask us to erase your Personal Data, this is not an absolute right
  • A right to withdraw consent at any time.
  • A right to seek restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing – You have the right to object to the processing of your Personal Data in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
  • You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
  • Automated individual decision-making, including profiling – You have the right not to be subject to such a decision or to that profiling where it creates legal effects concerning you or where it significantly affects you.

Please contact us if you wish to make a request. In order to verify the identity of those who make a request to us, we will often request proof of ID and we typically accept:

  • Passport
  • Driving licence
  • Utility bill dated within the last 3 months.

How to complain

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF

Helpline number: 0303 123 1113