The details of Lipman Karas’ commitment to protecting the privacy of its clients, contacts and staff are set out below.
Who we are
Lipman Karas’ constituent law firms are Lipman Karas LLP in the United Kingdom, Lipman Karas Pty Ltd in Australia and Lipman Karas in Hong Kong SAR.
Details of each separate legal entity are provided on our website www.lipmankaras.com and in the Legal Notice also on our website.
Lipman Karas ensures it meets its legal requirements with respect to data protection in each jurisdiction where it has offices.
Lipman Karas’ Data Protection Officer’s details are as follows:
Telephone: +44 22 7400 2191
Types of Personal Data we Hold
Lipman Karas collects, processes and retains data of the following types:
- Personal details (including name, postal address(es), email address(es), telephone number(s), nationality, occupation, qualification(s), professional membership(s) and government-issued identifiers (such as Company Registration Numbers or Australian Business Numbers));
- Information required for Lipman Karas to meet its legal and regulatory obligations;
- Information received by Lipman Karas in the course of providing legal services;
- Financial information, including for billing purposes;
- Information about a data subject’s interests in areas of legal practice or events; and
- Records of meetings and events attended at Lipman Karas.
Purposes of Collecting, Processing and Retaining Personal Data
We collect, process and retain data collected for the purpose for which it is collected including:
- To enter into agreements for the provision of legal services with our clients and to deliver these services;
- To manage, account for and improve our service to clients;
- To ensure the physical security of Lipman Karas’ systems, staff and premises (including the use of CCTV equipment and access passes);
- To meet Lipman Karas’ legal, regulatory and ethical obligations (including in respect of managing potential conflicts of interest); and
- To market Lipman Karas’ services.
Lawful Bases for Processing Personal Data
Lipman Karas’ lawful bases for processing personal data are any one or more of the following:
- The consent of the data subject to the processing of his or her personal data for one or more specific purposes. This consent may be revoked at any time, by emailing email@example.com;
- Performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract;
- Fulfilment of Lipman Karas’ legal obligations;
- Processing necessary for the conduct of proceedings, the obtaining and giving of legal advice or establishing, exercising or defending legal rights involving the data subject;
- Processing necessary for the performance of a task carried out in the public interest; and
- Processing necessary for the purposes of Lipman Karas’ legitimate interests, except where these interests are overridden by the data subject’s fundamental rights and freedoms.
For further details about the lawful bases upon which Lipman Karas processes data, please email firstname.lastname@example.org.
Sources and Recipients of Data
The sources of data collected, processed and held by Lipman Karas include clients, staff, intermediaries, third parties connected to the data subject (such as their business or personal associates, or employers), and open-source material (such as public records or other information freely available on the Internet).
The following is a list of potential recipients of data (in each case including respective employees, directors and officers):
- Other offices of Lipman Karas. Reasonable endeavours are made to ensure that data is only accessible by those who have a lawful basis or legitimate interest in processing it. Requests for restrictions on access should be made to email@example.com;
- Barristers or other solicitors we instruct to carry out work on our behalf;
- Experts or other professionals;
- Sub-contractors, agents or service providers of Lipman Karas in the furtherance of the delivery of legal services;
- Courts or tribunals;
- Law enforcement agencies where considered necessary for Lipman Karas to fulfil their legal obligations;
- Regulators or other government or supervisory bodies with a legal right to the material or a legitimate interest in material.
Where Lipman Karas is entering into an engagement with a third party, we will ensure that the third party is compliant with the GDPR and that information is disclosed on a confidential basis only. In the event that any such third party to which we transfer personal data, is outside of the European Union, we will ensure that all applicable Data Protection regulation is adhered to prior to effecting any such transfer.
Protection of Personal Data
We take the protection of all data we hold very seriously and have processes in place to protect it from accidental or unlawful destruction, loss, processing, disclosure, access or alteration.
We take appropriate technical and organisational measures to hold information securely in electronic or physical form. For example, we store information in access-controlled premises or in electronic databases with two-step login requirements. Our third party data storage providers comply with appropriate information security industry standards and are GDPR compliant. All staff with access to confidential information are subject to confidentiality obligations and we conduct regular security training.
Rights of Data Subjects
Data subjects to whom the GDPR or comparative legislation applies, have certain rights in respect of their personal data.
Data subject’s rights include the right to request access to and rectification and erasure of personal data, to object to and request the restriction of processing, and to data portability. Requests to exercise these rights should be sent to firstname.lastname@example.org.
Where a data subject chooses not to provide personal data or where they exercise their right to limit the processing of personal data Lipman Karas may be unable to provide relevant services, or there may be a restriction on the services that can be provided.
Under the EU General Data Protection Regulations data subjects have a right to complain to the supervisory authority if they believe their personal data is being misused. In the United Kingdom this is the Information Commissioner’s Office (the “ICO”); in Australia it is the Australian Information Commissioner; and in Hong Kong SAR it is The Privacy Commissioner for Personal Data.
Retention of Personal Data
Lipman Karas only keeps data for as long as necessary to fulfil the purposes for which it was collected and retention periods are set out in the client’s letter of engagement. Lipman Karas LLP’s policy is to retain data in relation to a client matter for 15 years from the conclusion of that matter. This is subject to certain exceptions. Lipman Karas Pty Ltd’s and Lipman Karas’ policy is to retain data in relation to a client matter for 7 years from the conclusion of that matter.
To request information about our retention policy or the destruction of personal data, please write to email@example.com.
You may withdraw your consent to receive marketing materials from Lipman Karas at any time. An option to unsubscribe will be contained in every marketing communication we send. Alternatively, consent may be withdrawn at any time by writing to firstname.lastname@example.org.
Changes to this Privacy Notice
This Privacy Notice is regularly reviewed and updates will appear on our website at www.lipmankaras.com.
We last updated this Privacy Notice on 23 May 2018.
How to Contact Us
If you have any questions about this Privacy Notice or any data which we hold about you, please contact email@example.com.