Privacy policy.
Please read the following information carefully. This privacy notice contains details about the information that may be collected, stored and otherwise processed about you and the reasons for its processing.
It also tells you who Crucible may share this information with, the security mechanisms it has put in place to protect your data and how to contact Crucible in the event that you need further information.
Data controller
Crucible Chambers is a set of barristers chambers which administers and provides business support to its barrister members who provide legal services. To perform that function, Crucible needs to collect and hold personal information. This may be your personal data or information relating to other parties involved in the matter. Crucible will take all possible steps to protect personal information. Crucible will ensure that it does not do anything in respect of it that may infringe your rights or undermine your trust. This privacy notice describes the information Crucible may collect about you, how it is used and shared, and your rights regarding it.
Crucible is registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that it holds and which it processes. Its ICO registration number is ZA793996. If you need to contact Crucible about your data or this privacy notice, you can reach us on clerks@crucible.law.
Data collection and sources of information
The vast majority of the information that Crucible will hold about you and/or any other person will be provided to or gathered by Crucible in the course of its business managing lawyers who acquire information about cases and/or proceedings and/or proceedings in which an individual may be involved as a witness or in some other capacity.
In addition to collecting information from you, Crucible may also collect information from third parties. This could include information obtained from:
- other legal professionals, including your solicitor
- experts and other witnesses
- prosecution authorities
- courts and tribunals
- trainee barristers
- lay clients
- family and associates of the person whose personal information it is processing
- in the event of a complaint being made, Crucible’s Head of Chambers, other members of Chambers who deal with complaints, the Bar Standards Board, and the Legal Ombudsman
- other regulatory authorities
- current, past or prospective employers
- education and examining bodies
- business associates, professional advisers and trade bodies, e.g. the Bar Council
- the general public in relation to the publication of legal judgments and decisions of courts and tribunals.
- data processors, such as Chambers staff, IT support staff, email providers, data storage providers
- public sources, such as the press, public registers and law reports.
What data might Crucible process about you?
Crucible will collect and process both personal data and special categories of personal data as defined in the General Data Protection Regulations (the GDPR). This may include a person’s:
- Name
- Email address
- Phone number
- Address
- Payment or bank details
- Date of birth
- Next of kin details
- Identification documentation, such as passport and driving licence for the purposes of money laundering checks, and KYC
- Details pertaining to education and employment
- Information on your background & current circumstances
- Financial information.
Where relevant, Crucible may also need to process special category personal data that reveals your:
- Racial or ethnic origin
- Political opinions
- Religious and philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data for the purpose of uniquely identifying a natural person
- Data concerning physical and mental health
- Sex life and sexual orientation.
Crucible may also collect and/or process personal data relating to criminal convictions and offences, criminal proceedings, outcomes, sentences, and related security measures as well as other personal data relevant to instructions that are provided to Crucible barristers so that they can provide legal services, including data specific to the instructions in question.
The lawful bases Crucible relies upon for processing your information
The GDPR requires all organisations that process personal data to have a lawful basis for doing so. The lawful bases identified in the GDPR that Crucible relies upon are as follows:
- Consent of the data subject – where this required, Crucible will ensure that it has specific consent for processing data
- Performance of a contract with the data subject or to take steps to enter into a contract
- Compliance with a legal obligation – to comply with various regulatory and professional obligations, e.g. maintaining a record of Crucible cases as required by the Bar Standards Board, who regulate Crucible’s members, and maintaining accurate records in support of tax returns filed with HMRC both for Crucible Law Ltd, and to ensure that records are maintained for individual members of Crucible to discharge their obligations to HMRC
- The legitimate interests of my business or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
Examples of legitimate interests include:
- Where the data subject is a client of or in the service of the controller;
- Processing is necessary in order to enable the provision of legal services and advice;
- Processing is necessary to check for potential conflicts of interest in relation to future potential cases;
- Processing is necessary for money laundering checks, and specifically KYC obligations placed on Crucible by the law.
- Processing is necessary in order to be able to respond to complaints or potential future complaints;
- Processing is necessary to ensure network and information security, including preventing unauthorised access;
- For purposes of practice management, accounting and debt recovery;
- For completion of professional regulatory requirements;
- Processing for direct marketing purposes, to promote and market Crucibles services or to prevent fraud; and
- Reporting threats to public security.
Special category processing
Crucible will process special category data when:
- It has explicit consent to do so; or
- It is necessary for the exercise or defence of legal claims or judicial acts.
Criminal data processing
Crucible will process data relating to criminal offences where it is necessary for:
The purpose of, or in connection with, any legal proceedings;
- The purpose of obtaining and / or providing legal advice; or
- The purposes of establishing, exercising or defending legal rights.
Crucible will use your information to:
- Ensure its members can provide legal advice and representation;
- Ensure its members can assist in training pupils and mini pupils;
- Investigate and address your concerns;
- Communicate with you about news, updates and events;
- Investigate or address legal or regulatory proceedings relating to your use of one of Crucible’s barristers’ services, including making or responding to complaints or potential complaints or to deal with other regulatory issues connected to their professional role or as otherwise allowed by applicable law;
- Assist in any tendering or panel membership applications;
- Communicate legal updates and judgments to other legal professionals;
- For marketing purposes, and may capture certain data through the use of Cookies (pleas also refer to Crucible’s Cookie Policy);
- Keep accounting records and carry out office administration;
- Check for potential conflicts of interest in relation to future potential cases;
- Carry out anti-money laundering and terrorist financing checks as required by law; or
- As otherwise required or permitted by law.
Crucible may share your personal data with:
- Instructing solicitors or other lawyers involved in your case;
- Courts and tribunals;
- A pupil or mini pupil, under another barristers training;
- Opposing counsel, for the purposes of progressing or resolving the case;
- Expert and other witnesses, for the purposes of progressing or resolving the case;
- Crucibles management and staff who provide administrative services, including data processors, such as Chambers IT support staff, email providers and data storage providers;
- The Bar Standards Board or legal advisors in the event of a dispute or other legal matter that concerns one of Crucible’s members;
- Law enforcement officials, government authorities, or other third parties to meet any legal obligations placed on Crucible;
- Legal directories, for the purpose of Crucible members’ professional development;
- Any relevant panel or tendering committee, for the purpose of the professional development of Crucible or its members;
- Accountants and banking officials;
- Family and associates of the person whose personal information Crucible is processing
- In the event of any complaint, the Head of Chambers, other members of Chambers who deal with complaints, the Bar Standards Board, other relevant regulators or arbitrators and / or the Legal Ombudsman;
- Third party funders of your legal fees where necessary to ensure the continuation of funding; and
- Any other party where Crucible may ask you for consent, and you consent, to the sharing.
Crucible may be required to provide your information to regulators, such as the Bar Standards Board, the Financial Conduct Authority or the Information Commissioner’s Office. In the case of the Information Commissioner’s Office, there is a risk that your information may lawfully be disclosed by them for the purpose of any other civil, criminal or regulatory proceedings, without our consent or yours, and this can include privileged information.
Crucible may be required to disclose your information to the police or intelligence services, where, as stated, we are required or permitted to do so by the law.
Cookies
We use cookies to distinguish you from other users of our website. This helps us to provide you with a personalised experience when you browse our site and also allows us to improve the site. For detailed information on the cookies we use and the purposes for which we use them, see our Cookies Policy.
Transfers to third countries and international organisations
Crucible will not intentionally transfer any personal data to third countries or international organisations except as is necessary for providing legal services or for any legal proceedings.
This privacy notice is of general application and as such it is not possible to state whether it will be necessary to transfer your information out of the EEA in any particular case. However, if you reside outside the EEA or your case involves courts, tribunals, funding parties or investigatory authorities outside of the EEA, then it may be necessary to transfer some of your data to that country outside of the EEA for that purpose. If you are in a country outside the EEA or if the instructions you provide come from outside the EEA, then it is inevitable that information will be transferred to those countries. If this applies to you and you wish additional precautions to be taken in respect of your information, please indicate this to Crucible and the barrister concerned when you give your initial instructions.
Some countries and organisations outside the EEA have been assessed by the European Commission and their data protection laws and procedures found to show adequate protection. The list can be found here. Most do not. If your information has to be transferred outside the EEA, then it may not have the same protections and you may not have the same rights as you would within the EEA. Should it become necessary that any of your personal data be transferred to third countries, Crucible will seek your express prior consent before this is done.
How Crucible will store and retain your personal data
Crucible will usually store your information on a computer or another electronic device. Each device is encrypted, and password protected, with a minimum 9 digit pass key to it. Where appropriate entry can be gained through biometric data such as my fingerprint or face recognition system with the device.
Data to which Crucible will have access and process can also be stored electronically on the Crown Court Digital Case System, on chambers’ diary / case management system and / or on chambers’ email system. Each of these systems are subject to password and encryption protections.
Where your information is supplied to Crucible on an independent electronic device such as an external hard drive, a CD Rom or USB stick, Crucible will comply with its Policy on information management and security. Where Crucible receives new data through an external source (other than attachments to email) we will log receipt of that data. In the majority of cases, any such external device will be forwarded immediately to the member of Crucible instructed to act in the relevant case, who will take responsibility for it as an individual Data Controller. Where, however, Crucible itself retains control of such material, the log will identify where that data will be stored once accessed or how it will be destroyed (once downloaded) or if it has been returned to you or the firm you have instructed. In accordance with their wider professional obligations under the BSB Code rC15.5, each barrister who is a member of Crucible will take all reasonable and necessary steps to ensure that your data is kept safe and confidential.
Crucible will follow its own wider Information Management Policy, which includes protections afforded to data including the receipt and handling of physical papers. This policy is available on request.
How long will Crucible retain your personal data for?
Crucible will retain your personal data while you remain a client or while it remains necessary for it to retain it in order to comply with its legal and / or regulatory obligations as to the maintenance of business records. It will normally store all your personal data until at least 1 year after the expiry of any relevant minimum period set by our regulator or other authority for the retention of documentation. Examples of such periods are:
- Those set by our regulator in order to ensure that records of dealings with your case are retained for a reasonable time for the purposes of any potential legal and/or regulatory proceedings (which may include appeal proceedings). The relevant period will usually be 6 years, but this may be longer where the case includes information relating to a child or youth or someone who does not have the capacity to litigate themselves;
- Information related to anti-money laundering checks must by law be retained until 5 years after the completion of the transaction or the end of the business relationship, whichever is the later; and
- Information provided to HMRC in respect of annual accounts and tax records must be retained for a period of at least 6 years.
In each instance, the minimum period will be calculated by reference to the date when the last item of work was carried out, the date of the last payment being received or the date on which all outstanding payments are written off, whichever is the latest.
At least once a year, Crucible will review the personal data which it retains. At the point of each review, any material in respect of which the relevant limitation period has expired and which no longer needs to be retained will be marked for deletion. A further retention period is likely to occur only where the information is needed for active legal proceedings, regulatory matters or complaints. Deletion will be carried out (without further notice to you) as soon as reasonably practicable after the data is marked for deletion.
Even where your personal data has been marked for deletion, however, Crucible will continue to store some of your information in order to be able to carry out conflict checks for the rest of the barristers’ careers. However, this is likely to be limited to your name and contact details/ the name of the case/your company and any other parties’ names and addresses that may be connected to your legal instruction. This will not include any special category information, as explained above.
Names and contact details held for marketing purposes will be stored indefinitely or until Crucible is informed or become aware that you as an individual or you as a firm have ceased to be a potential client.
Your rights
The GDPR gives you specific rights in terms of your personal data. For example, you have to be informed about the information Crucible holds and what we use it for; you can ask for a copy of the personal information we hold about you; you can ask us to correct any inaccuracies with the personal data we hold, and you can ask us to stop sending you direct mail, or emails, or in some circumstances ask us to stop processing your details. Finally, if Crucible does something irregular or improper with your personal data, you can seek compensation for any distress you are caused or loss you have incurred.
You can find out more information from the ICO’s website:
http://ico.org.uk/for_the_public/personal_information
and this is the organisation that you can complain to if you are unhappy with how Crucible has dealt with your query.
Accessing and correcting your information
You may request access to, correction of, or a copy of your information by contacting us at clerks@crucible.law.
Marketing opt-outs
You have the right to opt out of receiving marketing emails and other messages from our practice. At present, no such emails or other messages are sent and there is no intention for this to change. However, should you receive any such email or message in the future, you may opt out by following the instructions in those messages.
Review of this policy
Crucible will review this privacy notice regularly. When we make significant changes, we will publish the updated notice on our chambers’ website.
This policy was last reviewed and updated on: 7 January 2021