At DWF we are committed to safeguarding the privacy of all individuals who interact with us and we respect the privacy choices you make.
This privacy notice explains how we collect, use, share and protect the information we collect through our interaction with you, and your rights in relation to that.
When we refer to 'DWF', we are referring to the global legal practice and multi-disciplinary commercial business comprising DWF Group plc and all of its subsidiaries and subsidiary undertakings internationally which practice using the name 'DWF' or other trading names such as 'DWF RCD', 'DWF Mindcrest', 'Vueity' and 'Resolution Law', and any wider entity names within the DWF group such as Greyfern Law. For full details of our group entities across the globe, please see our Legal Notices which, together with the 'Data controllers and how to contact us' section of this privacy notice, provide more information on the DWF group entities that control and process personal information.
As a global business, we take a consistent approach to protecting privacy across our international group. This privacy notice applies wherever you are located and is based on European Union data protection principles (as contained within the EU's General Data Protection Regulation). In addition to these principles, some jurisdictions in which we operate have additional local privacy requirements. Please click on the link of a specific location in the 'Additional Country-Specific Privacy Information' section which accompanies this privacy notice. The terms of our local privacy notices take priority over the terms of this privacy notice in the event that they conflict. This is because we are committed to ensuring that we are fully compliant with regulations and best practice in all of the locations in which we operate.
Please click on the relevant headings below, which will take you to more information on each of the areas described.
We may vary this privacy notice from time to time so we encourage you to check it regularly. We will include a notification on our website's home page if we make any significant changes to this privacy notice.
Last updated: 04 March 2020
We collect personal information from you in the course of our relationship with you and also receive information about you from third parties. This can include the following circumstances:
Please refer to the 'Data controllers and how to contact us' section of this privacy notice for further details on who the data controller of your personal information is their applicable registration details with the local regulator, where applicable.
As a global legal practice and multi-disciplinary commercial business, we process a range of personal information about you. Personal information we collect about you can include:
Personal information we receive about you from third parties can include that which we receive:
We will always store your personal information securely and we will never ask you for any information that we do not need.
Whilst you are not required to provide any personal information to access the public areas of our website, please see the information regarding the use of IP addresses (which may be considered as personal information) on our website in the 'If you are a website user' section of this privacy notice
There are some areas of our website that require log-in and/or password input. This security is in place to protect the confidentiality of the information contained there, such as within our online products like DWF Link and Claimsview and our other client portals. These areas may be subject to their own Terms & Conditions and Privacy Policies, so please refer to those when accessing these areas.
We only use your information for the purposes for which we collected it subject to limited exceptions, such as where we reasonably consider that we can use your information for another reason which is compatible with the original purpose for which it was collected.
We may use your information in different ways depending upon the circumstances, these can include the following:
If you are a client
When you engage DWF for services and at points throughout our relationship, we are sometimes be required to process your information to comply with our legal, regulatory and risk management obligations. This can include, for example, the completion of anti-money laundering checks, conflict of interest checks and fraud-related background checks.
Whilst you are a client of DWF, we can collect, maintain and process your personal information whilst we supply our services to you.
We can also use your contact information for the purposes of collecting payment from you and to inform you of any changes to the terms of our arrangements.
If you are a website user
We may use the information you submit to our website, for example contact details, to respond to your enquiries or complaints.
You can manage cookies by changing your browser settings to disable or delete cookies. To find out how, go to http://www.aboutcookies.org.uk/. Please note that if you disable cookies, this can affect the functionality of our website on your device and you might not be able to access certain parts of our website.
When you visit our website our server will also temporarily record your IP address (similar to a phone number, it is a unique number that allows your computer or device to communicate via the internet). It allows us to identify your country of origin whilst you are navigating our website, so we can direct you to the most suitable regional pages of our website. If you are accessing our website from a business IP address, we also capture details of which organisations have visited our website.
Additionally, for the purpose of detecting and blocking attacks (such as hacking) on our website and its technical infrastructure , we process your IP address, access time, accessed subpage(s), and transmitted data volume. This processing is necessary to fulfil our legal obligation to take protective measures against such attacks. The data is deleted seven (7) days after the end of your visit to our website, unless an attempted attack is detected. In the event of a detected attempted attack from your point of access, the data will be further processed for technical and, if necessary, legal processing.
Our website contains links to other websites. Please note that we are not responsible for the privacy practices of other websites. When you leave our website please be sure to read the privacy notices and policies of those other websites. We do not endorse the content on any other websites that can be accessed via our website.
If you receive marketing communications
We may use your information so that you can receive marketing communications from us. We will use any information you submit relating to your preferences to develop relevant material to send to you. You will also be able to receive communications such as our newsletters, event invitations and details of our competitions and prize draws.
Please note that you have a right to withdraw your consent at any time. If you currently receive marketing communications from us and you would prefer not to receive them in the future or if you would like to your change your marketing preferences, you can do this at any time by clicking the "unsubscribe" link at the bottom of all our marketing emails.
If you are applying for a job with us
As an international business we are committed to safeguarding the privacy of the individuals that apply for positions at DWF. This section explains how we use the information you submit as part of your application.
If you apply for a position with us, we can use your personal information to allow us to process your job application, including those submitted to us via the Careers section of our website. We can also use your personal information to assess your suitability for a position you have applied for at DWF, to review our equal opportunities legal requirements and for other human resource administration purposes.
As well as the personal information referred to in the 'What information we collect' section of this privacy notice, we can collect additional information if you apply for a job with us. This can include nationality and immigration/right to work information.
Unless required in order to comply with any legal or regulatory requirements, or where we have a legitimate interest to do so, we will only use the personal information you provide to us for the purposes of processing and managing your application for a position at DWF and the associated recruitment process.
We will not process any special category information about you without your explicit consent, which is not mandatory. If you do provide your consent, such information is used solely for the purposes of diversity monitoring and to ensure that any and all reasonable adjustments are made for applicants with disabilities.
If you are an opposing party to a transaction we are involved with
We may use your personal information in order to perform our services for our clients.
If you attend one of our events, seminars or one of our offices
All visitors to our offices will be required to sign in and out at one of our designated reception points.
If you are a visitor at one of our offices, we may collect personal data during your visit such as your name, job title, contact information (including address, telephone number and company you work for) payment information (including verification documents from our clients in order to comply with anti-money laundering requirements, such as utility bills, your passport and driving licence) and other information relevant for us to carry out our services.
When you log onto our Wi-Fi when attending our offices as a visitor, either in our UK or international offices, we will provide a direct internet connection for your use. Our Wi-Fi can be accessed via the ClientNet network. This is a separate network from our corporate network. To allow you to use our free Wi-Fi, we will collect details of your MAC address (Media Access Control address, this is a unique code linked to your hardware in order to identify it). This information will not be stored and will be deleted as soon as your session ends. If you connect to our ClientNet network Wi-Fi as a visitor in one of our international offices, this data routes via our Manchester internet line. We will however collate details of your MAC address within the session. No personal data will be stored and your MAC address will be deleted after these sessions.
If you attend our events, seminars or offices, we may use your personal information to cater for any dietary or accessibility requirements and to analyse any feedback you provide.
Where you also sign up to receive marketing communications from us at an event or seminar, please refer to the 'If you receive marketing communications' section of this privacy notice for further details.
If you connect with us on social media
In some of our locations worldwide, we collect personal information whilst responding to enquiries directed to our social media networks such as Facebook, Twitter, LinkedIn or Xing or during the course of promotional campaigns on our social media platforms. In the course of our recruitment, we are sometimes directed to individuals' LinkedIn profiles by recruitment agencies. We sometimes process personal information that is published on social networks.
Depending on the content of the request, processing will be restricted to the specific purpose of the enquiry. After the fulfilment of the enquiry and any legal obligations related to it, in particular commercial and tax retention requirements, the personal information is deleted.
We will only use and process your personal information where we have a lawful basis for doing so. This can include:
With regard to the information we collect from you on our website, we will process this on the basis that you have provided your consent or where we have a legitimate interest in processing it.
In addition to you providing your consent to our processing of your personal information, there are other lawful bases for our processing which include processing that:
As an international business, we sometimes need to pass your personal information to our group companies or associated firms, for example, so that we can respond to an enquiry you have sent via our website or where you have requested services from a different DWF international group member, save for when we are precluded from doing so due to specific obligations in respect of confidentiality or due to conflicts of interest. For full details of our group companies and associated firms across the globe, please see our Legal Notices.
In addition, we sometimes share your information with our third party service providers who perform functions on our behalf. These third parties service providers can include:
We will ensure that such transfers of your personal information to third parties are safe and secure, confidential and that all third party suppliers to DWF are subject to a written contract in respect of any processing of your personal information.
Further information and details of the third party suppliers DWF uses for the above-mentioned purposes are available upon request, where relevant to you.
Where you are a client of DWF or an opposing party to a transaction we are involved with (such as litigation matters), we can also disclose your personal information to:
for the purposes of carrying out that work and only to the extent necessary, We will not disclose your personal information to any other third parties for any reason unless:
Where we transfer your personal information as described above, whether such transfer is within or outside the European Economic Area, we will always ensure that such transfer is safe and secure by ensuring that adequate safeguards are put in place to protect your personal information. As such, appropriate safeguards will be in place regardless of whether the transfer is to a country that is subject to an adequacy decision or where it is a non-adequate country.
If our business undergoes any re-organisation, we sometimes need to transfer your personal information to a re-organised entity for the same purposes as set out in this privacy notice. Additionally, we are sometimes required to transfer some or all of your personal information to a relevant third party in the re-organisation as part of any due diligence process, for example, or for the purpose of evaluating the proposed re-organisation.
We keep your personal information in accordance with our internal retention procedures, which are determined by our legal, regulatory and professional obligations including applicable data protection laws and accord with good practice. The retention periods differ depending upon the nature of the data we hold and the reasons why we are holding it, and are subject to change. We only keep your personal information for as long as we need to. When your information is no longer required, we will delete it securely.
If your personal information relates to an unsuccessful job application with us, we might use your personal information to contact you where positions or opportunities emerge that we believe you might be suitable for.
Please contact us if you require more details regarding our retention periods.
We are committed to ensuring that your personal information is kept secure. In order to protect the information you input to our website from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss, we have put in place appropriate technical, physical and managerial procedures. All our employees and any third parties we engage to process your information are obliged to respect the confidentiality of your personal information.
We take information security seriously and have obtained ISO/IEC 27001:2013 which is an internationally recognised security standard. This means that our IT systems and infrastructure are managed in line with international best practice.
However, the internet is not a secure environment and we cannot therefore guarantee total security of any data transmitted to our website. Whilst we utilise the latest virus protection software, we cannot guarantee our website is free of computer viruses or other harmful applications so such transmission is at your own risk.
Further information about the measures DWF takes to protect your personal information can be provided upon request.
If your personal information changes at any time, please keep us informed so we can ensure your information is accurate, complete and current. If you wish to update your personal information, you can inform us of this via the following means:
You are entitled to view the personal information we hold about you and request that we amend it or delete it, subject to some exceptions. You also have the right to request that we restrict our processing of your information or to object to that processing as well as the right to request data portability where we process personal information based on your consent or for the purpose to contract with you. Please email your request to our Data Protection Officer, whose contact details are in the 'Data controllers and how to contact us' section of this privacy notice.
Where you have provided consent, either for the processing of personal and/or special categories of personal information, you have an absolute right to withdraw consent at any time, free of charge. Advice on how to do so is contained with the 'Data controllers and how to contact us' section of this privacy notice.
Please note we sometimes require further information from you in order to verify your identity before disclosing, amending or deleting any of your personal information.
In most cases, we will deal with your requests free of charge and within one month of receipt of your request. However, there are exceptions that can allow us to charge a reasonable fee to cover our administration costs and/or extended the time period for dealing with your request to two months from receipt of your request, such as where your request is complex or repetitive. If an exception applies, we will keep you informed.
We will never charge you to change your marketing preferences or unsubscribe to our marketing communications.
We provide our services through a number of entities across the globe. Full details of each practising DWF entity in each jurisdiction can be found in our Legal Notices. Depending upon the location where our services are provided and with whom you are dealing, and having regard to any local applicable data protection and privacy laws, a DWF group entity other than DWF Law LLP or DWF LLP in the UK, may be the data controller in relation to your personal information.
Our website, and most of DWF's primary IT systems, are located in the UK and controlled by DWF Law LLP and/or DWF LLP, both UK incorporated legal services businesses.
If you have any questions regarding this privacy notice, including any of the additional country-specific privacy information, if you require access to your personal information or if you have a complaint in connection with this privacy notice, please contact our central Data Protection Officer, whose details appear below.
We will ensure at all times that privacy complaints:
If you do decide to submit a request to access your personal information or otherwise exercise your privacy rights, this will not affect the level of service you can expect from us. We treat our clients equally, regardless of whether or not they have exercised their privacy rights.
Controller: There are a number of entities through which we provide our services. Most of DWF's main IT systems are located in the UK and are controlled by DWF Law LLP (registered with the UK's Information Commissioner's Office, registration number ZA495689), including this website. Depending on the location where our services are provided, a DWF group member may be the data controller of your personal data. For details of all our DWF group members in each jurisdiction, please go to our Legal Notices. Please also refer to our 'Additional country-specific privacy information' below.
Address: 1 Scott Place, 2 Hardman Street, Manchester, United Kingdom, M3 3AA
Telephone (toll free): +44 (0)333 320 2220
Email: You can get in touch with us in respect of any of the members of the DWF group globally, and in relation to any data protection queries, by emailing GDPR.email@example.com. Please mark the subject heading of your email "For the attention of the Data Protection Officer"
Data Protection Officer: Data Protection Manager
Please note that emails sent to and from DWF can be monitored (we currently use Mime Cast) to ensure compliance with internal policies and procedures and to protect our business.
If your query is specific to a DWF location outside of the UK, please contact our central Data Protection Officer detailed above who will ensure that your query is dealt with or referred appropriately according to the relevant location.
Please refer below to the location which is relevant to you for further local privacy information.
Please note that the following country-specific privacy information does not apply to the handling of personal information by any other DWF group members in other countries. In this context, other DWF group members includes (without limitation) DWF Law LLP and DWF LLP.
This additional privacy information explains how DWF Law Australia Pty Ltd ABN 48 630 454 134 and DWF Claims (Australia) Pty Ltd ACN 115 743 961 collect, hold, use, and disclose your personal information.
In handling your personal information, we will comply with the Privacy Act 1988 (Cth) (Privacy Act) and with the 13 Australian Privacy Principles (APP) in the Privacy Act. Our offices in the EU, including our head office in the UK, are subject to the GDPR, a form of privacy law substantially similar to the APPs in protecting your personal information, within the meaning of APP 8.2. In respect of our offices in other jurisdictions, in some circumstances neither the APP nor GDPR will apply. By providing information to us in accordance with this privacy notice, you:
In addition to processing your personal information in the circumstances described in the 'On what basis do we process your personal information' section of this privacy notice we can also process your personal information further to any other legal requirements we have, including any requirements prescribed by the relevant legal profession legislation in the state or territory in which you reside (or in which the majority of our services will be performed, in the case of overseas persons).
Please contact our central Data Protection Officer, whose details appear in the 'Data controllers and how to contact us' section of this privacy notice. Where required, we will ensure that your query is dealt with appropriately by our Data Protection Officer in Australia.
If we have been unable to resolve a complaint you have made to us, you can refer the complaint to the Office of the Australian Information Commissioner via firstname.lastname@example.org or as set out on www.oaic.gov.au.
If you apply for a job with at the Brussels branch of DWF LLP, you will have certain rights that extend beyond those contained in our privacy notice. If we contact third parties as part of our recruitment process to verify your application, we will always obtain your consent before doing so. For example, we will not contact the Referees you provide without your permission.
If you apply for a job with DWF Germany Rechtsanwaltsgesellschaft mbH and you are unsuccessful, we will only ever retain your personal information for the purposes of considering you for future opportunities if you provide your express consent to us to do so.
Please note that DWF Germany Rechtsanwaltsgesellschaft mbH does not process special categories of information identified in the 'What personal information we collect' section of this privacy notice.
Additional privacy terms apply in relation to DWF Germany Rechtsanwaltsgesellschaft mbH. Please click on https://de.dwf.law/en/Notices/Privacy-notice for further details.
If you would like further information regarding the terms used in this privacy notice then please see the website of the Federal Data Protection Officer, available at https://www.bfdi.bund.de/DE/Datenschutz/datenschutz-node.html (German language only).
If you apply for a job with DWF Poland Jamka Sp. k. and your candidacy is not progressed in relation to that job application, we will only retain your personal data for the purposes of considering you for future opportunities if you provide your express consent for the processing of your personal data for that purpose.
We will never demand from a candidate for work any data that is not necessary for their application. In particular, data that is not related to the purpose of hiring an employee, for example, data on marital status, religion, religious beliefs or sexual orientation (i.e. special categories of personal data as defined in the 'What personal information we collect' section of this privacy notice) is considered to be beyond the scope specified in the labour law. You can however choose to voluntarily provide us with such data with your express consent for us to process that data – e.g. you enclose or include that data in your application documents. However, we never expect this data from you.
We will not collect information about you with regard to your candidacy for employment from your previous employers, schools and universities that you have graduated from, if you do not expressly consent for us to do that.
Where local laws in Qatar place a higher obligation on the Qatar Branch of DWF LLP in processing special categories of personal data, the Qatar Branch of DWF LLP is committed to and complying with those higher obligations including those detailed in Qatar Law No. 13 of 2016 on the Protection of the Privacy of Personal Data and the QFC Data Protection Regulations 2005.
United States of America
This additional privacy notice applies to the handling personal information by DWF (Claims) USA (DWF) in the USA. Some states, for example California, give you privacy rights extending beyond that of the EU's General Data Protection Regulation.
Unlike the EU's General Data Protection Regulation, the California Consumer Privacy Act 2018 defines personal information. DWF will therefore treat information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household as personal information.
Please see the section 'Data controllers and how to contact us' in our privacy notice to find out more about how you can exercise your privacy rights.