Data Protection

This Notice is primarily for the benefit of our clients or potential clients or for related third parties whose data we may process as part of the provision of legal services.

Deighton Pierce Glynn is registered as a Data Controller with the Information Commissioner’s Office (Registration Number Z2556039). We may collect personal information from you in the course of our business, including through your use of our website or when you contact or request information from us, when you engage our legal services or as a result of your relationship with our staff and clients.

The information that we process includes:

  • Basic information, such as your name, the organisation you work for, and your relationship to a person.
  • Contact information.
  • Information you provide to us in the course of our services to our clients, which may include “special category” of data.

“Special category” data is particularly sensitive data. Depending on the circumstances of their legal matters, for some clients, we may have access to or process special category data including:

  • personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership
  • biometric data processed for the purpose of uniquely identifying a natural person
  • data concerning health or a natural person’s sex life or sexual orientation; and/or
  • personal data relating to criminal convictions and offences or related security measures.

We use the above information to provide and improve our services to our clients, to promote our services, and to fulfil our legal, regulatory and risk management obligations. We do so in order to perform our contracts with our clients and our contract with the Legal Aid Agency (“LAA”) where your case is funded by the LAA; to establish and defend legal claims or proceedings; to comply with legal and regulatory obligations; in accordance with your consent; and for legitimate business purposes (i.e. ways that might reasonably be expected as part of running our business).

We will ensure that the use of this data is relevant and proportionate and that we do not hold any more data than is needed. All such data is processed in line with the commitments and policies within this Privacy Notice.

Your personal information will be held securely and in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018 (and, prior to that, the Data Protection Act 1998). It will be retained for as long as necessary to provide relevant legal services and for a period appropriate to the category of data it relates to, usually no more than 12 months, after which it will be deleted. Where it relates to our work for a client then it will be retained for a period up to six years after the conclusion of our work for that client, in accordance with our legal/regulatory obligations. In special categories of case, such as cases for persons under 18 years of age or those who lack mental capacity, it may be retained for longer. This is because we are required to keep client files for that period by the SRA. This also protects you should you be unhappy with our services and want to complain or even due us after your case ends.

We may also share your personal information with certain trusted third parties. Where appropriate this may include clients; litigation opponents; barristers; experts; interpreters; costs drafters (professionals who prepare legal bills); secure file storage and destruction companies; and operators of our IT infrastructure, who have entered into appropriate data processing and/or confidentiality agreements, and other service providers who assist us in our work. In doing so we will always take care to ensure that your information remains confidential and safe.

Your data is stored and processed within the United Kingdom (UK) but it may also be transferred overseas where necessary due to the nature of that work or in connection with overseas communications and IT infrastructure (for example, where we store client information in ‘cloud-based’ storage). Whenever we transfer any data out of the UK, we ensure a similar degree of protection is afforded to it and treated with the same security measures regardless of location, and in accordance with our internal processes and policies as well as regulatory and legal obligations.

If you are a client under the legal aid scheme then we may be required to share some or all of your information with the Legal Aid Agency, including financial information.

We may also share your personal information with quality auditors and legal and regulatory bodies including the Solicitors Regulatory Authority (the statutory body that regulates solicitors), the Legal Ombudsman and others. In exceptional circumstances we may share your data with third parties for safeguarding purposes i.e. where it is necessary to protect the vital interests of the data subject.

Our Website

In relation to our website, we may collect data automatically with regard to each of your visits to our website including technical information. We do this in order to administer and keep safe and secure our website; to improve the website experience; and to understand your use of the website.

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

By law, we may not place cookies on your computer without your consent, unless they are strictly necessary to the operation of the service that we provide on the Website.

We use Google Analytics to monitor how our website is being used so we can make improvements. Our use of Google Analytics requires us to pass to Google your IP address (but no other information) – Google uses this information to prepare site usage reports for us, but Google may also share this information with other Google services. In particular, Google may use the data collected to contextualize and personalize the ads of its own advertising network. See Google’s privacy policy here.

If you have any queries about the cookies that we use, or would like more information, please contact us using the details below.


Our office buildings have CCTV installed including on the exterior and personal data in form of images or CCTV footage may be recorded. These are operated by the building owners. Any further enquiries with regard to this footage should be directed to them (we can assist in raising these enquiries for you).

Contacting Us

You have the right to be informed about what data we hold about you along with other rights set out in the legislation. You also have the right to correct any incorrect data held about you or to seek the erasure of your data. If you believe that the information we hold is wrong or out of date, please let us know and we will update it. The partner with responsibility for data protection matters is Daniel Carey (

Further information about your rights under the data protection legislation can be found at