Privacy Policy

GDPR Privacy Policy

Patterson Law takes privacy very seriously. Patterson Law is a “controller” under General Data Protection Regulations and the Data Protection Act 2018.

We may collect data from you if you submit a question via our website or instruct us to act for you in connection with your legal matter.

We also collect data from employees and work placements, job applicants, users of our website and social media platforms, suppliers and other professionals we work with in the course of our business.

Your provision of personal information to us or your use of our online services constitutes your acceptance of the terms of this policy.

Data Protection Officer

Our data protection officer Clare Hudson and is contactable vie email

Data we collect

We may collect data from you that is usually relevant to the matter we are dealing with. We may collect personal data

  1. Personal details
  2. Family lifestyle and social circumstances
  3. Financial details
  4. Business activities of the person whose details we are processing

Special Categories

We may collect data from you that is referred to as being in a special category. This may include

  1. Physical or mental health details
  2. Racial or ethnic origin
  3. Religious beliefs or other beliefs of a similar nature
  4. Criminal convictions
  5. Sexual orientation

Basis for processing

We may process your personal data for one or more of the following reasons

  1. It is necessary for the performance of our contract with you
  2. It is necessary for us to comply with a legal obligation
  3. It is in your legitimate interests to so and
  4. You have given your consent.

You can withdraw your consent at any time by advising our data protection officer

How we will use your data

We may use your data for the following purposes

  1. Provision of legal services including advising and acting on behalf of clients
  2. Promotion of our goods and services
  3. Maintaining accounts and records
  4. Supporting and managing staff

Who we will share your information with

We have strict rules under our code of conduct who we can share your information with and this usually is limited to other people who will assist us with your matter. This may include

  1. Barrister
  2. Other solicitors and legal representatives
  3. Medical experts
  4. Private investigators
  5. Health Care professionals, social and welfare organisations
  6. Courts and tribunals
  7. Third party service providers for example, auditors, payroll, mail delivery, accounting, Solicitors Regulation Authority.

Where you authorise us to do so we may share your information with your family, associates or representatives. We may also disclose your data to debt collection agencies if you do not pay our bills.

How long do we store your data?

We will normally retain your information throughout the period of time we do work for you and thereafter for 6 years.

More information is set out in our data retention policy, which is available on request from the data protection officer.


We have robust security measures in place to protect your personal data. We review these measures on a regular basis. In the event of a data breach we will liaise with the ICO and with you accordingly.

Please note the transfer of information via the internet is not completely secure. If you choose to transfer information to us this way then cannot guarantee the security of your data and transmission is at your own risk. Once received, we will ensure we keep secure using appropriate technical and organisational measures.

Any username or password we issue to you is personal to you and should not be shared with another person. You should stop using the username and password immediately if you suspect somebody else maybe using this.

Your rights

You have the following rights under GDPR

  • Right to be informed
  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Rights concerning automated decision making and profiling

Right to access

If you wish to see the information we hold about you then please put your request in writing to our data protection officer, together with proof of identity. We will aim to deal with your request within 30 days. However, we reserve the right to extend by a further 2 months if the request is manifestly unfounded or vexatious and/or very complex.

Full details about our access policy are available from the data protection officer.

Right to erasure

You have a right to ask us to erase you personal data in certain circumstances (details can be found in Article 17 GDPR)

We will deal with your request within 30 days upon receipt of a written request with proof of identity to our data protection officer.

However, we reserve the right to refuse to erase information that we are required to retain but law or regulation or that is required to exercise or defend legal claims.


We may use your data for marketing purposes. You do not have to agree to this. If you object to the use of your personal data for this purpose then please let our data protection officer know. You can withdraw your consent at anytime by contacting our data protection officer.


If you are unhappy about how we are using your information or how we have responded to your request then initially you should contact our data protection officer via email . If your complaint remains unresolved then you can contact the Information Commissioner’s Office for details please see