Skip to content
Home - About Us - Careers - Staff - News - Contact Us +44 (0)20 7353 6381

Privacy Statement


A. Why this notice?

This privacy notice aims to:

  • describe the personal information collected, stored and otherwise processed about you and the purposes and lawful bases for that processing
  • tell you with whom Outer Temple Chambers, and the Practitioners there, share this information
  • the mechanisms and measures Outer Temple Chambers and its Practitioners have put in place to protect your personal information
  • your rights in relation to the processing of such information
  • how to contact us in the event you need further information or have a complaint.

Our overriding objective is to respect and protect your privacy, act transparently and be accountable to you in line with the relevant data protection legislation.

B. Who are we?

This Privacy Notice sets out the personal information processed about you by Outer Temple Chambers, and by its individual Practitioners (barristers; working door tenants; professional associates; trainee barristers/pupils; squatters) and the reasons for and context of that processing. It tells you who we share the information with, the security mechanisms and safeguards in place to protect that information, and how to contact us.

Outer Temple Chambers (‘OTC’ for convenience) is a set of barristers’ chambers. Most Practitioners associated with this set of chambers are self-employed individuals. Outer Temple Chambers is not a firm, and its Practitioners are not partners or employees of it.

The Outer Temple Chambers Ltd (‘OTC Ltd’ for convenience) is the vehicle responsible for providing management and administrative support functions on behalf of all Practitioners at Outer Temple Chambers. Please be aware that professional advice can only be given by a suitably qualified Practitioner rather than OTC Ltd, which is not responsible for, nor can it be liable in respect of, any advice given by such a Practitioner.

The Outer Temple Chambers Ltd is registered with the Information Commissioner’s Office (ICO) as a data controller for the personal data it processes as administrator of OTC. Our registered address is 222 Stand, The Outer Temple, London, WC2R 1BA, United Kingdom.

‘Data controller’ is a term used in data protection legislation (such as the General Data Protection Regulation and Data Protection Act 2018) to refer to the natural or legal person that decides how and why your personal information is processed.

OTC Ltd collects, uses and is responsible as a data controller for personal information it processes about a range of individuals (collectively ‘you’ in this document), including individuals seeking legal or other services from us; applicants for tenancy, for legal traineeships (pupillage), for mini-pupillages, and work-experience; job applicants; suppliers and potential suppliers. The company will also be the data controller in respect of any electronic personal data processed in connection with any unallocated case (a case sent to us but not allocated to a specific barrister), as well as any hard copy personal data relating to an unallocated case and falling within scope of the GDPR. The company is also the data controller for personal data that is processed for administration of Chambers, including for billing, marketing, staff or other personnel administration (to include contract workers, pupils, mini-pupils and work experience volunteers).

Practitioners actively practising from OTC (providing professional services such as: legal advice or representation; ADR services; expert services; consultancy services; or acting in a judicial or quasi-judicial capacity) are individual data controllers for the personal data they hold and process about individuals in connection with Practitioners’ professional activities.

OTC Ltd in some contexts also acts as a data processor for individual Practitioners (acting on their instructions) of personal information they collect related to their provision of services, including primarily the administration of legal or other services in which s(he) is to be instructed. Practitioners direct and supervise that processing of data in accordance with the Bar Code of Conduct and the constitution and policies of our Chambers.

This Privacy Notice also covers the processing of personal information by each Practitioner in their capacity as a data controller. However in some limited instances, a Practitioner may have opted to issue her/his own Privacy Notice (reflecting the specific nature of the data she/he processes), in which case such a Notice will be available on that individual’s biographical profile page elsewhere on our website.

Unless otherwise stated or contextualised, the use of the term ‘we’, ‘us’ or ‘our’ in this document refers to the applicable data controller, which may be Outer Temple Chambers, or one or more (as relevant) individual Practitioners in the context of their respective processing of personal data.

Within Outer Temple Chambers employed staff handle the controlling and processing of data, and they are ultimately responsible to the Chambers Management Committee (CMC), which oversees policies and management of the controlling and processing of personal data by staff. The CMC does not supervise and manage the controlling of that data, except when it is processed by Chambers on their behalf.

This Notice (along with any terms of use on our website, any contracts between us and any other documents referred to in this Notice, or other Privacy notices that we may provide on specific occasions) lays out the basis on which any personal data will be processed by us.

If you provide any information about other individuals such as colleagues, or persons involved in a legal matter (for example, if you are a solicitor or other person involved in a legal matter), you warrant to us that you are entitled to provide that information to us and to authorise us to process it on the same basis as we will process other data you provide about yourself.

This Privacy Notice was published on 29 May 2018, being last updated in May 2018. We will from time to time update this Privacy Notice in the light of developments and changed practices.

C. Our privacy officer and how to contact us

Outer Temple Chambers’ Privacy Officer is our Policy & Regulatory Standards Manager, Mr Shiraz Oshidar. If you have any enquiries about our personal data practices or policies, or the information we hold, please do contact him by email E: privacy@outertemple.com, by telephone T: +44 207 363 5681, or by post (Outer Temple Chambers, 222 Strand, London, WC2R 1BA, UK). If you require this Privacy Notice in an alternative format, please do make contact with us.

Although we do our best to carry out our use of information responsibly, we recognise that sometimes things may go wrong. We will do our best to put things right. If you wish to make a complaint, our complaints procedure can be found here. In the event we are unable to resolve your complaint, you may refer the matter to the Information Commissioner’s Office (ICO).

Under the General Data Protection Regulation (GDPR), you always have the right to make a complaint with a Supervisory Authority, in particular in the EU or EEA state in which you work, normally live or where any alleged infringement of data protection laws occurred.

The Supervisory Authority in the UK is the Information Commissioner’s Office (ICO), contactable at https://www.ico.org.uk or telephone: 0303 123 1113.

D. What personal information do we collect?

Personal data, or personal information, means any information about an individual from which that person may be identified or be identifiable. It does not include data where the identity has been removed (anonymous data).

We are frequently instructed by corporate entities and those entities are not data subjects. As part of those instructions, personal information about other persons may also be provided to us directly (eg personal data relating to any of our corporate clients’ or prospective clients’ workers, any potential or actual opponent, or witness or vendor’s personal information, including that relating to their legal advisors or workers, as relevant or similar).

We collect some or all of the following personal information that you provide, including when providing legal services or references – it is not possible to anticipate exactly which categories of personal information might be obtained in particular cases (and some may not be obtained at all):

  1. personal details (includes names, usernames or similar identifiers, marital status, title, date of birth, gender, your image by way of photos or video recording)
  2. family details
  3. lifestyle and social circumstances
  4. goods and services associated with a specified individual
  5. financial details (including bank/building society and payment card details)
  6. education, training and employment details
  7. physical or mental health details (including your medical records where you are a party to actual or contemplated legal proceedings and you have consented to the release of such records for the purposes of investigating or bringing a claim)
  8. racial or ethnic origin
  9. political opinions
  10. religious, philosophical or other beliefs
  11. trade union membership
  12. sex life or sexual orientation
  13. genetic information
  14. biometric information for the purpose of uniquely identifying a natural person
  15. criminal proceedings, outcomes and sentences, or related security measures
  16. other personal information relevant to instructions to provide legal services, including information specific to the instructions in question
  17. transaction data, including details about payments to/from you
  18. marketing and communications data, such as your preferences in receiving marketing from us, and your communications preferences.

E. When and how do we collect personal data?

The personal information we collect comes through one or more of the following:

  • provided by you when you interact with us by ‘phone, post, sms, email, fax, social media, or through any agreed communications; at events; in person; or through forms on our website
  • collected automatically when you browse our OTC website – this relates to ‘cookies’ (see further below). We may also receive data about you if you visit other websites employing our cookies
  • provided by third parties:
    • other legal professionals, including members of chambers
    • public sources, such as the press, public registers and law reports, members of the public
    • experts and other witnesses
    • courts and tribunals
    • suppliers of goods and services, including data processors, such as Chambers staff, IT support staff, email & cloud providers, data storage providers
    • investigators
    • government departments
    • the general public in relation to the publication of legal judgments and decisions of courts and tribunals
    • in the event of complaints, the Head of Chambers, other members of Chambers who deal with complaints, the Bar Standards Board, and the Legal Ombudsman
    • prosecution authorities
    • trainee barristers
    • lay and professional clients of members of Chambers
    • family and associates of the person whose personal information Chambers is processing
    • other regulatory authorities current, past or prospective employers
    • education and examining bodies
    • business associates, professional advisers and trade bodies, e.g. the Bar Council
    • the intended recipient, where you have asked us to provide a reference.

F. Automated decision-making and profiling

We do not use automated decision-making and profiling as defined under the General Data Protection Regulation (GDPR).

G. How we use your personal information (our purposes) and our lawful grounds for doing so

We may use your personal information for the following purposes and with the following lawful bases:

Purpose/reason Lawful basis of processing Data controller applicability
i. to promote and market the services of Chambers;

to promote and market the services of individual Practitioners

For our Legitimate interests or that of a third party – to promote our business and services to existing, former and potential clients

Your consent [for processing involving special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice]

OTC

Individual Practitioners

ii. to provide legal and other expert services to clients, including legal advice and representation in courts, tribunals, arbitrations and mediations For the performance of a contract (or in order to take steps at your request prior to entering into a contract)

For legal proceedings, legal advice or otherwise for establishing, exercising or defending legal rights

Individual Practitioners
iii. to train barristers, and when providing work-shadowing opportunities For the performance of a contract (or in order to take steps at your request prior to entering into a contract)

Your consent [for special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice]

OTC

Individual Practitioners

iv. to recruit staff, pupils, tenants and others to OTC For our Legitimate interests – to grow our business effectively OTC
v. to assess applications for tenancy, pupillage, mini-pupillage and work-shadowing opportunities For our Legitimate interests – to ensure only appropriately qualified individuals join us and to promote social mobility OTC
vi. to fulfil equality and diversity and other regulatory requirements Performing or exercising obligations or rights imposed or conferred by law on us or you in connection with employment, social security or social protection

Identifying/keeping under review the existence or absence of equality of opportunity or treatment between members of staff, tenant, pupils and mini-pupils

OTC
vii. to manage matters relating to employment (HR, payroll, benefits) Performing or exercising obligations or rights imposed or conferred by law on us or you in connection with employment, social security or social protection OTC

On occasion (when employing legal assistants or other support), individual barristers

viii. the keeping of accounting records and carrying out of office administration To comply with a Legal obligation

Our legitimate interest – to run our business effectively

Your consent [if processing involves special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice]

Individual Practitioners
ix. to take or defend legal or regulatory proceedings or to exercise a lien Our legitimate interest – to further our legal and business interests Individual Practitioners
x. to check for potential conflicts of interest in relation to future potential cases Legal obligation Individual Practitioners
xi. to carry out anti-money laundering, terrorist financing and due diligence or KYC checks (including right to work checks) Legal obligation

Our legitimate interest, to prevent fraud and criminal activity

OTC

Individual Practitioners

xii. to procure goods and services For the performance of a contract with you (or in order to take steps at your request prior to entering into a contract)

Your consent [for special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice] **

OTC

Individual Practitioners

xiii. to respond to requests for references Your consent [for special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice] ** OTC

Individual Practitioners

xiv. to respond to potential complaints or make complaints Our legitimate interests – to defend our reputation and interests

Your consent [for special category data or data relating to criminal convictions or proceedings, ie data categories g) to o) in Section D of this Notice] **

OTC

Individual Practitioners

xv. to publish legal judgments and decisions of courts and tribunals Our legitimate interests – to further our reputation and promote our services OTC

Individual Practitioners

xvi. as required or permitted by law Legal obligation

Necessity to prevent or detect unlawful acts where it is in the substantial public interest and it must be carried out without consent so as not to prejudice those purposes

Personal data manifestly made public already

For substantial public interest

OTC

Individual Practitioners

** Consent is required for processing data for these purposes. If you do not agree to processing in these instances (responding to potential complaints and provision of a reference), we will be unable to take your case or provide a reference. This is because of the need to be able to retain all the material about your case until there is no prospect of a complaint and to provide an informed and complete reference.

H. Who will we share your personal information with?

We do not rent or sell personal information to anyone. If you are a client, some of the information you provide will be protected by legal professional privilege (unless and until it becomes public in the course of any proceedings or otherwise). Barristers have an obligation to keep your information confidential, save when it becomes public or is disclosed as part of the proceedings or case. Depending on the service in question, or particular transaction between individuals and ourselves (eg in relation to legal advice or proceedings), it may be necessary to share your information with one or more of the following (a non-exhaustive list):

  • information processors, such as IT support staff, email providers, information storage providers
  • in the event of complaints, the Head of Chambers, Chambers Director and members of Chambers who deal with complaints, the Bar Standards Board and the Legal Ombudsman
  • other regulatory authorities
  • current, past or prospective employers or employees
  • in the case of recruitment of barristers to or from other chambers, your current, past and prospective chambers
  • education and examining bodies
  • legal professionals
  • experts and other witnesses
  • prosecution authorities
  • courts and tribunals
  • Chambers’ staff
  • trainee barristers
  • lay and professional clients of Members of Chambers
  • family and associates of the person whose personal information Chambers is processing
  • current, past or prospective employers
  • education and examining bodies
  • arbitrators; ADR professionals including mediators, expert determiners
  • translators; transcribers; couriers
  • third party funders
  • business associates, professional advisers and trade bodies, e.g. the Bar Council
  • the intended recipient, where you have asked Chambers to provide a reference
  • the general public in relation to the publication of legal judgments and decisions of courts and tribunals

We may be required to provide your information to regulators, such as the Bar Standards Board, the Financial Conduct Authority or the Information Commissioner’s Office. In the case of the Information Commissioner’s Office, there is a risk that your information may lawfully be disclosed by them for the purpose of any other civil or criminal proceedings, without our agreement or your agreement, which includes privileged information.

We may also be required to disclose your information to the police or intelligence services, where required or allowed by law. Examples include:

  • The prevention or detection of crime and fraud
  • The apprehension or prosecution of offenders
  • The assessment or collection of tax or duty owed to customs and excise
  • Sharing in connection with legal proceedings
  • Sharing in relation to the physical or mental health of an individual, where disclosure is required to protect them or others from serious harm

We may also share your information with emergency services and local authorities, where this is necessary to help them respond to an emergency that affects you; or in order to enforce or apply the terms of any agreement or policy to which we are a party; or to protect the property, rights or security of us, our clients or others.

Sharing information with our contractors and suppliers

There are some cases when we will share your information to support legitimate business purposes. We do this to make sure that we can meet your needs, and to meet our health and safety obligations towards those delivering services on our behalf. This may include sharing information with our contractors and suppliers to allow them to carry out duties on our behalf or to meet contractual obligations we may have. For example, we may share information to enable our maintenance contractors to make appointments with you to carry out repairs and/or deliver services, or with a mailing company to conduct a mailing, or to an event host or catering company involved with one of our events.

I. Data security

To help protect the privacy of data and personally identifiable information you send through our website or that is provided to us, whether electronically or in paper form, we keep physical, technical and organisational safeguards to ensure that information is kept confidential, integral and available, being protected from:

  • Unauthorised access
  • Improper use or disclosure
  • Unauthorised modification
  • Unlawful destruction or accidental loss.

We look at and update our security technology on an ongoing basis. We restrict access to your personal data to those employees (or suppliers’ employees) who need to know that information to provide benefits or services to you, and ensure they are bound by obligations of confidentiality. We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We will take appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

We have put in place procedures to respond to any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to.

Chambers’ main IT service provider, SproutIT, is ISO 27001 accredited and operates a private hosted cloud-based desktop service for Chambers and its members. Encryption is applied for the transmission of sensitive data as appropriate; by default Outer Temple Chambers attempts to send and receive email via TLS (Transport Layer Security) unless the other party does not support it. SproutIT’s service uses secure data centres located within the EEA.

Not all Practitioners store personal information within the hosted desktop service. However taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the varying risks to your rights, s(h)e implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk in their processing.

We also use a software known as Lex (provided by Bar Squared, who are Cyber Essentials certified) which allows our staff and Practitioners to manage diaries’, store information relating to cases, and coordinate billing. The Lex marketing server uses the TripleDES encryption standard. The Lex Chambers Management uses FIPS140-2 encryption in relation to passwords.

We require third party data processors, such as SproutIT and Bar Squared, to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only allow them to process your personal data for specified purposes and in accordance with our instructions.

J. Marketing and promotion

In relation to personal information collected for marketing purposes, the personal information usually consists of:

  • names, contact details, and name of your organisation
  • the nature and scope of your interest in our marketing
  • your likely or actual attendance at our events, any event-related preferences, and any feedback/evaluation given.

This will be processed so that you can be provided with information about Chambers – and the Barristers/Mediators/Arbitrators in question – and to invite you to events.

You may contact us if you no longer wish to receive such invitations or information: Mr Shiraz Oshidar E: shiraz.oshidar@outertemple.com; or you can use the ‘unsubscribe’ function or opt-out in the communication you have received. It may take up to 14 days for this to become effective.

Where you opt-out of receiving marketing messages, this will not apply to personal data provided to us as a result of a service purchase or other transactions.

K. Our use of website cookies and Google Analytics

Cookies are small pieces of data that a Web site transfers to a user’s device hard drive for record-keeping purposes.

Our website uses cookies to provide improved functionality on the site and gather traffic data (e.g., what pages are the most popular). Our website collects limited information about visits to our site; we may use this information to analyse general traffic patterns and to perform routine system maintenance. This type of information does not personally identify you as a named individual.

The Outer Temple Chambers website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be sent to and stored by Google on servers in the United States.

Google uses this information to measure and understand your use of the website, drawing up reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also send this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not connect your IP address with any other data held by Google.

You may refuse the use of cookies by choosing the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

We cannot access any personal data about you ourselves, therefore we are not the Data Controller for your Google Analytics profile data. You would need to contact Google directly for this information. Details about GA’s privacy and data confidentiality protocols can be viewed here.

How do I prevent being tracked by Google Analytics?

You have the right to object to this tracking and to stop it happening. If you are uncomfortable with this tracking, you can take the following actions:

All major browsers allow you to block or delete cookies from your system.

Different browsers make varying controls available to you about accepting or blocking of cookies – below are links to popular manufacturers’ instructions on how you can do this. Generally, your browser will offer you the choice to accept, refuse or delete cookies at all times, or those from providers that website owners use (“third party cookies”), or those from specific websites.

L. Third party websites and links

Our website may contain links to other sites and resources provided by third parties. We have no control over the contents of those sites or resources. If you use any third party sites or resources the third party services’ rules and policies (including Privacy policies and Notices) will apply and you should check these before you submit any personal data to third party sites. We do not accept any responsibility or liability for these policies and Notices.

M. Transfer of your information outside the European Economic Area (EEA)

This privacy notice is for general use and it is not possible to say whether it will be necessary to move your information out of the EEA in any particular case or matter, or for a reference or some other purpose.

However, if you live outside the EEA or, for example, your matter or the post for which you require a reference involves persons or organisations or courts and tribunals outside the EEA, then it may be necessary to transfer some of your information to that country outside of the EEA for such purposes. If you are in a country outside the EEA, or if the instructions you provide come from outside the EEA, then it is inevitable that information will be transferred to those countries. If this applies to you and you want extra precautions to be taken for your information, please let us know when starting to instruct us.

Practitioners and staff may temporarily take personal information outside the EEA, for example when travelling for a case or for other purposes, including when it is (or seems) necessary to access the information to deal with the case to which it relates. Your personal information may be processed (including accessed) in any country where we have offices or in which we use service providers. The transfer and processing of information may be to countries outside of your country of residence, which may have different data protection rules than those of your country or the country in which you were based when you first provided your information to us.

Some countries and organisations outside the EEA have been assessed by the European Commission and their information protection laws and procedures found to show adequate protection. The list can be found here. Most do not.

If your information has to be moved outside the EEA, then it may not have the same protections and you may not have the same rights as you would within the EEA. However, where it is necessary to make transfers, this will require having a lawful basis for transferring personal information and putting proper safeguards in place to make sure an adequate level of protection for the personal information.

Therefore if in the instance that we need to transfer personal data outside the EEA, we are likely – if unable to ensure safeguards through the mechanism of standard contractual clauses with third parties or through the mechanism of EU-US Privacy Shield scheme – to rely on one or more of the exemptions allowed under Article 49 of the GDPR:

  1. with the consent of the individual / relevant data subject;
  2. necessary for the performance of a contract between the individual and the organisation or for pre-contractual steps taken at the individual’s request;
  3. necessary for the performance of a contract made in the interests of the individual between the controller and another person;
  4. necessary for important reasons of public interest;
  5. necessary for the establishment, exercise or defence of legal claims;
  6. necessary to protect the vital interests of the data subject or other persons, where the data subject is physically or legally incapable of giving consent;

If we decide to publish a judgment or other decision of a Court or Tribunal containing your information, then it may become generally available.

N. How long will we store your personal information?

Our Data Retention policy is to keep your personal data only for as long as it is needed to fulfil the purposes for which we collected it, including any legal, accounting or reporting requirements. To decide how long we keep your personal data, we consider the amount, nature and sensitivity of the data, the potential risk of harm, the reasons why we process your personal data and whether we still need your data, and any applicable legal requirements.

Our individual Practitioners are frequently instructed in cases whose legal subject matter, and context, can vary greatly. The standard default data retention period for personal information provided to a Practitioner for the purpose of providing legal services is normally 15 years from the latest of a) the date on which the last item of work is undertaken for you b) the date that the last fee or other payment is received, or outstanding fees are written off c) the expiry of the time limit for any further appeal in relevant proceedings or d) the date on which legal proceedings by or against the Practitioner in relation to the matter have finally concluded (including any appeal). After that point, the data will be reviewed and deleted securely or destroyed without further notice or liability (or a further retention & review period set, if circumstances merit it), unless the case remains outstanding in some material respect after that period has expired. The period of 15 years is the long stop period specified for claims in section 14B of the Limitation Act 1980. If information is needed for legal proceedings, regulatory matters or active complaints, then it may be retained for longer than the designated period. There may sometimes be fact-specific reasons why a shorter retention period is applied.

A client’s name and contact information will be retained beyond this period and until it is no longer required for the purpose of conflict checking.

Personal data contained in records relating to any complaint will be retained for a period of 6 years from the determination of the complaint.

In certain cases, personal data related to the provision of legal services may be kept for longer than 15 years, for example where the case involves a minor and/or Guardianship issues, or where it is kept together with notes on other cases, and the 15 year retention period has not ended on those other cases and it is not reasonable or proportionate to separate personal information relating to one case from another; or where the information may be needed for potential legal proceedings in which the limitation period may be alleged not to have started to run until purported damage, or some other event, occurred at some time after advice was given, or instructions acted upon.

In respect of public access cases, barristers must keep information and documents you supply, whether in hard copy or in electronic form, for a period of 7 years under the current provisions of the regulatory code of conduct for the English Bar set out in the Bar Handbook published by the Bar Standards Board (BSB) of the United Kingdom, who regulate all barrister members of our Chambers.

In certain circumstances, we may anonymise your personal data (so that it cannot be associated with you) for research or statistical purposes in which case we may use this information indefinitely, without further notice. We will delete or anonymise your personal information unless:

  • the lawful basis for collecting it is ongoing
  • we are engaged with you in relation to a particular matter or that matter has not finally terminated, or there is an unresolved issue such as a claim or dispute
  • we are legally required to; or
  • there is a legitimate interest (such as protecting safety and security of customers; fraud prevention)

Names and contact details held for marketing will be held until we become aware, or are informed, that the individual in question is no longer a potential or actual client.

O. Visiting our Chambers office in London

We have security measures in place at our offices, including building access controls. The building we occupy is multi-tenanted and the managing agents are Fresson & Tee (T: 020 7391 7100; www.fandt.com; 6th Floor Queens House, 55-56 Lincoln’s Inn Fields, London WC2A 3LJ). They operate a CCTV system at entry points and in common parts, for which they are data controllers.

The images captured are only accessed on a need to know basis (e.g. to look into an incident). CCTV recordings are typically automatically overwritten after a short period of time unless an issue is identified that requires investigation (such as a theft).

We require visitors to our offices to sign in at reception and keep a record of visitors for a short period of time. Our visitor records are securely stored and only accessible on a need to know basis (e.g. to look into an incident).

P. Your Rights

Data protection laws grant you certain ‘information rights’, which are summarised below. These are free of charge. More guidance is available at the ICO website (see the links below).

  • Right to be informed – we are doing this through this Privacy Notice (see here).
  • Right of access – you have the right to ask for a copy of information we hold about you (see here), commonly known as a Data Subject Access Request. This enables you to receive details of the personal data we hold about you and to check we are lawfully processing it. If these details cannot be provided within a month, we will provide you with a date when the information will be provided. If for some reason we cannot provide you with these details, we will provide an explanation as to why we cannot provide you with this information. A Practitioner will not normally be able to provide access to personal information where it is covered by legal privilege; therefore unless you have instructed a Practitioner for legal advice or representation, it will often not be possible for that Practitioner to comply with a request for access to personal data.
  • Right of rectification or erasure – if you feel that any data that we hold about you is inaccurate, you have the right to ask us to correct or rectify it (see here). You also have a right to ask us to delete information about you where you can show that the data we hold is no longer needed by us, or if you withdraw your agreement upon which our processing may be based, or if you feel that we are unlawfully processing your data (see here). Please note that we may be entitled to keep your personal data despite your request, for example if we are under a separate legal obligation to hold it. Your right to have your information corrected or deleted extends to anyone we have disclosed your personal information to and we will take all reasonable steps to tell those with whom we have shared data about your request.
  • Right to Restriction of processing – you have a right to request that we suspend the processing of your data where i) you contest its accuracy; ii) the processing is unlawful but you do not want us to erase it; iii) where we do not need to hold your data any longer but you need us to do so in order to establish, exercise or defend any legal claims; iv) we are in dispute about the legality of our processing of your personal data, but we need to verify whether we have overriding legitimate grounds to use it (see here).
  • Right to Portability (data portability request) – you have a right to receive any personal data that you have provided to us in a structured, commonly used readable format; or to ask us to transfer it onto another data controller. This right only applies where the processing is based on your agreement or for a contract and is carried out by automated means (see here).
  • Right to Object to processing – you have a right to object to our holding and using your personal data where the basis of this processing is our legitimate interests including, but not limited to, direct marketing, and you feel it impacts on your fundamental rights and freedoms (see here). In some cases we may demonstrate that we have strong legitimate grounds to process your information which override your rights and freedoms.
  • Right to Withdraw Consent – you have the right to withdraw your agreement for the processing of your personal data where the processing is based on your consent. This will not affect the lawfulness of our use of your data carried out before you withdrew your agreement. Where we also rely on other grounds for holding and using personal data, you may not be able to prevent processing of your information. If you withdraw your consent we may not be able to provide certain products or services to you. We will advise you of this at the time you withdraw your consent.
  • Right to Opt-out of direct marketing communications – You have the right to opt-out of marketing communications we send to you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt out of other forms of marketing (such as postal marketing or telemarketing), then please contact us.
  • Right not to be subject to automated-decision making: automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless: you have given us your agreement, or it is necessary for a contract between you and us; or is allowed by law. You also have certain rights to challenge decisions made about you. Outer Temple Chambers does not currently carry out automated decision-making.
  • Right of Complaint – you also have the right to lodge a complaint about any aspect of how we are handling your data with the Information Commissioner’s Office (ico.org.uk) which can be contacted here.

If you want to exercise any of these rights, please:

  • Use the contact details at the beginning of this document
  • We may need to ask you to provide other information so that you can be identified, such as proof of your identity and address
  • Provide a contact address so that you can be contacted to request further information to verify your identity
  • State the right or rights that you wish to exercise.

We will respond to you within one month from when we receive your request.

Q. Future Processing

Chambers does not intend to process your personal information except for the reasons stated within this privacy notice. If this changes, this privacy notice will be amended.