HT Legal Ltd (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy, together with our Terms and Conditions, explains how we collect, use, and share your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Personal Information We Collect
When you interact with us (via our website, social media, telephone, or otherwise), we may collect and process the following information:
- Information you provide when you contact us, submit an enquiry, or instruct us, including your name, contact details, and details of your claim.
- Information relating to your matter, including documents you supply and information obtained from third parties (e.g., financial advisers, pension providers, product providers, expert witnesses, medical records, etc.).
- Identification and verification information, including details used to perform anti-money laundering checks and soft credit searches (with your consent).
- Technical data such as IP address, browser type, referrer, pages visited, and log data collected automatically when using our website.
- Cookies and analytics data for improving our website and understanding user behaviour.
- Telephone call recordings for quality monitoring and training.
- CCTV footage from visits to our premises (stored for a minimum of 30 days).
- Social media reviews or public information relevant to the validation of claims.
2. How We Use Your Information
We process your personal information where it is necessary to:
- Provide legal services – including investigating, pursuing, and managing your claim, preparing legal documents, and communicating with relevant parties (e.g., product providers, the Financial Ombudsman Service, FSCS, Pensions Ombudsman).
- Comply with our legal obligations, including anti-money laundering regulations and professional obligations under the Solicitors Regulation Authority (SRA).
- Perform soft credit searches and identity verification, where required for mis-sold finance claims or anti-money laundering compliance, using trusted partners such as Valid8 IP Ltd, who may use one or more credit reference agencies.
- Communicate with you, including sending updates about your matter, service announcements, or marketing information (if you have opted in – you may opt out at any time).
- Audit, research, and improve our services, ensuring compliance and quality control.
- Prevent fraud, money laundering, or other unlawful activity.
- Maintain business records and backups for operational continuity.
3. Lawful Basis for Processing
We rely on one or more of the following lawful bases:
- Contractual necessity – processing required to provide you with legal services and fulfil our engagement terms.
- Legal obligation – complying with statutory and regulatory requirements (e.g., AML checks, professional rules).
- Legitimate interests – improving our services, monitoring quality, and preventing fraud.
- Consent – for marketing communications and soft credit searches (where required). You can withdraw consent at any time.
4. Who We Share Your Information With
We may share your information with:
- Valid8 IP Ltd – for the purposes of identity verification and performing soft credit searches with one or more credit reference bureaus.
- Third-party service providers – such as barristers, expert witnesses, IT providers, cloud storage services, and case management platforms, under strict confidentiality and data processing agreements.
- Regulatory bodies and redress schemes – including the Financial Ombudsman Service (FOS), Financial Services Compensation Scheme (FSCS), Pensions Ombudsman (POS), and courts/tribunals where required to progress your claim.
- Professional advisers – such as accountants, auditors, and insurers, where necessary.
- Law enforcement or regulators – where required by law or to prevent fraud.
We ensure all third parties adhere to appropriate confidentiality, security, and data protection standards.
5. International Transfers
If data is transferred outside the UK or EEA, we ensure it is protected by using approved safeguards such as adequacy regulations, standard contractual clauses, or equivalent lawful mechanisms.
6. Your Rights
You have rights under data protection law, including:
- Right to be informed, access, rectify, and erase your data.
- Right to restrict or object to processing.
- Right to data portability.
- Right not to be subject to solely automated decision-making.
To exercise these rights, contact our Data Protection Officer using the details below. You also have the right to complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk if you believe your data has been mishandled.
7. Data Security
We use appropriate technical and organisational measures to keep your data secure, including:
- ISO27001 certification and Cyber Essentials Plus compliance.
- Secure servers, firewalls, and encryption for data storage and transmission.
- Restricted access controls ensuring only authorised personnel access your data.
8. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory, and reporting obligations.
9. Complaints and Contact
If you are unhappy with how your data has been handled, contact the case handler or email hello@claimmyloss.co.uk. If unresolved, you may escalate your complaint to the Solicitors Regulation Authority or the Legal Ombudsman.
10. Cookies
For information on our use of cookies, please see our Cookie Policy.
11. Policy Updates
We may update this policy periodically. The latest version will always be available on this page.
