Mountford Chambers is committed to safeguarding the privacy of our clients, employees, instructing solicitors and applicants.
This policy explains what data Mountford Chambers and its members collect from you, how that data is used for the operation of Chambers’ business, and the steps we take to ensure that your data remains secure.
This policy applies to all interactions between the clerking team and staff of Mountford Chambers, and:
Mountford Chambers has appointed a Data Protection Officer (DPO) with responsibility for data protection compliance within the organisation.
Questions about this policy, or requests for further information, should be directed to the Data Controller in the first instance.
Further queries may be directed as follows:
Data Protection Officer: Orla O’Sullivan
Phone: 020 79366300
This section tells you what personal data we may collect from you when you use our services or instruct members of Chambers.
When you are registered as a client of Mountford Chambers we will usually collect:
During the course of your application for an employed position, pupillage or mini-pupillage at Mountford Chambers, we will usually collect data such as:
CCTV images of you may be captured on our premises. IP addresses may be logged on our IT system if you use one or more of the Mountford Chambers Wi-Fi networks or electronic facilities.
Mountford Chambers and members of Chambers will use your data as appropriate to:
Individual members of Chambers are the controllers of any personal data which is supplied to or received by them in the course of and during your instructions for the member to provide legal services.
Mountford Chambers is the controller of your personal data if you are applying for any role within Chambers, if you lodge a complaint about a member of Chambers, or when Chambers processes your personal data in relation to billing or marketing activities.
From time-to-time Mountford Chambers and members of Chambers may find it necessary to appoint data processors, or to engage the services of those whose function will make them data processors, for example support staff or pupil (trainee) barristers.
Members of Chambers act as data processors when acting on behalf of Chambers in any capacity involving the administration of Chambers, or the recruitment of staff, pupils and mini-pupils.
As a data subject, you have a number of rights in relation to your personal data.
You have the right to make a Subject Access Request. If an individual makes a subject access request, Mountford Chambers or the member of Chambers to whom the request is addressed will respond to the request within thirty days and will produce a response to the request in line with the Information Commissioners Office (ICO) guidelines.
The data subject will need to prove themselves by a form of identification which will be deemed adequate by the Data Protection Officer (DPA). A Subject Access Request to Mountford Chambers or any individual member of Chambers should be submitted to the Data Protection Officer (DPO).
If a Subject Access Request is manifestly unfounded or excessive, the organisation or member of Chambers is not obliged to comply with the request. Alternatively, the organisation or member can agree to respond but, the data subject may be charged a fee if extra costs are incurred to retrieve data, which will be based on the administrative cost of responding to the request. A Subject Access Request is likely to be manifestly unfounded or excessive where it repeats a request to which the organisation has already responded.
If an individual submits a request that is unfounded or excessive, the organisation will notify him/her that this is the case and whether or not it will be responded to.
If we cannot facilitate a request based on limitations with IT functionality, the DPO will notify the individual accordingly, stating what aspect of the request they can respond to.
Whilst we will always aim to respond to any Subject Access Request within the thirty days, if a request takes longer than the regulation timeline, then the data subject will be notified and will be updated, and the request provided at the earliest opportunity.
It should be noted that due to the business practices and the nature of the business model of Mountford Chambers, some data may not be requested under a Subject Access Request for legal reasons. If it is felt that a request may not be granted or fulfilled, the data subject will be informed.
A response to a Subject Access Request will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically, unless he/she agrees otherwise.
A data subject has the right to the following information regarding the processing of their data:
Personal data will be retained for the shortest time necessary. Please note that some legal cases will require Mountford Chambers or a member of Chambers to hold your data for a significant period after a case has been heard.
Under the General Data Protection Regulation (GDPR) you have the following rights to request information from Mountford Chambers and members of Chambers:
Due to the nature and purpose of data we hold (for the purposes of legal representation), the erasure of data may not be possible where such erasure is prohibited by law or where member of Chambers are under a regulatory obligation to retain records.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 are pieces of legislation explaining your rights over the processing of your personal information.
The GDPR requires Mountford Chambers and our members to identify which of six “lawful reasons” we use when processing your data.
In respect of Mountford Chambers:
In respect of members of Chambers, each member of Chambers will be required to handle and process your data in order to effectively act on your instruction. It is vital that barristers are able to process your personal data in order to assist you in your case.
Members of Chambers rely on the following “lawful reasons” for processing your data:
During the course of providing legal service to our clients, Mountford Chambers and members of Chambers may collect, process, store and retain special category data. Such data is processed on the following grounds:
Where Mountford Chambers or its members hold and process data on the legal basis of consent, the data subject has the right at any time to withdraw the consent.
Each of our Carmelite Briefings and emails relating to lectures, events and news contain a link to unsubscribe from the specific mailing list to which that correspondence is sent. To withdraw your consent for Mountford Chambers to contact you in respect of that mailing list, please follow the ‘unsubscribe’ link provided.
To unsubscribe from multiple or all mailing lists, or to withdraw your consent to be contacted by Mountford Chambers at all, please contact:
Phone: 020 79366300
To withdraw your consent for Mountford Chambers or a member of Chambers to hold and process your data for any other means, such as in respect of the provision of legal services, please contact the member of Chambers with whom you were previously dealing, or contact the Data Protection Officer.
Members of Chambers
Data Protection Officer (DPO)
For those under sixteen years of age, consent will often be required from an adult to process information relating to that data subject.
In relation to case data, consent may be obtained by the representing solicitor.
Mountford Chambers and members of Chambers take the security of personal data seriously.
Mountford Chambers has internal policies and controls in place to protect personal data against loss, accidental destruction, misuse or disclosure, and to ensure that data is not accessed, except by employees in the proper performance of their duties. These controls are implemented under the ICO and the Bar Council guidelines and are subject to regular monitoring and review.
Where Mountford Chambers engages third parties to process personal data on its behalf, such parties do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
Our staff, barristers and associates undergo regular Bar Council, data handling and GDPR training, to ensure that our policies and procedures are compliant with all aspects of data protection legislation. Our servers are held in a restricted area and are managed and monitored by IT and cyber data experts. This service is provided by a recognised, vetted and accredited service provider. Encryption for our data and emails are used at all times.
Members of Chambers have a responsibility to control and hold data in a manner commensurate to our security, data and cyber policies and the Bar Council guidelines.
Members of Chambers may also store data on personal electronic devices. All such devices are suitably protected by password protection and encryption.
Every effort shall be made by Mountford Chambers and members of Chambers to ensure the secure electronic storage of data in such a manner as to mitigate any risk of data loss as a result of technological failure or malfunction.
From time-to-time, particularly in legal cases involving parties outside the United Kingdom, data may be transferred to a legal representative not located within the United Kingdom or the European Union (EU).
Mountford Chambers and members of Chambers shall ensure that any such data transfer is undertaken commensurate with our data protection policies and guidelines, and subject to reciprocal undertakings in data security.
As an organisation we do not share any information held with third parties unless consent is given by the data subject, or where such disclosure is necessary within the conduct of a legal case, or according to other legal or obligations on Mountford Chambers or members of Chambers.
We will only share information with the following organisations is it felt that we have a legal obligation or are instructed to do so from an authority requiring specific information on a data subject.
Your data may be transferred to countries outside the European Economic Area (EEA). If any data is transferred outside the EEA it is based on the contractual obligations to third parties and processed in accordance with your data rights.
Please contact us directly with any questions or complaints as we aim to resolve any questions relating to data privacy with the data subject immediately.
Data Protection Officer (DPO)
All legal rights regarding privacy are the responsibility of the Information Commissioners Office (ICO).
More information about their complaints procedure can be found at: https://ico.org.uk/concerns/
Mountford Chambers is an ICO-registered organisation.
Mountford Chambers ICO Registration: ZA246759
All members of chambers are individually ICO-registered.
Details of individual registrations are included in the Members Annex (attached to the policy available as the link above).
We reserve the right to make changes to this Privacy Notice from time to time, so please take the time to review it periodically.
Last reviewed: June 2020.