Lee Evans Partnership LLP is committed to respecting and protecting the privacy of individuals, namely our clients, consultants, suppliers, and employees.
This Policy sets out Lee Evans Partnership’s commitment to protecting individual’s privacy and describes how, and for what purposes, we process and use the personal data we collect in accordance with the General Data Protection Regulations 2016 (‘GDPR’).
If you have any questions about this Policy, or our stance on GDPR in general, please get in touch with us at:
What is ‘Personal Data’?
GDPR applies to the ‘personal data’ we collect from individuals. ‘Personal data’ means information which may be used to directly or indirectly identify an individual; for example a name, address, bank account details, private email address, National Insurance Number, etc.
Why do we collect Personal Data?
Personal data can only be collected and processed where there is a ‘lawful basis’ for doing such. GDPR stipulates that there are six lawful bases:
- CONTRACT – e.g. to comply with our contractual obligations
- LEGAL OBLIGATION – e.g. to comply with the law
- VITAL INTEREST – e.g. to protect someone’s life
- PUBLIC TASK – e.g. for the performance of a task carried out in the public interest
- LEGITIMATE INTEREST – e.g. for our interest, unless there is a good reason that overrides that legitimate interest. Examples of this may be using contact details of clients and design teams to effectively run a project, and the use of data for the purposes of purchasing supplies, etc, for the legitimate running of the business
- CONSENT – e.g. you have provided, or we have collected, your personal data for a specific purpose with your explicit consent. Your personal data can only be used for that specific purpose. You also have the right to withdraw this consent at any time.
Lee Evans Partnership aims to ensure that individual’s personal data is always processed lawfully, fairly and transparently.
How do we use your Personal Data?
We may process your personal details for a variety of reasons, and we will always seek to be transparent about how your personal data will be used.
‘Processing’ personal data essentially means what we do with your data. Processing data could be collecting, recording, storing, using, altering, erasing, etc.
On occasion, we may need to forward your personal data to third parties, for example to other consultants you wish to engage on your project. We will only do this with your express permission.
Examples of how we may process your personal data can be seen below:
- To allow us to undertake our services in accordance with our business and agreements/contracts and pursuant to the agreed commission
- For accounting/tax/regulatory purposes
- To send personal invites to our corporate events
- To send to third parties – this will only be undertaken in connection with the execution of our duties (e.g. sending details to the Local Authority or agreed consultants)
- For ‘Quality Assurance’ exercises, to ensure we maintain a quality level of service in accordance with our ISO9001:2015 accreditation; for example to request feedback on our services.
- For staffing and recruitment exercises.
In all situations, we will only process your information where we have a ‘lawful basis’ to do so.
Your rights in relation to your Personal Data
As an individual, you have various rights over your personal data, depending on individual circumstances. Rights include:
- The right to be informed about how and why we use your personal data;
- The right of access to your personal data, meaning you can request copies of all personal data we hold about you;
- The right to rectification of any erroneous personal data we hold about you, for example updating your postal or personal email address;
- The right to erasure of the personal data we hold about you;
- The right to restricting us from processing some or all of the personal data we hold about you;
- The right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services;
- The right to object to the use of your personal data; and
- The right not to be subject to automatic decision-making (e.g. computer based decision making, without human involvement), including profiling. Lee Evans Partnership does not use any such techniques, and should this position change, we will ensure individuals affected are informed in advance and given an option to ‘opt-out’ of this activity.
How long do we keep your Personal Data?
We will keep your personal data no longer than is reasonably necessary. For different types of information, this may vary; for example, for accounting purposes, records will usually be erased 6 years after final legitimate use, in accordance with HMRC recommendations, and for information pertinent to projects this will typically be 15 years after final use, in line with our legitimate business interest and our insurer’s requirements.
Where variations to this are necessary, we aim to inform individuals of the required arrangements and the reasons for such.
What happens if your personal data is compromised?
We take guarding your personal data extremely seriously, and seek to put all reasonable measures in place to protect your information, and to detect, report and investigate data breaches.
In the unlikely event of a breach of your personal data, we seek to be transparent with you. Where there are potential implications affecting you as a result of such a breach, we will make you aware of the situation. Depending upon the severity and nature of the breach, we will also inform the Information Commissioners Office (ICO).
Further details on our ‘Data Breach Procedure’ can be provided upon request.
We hope that you never find a need to complain about the way we obtain or process your personal data.
However, should you wish to make a complaint in this regard, we hope to work with you to resolve the issue expediently.
Please contact our Head of Privacy, Mr Kevin Hook, at:
Tel: 01227 784444
Address: Head of Privacy, Lee Evans Partnership LLP, St John’s Lane, Canterbury, Kent CT1 2QQ
Alternatively, you can contact the Information Commissioner’s Office (ICO) directly:
Tel: 0303 123 1113
Nicholas Lee Evans, Senior Partner
Lee Evans Partnership LLP