Privacy Policy

1. Important Information and Who We Are

At Maher Law, we place a high priority on safeguarding your privacy and ensuring the security of your personal data. This Privacy Policy aims to provide comprehensive information about how we collect, use, disclose, and protect your personal information. We act as the data controller and are responsible for the processing of your personal data.

If you have any questions, concerns or enquiries regarding this Privacy Policy or how we handle your data, please do not hesitate to contact us at:

  • Postal Address: Maher Law, Third Floor, 4 Athol Street, Douglas, Isle of Man, IM1 1LD
  • Email: tom@maher.im

2. The Data We Collect About You

We may collect various types of personal data depending on the nature of our interactions with you:

  • Contact Information: This category includes your name, residential and/or work address, email address, and telephone numbers. This information helps us to effectively communicate with you and fulfil our legal services.
  • Identity Information: Such as your date of birth, identification documents (e.g., passport, driver's license), and any other documentation required for identity verification. This information is essential for due diligence and compliance with legal and regulatory requirements.
  • Financial Information: This may encompass bank account details and payment information, which is necessary for billing and financial transactions related to the legal services we provide.
  • Employment Information: For job applicants, we may collect data on your educational history, employment history, professional qualifications, nationality, immigration status, and work permit information. This information is critical for our hiring process and employment-related matters.
  • Special Categories of Personal Data: On specific occasions, we may need to collect sensitive information, such as your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, sexual orientation, genetic and biometric data, and criminal convictions. We only collect this information when relevant to the legal services we provide or our contractual relationship with you, or if you voluntarily provide it to us.
  • Website Usage Information: This category includes data regarding your interactions with our website. Information such as your IP address, browser type, operating system, and browsing behaviour helps us analyse website performance and improve your online experience.

 

3. How Is Your Personal Data Collected?

We collect your personal data through various methods, including but not limited to:

  • Information You Provide: We collect data directly from you when you engage with us during consultations or any form of correspondence.
  • Publicly Available Sources: We may obtain data from publicly available sources such as public registers, online databases, and other public records. This data may be used for background checks and verifying information provided by clients.
  • Identification and Verification Systems: To conduct due diligence checks, we may use third-party identification and verification systems. These systems help us securely collect and verify identity-related information.

4. How We Use Your Personal Data

We process your personal data for various purposes, which include but are not limited to:

  • Providing Legal Services: We use your data to deliver the legal services you require and to fulfil our contractual obligations with you.
  • Compliance with Legal and Regulatory Obligations: Your data is processed to ensure compliance with applicable laws and regulations. This includes activities like client due diligence checks, record-keeping, and reporting to relevant authorities.
  • Legitimate Business Interests: We may process your data for our legitimate business interests, as long as these interests do not override your fundamental rights and freedoms. Our legitimate interests may include conducting legal research, marketing legal services, and managing client relationships.
  • With Your Consent: In specific circumstances, we may request your consent to process your data for particular purposes. We provide you with appropriate information to make an informed choice, and your consent is sought and recorded to ensure compliance with data protection regulations.

 

5. Disclosures of Your Personal Data

We may share your personal data with various categories of recipients as outlined below:

  • Other Members of Our Law Firm Group: We may share your data with other entities within our law firm group, in accordance with data sharing agreements, to efficiently provide legal services and manage our operations.
  • Sub-Contractors, Agents, and Service Providers: We engage with third-party service providers, such as IT providers, auditors, consultants, insurers, and event hosting services. These entities may have access to your data to assist us in fulfilling our obligations.
  • Regulatory and Governmental Authorities: We may be required to disclose your data to regulatory, governmental, and other authorities in compliance with legal and regulatory obligations. Such disclosures may be necessary for anti-money laundering checks, tax reporting, and other legal requirements.
  • Legal or Professional Advisers, Agents, and Third Parties: In the course of providing our legal services, we may need to share your data with legal or professional advisers, agents, or third parties. This is typically done to address specific legal matters or provide specialised services related to your case.
  • Registrars of Public Registers: Some data may be held in public registers, and we may need to disclose relevant data to registrars in accordance with legal and regulatory requirements.
  • In Accordance with Your Instructions and Consent: We will share your data in compliance with your specific instructions and with your explicit consent.

 

6. International Transfers

We do not transfer your personal data outside the Isle of Man, UK or European Union or to countries not deemed to provide an adequate level of data protection unless we receive your explicit instruction to do so.

 

7. Data Security

Safeguarding your personal data is a top priority for us. We have implemented appropriate technical and organisational measures to protect your data from unauthorised access, disclosure, alteration, or destruction. Access to our internal data servers is limited to authorised personnel, and defined policies govern this access.

 

8. Data Retention 

We will retain your personal data for as long as necessary, considering relevant laws, regulations, and our data retention criteria. The retention period will vary depending on the specific circumstances of data processing.

 

9. Your Legal Rights

 You have several rights concerning your personal data:

  • Right of Access: You have the right to request a copy of your personal data. However, this is subject to certain restrictions, particularly when the information is subject to legal privilege.
  • Right to Rectification: If the data we hold about you is inaccurate or incomplete, you have the right to request corrections or additions.
  • Right to Deletion: You can request the deletion of your personal data. While we are not obliged to comply in all circumstances, we will carefully consider every request for data deletion.
  • Right to Restrict Processing: In specific circumstances, you can request the restriction of processing of your data. These circumstances include disputing data accuracy, objecting to processing based on legitimate interests, and more.
  • Right to Data Portability: If we process your data based on performance of a contract or consent, and the processing is carried out by automated means, you can request a copy of your data in a commonly used and machine-readable format.
  • Right to Object: You can object to the processing of your personal data when we rely on legitimate interests or consent as the basis for processing.

If you have questions or wish to exercise any of your rights, please contact us at the postal address or email provided above. To protect your privacy and ensure data security, we may request proof of your identity. We aim to respond to all legitimate requests within one calendar month. However, if your request is particularly complex or if you have submitted multiple requests, we may extend this period. If an extension is necessary, we will notify you promptly and keep you updated on our progress. We may also ask you to clarify your request if it is unclear. 

We do not charge a fee for responding to requests to exercise your rights. Nevertheless, in cases where a request is manifestly unfounded, excessive or repetitive, we may choose to charge a reasonable fee.

 

Complaints

In the event that you wish to make a compliant about how your personal data is being processed by Maher Law, you have the right to complain to our data protection officer. If you do not get a response within 30 days, you can complain to the Isle of Man Information Commissioner.

The details for each of these contacts are:

Tom Maher

Data Protection Officer

Maher Law

Third Floor

4 Athol Street

Douglas

Isle of Man

IM1 1LD 

Email tom@maher.im

 

Isle of Man Information Commissioner

P.O. Box 69

Douglas

Isle of Man

IM99 1EQ T

Telephone: +44 1624 693260 or email ask@inforights.im

 

Maher Law

June 2024

Maher Law is the registered business name of Advocate Thomas Dermot Maher (30254B), Third Floor, 4 Athol Street, Douglas, Isle of Man, IM1 1LD