Privacy Policy

Modern Legal Limited (“we”, “our”, “us”) is committed to protecting your privacy. We understand that by using our services you are trusting us with important information about you and your business. This Privacy Policy sets out how we collect, use, share and retain personal data, and the rights you have in relation to that information. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data Usage and Accountability Act 2025 (DUAA).

1. Who We Are

Modern Legal Limited is a UK law firm specialising in commercial, corporate, startup, arbitration, and data protection compliance law.

For the purposes of data protection legislation, we are the Data Controller of personal information you provide to us. This means we are responsible for determining how your personal data is held and used.

2. What Personal Data We Collect

Depending on your relationship with us, the information we may collect includes:

  • Identity data: your name, title, job role, and business details.
  • Contact details: address, telephone number, email address.
  • Client and matter information: details of instructions, contracts, negotiations, disputes, and supporting documents.
  • Financial information: bank account details, billing records, payment history.
  • Regulatory information: identity documents and due diligence information for anti-money laundering (AML) compliance.
  • Technical information: IP address, login information, and usage data where you interact with our website or online services.
  • Marketing and communication preferences: including your opt-in/opt-out choices for updates and newsletters.

Some of this information may be confidential or legally privileged. We treat all such information with the highest levels of care and security.

3. How We Collect Your Data

We collect personal data in a number of ways:

  • Directly from you – when you contact us, complete forms, sign contracts, or instruct us.
  • From third parties – such as regulators, professional advisers, counterparties, or publicly available sources like Companies House.
  • Through our website – when you visit or interact with us online.

4. How We Use Your Personal Data

We will only use your personal data where it is lawful to do so. Typical uses include:

  • To provide you with legal advice and services.
  • To conduct client onboarding, AML checks, and compliance activities.
  • To manage billing, payments, and accounting records.
  • To fulfil our legal, regulatory, and professional obligations.
  • To communicate with you regarding updates, events, or services relevant to your business.
  • To protect our rights, defend claims, and maintain professional indemnity records.

We do not use your personal data for automated decision-making or profiling that has legal or significant effects.

5. Lawful Bases for Processing

Under UK GDPR, the Data Protection Act 2018, and the DUAA, we must have a valid lawful basis before processing your personal data. These bases include:

  • Contract – where processing is required to perform our contract with you.
  • Legal obligation – where the law requires us to process information (for example, AML checks or tax compliance).
  • Legitimate interests – where processing is necessary for the operation of our business, such as developing our services or sending client updates.
  • Consent – where you have clearly agreed (for example, receiving marketing communications).

6. Marketing and Communications

We believe it is valuable for clients and contacts to receive relevant legal and business updates. We may use your personal data to:

  • Send newsletters, articles, or briefings about changes in the law.
  • Invite you to seminars, webinars, or networking events.
  • Provide information about services we believe are relevant to your business needs.

We will never sell your information to third parties for marketing purposes. You can withdraw your consent or opt out of marketing at any time by using the unsubscribe option in emails or by contacting us directly.

7. Sharing Your Personal Data

We may share your information only where necessary, for example:

  • With barristers, consultants, or professional advisers assisting in your matter.
  • With regulators, HMRC, or law enforcement agencies where legally required.
  • With third-party service providers (such as IT, cloud storage, or document management systems).

All third parties must agree to handle your data securely and in line with our instructions.

8. International Transfers

Most personal data we process is stored in the UK. If it is necessary to transfer data outside the UK, we ensure adequate safeguards are in place, such as the UK International Data Transfer Agreement or Standard Contractual Clauses.

9. Data Retention

As a law firm, we are subject to a range of statutory, regulatory and professional obligations that require us to retain client information for defined periods. This includes obligations under data protection legislation, the Solicitors Regulation Authority (SRA) Standards and Regulations, anti-money laundering legislation, financial reporting rules, and other legal duties.

In practice, this means that we cannot always delete or destroy personal information as soon as a matter is concluded. Instead, we are required to retain client files, correspondence, identification documents, financial records, and other matter-related information for such period as is necessary to:

  • Comply with legal and regulatory requirements imposed on us as a law firm;
  • Meet the SRA professional rules, which require us to keep adequate records of our work;
  • Protect our clients’ interests in case issues arise after a matter has closed;
  • Respond to potential enquiries from regulators, auditors, or insurers; and
  • Defend or pursue legal claims that may arise in relation to the services we have provided.

The precise length of time for which we keep records will vary depending on the type of work undertaken, the nature of the documents, and the regulatory requirements. For example, certain contractual documents may need to be preserved for longer than routine correspondence, and anti-money laundering records are subject to specific retention rules. Once we are no longer required to retain your information for these purposes, we will ensure that it is securely destroyed, anonymised, or otherwise put beyond use in a way that protects your confidentiality.

10. Confidentiality and Legal Privilege

We understand that the majority of information we handle is confidential and may attract legal professional privilege. This means communications between you and us in the context of legal advice are protected from disclosure. We will never waive privilege without your consent unless required by law.

11. Security of Your Data

We implement strong technical and organisational measures to keep your information secure. This includes:

  • Secure servers and encrypted storage.
  • Role-based access controls.
  • Regular IT monitoring and penetration testing.
  • Staff training on confidentiality and data protection.

While no system is completely secure, we continually review and improve our safeguards.

12. Your Rights

You have important rights under UK data protection law, including the right to:

  • Request access to the personal data we hold about you.
  • Ask us to correct or update inaccurate or incomplete data.
  • Request the deletion of your personal data, where legally possible.
  • Restrict how we process your data in certain circumstances.
  • Object to processing based on our legitimate interests.
  • Request a copy of your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.

We will respond to all requests in line with statutory deadlines, usually within one month.

13. Cookies and Website Tracking

Our website uses cookies and tools to improve functionality and analyse usage. For details of how we use cookies and how you can control them, please see the Cookies Policy.

14. Contact Us

If you have any questions about this Privacy Policy, please send email to info@modernlegal.co.uk . If you are unhappy with how we process your data, you can also make a complaint to the Information Commissioner’s Office (ICO): www.ico.org.uk.

Scroll to Top