In the EU’s General Data Protection Regulation (GDPR), Personal Data is defined as “…any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.”
How we use your information
- Provide advice and assistance
- Produce documents you have instructed us to prepare
- Provide annual reminders and services you have instructed us to provide
- Market to you other services that are recommended
- Refine our website and improve your experience when using it through cookies
Why do we need to collect and store personal data?
In order for us to do any of the above, we must collect and store your data firstly for correspondence purposes. We will ensure that the information collected will only be used for its intended purpose and does not constitute an invasion of your privacy.
Thyme Wills may wish to contact you for marketing purposes; however we would obtain additional consent for that purpose if not already given.
Will we share your personal data with anyone else?
We may need to pass your details onto third parties who are either contracted to, or part of Temis & Co. Any third parties who we do pass your details onto are obliged to store your details securely and only process them if responding to information requests, queries, complaints, etc. on our behalf.
If we wish to pass your personal data to a third party, we will only do so with your explicit consent, unless we are legally obliged to do so otherwise.
What data we will process
We aim to process data, whether personal data or not, only to the extent necessary for us to provide our clients with our services and for other agreed purposes.
Often we may collect information in a general way and use it to provide class information. If we use it for this purpose individuals will not be personally identifiable.
If you are a personal client, personal data that we may process may include contact information, information about your family members and financial information such as that relating to your assets, income, expenses, taxation and investments. We may also be required to process information deemed to be “special category” information, such as your race or ethnic origin, information about your health and medical history, information about your sexual life and orientation and information about your political, religious or philosophical beliefs.
In most cases, your personal data will have been provided to us by you. However, with your consent, or if it necessary in order to provide you with our services, we may have obtained personal data from a third party source.
Third parties connected to clients and suppliers
We may process your personal data if you have a personal or business connection with any of our clients or suppliers. For example, you may be a family member, business partner or advisor, supplier or transaction counterparty.
The data we process may include contact information, information about business activities, information about partners, directors, employees and financial information such as that relating to income, expenses, taxation and investments.
We may be given your personal data by our clients or suppliers, or by third parties acting on the instructions of a client or a supplier.
We ask our clients and suppliers to bring this privacy notice to your attention as soon as they become aware that we process your personal data.
If you supply our business with goods or services, including subcontracted services that we supply to our clients, then we may process your personal information. However, we do so only to the extend necessary to contract with you.
In most cases, your personal data will have been provided to us by you. However, sometimes we use third parties such as credit rating agencies to make decisions regarding our relationship.
How will we use the personal data we collect about?
Processing data constitutes as collecting, storing and using. We will process this data in accordance with the GDPR. We will do our utmost to keep your information accurate and up to date and not keep it longer than is necessary.
The personal data that we collect through our website will be added to our database only once we have contacted you and you have instructed us.
Temis & Co may issue occasional reminders to all customers to keep their contact details up to date and will update them accordingly.
Please be advised that there is information that we are required to keep in accordance with the law, such as information needed for tax and audit purposes. Personal data may be held for longer than these periods; however this will depend on the individual needs of the company.
Under what circumstances will we contact you?
We will only ever contact you when necessary, or when you have requested that we do so. We do not mean at any point to be intrusive or ask for unnecessary information. We will do our best to ensure that the information we hold is as secure as possible to minimise the risk of unauthorised access or disclosure.
Can you find out about the personal data that we hold about you?
If you want to see what personal data we hold on you and how it is processed, you may contact us to request this. This is known as a Data Subject Access Request (DSAR) and you must request this in writing (either by post or email), providing the necessary identification before any information is released. If Temis & Co do store any of your personal data, you may request information on the following:
- Identity and the contact details of the person or organisation that has determined how and why to process your data.
- Contact details of the GDPR owner, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of a third party, information about those interests.
- The categories of the personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is or will be disclosed to.
- If we intend to transfer the personal data to a third country or international organisation we will provide information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
What forms of ID will you need to provide in order to access this?
We will accept the following forms of ID when information on your personal data is requested:
- Current passport, photo driving licence or bus pass; and
- Utility bill or similar dated within the last three month
- If two pieces of ID cannot be supplied then we will accept an ID1 form completed by a Solicitor.
Contact details of the GDPR Owner
If you wish to submit a DSAR, or have any questions regarding this privacy statement, you must do so in writing using the following information:
To make our website www.probateinspain.com simpler, small data files may be placed on your computer. These are known as cookies. Most big websites do this too.
They improve things by:
- remembering settings, so you don’t have to keep re-entering them whenever you visit a new page;
- remembering information you have given (for instance, your postcode) so you don’t need to keep entering it;
- measuring how you use the website so we can make sure it meets your needs.
You can opt out of Google Analytics cookies for all sites by going to: https://tools.google.com/dlpage/gaoptout/
You can learn more about cookies and how to manage them by visiting AboutCookies.org
Third Party Cookies
These are cookies that are set by our website directly.
There are also cookies that store basic data on your interactions with any website platform we use to run the website.
Third Party Cookies
These are cookies set on your machine by external websites who services are used on our website. Cookies of this nature are the sharing buttons across the website that allows visitors to share content on social networks. Cookies are currently set by Twitter, Facebook and Google+. If you want to prevent websites setting third party cookies, instructions to do so can be found on https://www.aboutcookies.org/
Log files would allow us to record visitors’ use of the site. These logs would be automatically generated from all our visitors, which we would use to make improvements to the layout of our website and to the information on it, based on the way that visitors move around it. Log files do not contain any personal information about you.
Links to other websites
Our website may contain links to our partners, as well as other external sites. You should note, that if you click through to any of these external sites, we do not have control over that site (unless it is a website which forms part of the Thyme Wills group of companies). We cannot responsible for the protection of any information that you provide to these other websites as they are not governed by this privacy statement. You should always exercise caution and look at the privacy statement of whichever website it is that you are visiting.