Skip to main content

Privacy Notice

Tenet Law Ltd

This Privacy Notice explains how Tenet Law Limited collects, uses and protects your personal data when providing legal services.

We are committed to safeguarding your privacy and handling your personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Notice applies to clients, prospective clients and other individuals whose data we process in connection with our legal services.

Who we are

Tenet Law Ltd is a limited company registered in England & Wales (Company No. 09776405), authorised and regulated by the Solicitors Regulation Authority (SRA No. 626562), and registered with the Information Commissioner’s Office (ICO Ref: ZA340397).

For the purposes of data protection law, we are the data controller of your personal data.

Contact details

If you have any questions about the Privacy Notice or how we handle your personal data, please contact:

Arun Chauhan

Compliance Officer

arun.chauhan@tenetlaw.co.uk

 

What personal data we collect

The personal data we collect will depend on the nature of your matter. It may include:

  • Personal data:g. your name, address, contact details, date of birth and identification documents
  • Financial information:g. bank details and source of funds
  • Matter-related information:g. documents, correspondence and other information relevant to your matter
  • Special category data:g. health information, or data relating to criminal matters, where necessary

 

Sources of personal data

We may collect your personal data from:

  • You or your authorised representatives
  • Third parties acting on your behalf
  • Other professionals involved in your matter (such as barristers, experts, or insurers)
  • Publicly available sources where relevant
  • Regulatory or government bodies

 

Lawful basis for processing

We process your personal data on the following legal bases:

  • Performance of a contract – to provide legal services to you
  • Legal obligation – to comply with regulatory and legal requirements (including anti-money laundering obligations)
  • Legitimate interests – to operate and manage our practice, including risk management, fraud prevention and service improvement
  • Consent – where required, for example in relation to certain types of data or marketing

Where we process special category data, we also rely on:

  • the establishment, exercise or defence of legal claims;
  • compliance with legal or regulatory obligations; and/or
  • your explicit consent where required

 

How we use your personal data

We use your personal data in order to:

  • provide legal advice and services
  • verify your identity and source of funds
  • communicate with you about your matter
  • manage and administer your file
  • comply with our legal and regulatory obligations
  • handle complaints or defend legal claims
  • obtain professional advice, including from barristers or experts

 

Who we share your personal data with

We may share your personal data with third parties where necessary, including:

  • courts, tribunals and regulatory authorities
  • barristers, experts and other professional advisers
  • financial institutions and insurers
  • identity verification and compliance service providers
  • external auditors and accreditation bodies
  • our professional indemnity insurers and legal advisers
  • government and law enforcement agencies where required

We will only share your data where necessary and ensure that appropriate safeguards are in place.

 

External auditing and quality assurance

We may permit external organisations to access limited information from your file for the purposes of audit, compliance, or quality assurance. This may include our regulators (such as the Solicitors Regulation Authority), professional advisers (such as accountants), or accreditation and assessment bodies.

Any such access will be strictly limited to what is necessary for the relevant audit or review process. We will take reasonable steps to ensure that any third party is subject to appropriate confidentiality obligations and handles your data in accordance with applicable data protection laws.

Access to legally privileged or particularly sensitive material will not be provided unless required by law or regulation.

The lawful basis for this processing is our legitimate interests in maintaining regulatory compliance and professional standards, and/or compliance with our legal obligations.

 

Use of artificial intelligence

We may use artificial intelligence (AI) tools to assist in the delivery of our legal services, including document review, legal research and drafting support.

Any use of AI is subject to appropriate safeguards and supervision by qualified legal professionals. We take reasonable steps to ensure that personal data processed using such tools is handled securely and in accordance with data protection law. Where third-party providers are used, we ensure appropriate contractual and technical protections are in place.

You should not share our advice or documents with third-party AI tools, as this may compromise confidentiality and legal privilege. Further details are set out in our Terms of Business.

 

How we protect your personal data

We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

These measures include secure IT systems, encryption, access controls, staff training and confidentiality obligations.

 

How long we keep your personal data for

We retain your personal data for as long as necessary for the purposes for which it was collected.

In most cases, we will retain your data for a minimum of 7 years from the date of the final bill, unless a longer retention period is required by law, regulation or our insurers.

 

Your rights

Under data protection law, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate personal data
  • Request erasure of your personal data (in certain circumstances)
  • Restrict or object to processing
  • Withdraw consent where processing is based on consent

To exercise your rights, please contact us using the details above.

 

Complaints

If you are unhappy with how we handle your personal data, please contact us in the first instance so that we can address your concerns.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Website: www.ico.org.uk

 

Marketing

We may use your contact details to provide information about our services where permitted by law.

You may opt out of marketing communications at any time by using the unsubscribe link in our emails or by contacting us directly.

We will not sell or share your data for marketing purposes.

 

Changes to this Privacy Notice

We may update this Privacy Notice from time to time. The latest version will always be available on request or on our website.