Privacy Notice, Cookies & Sub-processors

This Privacy Notice (“Notice”) applies whenever The Compliance Office Limited (referred to in this Notice as “The Compliance Office”, “we” or “us”) processes any personal data about you – for example, by collecting it, using it, storing it, or disclosing it to others.  It describes how and why we process your personal data, and what rights you can exercise in respect of your personal data.

Please note that this Notice applies only to the personal data described below, which we process as a controller.  If we process any personal data on behalf of our clients to provide our compliance services to them, we will undertake that processing as a processor in accordance with our clients’ instructions and subject to our data processing terms with our clients.  If you have any questions about personal data we process as a processor, we will direct those questions to the relevant client who is the controller of that data.

 

About us

The Compliance Office is a limited company registered in England and Wales (company number 09133668).  Our registered address is at 20 Grosvenor Place, London, SW1X 7HN.  Our VAT number is 197 1067 86.

The Compliance Office is registered with the Information Commissioner’s Office under registration number ZA075078.

 

How to contact us

If you have any questions or concerns about our processing of your personal data, please contact Jennifer Dunlop (Privacy Manager) using any of the following details:

• email: contact@complianceoffice.co.uk

• phone: +44 (0)1789 868444

• post: Jennifer Dunlop, The Compliance Office, 20 Grosvenor Place, London SW1X 7HN.

 

4. What personal data do we collect and why?

The personal information that we may collect about you broadly falls into the following categories:

• Information that you provide voluntarily

We may ask you to provide personal information voluntarily: for example, we may ask you to provide your contact details to deliver the service we have agreed, to subscribe to marketing communications from us, and/or to submit enquiries to us.  The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information. Some of the personal information that you provide may include sensitive personal information, such as health-related information or information about your race or ethnicity, which we may need to provide the service to you.

• Information that we collect automatically

If you visit our website, we may collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type and other technical information.  We may also collect information about how your device has interacted with our website, including the pages accessed and links clicked. 

Collecting this information enables us to better understand the visitors who come to our website, where they come from, and what content on our website is of interest to them.  We use this information for our internal analytics purposes and to improve the quality and relevance of our website to our visitors.

• Information that we obtain from third party sources

From time to time, we may receive personal information about you from third party sources, but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us. 

The types of information we collect from third parties include information on your indemnity insurance, or claim/complaint information and we use the information we receive from these third parties to assist us in advising you.

How we use your information

We will collect information about you and keep this on our computers, in our email, in cloud storage and on paper for a certain period of time. The main reasons for this are to:

• deliver the legal services we have agreed in contract to provide to you. For example, we may use your information to write letters on your behalf or prepare legal documents to help you with your matter;
• comply with the law. For example, as solicitors we have to perform ‘conflicts of interest’ checks for new cases against a list of current and former clients. We also have a legal duty to report suspicious activity to the National Crime Agency (‘NCA’) if we suspect money laundering.

In some cases we may hold more ‘sensitive’ information about you such as about health. This may be necessary to pursue your legal matter. We are permitted to use such information to provide legal advice to you or in connection with equality legislation.

If we have obtained your consent to use your information in a particular way, you can withdraw such consent but this may limit what more we can do for you (if anything).

[As a client we may also in the future send you a newsletter or similar and find that most clients find this helpful. We rely upon the ‘legitimate interest’ we have in maintaining contact with former clients to do this in data protection law and your agreement for the purposes of the Privacy & Electronic Communications Regulations (which can be implied under these Regulations). However, we will never share your information with third parties to market to you and will not contact you about non-legal services. We will make it quick and easy to ‘opt out’ of future communications in every communication sent. If you already know that you don’t want to receive these communications, then you can opt out now by emailing contact@complianceoffice.co.uk.

Your information may be kept on computer servers within the European Union. If at any point information is stored on computer servers outside of the EU we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice.

We do not use your personal information to make ‘automated decisions’ which affect you.

Will you share my information with anyone else?

We will not share your information with third parties unless this a necessary part of our services to you.

We may disclose the personal data we process:

• to members of our group of companies, who will use your personal information only for purposes set out in this Notice or that are compatible with the purposes described in this Notice;

• to third parties who provide services on our behalf, such as consultants, professional services advisers, IT hosting providers and email providers, subject to strict contractual terms that protect the personal data in accordance with data protection law;

• to any competent law enforcement, judicial or regulatory authority if we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;

• to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this Notice; and

• to any other person if you have consented.

Legal basis for processing personal information

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.  However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.  In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). 

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “What if I have other questions or concerns” heading below.

How long will you keep my information? 

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements We will also always keep a small amount of information after file closure to do conflicts of interest searches in the future to comply with our professional duties.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Can I see what information you hold about me?

You have the following data protection rights:

• If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided below. 
• In addition, if you are a resident of the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided below.
• You have the right to opt-out of marketing communications we send you at any time.  You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.  To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below.
• Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time.  Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

• You have the right to lodge a complaint with a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. Contact details for the ICO, the UK’s data protection authority, are available here.

 

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

We do normally have a right to payment of any outstanding costs before releasing our file but you do have a separate right under the data protection rules to access your ‘personal data’ without charge. This may include having it in a particular electronic format (‘portable’ format).  Please contact Jennifer Dunlop at contact@complianceoffice.co.uk if you would like to request a copy of your personal data.

 

Last updated: January 2026

 

Cookie Policy

 

1. This cookie policy relates to your use of our website, https://complianceoffice.co.uk/

2. Throughout our website we may link to other websites owned and operated by certain trusted third parties to [insert details (eg make additional products and services available to you). These other third-party websites may also use cookies or similar technologies in accordance with their own separate policies. For privacy information relating to these other third-party websites, please consult their policies as appropriate.3. What are Cookies?
   A cookie is a small text file which is placed onto your device (eg. computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These help us recognise you and your device and store some information about your preferences or past action.

For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.

For further information on our use of cookies, including a detailed list of your information which we and others may collect through cookies, please see below.

For further information on cookies generally, including how to control and manage them, visit the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org

4. Our use of cookies

Where necessary, we will ask for your consent to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have.

5. How to turn off cookies and consequences of doing so

If you do not want to accept any cookies, you may be able to change your browser settings so that cookies (including those which are essential to the services requested) are not accepted. If you do this, please be aware that you may lose some of the functionality of our website.

For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.

6. How to contact us

Please contact us if you have any questions about this cookie policy or the information we hold about you.

Email address: contact@complianceoffice.co.uk

Telephone number: 01789 868444

Postal Address: Compliance Office, 20 Grosvenor Place, London SW1X 7HN

7. Changes to this policy

This policy was last updated in September 2023.

 

Our sub-processors

As at the time of writing our sub-processors for data protection purposes are as follows:

• https://www.clio.com/uk/
• https://www.knack.com/
• https://www.microsoft.com/en-gb/

We may change our sub-processors from time to time, when we do we will publish the relevant details here.