Privacy Notice

In accordance with Data Protection Legislation and the SRA Code of Conduct Whitehead Monckton is committed to protecting and respecting your privacy. This policy explains how we use and protect the information given to us by users of our website. If you have any questions or comments regarding this privacy policy please email us at:

Data Controller

Whitehead Monckton (collectively referred to as “Whitehead Monckton”, “we”, “us” or “our” in this privacy policy) is the controller and is responsible for your personal data.

Information we may collect from you

The information we may collect and process about you includes:

  • identity and contact details such as your name, telephone number(s) and address that you provide by filling in forms on our Website and submitting them to us;
  • identity and contact details that you provide in emails and letters you send to us, including keeping a record of that correspondence;
  • financial details such as bank account details;
  • details of your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data), and the resources that you access.
  • telephone conversations will be recorded in order to ensure an accurate record of all instructions is maintained

If you do not provide personal data

Where we either need to collect personal data to comply with a legal or regulatory obligation, or we request it under the terms of a contract that we have with you, if you fail to provide that data when requested we may not be able to perform the contract that we have entered, or are trying to enter, into with you. In this case we may have to cancel a service that you have requested from us, but we will notify you if this is the case at the time.

How we use the information provided to us

We will process your personal data in accordance with legal requirements.

  • In order to perform the contract we have entered into, or are about to enter into, with you.
  • Where the processing is required in order to comply with a legal or regulatory obligation.
  • Where the processing is in our legitimate interests (or those of a third party) and these are not overridden by your fundamental rights and interests.

We do not generally rely on consent as a legal basis for processing your personal data. Where your opt in consent is given for marketing purposes, you can withdraw that consent at any time by contacting us at

We use information held about you in the following ways:

  • to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
  • to ensure that content from our Website is presented in the most effective manner for you and for your computer;
  • to enable us to improve our products and services;
  • to notify you about changes to our services;
  • to keep a record of the services you have subscribed to;
  • for recruitment and selection purposes;
  • for any other purpose which you have specifically consented to when providing the information.
  • to communicate with you in the course of any work we may be undertaking for your or for our clients.


Where we rely on legitimate interests as a lawful basis for processing, those legitimate interests include the following:

  • to manage, collect and recover payment of fees for the services provided;
  • to ask you to leave a review;
  • to administer, maintain, test, support and update our website;
  • the legitimate interests of our clients including in the pursuit of any claim or right of action and in seeking advice from us
  • to recover outstanding costs payable to us or to assists us in respect of any dispute


If you have provided us with your contact details, we may contact you using any of the contact details provided. We will not contact clients for direct marketing purposes if they have asked us not to.

We will only use your personal data for the purposes for which we collected that data, as set out above. If we need to use your personal data for an unrelated purpose, we will notify you of this and explain the legal basis which allows us to do so.

Disclosure of your information

We may disclose your information to third parties who act on our behalf or who assist us in relation to marketing and business development.

However, you will not be contacted by the third party directly unless you have given your express consent to do so or you have elected to provide your identification information and documents to us via the app operated by our third party partner, Perfect Portal.

In the event that the business and assets of Whitehead Monckton are sold or merged with a third party, we may disclose your personal information to the prospective buyer or merger partner.

We may disclose your information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or in order to enforce or apply our terms and conditions of business and other agreements; or to protect the rights, property, or safety of Whitehead Monckton, our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We require all third parties to whom we disclose personal data to respect the security of that data and to treat it in accordance with applicable law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We do not transfer your personal data outside of the United Kingdom or the European Economic Area.

Where we store your personal data

All information you provide is stored and processed in electronic and/or paper format. Whitehead Monckton ensures that all information is only processed in the United Kingdom, where our secure servers are also based. There are a number of controls to protect data stored in both electronic and hard copy formats. The staff that interact with personal data are trained to do so in a safe and secure manner. Any paper containing personal data which needs to be destroyed is shredded securely.

How long we store your personal data for

We only retain personal data for as long as is necessary to fulfil the purpose(s) for which that data was collected.

We determine the appropriate length of time to retain personal data by considering the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of that data, the purposes for which we process that data and whether or not we can achieve those purposes through other means. Any applicable legal and/or regulatory obligations will be taken into account here as well.

Internet security

The transmission of information via the internet is not completely secure. Although we have appropriate security measures in place to reduce the risk of personal data from being accidentally lost, used, disclosed or accessed in an authorised way, we cannot completely guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

We have procedures in place to deal with any suspected personal data breach. We will notify you and the ICO of such a breach when we are legally required to do so.


Our website uses cookies. For more information about the cookies that we use, please see our Cookie Policy

You can set your browser to refuse some or all browser cookies, but please note that if you disable or refuse cookies, this may affect the functionality of at least some parts of our website.

Your rights

The General Data Protection Rules provide the following rights for individuals:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.


To exercise any of these rights, or for further information on any of them, please email us at:

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner Office (ICO) the UK supervisory authority for data protection issues ( We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Data Protection Officer

We have appointed a Data Protection Officer to oversee the compliance with this privacy notice. If you have any questions about this notice or how we handle your personal information, please contact our Data Protection Officer, Antonio Fletcher.

Website links

Our website may, from time to time, contain links to and from websites which we consider are of relevance to our clients. This can include advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to and updating of information

You have the right to access information we hold about you. Any request for information may be subject to a fee to meet our costs. Such fee will be no greater than the then current maximum figure recommended by the Information Commissioner.

If there are any changes to or you object to the information about yourself which is held by us, please contact us with the changes.