top of page

Privacy & Cookie Policy


KB Law Solicitors is committed to protecting the privacy and security of your personal information.


This privacy notice describes how and why we collect and use personal information about individuals within the following categories:

  • Clients

  • Individuals applying for a career at KB Law Solicitors

  • Website visitors

  • Suppliers

  • Contacts

  • Office visitors

  • Individuals who contact us

  • Other individuals

If you are a current or former employee, consultant, worker or contractor, we may hold further personal information about you. For more information, please refer to the privacy notice for employees, accessible via KB Law Solicitors Intranet, or contact Email.

Sometimes we receive personal information directly from individuals but sometimes we receive it via third parties.

The purpose of this privacy policy is to explain:

  • How and why we collect and use your information;

  • where we obtained your information;

  • how you can tell us if you prefer to limit the use of that information; and

  • the procedures that we have in place to safeguard your privacy.

Some of the information we collect may include your “personal data”. Personal data includes your contact details. In this privacy notice, and for the purposes of the Data Protection Act 2018 (‘DPA’), the data controller is KB Law Solicitors of 2nd Floor, Kardelton House, Vansittart Estate, Windsor, United Kingdom, SL4 1SE (“KB Law Solicitors “we” or “us”).

KB Law Solicitors is a limited liability partnership registered in England and Wales under registration number 10194135. It is authorised and regulated (under SRA number 638922) by the Solicitors Regulation Authority. It has notified the Information Commissioner’s Office (ICO) that it processes personal data (under number ZA257056).


This section should be read in conjunction with the client care letter and terms of business, provided to you at the outset.

We may collect and use the following personal information about you:

  • your name and contact information, including address, email address and telephone number(s);

  • Information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin;

  • your gender information;

  • your billing information, transaction and payment card information;

  • information about your business(es);

  • details of your assets and financial position.

  • your name and contact information, including address, email address and telephone number(s);

  • Information to enable us to check and verify your identity, e.g. your date of birth, as well as identity documents such as passports which may contain biometric data or data revealing racial or ethnic origin;

  • your gender information;

  • your billing information, transaction and payment card information;

  • information about your business(es) or employment;

  • details of your assets and financial position.

This personal information is required to provide legal services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing legal services to you.

We collect most of this personal information directly from you – in person, by telephone, text or email and/or via our website and any apps. However, we may also collect information from:

  • publicly accessible sources, e.g. Companies House or HM Land Registry;

  • a third party directly, e.g. a business such as an bank or other referrers that that has introduced you to KB Law Solicitors;

  • customer due diligence providers;

  • a third party with your consent, e.g. your bank or building society.


We use the information you provide primarily for the provision of legal services to you, but also for the following reasons:

  • compliance with our legal and regulatory obligations;

  • fraud prevention;

  • updating and enhancing client records;

  • analysis to help us manage our practice;

  • Statutory returns;

  • Preventing unauthorised access and modifications to systems;

  • External audits and quality checks, e.g. for Lexcel, CQS, Investors in People accreditation and the audit of our accounts.

Where it is practical, we will anonymise your personal information. Where we have your consent, we may send you marketing material by e-mail.

We routinely share personal information with:

  • third parties we use to help deliver our legal services to you, e.g. payment service providers, IT infrastructure providers, barristers, experts and delivery companies;

  • other third parties we use to help us run our business, e.g. marketing agencies or website hosts;

  • due diligence providers;

  • our insurers and brokers;

  • our bank[s];

  • where necessary, companies within the KB Law Solicitors group

We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

We will keep your personal information while we are providing legal services to you. Thereafter, we will keep your personal information for as long as is necessary to:

  • respond to any questions, complaints or claims made by you or on your behalf;

  • show that we treated you fairly;

  • keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. Further details on this aspect are available on request.

Individuals applying for a career at KB Law Solicitors

As part of our recruitment processes we collect information relating to candidates. Most information is collected from candidates directly, through their CV and other information included in any application. We may also receive information from third parties involved in screening checks, notably select recruitment agencies, regulatory bodies and any agencies involved in due diligence such as disclosure and barring service (DBS) checks. Sometimes we collect information from online sources such as social media, online profiles, press or other websites.

Information received as part of applications is used primarily to process the application and also to analyse data for trends. Our reason for processing information regarding applicants is to support our legitimate business interests, but also for reasons of wider public interests. For instance, as part of our efforts to promote equality and diversity, we may collect and use personal information relating to race, ethnicity, religion and health.

Successful applicants’ information is retained in accordance with our privacy policy for employees and other workers.

Unsuccessful applicants’ information is retained for a period of no longer than 12 months, mainly in case other opportunities arise but also as a record of recent applications. Certain Home Office requirements may also apply if we sponsor a worker from outside the EU and need to maintain records of applicants for auditing purposes.

Website visitors

This privacy notice forms part of and must be read in conjunction with our website terms and conditions.


We may collect and process the following information about you:

  • information we receive from you - you may give us information about you by filling in forms on our website or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our Website, subscribe to our service and/or when you report a problem with our Website. The information you give us may include your name, address, e-mail address and phone number and financial information;

  • information we collect about you - each time you visit our website we may automatically collect technical information, including the IP address used to connect your device to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect information about your visit, including the full URL clickstream to, through and from our Website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages and methods used to browse away from the page.

  • information we receive from other sources - we may receive information about you if you use any of the other websites we operate or other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.


Cookies are text files containing small amounts of data which are downloaded to your computer when you visit a website.


Cookies are useful because they allow us to recognise your computer, and improve your experience on our websites.


Your web browser (such as Internet Explorer, Firefox or Chrome) then sends these cookies back to the website on each subsequent visit so that we can recognise you and remember things your user preferences. Cookies can only be read by the server that sent it to your browser.


When you are viewing a website, a cookie is transferred to your browser by the web server and is stored on your computer. It can only be read by the server that gave it to you and cannot be used to identify you as it never contains personal information such as your name or email address.

To find about more about cookies visit

Our website uses cookies and on your first visit you will have been asked to consent to our use of cookies. Cookies are small text files which are downloaded onto your device when you visit our website. The cookie file is then sent back to us after each visit and helps identify you and any particular interests or preferences you express. Whenever you use our website information may be collected through the use of cookies. By using our website you agree to our use of cookies as described in this Policy.

The information saved supports the functionality of our website. During some processes, data is temporarily stored as you move from step to step. This improves your experience of our website, and data is only stored for as long as is necessary for you to complete the process. All other cookies will expire when you close the internet browser.


We use the following cookies:

  • strictly necessary cookies - these are cookies that are required for the operation of our website. Without these cookies, interactive services our online payment facility would not be available;

  • analytical/performance cookies - these allow us to and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily; and

  • functionality cookies - these are used to you when you return to our Website. This enables us to our content you.


You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, this may result in limited functionality and you may not be able to access all or parts of our Website.

Managing analytics cookies

It is possible to opt out of having your browsing activity recorded by analytics cookies. Opt out of Google Analytics cookies. Please note that this will take you to Google's website and generate a ‘no thanks' cookie, which will stop any further cookies being set by Google Analytics.

Remember that by opting out of our analytics cookies we're not able to learn what our users and members like or don't like about our websites so that we can make them better.

Your consent applies to the following domains:

Visitors to our offices

Various security measures are in place at our offices:

  • Visitor records – all visitors to our offices are required to sign in and out. Basic information such as the visitor’s name and business is recorded. The sign-in sheets are locked away and destroyed after a short period of time. These records are only accessed if we need to investigate an incident.

  • CCTV – If our offices have CCTV cameras installed. The images are securely stored and the data is overwritten after a number of weeks. These records are only accessed if we need to investigate an incident and may be disclosed to the authorities.We consider CCTV necessary for the safety of our staff and visitors, as well as the detection and prevention of crime.


Individuals who contact us

Where individuals contact us for information, we collect basic information such as name, contact details and the nature of their enquiry. Information will normally be used only for the purposes of responding to the enquiry. Inbound telephone calls to certain departments are recorded and a sample of the calls are monitored for compliance and quality purposes. The recordings are stored for a short period of time and the retention periods for other enquiries vary depending on the nature but they will be kept for no longer than necessary.

Other individuals

In the course of delivering legal services to our clients, or otherwise operating our business, we collect information relating to individuals who do not fall into any of the categories listed above. The information collected depends on which area of our business is responsible for the processing, but it includes:

Such processing is necessary in order to protect our legitimate business interests, deliver a proper standard of service to our clients and to comply with our legal and regulatory obligations.

Sometimes we share information with selected third parties if necessary to comply with our legal and regulatory obligations. For instance, we may as part of customer due diligence and fraud prevention measures carry out identity or screening checks in respect of third parties and require information regarding their financial circumstances.

In the vast majority of cases such information will be collected as part of a client matter and the information will therefore be held in accordance with the retention period that applies to that area of law. We will also, where practical, make efforts to redact and anonymise data where it is not necessary for individuals to be identified as part of any processing activities.

Use of your information

We use information held about you in the following ways:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;

  • to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;

  • to notify you about changes to our service;

  • to ensure that content from our Website is presented in the most effective manner for you and for your device;

  • to administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

  • to allow you to participate in interactive features of our service, when you choose to do so:

    • as part of our efforts to keep our Website safe and secure;

    • to analyse information/data and assist us in the improvement and optimisation of our Website; and

    • to make suggestions and recommendations to you and other users of our Website about services that may interest you or them.

Where your personal information is held

Information may be held at our offices, or on backup servers maintained by our IT consultants. Alternatively, it may be held by any of the third parties listed above.

Some of these third parties may be based outside the European Economic Area (EEA). Territories outside the EEA countries generally do not have the same data protection laws as the UK and EEA. We will, however, take reasonable steps to ensure the transfer complies with data protection law and all personal information will be secure.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit Get Safe Online is supported by HM Government and leading businesses.

Your rights

You have the following rights, which you can exercise free of charge:

Access - The right to be provided with a copy of your personal information (the right of access)

Rectification - The right to require us to correct any mistakes in your personal information

To be forgotten - The right to require us to delete your personal information—in certain situations

Restriction of processing - The right to require us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data

Data portability - The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

To object - The right to object:

  • at any time to your personal information being processed for direct marketing (including profiling);

  • in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.

If you would like to exercise any of those rights, please send an Email.


Please note that before discussing any request we may require you to provide information in order to verify your identity.


How to complain

We always aim to resolve any query or concern you may raise about our use of your information. Please send details of any concerns to Email

The DPA also gives you right to lodge a complaint with the data protection regulator, the ICO. For more information, please visit or telephone: 0303 123 1113.

Changes to this privacy notice

This privacy notice is kept under regular review to ensure it is meaningful and accurate. It was last updated in March 2019.


How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you. You can write to our Head of Compliance at our head office or send an Email.

bottom of page