Penmans Solicitors Offices in Coventry, Kenilworth, Wellesbourne, Warwickshire

Privacy Policy

Please read this privacy policy notice carefully as it contains important information on how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

Who We Are.

Penmans Solicitors LLP. Our office and contact details are at the end of this notice.  When we use your personal data we are regulated under the Data Protection Act 1998, and effective 25th May 2018 by the General Data Protection Regulation (“GDPR”) which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal data for the purposes of the GDPR. We are registered with the Information Commissioners Office (ICO) under registration number Z8984601 Our use of your personal data is subject to your instructions, the Data Protection Act and GDPR, other relevant UK and EU legislation and our professional duty of confidentiality.

Personal Data we collect about you.

Personal data we always collect:

  • Your name, address, email and telephone numbers
  • Information to enable us to check and verify your identity
  • Information relating to the matter in which you are seeking our advice or representation

Personal data we may collect depending on why you have instructed us:

  • Your National Insurance and tax details
  • Your bank and/or building society details
  • Details of your spouse/partner and dependants or other family members
  • Your employment status and details including salary and benefits
  • Your employment records
  • Your medical records
  • Details of your previous convictions
  • Any other information necessary for the purpose of following your instructions

This personal data is required to enable us to provide our service to you. If you do not provide personal data we ask for, it may delay or prevent us from providing services to you.

What we use your personal information for and why


What we use information for                                                                                                          Why

To provide legal services to you To meet our obligations to you
To confirm your identity Regulatory requirement and professional obligation
Providing information required by or relating to audits, enquiries or investigations by regulators, professional bodies, lenders, quality schemes, insurers and similar organisations Regulatory requirement and professional obligation
The recording of telephone calls Security and training purposes
To ensure compliance with our own policies and procedures To ensure the quality of the service we provide
Statistical analysis to help us manage our practice To ensure the quality of the service we provide
Updating client records To ensure the quality of the service we provide
Marketing our services to existing and previous clients and to non clients who have previously expressed an interest in our services To promote our services


The above table does not apply to special category personal data, which we will only process with your explicit consent (or other specific authority such as Order of the Court). Special category personal data is defined by GDPR as information relating to race, ethnic origin, politics, religion, trade union membership, criminal convictions, genetics, biometrics (where used for ID purposes), health, sex life or sexual orientation.

Who we share your personal data with

We routinely share personal data with:

  • colleagues within Penmans in order to deal with your matter and to ensure compliance with our professional obligations.
  • other people in the course of dealing with your matter. This includes people such as your barrister, medical experts (in a personal injury case), your lender and the Land Registry (on a conveyancing matter).
  • “the other side”, their advisers and experts as your matter dictates.
  • other organisations who provide services to us in order that we can provide our service to our clients
  • our insurers, accountants and other professional advisers to our business.
  • external auditors.
  • our banks.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

We may also

  • disclose and exchange information with regulatory bodies to comply with our legal and regulatory obligations.
  • provide information to the National Crime Agency (NCA) (or any other body) to meet our obligations under the regulations relating to money laundering and the proceeds of crime.
  • need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. The recipient of the information would be bound by confidentiality obligations.

Where your personal data is held

Information will be held at our offices (see below). Data is also held by Our IT provider at premises within the United Kingdom. We do not intend that any of your personal information held by us will be either held or transferred outside of the EU.

How long your personal data will be kept

We will keep your personal data after we have finished acting for you. We will do so for one of these reasons:

  • to respond to any questions, complaints or claims made by you or on your behalf
  • to show that we treated you fairly
  • to keep records required by law.

We will retain records for

  • a minimum period of 6 years but
  • 10 years in respect of the purchase of a property or the administration of an estate and
  • indefinitely/until 6 years after death in respect of instructions to make a Will

We will not retain your data for longer than necessary for the purposes set out in this policy. Thereafter information in both paper and electronic form will be deleted or destroyed save that we may retain for a longer period basic information (name, address and matter) which is necessary for identifying potential conflicts.

Your rights

You have the following rights, which you can exercise free of charge:

Access to your personal information and to certain other supplementary information that this Privacy Notice is designed to address;

  • Require us to correct any mistakes in your information which we hold;
  • Require the erasure of personal information concerning you in certain situations;
  • Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
  • Object at any time to processing of personal information concerning you for direct marketing;
  • Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • Object in certain other situations to our continued processing of your personal information;
  • Otherwise restrict our processing of your personal information in certain circumstances.

For further information on each of those rights, including the circumstances in which they apply we would refer you to the Guidance from the UK Information Commissioners Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

Email, call or write to our Data  Protection Manager — see below: ‘How to contact us’;

  • Let us have enough information to identify you
  • provide proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill)
  • Let us know what right you want to exercise and the information to which your request relates.


How to complain

If you are unhappy about the data we hold, how we use it or about this policy then please contact us with your concerns.  We hope that we can resolve any concerns you raise.

The GDPR  also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at

Changes to this Privacy Policy

This privacy policy was published on 25th May 2018.

We may change this privacy policy from time to time when we do then, if you are still a current client of the firm, we will inform you via our usual means of written communication with you.  We will also publish the updated policy on our website,

How to contact us

Please contact our Data Protection Manager by post, email or telephone if you have any questions about this privacy policy or the information we hold about you.

Practice Manager and Data Protection Manager

Julie Bunyan

Penmans Solicitors, 17a Queens Road, Coventry, CV1 3DH               024 7622 6575

Other offices at:

30-32 Warwick Road, Kenilworth, CV8 1GW

The Precinct, Wellesbourne, CV35 9NL

Legal Practice Quality Mark Accredited Conveyancing Quality Accredited Children Law Accreditation Family Law Advanced Accredited Criminal Litigation Contracted with the Legal Aid Agency