Privacy Policy

Introduction

  1. Ansar London Limited (“Ansar”) is the legal practice of Usman Sheikh (“US”). US is registered with the Information Commissioners Office, registration number ZA553526. The services which Ansar offers are set out on our website www.ansar.london. When we hold an individual’s personalinformation we do so in accordance with all applicable legislation including the Data Protection Act 2018 (“DPA”) and the EU General data Protection Regulation in force from 25 May 2018 (“GDPR”) as they are now and as they may be amended and superseded from time- to-time (together the “Legislation”).
  2. We know that you care about your personal data and how it is used, and we want you to trust that Ansar uses your personal data carefully. This Privacy Policy will help you understand what personal data is and what personal data we collect, why we collect it and what we do with it.
  3. This Privacy Policy explains:
  • Information we may collect about you
  • How we collect that information
  • Our legal basis for holding that information
  • How we may use that information
  • Disclosure of your personal information to third parties
  • Security of your personal information
  • Data retention
  • Your legal rights
  • Uses of our website
  • Notification of changes to our privacy policy Contact details and further information

Please take a moment to familiarise yourself with our privacy practices and let us know if you have any questions by contacting our Information Management Officer (IMO) whose details are stated below.

What Is An IMO?

  1. We have a designated person who is responsible for our data management.
    We call that person an Information Management Officer or IMO. That is
    not a statutory role. There is a formal obligation to have a Data Protection
    Officer or DPO in certain circumstances, but we do not meet those
    circumstances. Therefore, the first point of contact for any concerns you
    have in relation to your data for whatever reason is our IMO.
  2. Our IMO is US. You can contact him as follows:
    Telephone: 020 8993 4990
    Email: office@ansar.london
    Writing: Ansar, 81 Gunnersbury Lane, London, W3 8HQ

Your Duty To Inform Us Of Changes

  1. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

If You Are Unable To Provide Personal Data

  1. Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with legal advice). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

Our Role As Data Controller

  1. When we at Ansar make all the decisions about how your data is processed, we are acting as the data controller. However, when we are processing your personal data on behalf of a third party in accordance with their strict instructions, we are acting as a data processor. This Privacy Policy complies with our obligations to provide you with information as a data controller.

What Is Data?

  1. In this document, we adopt the same definitions as the GDPR, in particular:
    Personal data ‘means any information relating to an identified or identifiable natural personal (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.

How Do We Collect Your Data?

  1. How your personal data is collected depends on your relationship with us. For example, if you are a client using our legal services, if you are a visitor to our website or a subscriber to our services. We use different methods to collect data from and about you including through:

    Direct interactions
    You may give us details of your identity, contact information and other financial data by speaking to us direct, filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    (a) Create an account on our website or on our case management system;
    (b) Subscribe to our service or publications; or
    (c) Request marketing to be sent to you.

    Automated technologies or interactions
    As you interact with our website or our case management system we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies. Please see our cookies policy for further details.

    Third parties or publicly available sources
    We may receive personal data about you from various third parties and public sources, especially concerning anti-money laundering, passport and driving licence authenticity, company directorships and such like.

    Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based inside the UK and the EU. 
    Where we obtain personal data from third party suppliers, we ensure that these suppliers are bound to respect data protection laws and your privacy rights pursuant to their contract with us.

The purposes of the processing:

  1. We may need to use some information about you to:
    a) deliver legal services advice and support to you that you have requested from us;
    b) manage those services we provide to you;
    c) train and manage the employment of our staff who deliver those services to you;
    d) help investigate any complaints you have about the services we provide to you
    e) keep track of the amount of costs you may have incurred on instructing us to act on your behalf in providing those services you request us to provide;
    f) check the quality of the services that we provide to you; and
    g) to help with research and planning of new services
  2. We will only use your personal data when legally permitted and
    a) Where we need to perform the contract between us; 
    b) Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
    c) Where we need to comply with a legal or regulatory obligation;
    d) Where we send you marketing material we rely on your consent as a legal ground for processing your personal data. You have the right to withdraw consent to marketing at any time by emailing us at office@ansar.london or by clicking on the resource links in the material itself where applicable

Please contact us if you need details about the specific legal ground we are relying on to process your personal data.

The categories of personal data concerned

  1. We may collect, use, store and transfer different kinds of personal data about you. The type of data we collect about you depends on your relationship with us. For example, if you are a client using our legal services, if you are a visitor to our website or a subscriber to our services. In all cases, we have grouped together the different kinds of data we may or are likely to collect from you:

    Identity Data includes first name, maiden name, last name, marital status, title, date of birth and gender.
    Contact Data includes billing address, delivery address, email address and telephone number.
    Profile Data which may include your username and password, full name, address of yourself and others in your family, your interests in our other services, preferences, feedback and survey responses.
    Transaction Data which may include details about facts relevant to the services that we are providing to you.
    Financial Data includes bank account and payment card details.
    Technical Data which may include internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites including our office management system Actionstep.
    Marketing and Communications Data which may include your preferences in receiving marketing from us and our third parties and your communication preferences.
    Special Categories of personal data includes race, ethnic origin, medical information, political information and criminal convictions.

The recipients or categories of recipient to whom your personal data has been or will be disclosed

  1. The recipients of your data depend on your relationship with us. For example, if you are a client using our legal services, if you are a visitor to our website or a subscriber to our services. In all cases, we have grouped together the different kinds of recipients of your data as follows:

    Internal Staff. Our office based and remote working staff will have access to your data to provide you with the services and support for which you engage us. Prior to engagement, they are required to sign our contract for services and are therefore always subject to our rigorous data management policies.
    External “Staff”. We occasionally instruct other people who have the appearance of being directly employed by us as external consultants, for example consultant solicitors to manage or assist on for example cases on a semi-permanent or ad hoc basis as circumstances dictate. They are prior to engagement required to sign our contract for services and are therefore always subject to our rigorous data management policies.
    Third Party Service Providers. In the future, we may instruct third parties to assist us where necessary to ensure that you either comply with the requirements of the law or to give best service to you as a client. The former category of providers includes experts such as tax experts, barristers and so on, often as a consequence of a legal requirement already in place or a court order requiring us to do so. Sometimes we use third parties to optimise our services to you such as digital dictation companies, external tax advisors, external book keepers who are better able to provide technical competences to Ansar without the cost of employing those services full time. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

The recipients in third countries or international organisations to whom your personal data has been or will be disclosed

  1. From time to time, we may share your personal data which involves transferring it to third parties who may be established outside the European Economic Area (EEA).
  2. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
    a. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission such as New Zealand where we may for example send our typing for transcribing purposes.
    b. Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
    c. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

The envisaged period for which your personal data will be stored and why

  1. We expect to retain your data in electronic format and/or hard copy format for a limited period. Under Money Laundering Regulations and the Proceeds of Crime Act we are obliged to retain certain information for 5 years. In relation to a potential negligence claim that you may commence against us the time limit is 6 years. We will typically not keep your files for more than approximately 6 years as a consequence.

Data Collected From Other Sources

  1. We may occasionally collect data from external sources and these can be broadly broken down as follows:
    Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources, especially concerning anti-money laundering, passport and driving licence authenticity, company directorships and such like.
    Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register (or third-party companies that obtain that data on our behalf) based inside the UK and the EU. Where we obtain personal data from third party suppliers, where possible we ensure that these suppliers are bound to respect data protection laws and your privacy rights pursuant to their contract with us.

Special Categories of Personal Data

  1. We will collect and process Special Categories of Personal Data only in the specific instances whereby UK GDPR allows, for example for:
    (a) Checking your right to work in the UK;
    (b) Providing legal advice to you;
    (c) Complying with legal obligations.
  2. We will only process this data if we have a legal ground for doing so and a specific processing condition, as required by the Data Protection Act 2018.
  3. Please be aware that by signing our Client Care Letter, you are giving your explicit consent to us processing Special Categories of Personal Data.

Data Security

  1. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
  2. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

What Are Your Rights?

  1. You also have these additional rights:
    The right to be informed
    You always have the right to be informed that we are holding your data and that we are processing your data. You also have the right to receive other information that we have included in this Privacy Policy.
    The right of access
    You have a right to access your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. We can also provide you in most cases with direct access to your data by granting you access to our online portal of Actionstep in addition to or in the alternative to providing you with a copy of the data itself.
    The right to rectification
    You also have the right of personal data that we hold about you to be rectified (corrected). This right enables you to have any incomplete or inaccurate data we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.
    The right to erasure
    The right to erasure (often referred to as the right to be forgotten) enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
    The right to restrict processing
    This right enables you to ask us to suspend the processing of your personal data in the following circumstances:
    (d) if you want us to establish your data’s accuracy;
    (e) where our use of the data is unlawful, but you do not want us to erase it;
    (f) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend a legal claim; or
    (g) you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
    The right to data portability
    You also have the right for your personal data to be sent (ported) to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
    The right to object
    You have a right to object to us using your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular circumstances that makes you want to object to us (or the third party) processing your data on this ground as it impacts on your fundamental rights and freedoms. You always have the right to object to us using your personal data where we are processing your personal data for direct marketing purposes.
    Rights in relation to automated decision making and profiling.
    We do not use your data to prepare automatic decisions without human interaction.

Time Limits For Us To Respond To Your Requests

  1. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

Complaints – Lodging a complaint with our supervisory authority

  1. If you have a complaint about how we have cared for your data, we would appreciate an opportunity to deal with your concerns and offer solutions before you approach the Information Commissioner’s Office (ICO). If you do agree to that course of action (and you are not obliged to do so), please contact our IMO whose details are near the top of this privacy policy. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). US’s registration number ZA553526

How Do We Keep This Policy Up To Date?

  1. Ansar will occasionally make changes and corrections to this Privacy Policy. If we believe that the changes are material, we’ll let you know by doing one (or more) of the following:
    (1) posting the changes on our website, or
    (2) sending an email to you informing you about the changes; or
    (3) writing a letter to you.

Last updated: 6 December 2022

Let’s Get Started

Take the First Step on Your Immigration Journey

Get Started

Free Consultation? +44 (0)20 8993 4990

Scroll to Top