Privacy Policy

O’Neil Morgan Solicitors Limited provides legal and other services to clients. We may share data with other organisations when providing our services. We are committed to protecting your information and privacy.

This notice explains how we use and process personal information collected. It addresses information provided to us

  • When visiting our site
  • When consulting in connection with the provision of legal services
  • Otherwise as a result of our communications with you or one of our clients
  • When subscribing to our email updates or other marketing activities.

It sets out how we process it, with whom we may share it and choices you can make regarding use of information collected. It does not apply to personal information of staff in connection with employment, which is dealt with by an internal policy.



This notice may change from time to time. Changes will be incorporated on this page. Please review it periodically. Further information about data privacy may be found in our client engagement letter sent to you along with our terms and conditions.

The last update was September 2019.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.


Who we are

O’Neil Morgan Solicitors Limited is authorised and regulated by the Solicitors Regulation Authority (SRA), SRA ID: 447656. As a regulated practice, we process personal information in accordance with data protection legislation and in line with obligations imposed on us under the SRA Code of Conduct

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.


How we collect your personal information

We collect, retain and process personal information to enable us to give legal advice, provide legal and related business services and conduct legal proceedings and transactions on behalf of our clients.

We may collect personal information in a number of ways, including:

  • Online via our site or any of our social media accounts
  • In hard copy by fax or post, in person, or over the telephone
  • Via phone recording
  • During the course of our dealings with you for or on behalf of a client
  • When you contact us via this site by filling in a form to register for newsletters, email updates, or other services
  • When you contact us with queries, we may keep a record of that correspondence
  • When you complete surveys for research or quality purposes, although you do not have to respond to them
  • When you attend in person at one of our offices, including location data
  • When we collect your personal data from other third parties, for example from our selected data suppliers, other clients or their representatives, including but not limited to loss adjusters or claims investigators or other individuals connected to a claim or matter where we are instructed to act as well as other law firms
  • When we collect publicly available information about you, including, directly or indirectly, through electronic data sources, for example (but without limitation) for the preparation or filing of legal documents and forms, and in connection with anti money laundering and credit risk reduction


Personal information collected

The type of information collected depends upon our relationship with you and the context in which we obtain and process your personal data.

Data collected and processed may include details of the following types of information:

  • Contact information (name, address, (including postal and email addresses), telephone and fax numbers and gender)
  • Occupational information, (job title, former job titles, organisational associations, professional experience and qualifications)
  • Identification documents, including date of birth and photographic identification
  • Online services in respect of which you have expressed an interest
  • Other information collected and used in the course of our business, including (but without limitation) information provided by our clients concerning employees of our clients or those providing services to our clients and information about you which is publicly available and collected, directly or indirectly, from electronic data sources
  • Details of your visits to our site, the resources accessed, including traffic data, location data and other communication data
  • Images captured by CCTV cameras at our offices
  • Where necessary and legally permitted, we may also collect sensitive data, such as diversity and health data and details of offences and related proceedings.


What we do with personal information collected

We use the information provided to:

  • Ensure content from our site is presented in the most effective manner
  • Contact you by email, fax, post or phone where you have provided contact details. We may also keep a record of that correspondence
  • Notify you about changes to our service
  • Improve our products and services, including dealing with claims and legal proceedings under a retainer
  • Conduct our legitimate business interests and those of our clients in connection with the provision of our legal services
  • Maintain internal records, including about cancelled accounts
  • Ensure good governance, accounting, management and auditing
  • Carry out our obligations arising from any contracts entered into between us
  • Refer you to another team within O’Neil Morgan Limited about other legal services which may be of benefit to your interests
  • Provide you with information, products or services which you request from us
  • Send you information, or newsletters and legal updates which you may find of interest where you have indicated your wish to be contacted for such purposes
  • Pass your details to experts, including counsel and other professionals for the purposes of obtaining professional advice and complying with our contractual obligations
  • Pass your details to secure third party service providers, who are under contract to assist us in our provision of legal services
  • Convert into anonymised, statistical or aggregated data which cannot be used to identify you but may be used for the purposes of statistics, research reporting and future planning for our business and strategic objectives
  • Where we have other legitimate reasons, such as to enforce our terms of use, or take other action required or permitted by law or for other safety and security reasons
  • To respond to complaints against us


Who do we share your information with

In providing our services, we may provide your personal information to our staff or other third parties, such as:

  • Any successors in title to our business, or as part of mergers
  • To other suppliers, such as expert witnesses, counsel, or other external agencies such as translations services, IT support service providers etc. that we engage on our/your behalf. When we do so, they are required to act in accordance with our instructions and keep your personal information secure with an adequate level of protection
  • To courts, tribunals and other government bodies and relevant regulators (e.g. SRA, Legal Ombudsman, Financial Services Ombudsman, ICO) in connection with matters relating to provision of our services
  • To fraud prevention agencies
  • To professional indemnity insurers, brokers, auditors and other professional advisers
  • To auditors in connection with maintenance of our quality certifications
  • To other third parties when required by law or other regulatory authority, where we are under a duty to do so to comply with legal or professional obligations (for example to comply with anti-money laundering obligations and counter terrorism measures)
  • To enforce or protect our rights, property or the safety of our partners, staff and clients. (This includes exchanging information with other companies and organisations for the purposes of fraud prevention and detection and credit risk reduction)
  • To other parties in legal proceedings, including solicitors acting on the other side of a case or transaction, lenders, administrators etc.
  • To costs draftsmen


On what basis do we process your information

The legal grounds for processing your personal data depend upon the nature of our relationship with you and the context of processing and are as follows:

  • Processing is necessary for the performance of a contract with you, or to take steps prior to entering into a contract with you.
  • Processing is necessary for the purposes of our legitimate interests or those of our clients in the provision of legal services and use in legal proceedings, except where those interests are overridden by the interests, rights or freedoms of affected individuals. In order to determine this we shall consider a number of factors, including what you were told at the time you provided your data, what your reasonable expectations are, and the nature of the data as well as its impact upon you
  • Processing is necessary for compliance with mandatory legal obligations to which we are subject.


How long do we keep your personal information

We only retain your information for as long as is necessary for the purpose for which it was obtained. This could include compliance with legal obligations (by way of example, in relation to anti money laundering regulations where we are required to keep information for minimum periods). It could also include conducting legal work as instructed, or establishing or defending claims which could be made against us, for example for negligence in the performance of our obligations.


Information collected from you concerning other people

Where you provide personal information to us about other people, we accept it on the understanding that you have made the other person aware about how we will use and disclose their information.


Where will your personal information be processed

There may be occasions where we may need to transfer your personal information to countries outside the European Economic Area, (EEA) which do not provide the same level of data protections as in the UK. For example, in relation to legal claims or transactions with an international element, or where we need to instruct overseas agents to assist us in performing our services. In these circumstances, we will take steps to ensure that your personal information is adequately protected.



We may provide you with information which we think you may find interesting via our newsletters, updates etc.. You can choose to restrict the collection or use of your personal information for this purpose. You can ask us to change your preference for receiving such communications, including legal updates and newsletters at any time.

Whenever you receive marketing communications from us, you will be able to indicate whether you wish to update your details or preferences. If you would prefer not to receive this information please let us know by emailing [email protected].

You have the right to ask us not to process your personal information for marketing purposes.


IP addresses and cookies

Some information about website users is collected automatically and may be used by us to review and analyse how our site is used.

We may collect information about your computer, including where available your operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. This includes IP addresses, which all of our reporting systems anonymise.

We may also use information obtained by using a cookie file stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They are widely used to make sites work efficiently. They help us improve our site and deliver a better and more personalised service.

They enable us to:

  • Estimate our audience size and use patterns
  • Store information about your preferences and so allow us to customise our site to your individual interests
  • Speed up searches
  • Recognise you when you return.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Cookies used

Session cookies

These are cookies which are only on your computer for one visit. Once you close your browser, they are deleted. They’re used to do things like remember that you’ve logged into a site.

Tracking cookies

We have Google Analytics implemented on this site. This uses tracking cookies. These are also session cookies. They do not collect any personal data and help us collect information in an anonymous form.

Third party advertising cookies

Most web browsers allow some control of most cookies through browser settings. To find out more about cookies and how to manage or delete them, visit


Links to other websites

We may include links on our site to enable you to access third party sites directly. If you follow any links, this privacy notice will not apply. Third party sites operate their own privacy policies regarding processing of personal information and the use of cookies. Please check these policies before you submit any personal data to these external sites. We do not accept any responsibility for a third party site or use of your information or their use of cookies.


Access to your information

You have the right to request details of personal information which we hold about you.

If you would like a copy of your personal information, please write to [email protected]


Other rights

You also have the right to correct or complete information held by us. If you think any information we have about you is incorrect, incomplete or needs updating please also let us know. We will update any information as soon as possible.

You may also in certain circumstances:

  • Request that we erase the personal data we hold about you
  • Restrict its processing whilst we continue to hold it
  • Where we process your data by automated means, ask us to transmit that data to another data controller. If you wish to request this we will let you know whether this is possible, taking into account compatibility of systems of the other data controller to whom you wish the transfer to be made
  • Object to processing. If you raise such objection we must stop unless we can demonstrate (1) an overriding legitimate business interest or (2) such processing is necessary in relation to legal proceedings
  • To have a decision taken by a human. We are however unlikely to take decisions which have a legal or similarly significant effect on you by automated means
  • Have a right to be notified of a personal data breach if it results in a high risk to your rights and freedoms
  • Right to withdraw your consent if you have given your consent to our processing of any of your personal data. (Please note that if you withdraw your consent, this will not affect the validity of any processing carried out prior to withdrawal).

These requests are free of charge.

Depending on the nature and extent of your request, we may be unable to continue acting for you. In this event, you will remain liable for our fees and disbursements incurred before the request was made.

Our contact information in connection with the exercise of these rights or other privacy issues appears at the bottom of this page.

If you consider we have breached our obligations in respect of your personal data you may raise your concerns with us. Alternatively, you can complain to the Information Commissioners Office. Further details can be found at


Security and storage

We are certified to ISO 27001:2013 and have Cyber Essentials plus accreditation.

All information you provide to us in electronic format is stored on our secure servers within the United Kingdom.

The internet is a global environment. It can involve transmission of data on an international basis. Transmission of information via the internet or any social media is not completely secure. By using our site and communicating with us electronically, you acknowledge and accept our processing of your personal information in this way. Although we adopt appropriate technical and organisational measures to protect your personal information, we cannot guarantee its security when sent to this site. Transmission is at your own risk.

Once your information is received by us either in electronic or physical form, we take all reasonable steps necessary to prevent unauthorised access and ensure your information is handled securely and in accordance with this privacy notice. We have put in place suitable electronic, physical and managerial procedures to protect and secure the information collected. If password access is required for certain parts of our website, you are responsible for keeping this password confidential.


How to contact us

If you have any queries or requests regarding this notice, or our practices concerning your personal data, please contact us on one of our addresses below or email [email protected]

We will take reasonable steps to resolve or answer concerns as soon as possible and normally within 30 days.

(Kindly note that queries about legal claims/legal matters should be directed to the file handler with conduct of the case as identified in our correspondence with you.)