Hartnell Chanot & Partners trading as The Family Law Company understands that the information you trust us with is important to you, and we are committed to protecting and respecting your privacy.  This Policy explains how we protect and manage any personal data your share with us and that we hold about you, including how we collect, process, protect and share that data.  It also explains your rights.

Whenever you provide personal data, we are legally obliged to use your information in line with all applicable laws concerning the protection of such information; including the Data Protection Act 1998 and 2018 (DPA), and The General Data Protection Regulation 2016 (GDPR) together, and with other subsequent laws passed to bring the GDPR in to effect in England and Wales after 31 December 2020 “Data Protection Laws”.

Personal data means any information that may be used to identify an individual, including, but not limited to, your full name, address, e mail address or addresses, telephone numbers including work, home and mobile and bank and other account details.  We process both Personal and Sensitive (Special) categories of data.

Please read the following carefully to understand our practices regarding your personal data.



Information provided by you

Your provide us with personal data about you and your family in a variety of ways, these may include by completing forms, online, verbally during meetings and telephone calls, in statements, other documents such as Bank statements, information regarding children and photographs.  We use this information to properly represent you.  Due to the nature of the work we undertake for you we also process Sensitive (Special) categories of date such as medical/criminal records  information directly from you or third parties which may be used during the conduct of your case.  The provision of this information is subject to you giving us express consent.  The provision of this personal data is essential for us to be able to conduct your case.  This means that the legal basis of our holding your personal data is for the performance of a contract.


Information we get from other sources

We only obtain information from third parties if this is permitted by law.  We may also use legal public sources to obtain information about you, for example to verify your identity.  This information which is relevant to us will only be obtained from reputable third party companies that operate in accordance with the General Data Protection Policy (GDPR).  You will already have submitted your personal data to these companies and specifically given permission to allow them to pass this information on.


Why we use your Personal Data

We collect your personal information so that we may represent you as you have instructed us in your family case.  To process your information we mainly rely on the following legal reasons:-


How we use your Personal Data

We use your personal data to manage and conduct your legal case as instructed by you.  We act as controller and processor in relation to the information we hold about you including processing of Direct Debit instructions.  We undertake at all times to protect your personal data in a manner which is consistent with our duty of professional conduct and the requirements of the General Data Protection Regulations.



The Personal Data we hold will not be used for Marketing purposes.


Information we may share

We will from time to time have to share your personal data for example for the purposes of audits, regulatory and compliance matters, in insurance matter and fraud prevention and the provision of services to progress your matter.  We will only disclose your information with other third parties with your express consent with the exception of the following:-


Transferring your Personal Data outside of the European Economic Area (EEA)

In order to progress your case the information you give us may be transferred to countries outside the EEA.  These countries may not have similar data protection laws to the UK.  When we do transfer your personal data outside the EEA we ensure that any party with access to your information has implemented the necessary security and privacy measures, to ensure that your personal data is kept secure and confidential as outlined in this policy.


Retaining your Data

The personal data and information we collect and hold about you is subject to various regulatory,  legislative and indemnity and other insurance requirements.  We will endeavour not to keep your personal information for any longer than is necessary.  Files are normally retained for 6 years, however in some children and pension sharing cases they may be retained for longer.  You will be advised of this at the conclusion of your case.  Where it is not possible for us to delete your data which is held electronically, for example in our Case Management system we will ensure that the appropriate security and organisational measures are put in place to protect the use of your data.  Retention of data will be re-assessed on a regular basis and information which is no longer required will be disposed of securely.


Where we store your personal data

The Personal Data that we collect from you will be stored in the UK.  We will take all steps to ensure that your data is treated securely.  All information you provide to us is stored on our own secure servers or on secure servers operated by a third party.


Information we collect through your use of our website

We collect information through the use of cookies and similar technologies.  Please refer to our separate Cookie Policy on the website.


Your Rights

Subject Access Requests

GDPR grants you the right to access particular personal data that we hold about you.  This is referred to as a “subject access request”.  We must respond to this within one month from the time we receive the request and we have all relevant information from you.  We can request an extension to this timescale.  Our response will include details of the personal data we hold about you, which includes the following:

Under the GDPR you also have the following rights:




If you have any questions which are not answered by this Privacy Policy, you wish to invoke any of your rights outlined above, or you have any concerns about how we may use the personal data we hold please write to the  Jane Chanot Data Protection Director at Oriel House, Southernhay Gardens, Exeter, Devon.  EX1 1NP.

Changes to our Privacy Policy

We review our Privacy Policy regularly and will place any updates on our website.  We suggest you review the Policy periodically to ensure you are aware of any changes to it.  We will not however significantly change how we use information you have already provided to us without your prior agreement.

If you have a complaint

We work hard to ensure that your personal and sensitive information is treated safely and securely.  However if you have a complaint please write to the Data Protection Director (details above) and we will endeavour to resolve matters.

If your complaint is not resolved to your satisfaction and you wish to make a formal complaint you should address this to the Information Commissioner’s Office (ICO).

Would you like to speak to someone? Find out how to get in touch...