Blackstone Legal is committed to respecting and protecting your privacy. We comply with the European Data Protection regulation (EU 2016/679). In this notice, we will tell you in detail how we use and share your personal information and explain your rights regarding how we use your personal information.
1. Who we are
1.1 Blackstone Legal is a law firm with its head office in High Wycombe.
1.2 Blackstone Legal controls the collection and processing of any personal data that you provide to us in relation to this website.
2. Personal data that we collect
2.1 “Personal data” is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that we have access to. The personal data that we collect, and how we collect it, depends upon how you interact with us. Categories of personal data that we collect include:
2.1.1 Contact information such as name, email address and telephone number
2.1.2 Biographical information such as job title, employer, photograph and video or audio content including you
2.1.3 Marketing, communication preferences and related information such as meal preferences, feedback and survey responses
2.1.4 Billing and financial information such as billing address, bank account and payment information
2.1.5 Services information such as details of services that we have purchased from you
2.1.6 Special categories of data such as race and ethnicity, trade union membership, information about health or information, political opinions or religious beliefs
2.1.7 Information relating to children or regarding criminal matters
3. Personal data we collect from you
3.1 We collect personal data directly from you as follows:
3.1.1 When you sign up to receive news services, download any guides or register for one of our services, we will ask you provide your contact and other relevant information, as well as your communication preferences.
3.1.2 When you register to attend one of our events, we will ask you to provide your contact, guest and other relevant information including meal preferences.
3.1.3 When you use our website we collect information about your visit and how you interact with our website.
3.1.4 When a client uses our legal services, we will ask for the information that we need to provide those services; this information includes contact details, billing information, information necessary to conduct pre-clearance checks and information relevant to the services we provide. Information provided by a client may include personal data that relates to persons whose information is relevant to the instruction; for example when we advise on a business transaction or a regulatory investigation or represent a client in a legal dispute.
3.1.5 When you apply for a job with us we will ask you for information relevant to your application.
3.1.6 If you visit our office we may collect information that we need in order to identify you and complete necessary security checks. We may also collect your image on CCTV.
3.2 If you provide information to us about another person, you must ensure that you comply with any legal obligations that may apply to your provision of the information to us, and to allow us, where necessary, to share that information with our service providers.
4. Information we collect from third parties
4.1 Most of the personal data that we collect about you will be information that you provide to us voluntarily. In some circumstances we may also receive information from:
4.1.1 other Blackstone Legal entities
4.1.2 our clients, when we handle personal data on their behalf
4.1.3 regulatory bodies
4.1.4 credit reference agencies
4.1.5 other companies providing services to us.
4.2 Some of these third party sources may include publicly available sources of information.
5. Data we collect automatically
5.1 When you visit one of our websites, we automatically collect, store and use technical information about your equipment and interaction with our website. This information is sent from your computer to us using a variety of cookies.
5.3 A cookie is a small text file which is sent from our web server, and placed on your computer (laptop, mobile device etc.) when you browse the Blackstone Legal websites. They hold only a modest amount of data, and allow the web server to recognise your computer’s browser and respond accordingly.
You can find more information about cookies and how to disable them at .
5.4 Below is a list of the types of cookies that we use on our websites.
5.4.1 Strictly Necessary Cookies
These cookies are necessary for the websites to work, and enable you to move around the websites and use the services and features. Disabling these cookies will reduce performance and may make these services and features unavailable. Strictly Necessary Cookies are used to collect session ID and authentication data. They are “session” cookies, which expire when you close your browser session.
5.4.2 Functional Cookies
Functional Cookies allow the websites to help maintain your session and remember the choices you made in order to provide functionality for your benefit. Functional Cookies are used to collect information about your language preferences and other preferences indicated during your visit. For example, functional “session” cookies allow the websites to remember settings specific to you (such as, your country selection) which ultimately improves your web experience. Functional Cookies also include persistent cookies which are used to remember your preferences when you subsequently visit.
5.4.3 Analytic Cookies
Analytic Cookies are used to gather statistics about the use of the websites in order to improve the performance and design of our services. For these purposes, Analytic Cookies collect information about your device type, operating system type, browser type, domain, other system settings, IP address, referring URLs, information on actions taken on the websites and the dates and times of your visits, as well as the country and time zone in which your device is located.
These cookies are provided by our third-party analytics tool provider (Google Analytics) and the information obtained through these cookies will be disclosed to, or collected directly by, this third-party service provider. For more information about Google Analytics’ cookie and information practices (including the types of cookies used and their expiration date), please visit https://tools.google.com/dlpage/gaoptout
5.5 By using our websites you agree that, unless you have set your device’s browser to reject them, we can place the types of cookies set out above on your device, and use that data in accordance with this policy
6. How we use your personal data
6.1 We will only use your personal data fairly and where we have a lawful reason to do so.
6.2 We are allowed to use your personal data if we have your consent or another legally permitted reason applies. These include to fulfil a contract with you, when we have a legal duty to comply with, or when it is in our legitimate business interest to use your personal data. We can only rely on our legitimate business interest, if it is fair and reasonable to do so.
7. Sharing and transferring your data
7.1 We treat your personal data with respect and do not share it with third parties except as described below.
7.2 We may disclose your personal data to other Blackstone Legal entities for the purpose of our internal business processes (such as administration and billing) and for the purpose of providing legal advice and services.
7.3 We may disclose personal data relating to our clients, their employees and agents to
other legal specialists including barristers, mediators, arbitrators, consultants or experts engaged in a matter. We may also disclose personal data to third party law firms for the purpose of obtaining foreign legal advice.
7.4 We may share personal data with our suppliers and service providers including event organisers and partners and document production and management services
7.5 We may share personal information when necessary with law enforcement and regulatory authorities
7.6 We may also share your personal data when you have consented to us doing so.
7.7 We will only transfer your personal data outside of the European region under the following circumstances:
7.7.1 where the transfer is to a country or other territory which has been assessed by the European Commission (or an equivalent UK body) as ensuring an adequate level of protection for personal data
7.7.2 with your consent or
7.7.3 on the basis that the transfer is compliant with the GDPR and other applicable
8. How we protect your personal data
8.1 We protect your personal data and implement appropriate technical and organisational security measures to protect it against any unauthorised or unlawful processing and against any accidental loss, destruction, or damage
9. Keeping your personal data
9.1 We do not keep your personal data for any longer than is necessary to fulfil the purpose for which we collected it, or to comply with any legal, regulatory or reporting obligations or to assert or defend against legal claims.
10. Your rights regarding your personal data
10.1 You have certain rights regarding how we use and keep your personal data. These are:
10.1.1 you can require us, to update or correct any inaccurate personal data, or to complete any incomplete personal data, concerning you. If you do, we will take reasonable steps to check the accuracy of, and correct the information. Please let us know if any of your information changes so that we can keep it accurate and up to date;
10.1.2 you can require us to stop processing your information for direct marketing purposes; if you withdraw your consent, we may not be able to provide certain products or services to you; and
10.1.3 you have the right to object to our use of your personal data more generally.
10.2 You may also have the right, in certain circumstances to:
10.2.1 be provided with a copy of any personal data that we hold about you, with certain related information. There are exceptions to this right; for example where information is legally privileged or if providing you with the information would reveal personal data about another person
10.2.2 to require us, without undue delay, to delete your personal data
10.2.3 to “restrict” our use of your information, so that it can only continue subject to restrictions; and
10.2.4 to require personal data which you have provided to us and which are processed by using automated means, based on your consent or the performance of a contract with you, to be provided to you in machine readable format so that they can be “ported” to a replacement service provider.
10.3 You can exercise the above rights, where applicable by contacting us. We will require you to provide satisfactory proof of your identity in order to ensure that your rights are respected and protected. This is to ensure that your personal data is disclosed only to you.