View our main website: Walker Morris View our main website: Walker Morris
View our main website: Walker Morris

© Walker Morris 2025

Privacy Policy

The Walker Morris Group (we/us/our), comprising Walker Morris LLP and Walker Morris Resources Limited, is committed to protecting and respecting your privacy.

This Privacy and Cookies Notice (Notice) (together with our Terms of Use, terms of business and any other documents referred to within them) sets out how we may collect and use any personal information that we obtain about you during the course of our business as well as information we collect when you visit this website and any associated websites under our control (together our Websites) and your rights in relation to that information.

For the purpose of all applicable data protection law, as amended from time to time, including the Data Protection Act 2018 (the Act) and the United Kingdom General Data Protection Regulation, Assimilated Regulation (EU) 2016/679 (the UK GDPR), we are the data controller of your personal information collected by or provided to us in the circumstances described below in section 2, and is entered in the Information Commissioner’s Office (ICO) Register of Data Controllers: Walker Morris LLP with registration number Z3377061, and Walker Morris Resources Limited with registration number Z6629971.

Reference to personal information or data means all forms of personal data including special category data as defined by the UK GDPR.

The scope of this Privacy notice

This Notice applies in the following circumstances:

  • when you engage us to provide legal or professional services to you or your organisation;
  • when your information is provided to us in connection with legal services we deliver to our clients, including if you are a counterparty, witness, customer, supplier, or other third party relevant to a client matter;
  • when you request information from us or provide information to us, including through correspondence or enquiries;
  • when you apply for a job, work experience, or other role with us, or participate in recruitment processes;
  • when you are employed by us, or engaged as a partner, independent contractor, or placement student;
  • when you act as a supplier, service provider, or representative in connection with our business;
  • when you attend our seminars, events, or webinars (including those hosted on third-party platforms), or register to access our online resources;
  • when you are entered onto our mailing lists to receive publications, event invitations, or marketing communications;
  • when we conduct open source searches or due diligence in connection with our business development, business acceptance, or compliance processes;
  • when you visit our premises or pass by areas monitored by our CCTV system (see CCTV section below); and
  • when you visit our Websites, use our online services, or complete forms on our Websites.

We do not directly target or provide services to children. Depending on our relationship with you this notice may be supplemented with additional information relating to our use of your personal data. For example, further details may be provided in our Terms of Business and engagement letter (for clients), in application forms and employment contracts (for job or work experience applicants and employees), or in other relevant documentation.

How we use your personal data

The way we process your personal data we collect as set out above varies depending on our relationship with you.  In each case the purposes for which we request the information will be clear from the context in which it is acquired. These may include:

Contractual Necessity

We process your personal data when it is necessary to enter into or fulfil a contract with you or your organisation, including:

  • Providing legal or professional services to you or your organisation;
  • Managing and administering client matters, including communications with you and other parties involved in those matters;
  • Processing and responding to your requests, enquiries, or correspondence;
  • Considering your application for a job, work experience, or other role, and managing recruitment and onboarding processes;
  • Administering your employment, partnership, or engagement with us, including HR, payroll, and compliance activities;
  • Managing our relationships with suppliers, service providers, and their representatives, including contract administration and performance monitoring;
  • Maintaining and developing our business relationship with you; and
  • Providing and improving customer service and support.

Legal and Regulatory Obligations

We process your personal data where required to comply with our legal or regulatory responsibilities, such as:

  • Verifying your identity and, where relevant, the identity of clients’ beneficial owners;
  • Conducting anti-money laundering, terrorist financing, and other compliance checks;
  • Meeting tax, accounting, and other regulatory requirements;
  • Carrying out identity and security checks, including the use of CCTV and access controls;
  • Responding to requests from courts, regulatory bodies, or law enforcement; and
  • Complying with employment law and other statutory obligations.

Legitimate Interests

We process your personal data where it is necessary for our legitimate business interests or those of a third party, provided these are not overridden by your rights and interests. This includes:

  • Managing and administering client matters and business operations;
  • Organising, managing, and facilitating your attendance at our seminars, events, webinars, or access to our online resources;
  • Sending you publications, legal updates, event invitations, marketing communications, or information about products and services that may be relevant to you (unless you have opted out);
  • Conducting open source searches, due diligence, and business acceptance or risk management processes;
  • Ensuring the security and safety of our premises, including the use of CCTV and access controls;
  • Administering and improving our Websites, online services, and internal operations, including the use of cookies and similar technologies (for essential purposes);
  • Monitoring, analysing, and improving our business, services, and products;
  • Identifying services or opportunities that may be of interest to you or your organisation;
  • Supporting our recruitment activities and enhancing our understanding of the legal market; and
  • Maintaining and developing our business relationship with you.

Consent

We process your personal data based on your explicit consent in certain circumstances, such as:

  • Using non-essential cookies and similar technologies on our Websites; and
  • Organising and managing your participation in specific events or activities that require your consent.

You can withdraw your consent at any time.

Some purposes may rely on more than one legal basis, depending on the context and the specific data subject.

For special categories of personal data (such as health information or data revealing racial or ethnic origin), we will only process this information where an additional legal basis applies, such as your explicit consent, compliance with employment or social security law, or where necessary to establish, exercise, or defend legal claims.

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose and permitted by law.

If you do not agree to provide your personal data to us we may not be able to provide you with legal services or process your application for other services or employment.

Disclosure of your personal information

We may share your personal information with the following categories of recipients, where necessary and appropriate:

  • Other entities within the Walker Morris Group, for internal administrative purposes and to deliver our services.
  • Professional advisers and consultants, such as barristers, local counsel, experts, auditors, and accountants, in connection with the legal or professional services we provide.
  • Third-party service providers, including IT support, document management, HR, marketing, event management, and other suppliers who assist us in operating our business.
  • Regulatory authorities, courts, tribunals, and law enforcement agencies, where required to comply with legal or regulatory obligations, or in connection with legal proceedings.
  • Counterparties, professional advisers, and other parties involved in client matters, where necessary for the conduct of those matters.
  • Business partners and event co-hosts, for the purposes of organising or managing events, seminars, or webinars.
  • Credit reference agencies, background check providers, and recruitment agencies, in connection with recruitment, onboarding, or compliance checks.
  • Potential merger or acquisition partners, in the context of business transactions or restructuring.
  • Other third parties, where you have given your consent, or where we are otherwise permitted or required to do so by law.

CCTV

This section explains how we collect, use, and share personal data through our CCTV system, and the legal basis for doing so.

How we collect your personal data:

  • CCTV cameras operate 24/7 throughout our office premises, including reception, entry/exit points, external courtyard, underground car park (with ANPR technology), and elevator foyers.
  • Cameras are positioned to minimise unnecessary capture and do not record sound.
  • Live images are recorded and monitored in real time by authorised security staff.
  • Only approved staff, such as Facilities or HR (for relevant matters), may access footage.
  • No cameras are placed in areas where privacy is expected (e.g., changing rooms), except in rare, serious circumstances.
  • Covert monitoring is only used in exceptional cases where criminal activity or serious misconduct is suspected and no less intrusive option is available, and only for a limited time.

The types of personal data we use, our legal bases for processing and sharing of such data:

We use the personal date we acquire via CCTV, namely images of the interior at exterior of our offices from which individuals are identified or identifiable to prevent and detect crime, protect our property and the property of those person who use our offices and to ensure their health and safety and to assist in the resolution of disputes including litigation.  We do so on the basis of our legitimate interests and those of third parties, with the consent of the data subject and in order to comply with our legal obligations.

We may share images from our CCTV system with third parties, including other occupants or visitors to our building and law enforcement agencies where it is appropriate to do so and there is a legal basis for doing so as outlined above.

We will keep a record of all disclosures of CCTV footage.

Call recordings

As a law firm our work is largely regulated by the Solicitors Regulation Authority. We are often engaged by businesses that provide financial services that are in turn themselves regulated by the Financial Conduct Authority (the FCA).  As part of our legal work on their behalf, we are required to follow certain FCA rules, including recording telephone calls in respect of certain customer transactions that we deal with.  We may share any customer call recordings with the relevant financial services business of which you are, or may previously have been, a customer.  This recording is undertaken for regulatory compliance, training and quality purposes.

Storage and transfer of your personal data

Your personal information may be transferred to, stored in, or processed in countries outside the United Kingdom or the European Economic Area (EEA). It may also be processed by staff operating outside the United Kingdom or the EEA who work for us or one of our suppliers or in circumstances where your instruction has international considerations and/or parties related to your matter are located overseas.

Unless the recipients are located in countries that have been deemed adequate by the UK, we put in place data transfer agreements based on the applicable EU SCCs or the UK Addendum, or rely on other available data transfer mechanisms (Binding Corporate Rules, approved Certifications or Codes of Conduct) to protect the personal data so transferred. In exceptional circumstances, we may rely on statutory derogations for specific international transfers.

If you would like more information about the safeguards we use for international data transfers, please contact us.

Data retention

In most cases, we will retain your personal information for a minimum of six years for hard copy records and ten years for electronic or digital data, or for as long as is reasonably necessary to fulfil the purposes for which it was collected, including for the purposes of complying with any legal, regulatory, accounting or reporting requirements, or to establish, exercise or defend potential legal claims.

CCTV Footage Retention

Unless required for evidential purposes, the investigation of an offence or as required by law, CCTV images will be retained for no longer than 120 days from the date of recording. Images will be automatically overwritten after this point.

Third party sites

Our Websites contain links to external sites operated by third parties, as well as links to social media platforms such as LinkedIn, Instagram, and X (formerly Twitter). This Notice applies only to Websites owned by us. We are not responsible for the privacy practices, content, or security of any external sites. If you follow a link to any external sites, we recommend that you review their privacy policies as we do not accept any responsibility or liability for their handling of your data.

Your rights in relation to your personal data

You have a number of rights in relation to the personal information we hold about you. These rights may apply in certain circumstances and are subject to legal limitations. Your rights include:

Right of Access: You can request a copy of the personal data we hold about you, subject to certain exceptions.

Right to Rectification: If any of the information we hold about you is inaccurate or incomplete, you can ask us to correct or update it.

Right to Erasure: In some cases, you can ask us to delete your personal information. This right is not absolute and may not apply, for example, if we need to retain your information to comply with legal or contractual obligations.

Right to Restrict Processing: You can ask us to restrict the processing of your personal information in certain situations, such as if you contest its accuracy or object to its use.

Right to Object: You can object to our processing of your personal information where we rely on our legitimate interests as the legal basis. You also have the right to object at any time to the use of your personal information for direct marketing or statistical analysis.

Right to Data Portability: Where we process your personal information based on your consent or a contract, and the processing is carried out by automated means, you can request to receive your information in a structured, commonly used, and machine-readable format, or ask us to transfer it to another data controller.

If you would like to exercise any of these rights, please contact us by email using the details shown under the ‘Contact and Complaints’ section below.

Cookies

What are cookies?

Cookies are small text files that are created and stored on your browser or the hard drive of your computer by websites that you visit. Cookies are often placed on your computer to enable the Website to operate properly, to ‘remember’ who you are, and to monitor Website traffic and usage.  Cookies are generally only visible to the Website that serves them and not to other Websites.

How to manage cookies

Most internet browsers accept cookies automatically. However, you can accept, delete or disable cookies through your browser if you wish. To learn more about controlling the placement of cookies through your browser settings, please review the options available in your internet browser’s ‘Help’ menu, or alternatively visit the All About Cookies (https://allaboutcookies.org/).

To ensure that you have maximum control over how cookies are placed on your computer, we also operate a cookie banner which appears when you first visit our Website, but can also always be accessed through the dedicated link at the bottom of the homepage. This enables you to set your preferences with respect to certain cookies used in connection with the operation of the Website. For more detailed information about the specific types of cookies used, please visit the cookie settings in the footer of the website.

Cookies we use

Cookies are used on our Website for different reasons. Sometimes cookies are necessary for the operation of the Website, for example to ensure its security, or to ‘remember’ your Cookie preference information so that we can make sure those preferences apply to your next visit. Other cookies may serve a different purpose, for example to provide analysis of how the Website is used and to improve functionality for users.

If you click through from one of our emails or landing pages to our Website we use additional cookies on our Website to connect your e-marketing journey with your Website journey. This is to help us to provide you with the best user experience and relevant content across our digital marketing channels

Unless strictly necessary for the functioning of our Website or for the transmission of communications, we will only place cookies where you have previously provided your consent. If you do not provide your consent then you can still access and use our Website, however certain functions or features may be disabled which could negatively affect your user experience.

Our Websites use the following types of cookies:

Necessary: necessary cookies help make a Website usable by enabling basic functions like page navigation and access to secure areas of the Website. The website cannot function properly without these cookies.

Preferences: preference cookies enable a Website to remember information that changes the way the Website behaves or looks, like you preferred language or the region you are in.

Statistics: Statistic cookies help us to understand how visitors interact with our Website, which in turn helps us to improve the way it works and to help visitors find the right information easily. This is done by collecting and reporting information anonymously.

Marketing: Marketing cookies are used to track visitors across Websites. The intention is to make our Website more relevant to your interests.

Unclassified: unclassified cookies are cookies that are in the process of being classified.

For full details visit the Cookie Settings page here.

Advertising

We advertise products, services, and vacancies on third-party websites such as LinkedIn. To help us target and monitor such advertising, we may use third-party cookies and similar technologies on our Websites. These cookies allow us and our advertising partners to understand how you interact with our Websites and to show you relevant advertisements on other platforms.

We will only set non-essential cookies, including third-party advertising cookies, with your consent. You can manage your cookie preferences at any time through our cookie banner or cookie settings page.

Please note that third-party websites, such as LinkedIn, use their own cookies and tracking technologies, which are subject to their own cookie policies. We recommend reviewing their policies for information on how to manage your preferences on those platforms.

Security

We take great care to ensure the security of your personal information. We have a robust information security management program in place to protect the personal data and other information that we process and have achieved ISO:27001:2022 certification of the firm’s technical and organisational controls across a broad spectrum of systems and processes. These measures are monitored, reviewed and regularly enhanced in order to meet our professional responsibilities and the needs of our clients.

Although we will do our best to protect your personal information we cannot guarantee the security of your personal information transmitted to our Websites; any such transmission is at your own risk.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Changes to this Notice

We may change this Notice at any time by amending this page.  You are expected to check this page from time to time to take notice of any changes we have made, as they are binding on you.  If we make any substantial changes in the way we use your personal information, we will notify you by posting a prominent notice on our Website.

Contact & complaints

If you have any questions about how we treat your personal data and protect your privacy, or if you have any comments or wish to seek to exercise any of your rights as outlined above, to opt-out of receiving marketing communications from us or to complain about our use of your personal data, please write to Risk & Compliance at Walker Morris LLP, 33 Wellington Street, Leeds LS1 4DL, by email at dataprotection@walkermorris.co.uk.

You may also lodge a complaint with the ICO by writing to the Information Commissioner’s Office, Water Lane, Wilmslow, SK9 5AF, Telephone 0303 123 1113, www.ico.org.uk.

All rights reserved.  Design and content © Walker Morris LLP 2005-2025.

Last updated: September 2025