Privacy Policy




At Gordon Judge LLP the protection of an individual’s personal data is paramount and therefore we take our responsibilities under applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 and implementing legislation (“Data Protection Law”) very seriously.

We have taken a number of reasonable steps to ensure that any personal data that could easily identify an individual is fully protected and entrusted.

This privacy policy outlines your Data Protection rights, what kind of information we may collect and retain about you in connection with the legal services provide to you in accordance and arising out of any legal contract entered into between you as our client and our firm.

Individual rights

As an individual you have a number of rights arising out of Data Protection Law and the General Data Protection Regulation.

  1. The right to access the personal data retained and collected by us in connection with the services provided as provided for under Article 15 GDPR.
  2. The right to have any data retained by us deleted or any inaccuracies corrected as provided for under Article 16 of GDPR.
  3. The right to object to the processing of your data as provided for under Article 21 GDPR.
  4. The Right to data Portability as provided for under Article 20 GDPR.
  5. The right to lodge a complaint with the data protection commissioner officer if you feel that your data protection rights have been infringed in any way

Type of information collected

As a legal service provider, we will be required to collect some basis personal data from you in order to provide you with our legal services.

The type of information that will normally be collected at the initial stages of our engagement with you will include:

  • Name and address
  • Telephone number
  • PPS Number
  • Bank account details where necessary

Any other information that is required to allow us to provide you with a high-level quality service.

Purpose of processing and Legal Basis

We will only collect and use your personal data for the following purposes:

  1. Providing you with legal advice and business services.
  2. For administration and billing purposes and for other purposes which are reasonable incidental to the services being provided.
  3. Maintaining our list of client contacts.
  4. Sending or providing you with access to legal and regulatory information through articles periodically published through our company newsletter.

The Legal basis on which we collect, process and transfer your information in the above manner are based on the following:

a. To fulfil contractual obligations (Article 6 (1 b) GDPR)
Data is processed in order to provide legal services contracts to our customers or in order to take measures at the request of you prior entering into a contract. The purpose of the data processing will be geared in the first instance to provision of our legal services and may encompass needs assessment, consultation and the execution of transactions.

b. As part of balancing interests (Article 6 (1 f) GDPR)
If necessary, we will not only process your data for the actual fulfilment of the contract but also for the pursuance of a legitimate interest, examples of which could include, but also to protect our own legitimate interests and those of third parties, especially when:

  • Advertising or market and opinion research, if you have not objected to your data being used.
  • Assertion of legal claims and defence during legal disputes.
  • Guaranteeing IT security and safeguarding IT operations at our company.
  • Business management measures and measures to develop products and services.

c. Based on your consent (Article 6 (1 a) GDPR)
If you have given us your consent to process personal data for certain specific purposes it will be lawful to do this processing based on the consent you have given. Consent can be withdrawn at any time and should you wish to withdraw your consent please contact our Data Protection Manager at .

d. Based on statutory provisions (Article 6 (1 c) GDPR) or public interest (Article 6 (1 e) GDPR)
Furthermore, we are required to meet various legal and statutory requirements (i.e. Compliance with Anti Money Laundering Act, tax laws).

Reasons for processing data includes to confirm identity and age, to prevent fraud and money laundering, to fulfil checking and notification requirements set by tax law, Anti Money Laundering legislation and to assess and manage risks.

We will only collect the personal data that is required for the carrying out our legal obligations to you as per our terms of engagement and in order to comply with the relevant regulations and legislative provisions such as the Anti Money Laundering Act.

All information provided to us by you will be treated with the utmost confidentiality and in accordance with all applicable legislative and regulatory standards.

Third party

We will not share the data collected with any third party unless we have your specific consent or if required in accordance with the pursuance of our legal obligation and for legitimate interest purposes in the course of the transaction that we have been instructed on.

Please note that we will generally hold your data for a minimum of 6 years in accordance with our legal obligation and / or in pursuance of a legitimate interest. In certain circumstances where we have acted in the acquisition of a property on your behalf we are required to store and hold the data up to a period of 12 years or more as the circumstances may require.  

Storage of data

In storing your data please note that we have ensured that we have used all industry standard security measures to protect your information and to prevent the loss, misuse or alteration of any information in our control. As effective as modern security practices are, no physical or electronic security system is entirely secure and we cannot ensure that all of your personally identifiable information provided via our website will never be accessed. However, we will use industry standard security measures to ensure that such information is kept as secure as possible.

Access / deletion request

If at any time you with for your data to be deleted, please note that in accordance with the rights as laid out in the general data protection regulation you have the right to request that such data is deleted or corrected if containing inaccuracies. If you wish to have data deleted or you wish to access the data we hold about you then please contact our data protection team at so we can deal with you request in a timely manner.


We may wish to send you legal updates from time to time that we feel may be relevant to you and your business through our legal newsletter which is published on a regular basis. In accordance with general data protection regulations, in order to send you such publications we will require that you have provided us with your written consent to do so. If you are interested in receiving current legal updates you might please follow the link below and confirming your consent. If at any time or for whatever reason you wish to unsubscribe then please let us know so we can delete your information from our mailing list.

Change to our privacy policy

We may from time to time make changes or update our privacy policy and, in this regard, any such changes will be posted on this page. If we feel that the any such changes fundamentally altered the foregoing we will email you, otherwise please note that changes are effective when they are posted on this page and it is your responsibility to read the Privacy Policy from time to time in order that you are aware of any such change.