Skip to content
Gordon & Co Legal ServicesGordon & Co Legal Services

Privacy Notice

We are committed to safeguarding your privacy. This notice explains what personal data we collect, how and why we use it, and your rights.

Who we are

Gordon & Co Legal Services is a registered limited company. We are registered with the Information Commissioner’s Office (ICO) and comply with UK GDPR and the Data Protection Act 2018.

Registered office: 1st floor, Romer House, 132 Lewisham High Street, London, SE13 6EE, United Kingdom.
Contact (data protection): info@gordoncolegal.com

What we collect

  • Identity and contact data
  • Case and matter information, including documents you supply
  • Communications, appointments and billing records
  • Special category data where relevant to a matter (e.g., health or criminal data) handled with heightened safeguards
  • Technical and usage data (IP address, device, browser, pages viewed) and cookie preferences (see “Cookies” below)
  • Marketing and communication preferences (where applicable)

Sources: you (and your representatives), opposing parties, counsel, experts, courts/tribunals, public authorities, service providers (e.g., case management), and publicly available sources where lawful.

How we use your data

  • Provide legal advice and representation
  • Manage client relationships, compliance and billing
  • Meet legal and regulatory obligations
  • Conflict checks, risk management and anti-money laundering where applicable
  • Case administration and secure document management (including CLIO integration)
  • Service improvement (feedback, quality assurance, training) using anonymised/aggregated data where possible
  • Website operation and security (including basic analytics where you consent)

Lawful bases

Primarily contract, legitimate interests and legal obligation. Where special category data is processed, we rely on the substantial public interest condition where applicable.

  • Contract: to perform our retainer and provide legal services.
  • Legal obligation: regulatory reporting, record-keeping, AML/CTF.
  • Legitimate interests: practice management, security, quality assurance.
  • Consent: only where required (e.g., analytics cookies, certain marketing).
  • Special category data & criminal data: legal claims / substantial public interest where relevant to a matter.

Sharing your data (recipients)

We share personal data where necessary, proportionate and lawful, for example with:

  • Courts and tribunals, government bodies and regulators
  • Counsel (barristers), experts, interpreters and other professional advisers
  • Case management systems (e.g., CLIO), secure email and cloud service providers
  • Payment processors and banks for billing and refunds
  • Law enforcement and fraud prevention agencies where required by law

International transfers

Your data is usually stored in the UK/EEA. If a transfer outside the UK/EEA is required, we use appropriate safeguards (e.g., adequacy regulations or standard contractual clauses) and assess any additional measures needed.

Retention

We keep records only for as long as necessary for the purposes collected and to meet legal, regulatory or reporting requirements. Typical client files are retained for a number of years after a matter closes; some categories (e.g., matters involving children) may be kept longer. See our Documents & Procedures for the current schedule.

Security

We use technical and organisational measures to protect your data (access controls, encryption in transit, staff training, audit logging where appropriate). No system is perfectly secure; we continually review controls to reduce risk and respond to incidents.

Cookies & similar technologies

Cookies are small files placed on your device to operate the site and remember preferences. We use:

  • Strictly necessary: essential for site operation (e.g., cookie consent choice). Always on.
  • Functional (optional): remember settings to improve your experience.
  • Analytics (optional): help us understand site usage to improve content and performance.

You can accept all, decline non-essential, or manage choices at any time using the floating “Privacy & Cookies” control on every page. See your browser help for deleting cookies.

Your rights

You have rights to access, rectification, erasure, restriction, objection and data portability, subject to legal exemptions. To exercise these rights, email info@gordoncolegal.com.

You also have the right to withdraw consent for optional cookies at any time via the floating control, and to complain to the ICO if you are dissatisfied with our response: https://ico.org.uk/make-a-complaint.

Changes to this notice

We may update this notice to reflect legal or operational changes. The latest version will always appear on this page.

Last updated: 25/09/2025