top of page

Privacy Policy

This policy explains how JR Criminal Defence Ltd collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

JR Criminal Defence Ltd is committed to safeguarding the privacy of everyone whose personal data comes into our possession. This includes visitors to our website at www.jrcriminaldefence.com, prospective clients, and those we represent. Throughout this policy, references to "we", "us", or "our" mean JR Criminal Defence Ltd. We take your privacy seriously and will always handle your information with the utmost discretion, as befitting a regulated law firm.

 

1. Who We Are


JR Criminal Defence Ltd is a regulated law firm authorised and regulated by the Solicitors Regulation Authority (SRA). We are the data controller responsible for your personal data.

Details:
Legal Name:  JR Criminal Defence Ltd
Websitewww.jrcriminaldefence.com
Responsible Solicitor:  Joe Rawlings MA, LLB (Hons)
SRA Number (Solicitor):  347613
Firm SRA Number:  8014651
Companies House Number:  13142223

ICO registration number:  ZC101543
Registered Address:   281 Palatine Road, Manchester, England, M22 4ET
Contact Emailinfo@jrcriminaldefence.com
Contact Telephone:  0161 615 5557

As a law firm that processes personal data, JR Criminal Defence Ltd is registered with the Information Commissioner’s Office (ICO). You can verify our registration at ico.org.uk.

2.  What Personal Data We Collect

We collect and process personal data in the following circumstances:

 

Website visitors

  • Name, email address, and telephone number submitted via our contact or callback request form

  • Technical data including IP address, browser type and version, time zone, browser plug-in types, and operating system

  • Usage data including pages visited, time spent on pages, and referring website

  • Cookie data as described in our Cookie Policy

 

Clients and prospective clients

  • Full name, date of birth, address, email, and telephone number

  • Details of the alleged criminal offence or investigation you are involved in

  • Circumstances, facts, and evidence relevant to your case

  • Financial information where relevant to funding arrangements or legal aid

  • Information about third parties where relevant to your matter (witnesses, complainants, co-defendants)

  • Any other information you provide to us in the course of our work together

 

Special category and criminal offence data

As a criminal defence law firm, the nature of our work means we will frequently process criminal offence data and, in some circumstances, special category personal data (such as health information or details of a sensitive personal nature). We handle all such data with heightened care, strict confidentiality, and in full compliance with Article 10 of the UK GDPR and Schedule 1 of the Data Protection Act 2018.

 

3.  How We Use Your Personal Data

We will only use your personal data when the law allows us to. The table below sets out the purposes for which we process data and the legal basis we rely on:

Responding to your enquiry or callback request — Legitimate interests (to respond to potential clients)

Providing legal advice and representation — Performance of a contract; legal obligation; legitimate interests

Complying with our SRA regulatory obligations — Legal obligation (SRA Code of Conduct; Accounts Rules)

Anti-money laundering (AML) and identity verification — Legal obligation (Money Laundering Regulations 2017)

Processing legal aid applications via the LAA — Legal obligation; performance of a contract

Billing and financial administration — Performance of a contract; legal obligation

Improving our website and understanding usage — Legitimate interests (subject to your cookie preferences)

Compliance with court orders or legal proceedings — Legal obligation

Where we rely on legitimate interests, we have carried out a balancing test and are satisfied that our interests do not override your rights and freedoms. You may request a copy of this assessment by contacting us.

 

4.  Who We Share Your Data With

We will never sell your personal data. We may share your data with the following categories of third parties, only where necessary and subject to appropriate safeguards:

  • Courts and tribunals — as required in the course of your legal proceedings

  • The Crown Prosecution Service (CPS) — for disclosure purposes as required by law

  • Instructed barristers and chambers — where we brief counsel to act on your behalf

  • Expert witnesses and forensic specialists — where engaged to support your defence

  • The Legal Aid Agency (LAA) — where your matter is publicly funded

  • Police and enforcement bodies — where we are required to disclose by law or court order

  • Professional indemnity insurers — in connection with any claim or regulatory matter

  • Technology and software providers — strictly on a data processor basis, including case management, cloud storage, and email providers

  • Accountants and bookkeepers — for financial and regulatory compliance purposes

 

All third parties with whom we share personal data are required to maintain appropriate security measures and to process your information only on our instructions.

5.  Legal Professional Privilege

 

Communications between you and JR Criminal Defence Ltd in the course of seeking or receiving legal advice are protected by legal professional privilege. This means that — except in very limited circumstances defined by law — we are not required to disclose such communications to third parties, including law enforcement. Your confidentiality is fundamental to the solicitor-client relationship, and we take this obligation extremely seriously.

 

6.  How Long We Keep Your Data

 

We retain personal data for as long as necessary to fulfil the purposes outlined in this policy and to comply with our legal and regulatory obligations. As an SRA-regulated firm, we are subject to specific file retention requirements:

Client files (general):  Minimum 6 years from closure of matter

Client files (serious/complex matters):  Up to 16 years or as directed by professional indemnity requirements

Accounting records:  Minimum 6 years (Companies Act / SRA Accounts Rules)

AML / identity verification records:  5 years from end of business relationship

Website enquiry data (no retainer entered):  12 months

Website technical / analytics data:  13 months (standard analytics cycle)

After the applicable retention period, personal data is securely deleted or anonymised.

 

7.  International Data Transfers

 

We endeavour to keep your personal data within the United Kingdom. Where any third-party service provider stores or processes data outside the UK, we ensure that appropriate safeguards are in place — such as the UK International Data Transfer Agreement (IDTA) or adequacy decisions — in accordance with Chapter V of the UK GDPR.

 

8.  Your Rights Under UK GDPR

 

Subject to applicable exemptions, you have the following rights regarding your personal data:

  • Right of access — to request a copy of the personal data we hold about you (Subject Access Request)

  • Right to rectification — to ask us to correct inaccurate or incomplete data

  • Right to erasure — to request deletion of your data where there is no compelling reason for us to continue processing it

  • Right to restrict processing — to ask us to pause processing of your data in certain circumstances

  • Right to data portability — to receive your data in a structured, commonly used format

  • Right to object — to object to processing based on legitimate interests or for direct marketing

  • Rights in relation to automated decision-making — we do not use automated decision-making or profiling in our legal services

 

Some of these rights are subject to exemptions. In particular, we may be required to retain certain data by law or to establish, exercise, or defend a legal claim. We will always explain our position clearly if we are unable to comply with a request.

To exercise any of these rights, please contact us using the details in Section 1. We will respond within one calendar month of receipt of your request. There is no charge for exercising your rights in most circumstances.

 

9.  Data Security

 

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include:

  • Encrypted storage and secure file transfer

  • Password-protected and access-controlled systems

  • Restrictions on who can access client data within the firm

  • Regular review of security practices

 

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, inform you directly without undue delay.

 

10.  Cookies

 

Our website uses cookies and similar tracking technologies. For full details of what cookies we use, why we use them, and how you can control them, please read our Cookie Policy.

 

11.  Complaints and the ICO

 

If you have a concern about how we have handled your personal data, we would ask that you contact us in the first instance so that we can attempt to resolve the matter for you.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters:

  • Website: ico.org.uk/concerns

  • Telephone: 0303 123 1113

  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 

12.  Changes to This Policy

 

We may update this Privacy Policy from time to time in response to changes in the law, our services, or best practice. The version date at the top of this page will always reflect the most recent revision. Where changes are material, we will notify active clients via the contact details we hold for them.

 

We encourage you to review this policy periodically.

bottom of page