Skip to content
 

Privacy Policy

1.      Introduction

We are Hive Law Limited (T/A Hive Law) and we are a registered company in England and Wales. We are law firm regulated by the Council for Licenced Conveyancers (CLC) and operate as part of a wider group, incorporating Hive Partnership Group Limited, which is under common ownership and the same leadership as Hive Law.

We are committed to protecting your privacy and ensuring that your personal data is handled securely and in compliance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For the purposes of the UK GDPR, Hive Law Limited is the Data Controller responsible for your personal data.

 

2.      Defined Terms

  • Data Controller – The entity that determines the purposes and means of processing personal data.
  • Data Subject – An identified or identifiable individual whose data we process.
  • Personal Data – Any information that relates to an identified or identifiable individual.
  • Special Category Data – Sensitive data, such as health, ethnicity, or biometric information, requiring additional protections.
  • Legitimate Interests – Processing necessary for our business operations that does not override your rights.

 

3.      Who Does This Policy Apply To?

This policy applies to any client, potential client, referrers of work, consultants we may employ, other lawyers, the clients of other lawyers, our regulators, insurance companies, accountants and auditors and anybody accessing, viewing or interacting with our website.

 

4.      What Information Do We Collect?

It is not possible for us to list exhaustively every item of personal information that we may collect. However, where you enter into an agreement with us, in many cases, we may collect the following information about you:

  • Full name and personal details (date of birth, email, phone number, addresses)
  • Property details related to a transaction
  • Identification documents (e.g., passport, driving licence, NI number)
  • Information contained in utility bills, tenancy agreements or other documents that relate to your use and occupation of a property, which we may require to assist with our verification of your identity.
  • Information relating to any occupiers of your current or future properties.
  • Information relating to any trusts, wills or other documents that confirm your appointment as an Executor, Personal Representative, Trustee or Attorney, or evidence our beneficial entitlement to funds or property.
  • Information about the services you have purchased from us and payments to and from you
  • Marital status and details of family members and connections to politically exposed persons (PEPS), information relating to your understanding of English.
  • Financial details (e.g., bank account information, transaction records)
  • Details of your visits to our offices or meeting spaces and CCTV footage
  • Details of our visits to locations that we mutually agree to attend, such as your home.
  • Employment details (where relevant to the transaction)
  • Communication records (emails, calls, and messages)
  • Special Category Data (e.g., health data, where necessary)

5.      How We Use Your Information

We use your personal data to:

  • Provide legal services
  • Verify identity and conduct anti-money laundering checks
  • Communicate with you about your transaction
  • Comply with legal and regulatory obligations
  • Improve our services and website
  • Process payments and manage accounts
  • Conduct marketing communications (subject to your preferences)

 

6.      Legal Basis for Processing

We process your personal data based on one or more of the following:

  • Performance of a contract between us
  • Compliance with legal obligations
  • Legitimate interests (e.g., improving our services, fraud prevention)
  • Your consent (where required, e.g., marketing communications)

 

7.      Sharing Your Information

We may share your personal data with:

  • Other Companies or bodies within our Group, including Hive Partnership Group Limited
  • Third-party service providers (e.g., IT support, identity verification, payment processors)
  • Regulatory authorities (e.g., Council for Licensed Conveyancers, HM Revenue & Customs, our Professional Indemnity Insurers)
  • Professional partners (e.g., estate agents, financial institutions, surveyors, other professionals connected to your transaction)
  • Business partners offering services that may be of interest to you (with your consent)
  • External auditors or examiners to ensure that we meet out legal, quality and financial management standards.
  • Debt collection agencies.
  • Courts, law enforcement authorities, regulators or other parties where necessary for the establishment, exercise or defence of legal proceedings.
  • Third party suppliers of services to Hive Law Limited, such as case management providers
  • Companies providing services for ID checks, money laundering checks and other fraud and crime prevention purposes.
  • Companies who perform financial, bankruptcy or credit checks against you where necessary or appropriate in your matter, such as for onboarding you as a client. That may include a credit reference agency, which may keep a record of information and provide it, and the fact that search was made, to its other customers to assess credit risk and to prevent fraud, money laundering and to find debtors.
  • Companies providing services to assist in the vetting of source of funds, especially in conveyancing transactions.
  • Companies providing services for electronic signatures.
  • Third party platforms and websites that facilitate the compilation or exchange of documents in your matter, enquiries in conveyancing matters, and preparing bundles of documents.
  • Where we have offices in multi-occupancy buildings that you may visit, to building reception for security purposes
  • If we have collected your data in the course of providing a legal service to our client, we may disclose it to that client and where permitted by law to others for the purpose of providing those legal services.
  • Telephone and AI transcription services used in voicemail transcription and call recording.
  • Translators and interpreters as necessary to overcome language barriers in your matter.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice
  • Third party review sites and platforms to invite feedback and to assist us with analysing our performance.
  • Legal directories, and advisors on directory submissions, for the purpose of ranking the Company.
  • Third parties tracking providers to assist us with monitoring the usage of our website's content and traffic by public users. Data shared with these companies is securely stored inside the UK, Ireland and European Economic Area (EEA), and contains pseudonymised data wherever possible - this includes network data, such as an IP address, which cannot be used to identify an individual.

 

All third-party service providers and other entities within our Group are required to take appropriate security measures to protect your personal information in line with our policies.

We remain responsible for your Personal Data and will use appropriate safeguards to ensure the integrity and security of your Personal Data.

We require third parties to respect the security of your data and to treat it in accordance with the law. We will only share Personal Data where required by law, where it is necessary for the performance of our contract with you or where we have a legitimate reason for doing so.

We do not allow our third-party service providers to use your Personal Data for their own purposes. We only permit them to process your Personal Data for specified purposes and in accordance with our instructions.

We may also share your personal data if we are under a duty to disclosure or share it to comply with any legal obligations, to detect or report a crime, to protect your vital interest, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and clients.

8. Special Category Data

Where necessary, we process Special Category Data in the following circumstances:

  • With your explicit consent
  • To comply with legal obligations
  • To establish, exercise, or defend legal claims
  • Where it is in the public interest (although we expect this to be rare)

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. This includes secure data storage, encryption, and restricted access.

We will notify you and any applicable regulator of a suspected data security breach if we are legally required to do so.

10. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this policy or as required by legal obligations. Retention periods vary based on legal requirements and business needs.

In some circumstances we may anonymise your Personal Data so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Once you are no longer a client of Hive Law Limited, we will retain and securely destroy your personal information in accordance with our data retention policy and applicable laws and regulations.

11. Automated Decision-Making

We do not rely on automated decision-making processes that have a significant impact on you. If this changes, we will notify you and explain your rights regarding such processing.

12. Your Rights

In certain circumstances, you have rights in relation to your Personal Data. These are detailed below:

  • Right of access

    You have the right to access your Personal Data, to receive a copy of the Personal Data we hold about you and to verify the lawfulness of processing. There are exceptions to this right and access could be denied.

  • Right to rectification

    You have the right to ask us to correct any Personal Data we hold about you if it s is incomplete or is not accurate. We may need to verify the accuracy of the new data you provide to us.

  • Right to erasure

You have the right to ask us to delete or remove Personal Data where it is no longer necessary for us to continue to process it. You also have the right to ask us to remove or delete your Personal Data where you have successfully exercised your right to object to processing.

If the data has been shared with third parties, we will inform them of the erasure.

We may not always be able to comply with your request for erasure for legal reasons and we will tell you if this is the case when you make a request for erasure.

Where we hold your data in our electronic systems and we are able to comply with your request, we will erase this data as soon as possible. Where data is held in data backups, this may take us longer to isolate and erase. In any event, we hold data in backups for as little time as necessary before it is deleted.

It may not always be possible or practice for us to isolate individual data where stored as part of a larger data set. Where this is the case, we will make efforts to ensure that if we need to access the larger data backups, we do not use your data in our live systems. If we do copy your data back to our live systems, we will remove it.

  • Right to restrict processing

You have the right to ask us to stop processing your Personal Data in the following circumstances:

(a) if you want us to establish the data’s accuracy;

(b) where our use of the data is unlawful but you do not want us to erase it;

(c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or

(d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

  • Right to data portability

    You have the right to request the transfer of your Personal Data from us to you or to a third party. Upon receiving your instruction, we will send the data to you or the third party in a commonly used and machine readable format within one month of the request.

    This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

  • Right to object to processing

    In certain circumstances, you have the right to object to the processing of your Personal Data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.

    We will stop processing your Personal Data in this situation immediately unless we demonstrate legitimate grounds for the processing which override your rights and freedoms.
  • Right to withdraw consent

Where we are relying on your consent to the processing of your Personal Data, you have the right to partly or fully withdraw your consent at any time.

This will not affect the lawfulness of any processing carried out prior to the date of your request. If you withdraw your consent, this means that we may not be able to provide services to you.

13.  How we will deal with your requests

If you wish to exercise any of the rights set out in Section 12 of this Policy, please contact the Data Protection Officer.

We reserve the right to charge a reasonable fee if your request to exercise a right is unfounded, repetitive or excessive. We also reserve the right to refuse to comply with your request in such circumstances.

We will need information from you in order to help us to confirm your identity and to ensure that your rights are protected. We will not comply with your request if you are unable to confirm your identity to us. This is a security measure to ensure that only you are accessing your data and exercising your rights.

We will endeavour to respond to all legitimate requests within one month. If your matter is complex or you have made a number of requests, we may take longer than this. However, we will keep you reasonably informed of our progress.

14.  Marketing & Communication Preferences

We may use your personal data to provide information about our services. You can manage your preferences or opt out at any time by contacting us or using the opt-out links in our communications.

15.  Cookies and Tracking Technologies

Our website uses cookies and tracking technologies to enhance your browsing experience. For more information, please refer to our separate Cookie Policy.

16.  Website links

Our website and any client portal may contain links to other websites, plug-ins and applications run by other organisations.

Our privacy policy does not apply to those other websites. We are not responsible for the privacy practices of other websites and advise you to read the privacy policy of each website which collects Personal Data.

17.  Data Protection Officer

We have appointed a Data Protection Officer who is responsible for overseeing questions in relation to this Privacy Policy.

Our Data Protection Officer is Andrew Kilgannon, and they can be contacted at:

Hive Law Limited
The Dairy, Dovecote Court
Potters Marston Hall
Pingle Lane
Potters Marston
Leicestershire
LE9 3JR

Email: dataprotection@hivelaw.co.uk

18.  Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website with an updated effective date.