TrustLaw UK
  • Home
  • About
  • Services
  • Contact

GDPR Compliance

Last updated: 1 January 2026

Our Commitment to Data Protection

TrustLaw UK is fully committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page provides detailed information about how we meet our obligations under data protection law and explains your rights as a data subject.

Data Controller Information

TrustLaw UK acts as the data controller for personal information collected through our website and in connection with our legal services. Our contact details are:

TrustLaw UK
42 Chancery Lane
London WC2A 1JE
Email: [email protected]

Lawful Bases for Processing

We only process personal data where we have a lawful basis to do so. The lawful bases we rely upon include:

Contractual Necessity

When you engage our legal services, we process your personal data as necessary for the performance of our contract with you. This includes:

  • Providing legal advice and representation
  • Communicating with you about your matter
  • Processing payments for our services
  • Managing our client relationship

Legal Obligation

We are required to process certain personal data to comply with our legal obligations, including:

  • Anti-money laundering regulations
  • Solicitors Regulation Authority requirements
  • Tax and accounting obligations
  • Court orders and legal proceedings

Legitimate Interests

We may process your data where we have a legitimate interest, provided this does not override your rights. This includes:

  • Marketing our services to existing clients
  • Improving our website and services
  • Ensuring network and information security
  • Preventing fraud

Consent

Where we process personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Your Data Subject Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access

You have the right to obtain confirmation that we are processing your personal data and to access a copy of that data. We will respond to access requests within one month.

Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure

In certain circumstances, you have the right to request deletion of your personal data. This right does not apply where we are required to retain data for legal or regulatory purposes.

Right to Restrict Processing

You have the right to request restriction of processing in certain circumstances, such as when you contest the accuracy of your data.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your data in a structured, commonly used format.

Right to Object

You have the right to object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making in relation to our legal services.

How to Exercise Your Rights

To exercise any of your data subject rights, please contact our Data Protection Officer:

Email: [email protected]
Post: Data Protection Officer, TrustLaw UK, 42 Chancery Lane, London WC2A 1JE

We will respond to your request within one month. If your request is complex or we receive numerous requests, we may extend this period by a further two months, in which case we will inform you.

Data Security Measures

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data in transit and at rest
  • Access controls and authentication procedures
  • Regular security assessments and testing
  • Staff training on data protection
  • Incident response procedures

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours. Where the breach is likely to result in a high risk, we will also notify affected individuals directly.

International Transfers

We primarily process personal data within the United Kingdom. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the UK government
  • Standard contractual clauses
  • Binding corporate rules

Complaints

If you are not satisfied with our response to a data protection concern, you have the right to lodge a complaint with the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Information

We review our data protection practices regularly and may update this page to reflect changes in our operations or legal requirements. We encourage you to review this page periodically.

TrustLaw UK

Expert legal consultation services across England and Wales. Regulated by the Solicitors Regulation Authority.

Services

  • Personal Injury
  • Employment Law
  • Family Law
  • Wills & Probate

Company

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Use

Legal

  • GDPR
  • Cookies Policy

© 2026 TrustLaw UK. All rights reserved. Authorised and regulated by the Solicitors Regulation Authority.

We use cookies to enhance your browsing experience and analyse site traffic. By continuing, you consent to our use of cookies. Learn more