Backhouse Jones Watermark

Privacy Policy

This document, together with our Cookies Policy and our Terms of Business, set out what information Backhouse Jones Solicitors collects from visitors, clients & employees,  how it uses the information, how it protects the information and your rights.

Backhouse Jones Solicitors is committed to ensuring your privacy is protected in accordance with Data Protection Standards.

Backhouse Jones Solicitors is using the following definition for Personal Data:

Personal data Information relating to identifiable individuals, such as job applicants, current and former employees, agency, contract and other staff, clients, suppliers and marketing contacts.

Personal data we gather may include: individuals’ contact details, educational background, financial and pay details, details of certificates and diplomas, education and skills, marital status, nationality, job title, and CV.

Sensitive personal data Personal data about an individual’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership (or non-membership), physical or mental health or condition, criminal offences, or related proceedings—any use of sensitive personal data will only ever be carried out with the express permission of the individual.


Backhouse Jones Solicitors may change this policy from time to time by updating this page.  This policy is effective from 7th January 2021 but we ask you to check this page from time to time.  Any updates or changes to the use of your personal data will be advised to you, prior to that change of use.


Who We Are?

Backhouse Jones Solicitors, The Printworks, Hey Road, Clitheroe, Lancashire
BB7 9WD. We also have a satellite office in London.


Contact Us

Online :

Social:  Twitter: @backhousejones Facebook: Backhouse-Jones-Solicitors

Email :

Phone : 01254 828300

Post:  Backhouse Jones Solicitors, The Printworks, Hey Road, Clitheroe, Lancashire BB7 9WD

For the purposes of all applicable data protection legislation, Backhouse Jones Limited is the data controller of your personal data. Backhouse Jones is registered with the Information Commissioner’s Register of Data Controllers.


What services do we provide?

We provide the following services:

  • Legal advice and legal services across the Transport sector
  • Employment Law services
  • Corporate/Commercial legal services
  • Subscription based legal services
  • Training, events, service and product information
  • Newsletter, articles, updates and publications
  • We employ our own staff

What we collect

The specific information that we collect will vary depending on what services we provide you by way of contract, or what you either provide us explicitly e.g. signing up to a newsletter or perhaps applying for a job at Backhouse Jones Solicitors.

Typical information will include some or all the following depending on the services we are providing you:

Identification and contact data – Email Address, Name, Phone Number, Postal/Billing/Delivery Address, Next of Kin, marital status, title, gender

Enhanced identification data – ID Documents (Driving Licence, Passport, Immigration Status)

Financial Data – bank details, Tax and National Insurance information, credit card information, your credit rating

Employment Data – CV, training, reference and qualification information

Web Related Data – your IP address, geographical data, cookies, your login data, browser type & version, operating systems and other technology on the devices you use to access our website.

Health Data – Where there is a need to protect you, our clients or other members of staff we may need to collect specific health data.  Where you are an employee we may also provide you certain health related benefits as part of our contract with you

Criminal Records – Where there is a need for us to undertake enhanced verification or legal checks for you to work in our sector or for us to undertake specific services on your behalf

Legal Matter Data – Information you give to us in relation to your legal matter

Transactional Data – payments to and from you and details of other services you have purchased from us

Profile Data – how you use our services, your preferences, feedback, interests, survey responses

Useage Data – details of how you use our website and products

Marketing/Communication Data – your preferences in receiving marketing from us and your communication preferences


Collecting Personal Data

When we collect personal data, our Privacy Notice (on this website) details:

  1. Who we are
  2. What personal information we are collecting
  3. Why we need it
  4. Legal Basis under which we are processing (typically ‘Consent’, ‘Contractual Obligations’ and/or ‘Legitimate Interest’) (
  5. What we are going to use it for and any decisions (automated or human) that it will be used for
  6. Who that information will be shared with
  7. The safeguards we have put in place to protect your information
  8. Our standard retention period or legal need to retain that information

Some of the information we collect is provided here:

  • Personal Identification Data – Name, Address, Passport, Immigration Status, Banking Information.
  • Sensitive Personal Data – Health/Medical/Wellbeing, Religious, Racial.
  • Legal Status – your legal status in respect of the services we are undertaking for you, and/or the status of those that can act on your behalf.

How we collect Personal Data

Depending on the nature of our engagement we may collect personal data in a variety of ways.

We may collect this information directly from you when you provide it, for example:

  •  if you apply to become an employee of this firm, to allow us to process your application
  • as an employee to allow us to administer our HR policy
  • following your request to use our services or marketing
  • by subscribing to our publications or attending our seminars or training courses
  • to provide us with feedback
  • if you want to become a supplier to us, to allow performance of the contract with you

We may collect this information from third parties or public sources such as: relatives, health care professionals (in the event that you come to us via a Health Provider such as the NHS or Social Services) or online verification search providers.

What we use your Personal Data for

The specific use of Personal Data will be detailed in the relevant Privacy Policy for the specific service(s) we are providing you.

To register you as a new client which will include:

  • checking your identity (Money Laundering Regulations)
  • checking your credit rating



  • Performance of our contract with you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (eg credit rating checks)
Delivering our services to you which will include:

  • managing payments/fees/charges
  • collecting/recovering monies owed to us


Legal Matter


  • Performance of a contract with you
  • Necessary for our legitimate interests (recover debts owed to us)
  • Necessary to establish, issue or defend legal claims
  • Consent
To determine our services which will include:

  • improve our service
  • resolve complaints
  • monitoring & recording telephone enquiries
Legal Matter






  • Consent
  • Necessary for our legitimate interests (develop our range of products & services)
To manage our relationship with you, this includes:

  • Telling you about changes to our Terms of Business/Privacy Policy
  • Asking you to complete a survey/feedback form
  • Asking you to leave a review/write a testimonial






  • Performance of a contract with you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (keep our records up to date/awareness of how clients use our services)
To allow you to use our extra services to include:

  • seminars
  • events
  • complete a survey






  • Performance of a contract with you
  • Necessary for our legitimate interests (develop our products & services, grow our business by observing how our clients interact with us)
To administer & protect our business, including our website (this includes:

  • testing & maintenance of our systems
  • support
  • hosting data
  • support
  • troubleshooting



  • Necessary for our legitimate interests (provide IT systems/network security/prevent fraud/business organisation/smooth running of business)
  • Necessary to comply with a legal obligation
To suggest goods and services which may be of interest or may help you Identity





  • Necessary for our legitimate interests (develop our products & services, grow our business)
Delivery of useful website content and advertisements to you to measure and understand how effective our services are. Identity






  • Necessary for our legitimate interests (develop our products & services, grow our business by observing how our clients interact with us)
To use data analytics to improve our:

  • website
  • products & services
  • marketing
  • customer experience



  • Necessary for our legitimate interests (link customers to our products & services, keep the information we provide update & relevant, develop our business and marketing strategy)
To recruit new employees and employ staff

  • checking your identity
  • checking your professional qualifications
  • processing job applications
  • maintaining HR records
  • maintaining payroll records



  • Performance of our contract with you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests



This list is not exhaustive but designed to provide you indicative uses of your personal data.  Please ensure you read the appropriate Privacy Policy for the product or service we are providing you for specific information.


Retention of data

We will retain your personal data for different periods depending on our relationship with you.

Retention schedule

Client Retention Period
Identity documents While the file is open and for 7 years
Client account records While the file is open and for 7 years
Client file, including electronic held data, e.g. emails


While the file is open and for 7 years for files save for commercial or residential property & commercial transactions which are retained while the file is open and for 15 years
Client is a minor While the file is open and for 7 years or until the minor reaches 18 years of age, whichever is the later
Basic client details (name) Indefinitely (for conflict checking purposes), any personal data will be retained until you unsubscribe and no longer wish to receive our marketing materials (for marketing purposes)
Notarial Clients Personal data is retained in accordance with our Notarial Privacy Policy


Any other personal data held for marketing purposes Any personal data will be retained until you unsubscribe and no longer wish to receive our marketing materials


Prospect Retention Period
Any personal data we hold Personal data will be retained until you unsubscribe and no longer wish to receive our marketing materials


Suppliers Retention Period
Any personal data we hold  Appropriate personal data will be held for the duration of the contract and for 7 years


Recruitment Document Type Retention Period
Speculative Job Applications/Work Experience applications – Unsuccessful CV, covering letter Disposed of immediately
Work Experience CV, covering letter, notes of Interview While work experience continues and for 12 months.
Recruitment Records Completed online application forms or CVs.

Equal opportunities monitoring forms.

Assessment exercises or tests.

Notes from interviews and short-listing exercises.

Pre-employment verification of details provided by the successful candidate. For example, checking qualifications and taking up references. (These may be transferred to a successful candidate’s employment file.)

Criminal records checks. (These may be transferred to a successful candidate’s employment file if they are relevant to the ongoing relationship.)

Three months after notifying unsuccessful candidates of the outcome of the recruitment exercise.


Successful applicants – while employment continues and for seven years.

Employees Personal data is retained in accordance with our Employee Privacy Policy


Links to other sites

We may provide, from time to time, links to other sites (including Back Academy Limited and other associated companies) via our eshots, newsletter, blog article or other web links.

Because we have no control over these sites, we cannot take responsibility for the practise they may undertake in respect of privacy and/or protecting your Personal Data.  We would therefore advise you to satisfy yourselves that these sites are operating privacy policies that inform you how they handle and protect your data – as we cannot take any responsibility for this.


Social Media Widgets and Links

You are probably familiar with the Facebook “Like” button and the various “Share” buttons that are available to users of the internet.

We sometimes use these to allow us to promote our services to other people as well as get feedback as to what articles, pages or blogs are of interest.

These other service providers may collect Personal Data about you, such as IP address, pages you visit on our site and may set their own cookies to enable them to function properly. In much the same way as Links to other sites do not allow us to enforce our policies, we would suggest that you undertake the same checks regarding the privacy policy of the company providing those features.


Marketing Subscription

If you have opted-in to our Marketing, you can find the related privacy notice here.


Third Parties – Service Providers, Business Partners and others

We work with several third-party services providers who undertake services for us, these include:

Service Provider or Provider Type Service Provided to us or you
Credit agency and Anti-Fraud services To comply with our legal duties and/or to assess your ability to fund services from us we may need to engage third-parties in relation to fraud and credit checking.This will be based on compliance with the law or standards our organisation must adhere to or, in the case of credit checking, our legitimate business interest.
GP, Medical Assessment, Occupational Health Potentially to assess your ability to work for us or to process a claim on your behalf. Where there is a claim related to accidents or incidents affected the health or physical ability of an individual, we may need to share or review such health data to deal with the case. This may also be necessary to protect other staff or our customers.  These instances may be the result of acting on your behalf or in defence of another party.  The specific legal basis could therefore be:Contractual Obligation, Protecting the vital interests of an individual data subject, or legal obligations such as sharing within the legal process of dealing with a claim.
Health Care providers in the event of an emergency To ensure that in the event you become unwell we can provide the necessary information to medical services to assist with you receiving the necessary medical attention. Sharing your data under these circumstances would be based on protecting your vital interests.
Your previous employer or references Provision of feedback on your previous roles or you as an individual, this based on our legitimate interests.
Professional Bodies (inc DBS) and Certification Boards To ensure that you have the necessary professional certifications required for us to employ you and for any ongoing sector specific requirements of professional competence.  This based on our legitimate interests but may also be to ensure we are complying with the law or industry regulations when undertaking work on behalf of clients.
Health, Life Insurance bodies as well as other in-service benefits In the event that you travel on business and/or are entitled to private medical or life insurance we are required to pass on certain information to the companies that provide these services on our behalf.  This is based on our contractual obligations with you as set out in your current contract or benefits package.

In most cases you will be made aware of the parties that we share information with, prior to us sharing this information.


How we dispose of your data

All personal data disposed of by us is done so in a secure manner. Paper based files are securely shred and electronic copies of information will be permanently deleted from our system, where this is not possible we will endeavour to ensure the personal data is securely locked so that access cannot be gained.


Where we may share your information without your explicit consent

We may be required or chose to share your information in certain circumstances without obtaining your explicit consent, some examples of this would be:

  • To comply with any legal process, applicable law or governmental request e.g. warrant, summons, statutory reporting, court documents, sharing of evidence, sector specific compliance etc.
  • To enforce/administer our agreements
  • To protect your vital interests in the event you are unable to provide your consent
  • To protect our company or the public from harm or illegal activities
  • For fraud prevention, investigation, risk assessment
  • To protect the rights and property of our company
  • To defend ourselves against third-party claims or allegations
  • To protect the rights or freedoms of other data subjects

In any event, we will consider your rights and privileges before sharing this information.


Your Rights


How you can help protect your Personal Data

In all cases, the information we require to obtain for you is necessary in the provision or assessment of the provision of services to you.  We rely on this information being accurate and up to date, which is in part our responsibility as well as yours.

We only record information relevant to the provision of the service we are delivering to you.  However, in many cases you can limit the use of your information for services that do not require your data e.g. you can opt-out of receiving our newsletter.


Changes to your Personal Data

In the event that your Personal Data, that we use to provide you goods or services, changes e.g. your surname, address, email address or Sensitive Personal Data E.g. Religion, Health Data – it is critical that you inform us of these changes to ensure we have the correct information on our systems.  Where you have access to administer these changes yourself we would expect you, if you are able, to update these details accordingly or else inform us of changes as soon as possible.

You should inform us in writing, by email, by telephone or in person – however we may also need to undertake further identity verification depending on the nature of the requested update.



Cookies are small files that are downloaded by many web sites to either enable a site to work, to assist you e.g. remembering your username and/or passwords, to track your behaviour to show relevant content and to show relevant marketing information which in turn may follow you across other sites.

You can opt-out of allowing cookies by instructing your browser to stop accepting cookies or to prompt you before accepting a cookie from a website you visit, by changing the settings within your browser software.

More details can be found on our cookie page:


Mailing List Opt-In – Marketing Emails & Newsletters

You may opt-out of receiving marketing emails and newsletters from us by using the unsubscribe link within each email or contacting us directly.  Please read our Privacy Notice (here) for more info.

Opting out of marketing lists, only removes you from such communication.  Transactional emails e.g. those relating to services we are providing to you or responding to queries or enquires you make to us, may still result in us emailing you information where that medium is most appropriate.



Backhouse Jones Solicitors operates against a Privacy by Design and By Default policy.  This means that before we use your data we have already considered the potential impact on you were your data to be lost, stolen, shared or compromised.

We undertake routine reviews of our processes and security policies to ensure that we can take all reasonable precautions in protecting your data.

Where at all possible we encrypt all information that is either stored or transmitted to third-parties.  Where data is stored or transmitted to a Third Country we will ensure appropriate adequacy protection is in place in accordance with Data Protection Legislation.

Consequently, we may also need to sometimes undertake further security and screening questions when undertaking our routine dealings with you these are there to protect your personal data and security.

Whilst we undertake all reasonable precautions, encryption, software updates and patches, we cannot guarantee the safety of data transmitted over the internet.


Data Breach

In the event of a Data Breach of your Personal Data, which means:

“The unintended loss, destruction amendment or disclosure of Personal Data”

We will first do all that is necessary to minimise the impact on you, identify any potential malicious third-party, identify any third-parties that may also be impacted and take all reasonable efforts to ensure that you are notified.

In the event that we are notified by a third-party of a breach, in their systems, we will undertake the same level of efforts.

We will undertake this communication either directly with you as an individual or by sending out a public notification.

At the same time, we will comply with the current law in respect of informing the appropriate Supervisory Authority which is currently the Information Commissioners Office (ICO).  We are under a legal requirement to report Data Breaches to the ICO & our Regulatory Authority, the Solicitors Regulatory Authority (SRA).


Changes to this policy

This policy may change at anytime. You should review this page regularly so you are aware of any changes. Substantial changes will be notified by a notice on our website.