Further information for clients

The BCLP Firm you engage to provide legal services to you (as named in our engagement letter/confirmation email) is the Data Controller in respect of Your Information. 

To the extent that the engagement terms agreed with you include Data Processor requirements in respect of our use of Your Information which conflict with the provisions of this Notice, those requirements will apply in respect of Your Information which is collected and/or used by us solely as a Data Processor.

Subject to limited exceptions individuals have the right under applicable privacy laws to access and correct their Personal Information. If we have to provide Information in response to a request from someone whose data we hold in connection with your current or past matters (typically referred to as a ‘Subject Access Request’), we will discuss this (and any associated costs) with you as appropriate. 

The types of personal information we collect

If you are a client, the amount of your Personal Information which we collect will typically be relatively limited. In certain circumstances, we will need to know more information about you and related persons. For example, where we are acting as a trustee or otherwise for you as an individual in respect of personal tax matters, wealth preservation and/or divorce proceedings we may need detailed Information about your relatives (next of kin, dependents, beneficiaries, guardians and associates) and personal assets, amongst other things. Your matters may also involve Sensitive Information, for example where we are defending you from criminal prosecution, or on litigation/regulatory investigations or employment matters.

Under applicable anti-money laundering laws we have to obtain and hold satisfactory evidence of the identity of our clients and sometimes of related persons (including shareholders, beneficial owners, management, directors and officers), such as your/their passport/ID, proof of address and sources of wealth. Sometimes we will need to: (a) see original documents; (b) check the Information you provide; (c) use Your Personal Information to check your identity and background through electronic data sources; and (d) ask you for up-to-date evidence of identity. 

If you do not provide us with this Personal Information, or if it is not satisfactory, we may not be able to act, or to continue to act, for you. 

We are also required to report to the regulatory authorities suspicions of money laundering and terrorist financing. This will involve the Processing of Sensitive Information where applicable, such as details of criminal allegations and/or findings, regulatory action, and related proceedings which are reported in the press and electronic/other data sources. For further details, please see the Who will Your Personal Information be shared with? section of this Notice below.

Further information for applicants for a role

Our online recruitment portals

We use two specialist suppliers to manage our respective online recruitment portals for graduate level and other Staff positions. When you apply for a role through our careers website at http://www.blplaw.com/jobs/Home, your Personal Information is stored on our behalf (and managed by us) in the suppliers’ secure servers in the UK and Ireland. We will also transfer your Information to our systems.  

In the UK, we outsource certain other functions to specialist suppliers where needed (for example for contextual recruitment purposes; and to process brand ambassador roles), who will also have access to certain of your application Information. You will be informed at the relevant time if your application involves such services.    

All suppliers used in our recruitment process are leading specialist providers, who are subject to strict information security and compliance due diligence checks, and contractual confidentiality obligations.

Pre-hiring checks

As a regulated law firm, we are required to undertake appropriate pre-hiring checks of Staff and Partners. These are undertaken once you accept an offer, and subject to strict controls. We will only undertake those specific checks on you which are legally permitted in the relevant jurisdictions.

If you do not provide the required Personal Information (or your consent to Personal Information held by third parties being disclosed to us where applicable), we will not be able to hire you.

For roles in our UK and certain other offices, we use a UK-based specialist provider to undertake international professional verification and background checks (including through electronic data sources, and directly with your current/previous employers, professional bodies/regulators and other third parties where appropriate) on our behalf. We will also undertake certain verifications ourselves.

We adopt a risk-based approach to our pre-hiring checks, which will include verifying your identity; nationality/right to work; and academic/legal qualifications and experience. The types of Personal Information which will typically be collected as part of our checks includes:

Personal details Such as copies of your passport and/or ID card;  your driving licence (where required in connection with your role); your home contact details and personal address history.
Right to work Including your nationality and any required work permit included in your passport.
Professional and academic details Including your educational, academic and vocational (e.g. LPC/BVC) certificates, admission certificate and practising certificate if you have one. We will also review your current employer's website and your LinkedIn profile to confirm your current position where appropriate.
References from the referees you provide to us as part of your Application Including confirmation of your work history, competencies and previous salary where appropriate.

Where we are legally permitted to do so, these checks will involve the Processing of Sensitive Information - for example, by asking you if there are any criminal offences or regulatory decisions, orders, or related factors (including details of any judgments involving the payment of money) which would affect our ability to hire or remunerate you for the particular role.

Enhanced pre-hiring checks

If you will have access to especially sensitive information as part of your role (for example in the IT, Finance & Accounts, and Office of General Counsel  departments) and for more senior positions, we will undertake enhanced checks to ensure your trustworthiness, integrity and reliability for the role, and that there are no regulatory prohibitions on us hiring or remunerating you. Depending on your specific role and seniority these will include:  

  • Credit and bankruptcy checks
  • Adverse media checks 
  • Directorship disqualification checks
  • Basic criminal records checks

In addition:

  • For roles in the UK and certain other offices we will also ask you to fill out a basic medical questionnaire (and to undertake an occupational health test where appropriate) to determine if any work place adjustments are needed. The medical results are reviewed by our specialist healthcare provider, and will not be disclosed to us unless you consent – but if you do not consent, we will not be able to put the adjustments in place for you.
  • Where this is required by a regulator for your admission as a lawyer, your registration as a foreign lawyer, the processing of a work permit or for other regulatory purposes, it will be necessary for you to request a certificate of good standing from your home regulator; and/or to agree to enhanced criminal records checks being undertaken by the relevant regulator/ public/governmental authority, and to copies/the results being disclosed to us. • In the UK and certain other offices where this is permitted under applicable local law, we will ask you to complete a diversity questionnaire as part of the recruitment process for equal opportunities monitoring and diversity reporting purposes. All diversity information is automatically anonymised, and saved in our recruitment portals (and subsequently used) in an aggregated format which cannot identify you.

All Personal Information Processed under our pre-hiring checks (and our broader Processing of Sensitive Information) are subject to enhanced confidentiality requirements, and shared strictly on a need-to-know basis. Any relevant factors disclosed as part of the process will only be used in accordance with applicable equal opportunities legislation, and our related policies.

Further information for  suppliers and external advisers 

As a business, we are under legal and regulatory obligations to perform appropriate vetting of our suppliers and external advisers. This includes ensuring that you have appropriate compliance systems, policies and procedures on information security and data protection, and for the prevention of economic crimes (such as money laundering, tax evasion, fraud and bribery and modern slavery). 

If you do not provide the required vetting information, we may not be able to engage you. We will notify you at the relevant time if this is the case.    
We adopt a risk-based approach to our vetting, based on the sensitivity of the information you will have access to and the work you will undertake for us. In certain circumstances where we are legally permitted to do so, this will involve the Processing of Sensitive Information (such as allegations or findings of criminal acts, regulatory action and related proceedings) which are disclosed to us by you or your employer. 

Sometimes we will need to: (a) see original documents; (b) check the information you or your employer provide; and (c) use Your Personal Information to check your identity and background through electronic data sources

Where is your personal information stored and who will it be shared with?

We understand the importance of keeping your Personal Information secure. Your work contact details and a marketing profile will be added to our internal contacts database (which is accessible by our international offices). Your name, employer and job title may also appear in certain internal client matter summaries. We will only share more personal Information where appropriate. For example:

  • Our internal Compliance team (who are primarily based in England, Singapore and the US) handle new client and matter opening (including client due diligence). They (in addition to certain of the Staff and Partners in our relevant offices working on your matter) will therefore have access to such Personal Information. 
  • Under applicable rules and laws (including those in respect of anti-money laundering and any economic, financial, political, legal and other sanctions imposed by the United Kingdom, European Union, United States or other relevant country or international organisation (“Sanctions”)) or court orders we will, exceptionally, have to disclose details of your affairs (including Sensitive Information) to the relevant authorities. We will not always have the right to tell you that this has happened. 
  • In certain circumstances we will also have to share some of this Personal Information with Select Third Parties who need limited access in order to provide services to us, or to enable us to provide services to you. 

How long we keep you information

After the expiry of the retention period, we may dispose of your matter files (including your Personal Information) without further notice to you, except for any documents or deeds that we have agreed in writing to hold for safe keeping.

This site uses cookies to help us manage and improve the website, your browsing experience, and the material/information we send to our subscribers. For further information about cookies, including how to change your browser settings to no longer accept cookies, please view our Privacy Notice. Otherwise we will assume you are OK to continue.