PSL Privacy Policy

We take your privacy very seriously and are committed to protecting your personal data. This privacy policy explains who we are, how and why we collect, store, use, and share your personal data, and what your rights are under data protection law.

We act as the ‘data controller’ of your personal data, which means we decide how and why it is used. In doing so, we comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and our duty of confidentiality.

About the firm

Probate Solicitors Limited (trading as PSL) is a limited company registered in England and Wales (number 07275702). We are authorised and regulated by the Solicitors Regulation Authority (SRA), number 545298.

The following key terms are used in this policy

Personal data Information that identifies an individual, such as their name, address, email, or phone number.
Special category personal data Personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership; genetic or biometric data; health data; or data concerning a person’s sex life or sexual orientation.
Data subject The individual to whom the personal data relates.

Personal data we collect about you

We collect and use personal data to provide legal services and comply with our legal, regulatory, and professional obligations, including anti-money laundering legislation. If you do not provide the personal data we request, it may delay or prevent us from providing legal services.

Personal data we will collect about you:

  • Your name, address, email address, and telephone number(s)
  • Information to verify your identity, such as your date of birth, passport details, and proof of address
  • Details relating to the legal matter in which you are involved

Depending on your instructions and circumstances, and where relevant, we may also collect:

  • Your National Insurance and tax details
  • Bank and/or building society details
  • Information about other people involved in your matter (for example, family members, executors, beneficiaries, or trustees), which may include their contact details and dates of birth
  • Financial information about your assets, liabilities, property, investments, pensions, business interests, and other relevant affairs
  • Information about your employment history, business ownership, directorships, and other financial or professional interests
  • Nationality and domicile information
  • Health or medical information
  • Religious or philosophical beliefs
  • Information about your use of our IT, communication, and other systems, and other monitoring information

How your personal data is collected

We collect most of this information from you, but we may also it from:

  • Publicly accessible sources such as Companies House or HM Land Registry
  • Third party providers, for example anti-money laundering and sanctions screening services, or credit reference agencies
  • Third parties, with your consent, such as banks, employers, medical professionals, trustees.
  • Our website, for example when you use contact forms or cookies
  • Our IT systems, including case and document management systems, on-line meeting and recording systems, electronic calendars, telecommunications, and email.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a lawful basis for doing so. We rely on one or more of the following grounds:

  • Contract – to fulfil our contract with you or to take steps at your request before entering into a contract.
  • Legal obligation – to comply with our legal and regulatory obligations.
  • Legitimate interests – for our business or commercial reasons, provided these are not overridden by your rights and interests.
  • Consent – where appropriate, we will ask for your consent where this is the only basis relied upon. You can withdraw your consent at any time.

We may also use AI-assisted technologies in certain aspects of our work, such as legal research, document drafting, summarising, or analysing information. These tools help us to improve efficiency and support our legal services. Any AI-generated content is subject to human review by our legal professionals before being relied on or shared. We do not use AI tools to make final decisions about you without human involvement. If you have concerns about our use of AI in your matter, please let us know.

Where we process special category personal data, we will only do so if permitted under data protection law, for example with your explicit consent, to protect vital interests, or for legal claims.

The table below explains how we use your personal data and gives examples of the purposes for which we process it:

Purpose Examples
Service delivery and legal obligations

 

 ·    Provide legal services.

·    Conduct identity verification and fraud prevention checks, including referencing external databases where needed.

·    Enforce legal rights or take legal action.

·    Comply with statutory and regulatory obligations, including providing information to regulatory bodies.

·    Maintain accurate and up-to date client records.

·    Share information with our professional indemnity insurers and advisers where needed to arrange cover, manage risk, or handle legal claims.
Business operations and quality ·    Ensure compliance with internal policies and procedures.

·    Improve efficiency, training, and quality control.

·    Carry out statistical analysis to manage and improve our business.

·    Participate in external compliance audits and quality checks.

·    Use technology, including AI-assisted tools, to support efficient service delivery, with human oversight.

·    Communicate with current and former clients about our services, in line with data protection and e-privacy laws – such communications can be opted out of.
Security and confidentiality ·    Protect the confidentiality of commercially sensitive information.

·    Protect the security of systems and data.

·    Ensure safe and secure working practices, including compliance with health and safety obligations.

Marketing and promotional communications

We may use your personal data to send you updates (by email, telephone, or post) about legal and tax developments that may be of interest to you, and about our existing or new services. We rely on our legitimate interests to do this in line with data protection and e-privacy laws. Where consent is required, we will ask for it separately.

You can opt out of receiving these communications at any time by contacting us or using the unsubscribe option in our emails. We do not share your personal data with other organisations for marketing purposes.

Who we may share your personal data with

  • Professional advisers instructed on your behalf or referred to you, for example surveyors, barristers, medical professionals, accountants, or other experts, and with trustees or other relevant third parties where necessary to carry out your instructions.
  • Third parties where necessary to carry out your instructions, for example HM Revenue & Customs, HM Land Registry, or Companies House.
  • Our banks and insurers, including our insurance brokers.
  • External auditors and compliance consultants, for example in relation to regulatory requirements, quality assurance, financial audits, or accreditation schemes.
  • Service suppliers who support the efficient operation of our business, such as IT providers, document storage and destruction services, and other administrative suppliers.
  • Law enforcement agencies and regulatory bodies to comply with legal and regulatory obligations.

We only allow our external providers to handle your personal data where we are satisfied that they take appropriate measures to protect it. We also impose contractual obligations on them to ensure they use your personal data only to provide their services to us and in accordance with data protection law.

In limited circumstances, we may need to share personal data with other parties, for example as part of a business sale or restructuring. Where possible, the data will be anonymised, but this may not always be practicable. Any recipient will be bound by confidentiality obligations.

Where your personal data is held and transferred

Your personal data may be held at our offices, on our IT systems, or by relevant third-parties (see “Who we may share your personal data with”).

In certain circumstances, it may also be necessary to transfer your personal data to other countries, for example to a relevant third party, where you are based overseas, where beneficiaries or other parties are located abroad, or where your matter involves an international element.

If we transfer your personal data outside the UK, we will ensure it is protected to at least the same standard as under UK data protection law. We will only transfer your personal data where:

  • The UK government has deemed the destination country’s protection adequate.
  • Appropriate safeguards, such as standard contractual clauses, are in place.
  • A specific legal exception applies.

Where the data includes special category personal data, we will ensure that any additional safeguards or consents required by law are in place before making the transfer.

Keeping your personal data secure

We have appropriate security measures in place to prevent personal data from being accidentally lost, used, or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Anyone processing your information will do so only in an authorised manner and under a duty of confidentiality.

We also have procedures in place to deal with any actual or suspected data security breach. We will notify you and any applicable regulator of data security breach where we are legally required to do so.

If you want detailed information on how to protect your information and your computers and devices against fraud, identity theft, viruses, and many other online problems, visit www.getsafeonline.org. The site is supported by HM Government and leading businesses and offers advice on a wide range of online security risks.

How long your personal data will be kept

We will retain your personal data for at least six years after we have finished advising or acting for you. The exact retention period may depend on the nature of your instructions and our legal and regulatory obligations. We do this for one or more of the following reasons:

  • To comply with legal, regulatory, or insurance requirements.
  • To respond to any questions, complaints, or claims made by you or on your behalf.
  • To maintain records of the services we have provided.

We are legally required to retain personal data collected for regulatory purposes, such as identity verification or anti-money laundering checks, for at least five years, even if you do not go on to become a client.

We will not retain your personal data for longer than necessary — once the applicable period has expired, we will securely destroy, delete, or anonymise it.

Your access rights

You have the right, usually without charge, to:

Access To receive a copy of your personal data.
Rectification To ask us to correct any mistakes in your personal data.
Erasure In certain circumstances, to request that we delete your personal data (the “right to be forgotten”).
Restriction In certain circumstances, to request that we restrict the processing of your personal data.
Portability To receive your data in a machine-readable format and/or have it transferred to another data controller.
Objection To object to the processing of your personal data for direct marketing, and in other situations where we rely on legitimate interests.
Withdrawal of consent In certain circumstances, to withdraw any consent you have given at any time. This will not affect the lawfulness of processing based on consent before it was withdrawn.
Automated decision-making. To not be subject to a decision based solely on automated processing, including profiling, which has legal or similarly significant effects on you.

For more information about these rights and the circumstances in which they apply, please contact us. You can also refer to guidance from the UK Information Commissioner’s Office (ICO) on individuals” rights under the UK GDPR, available at www.ico.org.uk/for-the-public/

If you wish to exercise any of these rights, please:

  1. Contact us using the details below.
  2. Provide enough information to identify yourself (e.g. your full name, address, and client or matter reference number).
  3. If we do not already have sufficient information to verify your identity, we may ask you to provide proof of identity and address (for example, a copy of your driving licence or passport, and a recent utility or credit card bill).
  4. Tell us which right you wish to exercise and the information to which your request relates.

How to complain

We hope that our Data Privacy Manager can resolve any query or concern you may raise about our use of your personal information.

You also have the right to lodge a complaint with the UK supervisory authority for data protection, the Information Commissioner’s Office (ICO) via their website at www.ico.org.uk/make-a-complaint/ or by calling 0303 123 1113.

How to contact us

Please contact our Data Privacy Manager, Ms Caroline Wilden, by post, email or telephone if you have any questions about this privacy policy or the information we hold about you.

Address: Probate Solicitors Limited, 1705 High Street, Knowle, Solihull. B93 0LN
Email: c.wilden@psl-law.co.uk
Tel: 01564 758055

If you need this privacy policy in a different format (for example, large print, audio, or another accessible format), please let us know and we will do our best to meet your needs.

Changes to the privacy policy

This privacy policy was published on 22 May 2018 and has been amended  periodically, with the latest revision on 18 October 2025 We may make further changes from time to time.