This page explains Mitchell Law Limited’s privacy policy, how we use and protect any information that you give to us when you use this website and how we use cookies. We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this privacy statement. We may change this policy from time to time by updating this page, so please check it occasionally to ensure that you’re happy with any changes. This policy is effective from 25 May 2018.


Data Controller: Mitchell Law Limited, registered address: Heywood House, Heywood, Westbury, BA13 4NA, email:

Welcome to Mitchell Law’s Website and Social Media Privacy Notice.  The purpose of this Privacy Notice is to make you aware of how and why your personal data will be collected used, where it is obtained via your use of our website or social media accounts, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation.

By visiting (“our Website”) or the social media accounts that we operate (“our social media accounts”), you are accepting and consenting to the practices described in this policy.

What data will we collect and process

We may collect and process the following data about you:

  • Information you give to us – This is information about you that you give us by clicking on our Website, via our social media accounts or when you correspond with us via these means.  It includes information that you provide when you subscribe to our services; post material on our Website or via our social media accounts; participate in discussion groups or social media functions on or connected to our Webite; enter a competition, promotion or survey; and when you report a problem with our Website. The information that you give us may include your name, address, email addresses, phone numbers or other information for provision of our services. It may, where relevant, also include personal details that you provide relating to actual or potential job applications.


  • We may automatically collect the following information when you visit our Website or social media accounts:
    • questions, queries or feedback you leave, including your email address
    • your email address and subscription preferences when you sign up to our email alerts
    • how you use our emails – for example whether you open them and which links you click on
    • your Internet Protocol (IP) address, and details of which version of web browser you used
    • information on how you use the site, using cookies, page tagging techniques and the full Uniform Resource Locator, clickstream to, through and from our website (including date and time); time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs).
    • Information about your contacts and other personal information contained in your social media account
    • Location, device and demographic information

We also collect, use and share statistical or demographic data.  This data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect any such data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Our Website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.  Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests – this will cover the majority of data use obtained from our website and social media accounts.
  • Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

We will use your personal data information:

    • To administer our Website and the social media accounts that we operate and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
    • To improve our Website and the social media accounts that we operate to ensure that content is presented in the most effective manner for you
    • To improve our products and services
    • To help keep our Website and the social media accounts that we operate safe and secure.
    • To measure or understand the effectiveness of advertising that we serve to you
    • to deliver relevant advertising to you
    • To make suggestions and recommendations to you and other users of our Website and our social media
    • For networking purposes.
    • For internal record keeping

We might also share your personal information with third parties where required by law or our regulator (the SRA), where it is necessary to administer the working relationship with you, or where we have another legitimate interest in doing so.

”Third parties” includes third-party service providers (including contractors and designated agents, in particular our IT service providers and website operators, professional advisors, auditors, analytics platform providers and insurers)  All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

We may also need to share your personal information with a regulator or to otherwise comply with the law.


We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased legal services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing. You can opt out at any time by contacting

We will get your express opt-in consent before we share your personal data with any company outside the Mitchell Law for marketing purposes.

Data Security

We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data.

Your personal data may, throughout the course of its processing, be transferred outside of the European Economic Area (EEA). Where this is the case, all appropriate technical and legal safeguards will be put in place to ensure that you are afforded the same level of protection as within the EEA.

Rights of Access, Correction, Erasure and Restriction

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to verify that it is updated and complete.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to retain it or process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation, which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our Director, Catherine Mitchell.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.


You have the right make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the data protection authority, so please contact us in the first instance.

How we use cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

Our website is powered by WordPress, the well-known content management system that runs over 60 million other websites worldwide. The WordPress system and several of its plug-ins use cookies in order to enable our website to function properly.

We use Google Analytics to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. The cookies set by Google Analytics are:

_utma Contains a random number. Expires after 2 years.
_utmb Contains a random number and expires after 30 minutes.
_utmc Contains a random number. Expires at the end of your session.
_utmz Contains a random number details of the referring website. Expires after 6 months.

To opt out of being tracked by Google Analytics across all websites visit

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.