028 9045 6601

Boston Sullivan Solicitors Privacy Statement


  1. This Privacy Statement lets you know what we do with information we collect about you. The statement is addressed to individuals who are users of our services i.e. our clients, prospective clients, website users, and third parties. We refer to all these individuals as "clients" or "you" in this Statement.
  2. We are James Boston & Sullivan, Solicitors and Advocates. We are a long established legal firm based at 408 Woodstock Road, Belfast, Northern Ireland, BT6 9DQ.
  3. Our function is to provide a wide range of legal services for both private and commercial clients. Our team aims to provide our clients with a high level of personal service and expertise in an efficient and cost effective manner. Your personal data – what we collect and what we do with it.
  4. To fulfil our function, we will ask for information about you. We may ask for your name, address, contact telephone number, and/or a contact email address. We may ask for more detailed information from you when we are working with you on a matter or case relating to the delivery of our services. This is known as your "Personal Data".
  5. Where it is necessary, we will ask for your consent for your personal data where we have a legitimate reason for requesting it and a lawful basis for processing it.
  6. We may collect information about you from other persons or organisations but if we do this, it would also form part of your "Personal Data”. We only collect information from other persons or organisations where we have a lawful basis to do so or where you have given your consent to that person or individual to share your information with us.
  7. We use your Personal Data in the following ways:
    • To enable us to communicate effectively with you.
    • We cannot provide you with our services unless we can use the personal data that we collect from you to enable us to communicate with you during or prior to or after your interaction with us.
  8. We have set out below how we will use your personal data in several ways to administer our service(s) to you.
  9. Therefore, to administer our services, we can use your Personal Data in the following ways
    because it is in our interests to deliver and improve our services.
    • To manage our IT environment and business operation and ensure security of your
      data and our IT operations. We can use your Personal Data in this way because it is a necessary requirement for us to provide our services to you, and we also have a legal duty to ensure the security of your data.
    • To monitor and assess compliance with our internal policies and procedures and to comply with our legal, regulatory and good governance obligations. We can use your Personal Data in this way because we have a legitimate interest to do so and it will assist us to provide the best service to you.
    • For training purposes, we can use your Personal Data in this way because we have a legitimate interest to do so and it will assist us to provide the best service to you.

Sharing Personal Data

  1. We may also supply HMRC with the personal data of our employees to fulfil their and our taxation and national insurance responsibilities.
  2. To a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
  3. As we believe to be necessary or appropriate - To comply with legal process, to respond to requests from public and government authorities including public and government authorities outside your country of residence, to enforce our terms and conditions, to protect our operations, to protect our rights, privacy, safety or property, and/or that of you or others; to detect and prevent crime, including fraud;
  4. We will share your personal data with persons acting on your behalf but only where we have your consent to do so. Securing your Personal Data
  5. Where we hold your personal data, we undertake to take all reasonable steps to keep it secure, in both hard copy and digital/electronic formats. Data Processing overseas
  6. We use data storage facilities in the UK and in the USA only as a digital back-up data storage service for our business data. We have contracts in place with the companies who only store this data for us to ensure that it is stored in a safe and secure way. We DO NOT allow these companies to share your information with anyone else. Nor do we allow these companies to analyse or manipulate your information in any way. As stated earlier we only use these companies as a backup storage facility for our business data. Contacting us about this Statement
  7. Our Partner, Mr Paul Carson is our designated Controller of Personal Data for James Boston & Sullivan Solicitors and Advocates. He can be contacted by ringing the main office on +44 (0) 28 90 456601 or emailing us at woodstock@bostonsullivan.com.
  8. We are not required by current data protection legislation to have a specific Data Protection Officer (DPO). However, we take our data protection responsibilities seriously and have a designated data protection lead within our organisation. Our Office Manager has responsibility as our data protection lead and can be contacted by ringing the main office on +44 (0) 28 90 456601 or emailing us at woodstock@bostonsullivan.com. Our Office Manager is responsible for addressing any queries or questions you may have about this privacy statement or dealing with your requests to exercise your rights, which are described below. We recognise and respect your data protection rights as a data subject. To facilitate your rights, you can contact us at the telephone number and/or the email address above and/or in writing by letter addressed to Mr Paul Carson at James Boston and Sullivan
    Solicitors and Advocates at 408 Woodstock Road, Belfast BT6 9DQ for one or more of the following reasons:
    • To ask us to amend or update any information about you that is wrong or incomplete, this is known as “your right to rectification”.
    • To ask us to delete information about you, this is known as “your right to erasure”.
    • To tell us you no longer agree to us using information about you and asking us to stop, this is known as “your right to object”.
    • To tell us to stop using information about you to inform you of our services, this is known as “your right to restrict processing”.
    • To make a "data subject access request", which is a request by you for us to send you the personal data that we have about you.
    • To ask us to provide you or someone else (on your request) in a structured, commonly used and machine-readable format with the information that you have provided to us about yourself. This is known as “your right of "data portability".
    • To ask us not to use information about you in a way that allows computers to make decisions about you based solely on automated processing. This is known as “your right to restrict automated decision making”.
  1. Sometimes we will not stop using your information when you ask us to, for the reasons described in this Statement, but we will tell you about this if you make a request.
  2. In other cases, if we stop using your information we will not be able to provide the services that you are asking us to give you. We will tell you about this if you make a request. Complaints
  3. We respect your right to complain to the Information Commissioner's Office (ICO) about how we treat your Personal Data and Sensitive Personal Data. The ICO can be contacted at: https://ico.org.uk/global/contact-us/
  4. We are only allowed to keep your information if we need it for one of the reasons we have described above.
  5. We will keep it for up to 7 years to satisfy HMRC requirements or for as long as required where there may be additional legal or contractual requirements. Profiling
  6. We will not use your personal data to engage in any form of profiling or automated decision making with the use of a computer system. Changes to this Privacy Statement
  7. We may require to up-date this Privacy Statement from time to time. We will notify you of the changes on our website where we are required by law to do so.
  8. This is our first Privacy Statement under the new Data Protection Act 2018. It is version 01/2018, which was produced in July 2018. In the future we will always provide the current Privacy Statement on our website. Previous versions of the statement will be available on request using the following contact details: Tel. +44 (0) 28 90 456601 or emailing us at woodstock@bostonsullivan.com.

Get in Touch