Skip to main content

HF are a firm of solicitors who deal with legal matters within the insurance and commercial business sectors. Your privacy is extremely important to us and we are fully committed to providing you with clear and transparent information about how we use your personal information. We value the trust you give us when sharing your personal information and we ensure robust measures are in place to keep your information secure and will only use it for the purposes outlined in this notice.

All data is processed lawfully, fairly, transparently and in accordance with data protection legislation. This privacy policy explains how we use any personal information we may collect about you in order to progress the legal matter you are involved in.

This privacy notice covers the following topics:

  • What information do we collect about you?
  • How will we use the information we collect?
  • Information collected as part of Fraudulent Claims Investigations
  • Retention Periods
  • Marketing
  • Rights regarding your information
  • Data Protection Officer
  • Changes to our privacy notice
  • How to contact us

 

What information do we collect about you?

We collect information about you when your insurance company submits a file for a legal matter concerning yourself and/or when you voluntarily submit information in relation to a legal matter. This information can include, but is not exclusive to:

  • Personal Data – such as your name, address, age etc.
  • Sensitive Personal Data – such as your racial or ethnic origin, medical records, political opinions, religious beliefs, criminal records etc.
  • Biometric Data – such as your passport or other identification containing facial images.

Please be advised that we only collect information that is relevant to the aforementioned legal matter.

When you access our website, the webserver logs your Internet Protocol (IP) address (a unique set of numbers that identifies one or more devices on a computer network), browser identifier and the time of access. Our website also uses cookies.

 

How will we use the information we collect?

We collect information about you in order to process and manage the legal matter. The information we use will be pertinent to the legal matter in some capacity. The information we collect can be used in a variety of ways to deal with the legal matter, such as:

  • Deciding on how the legal matter should be progressed
  • To prevent fraud

HF may be required, from time to time, to send your details to third parties in order to aid the progression of the legal matter and/or ensure your information is handled securely. These third parties can include, but are not exclusive to:

  • Transcription services
  • Expert witnesses
  • Barristers Chambers
  • Courts
  • Archiving facilities

HF will not share your information with any unauthorised parties, either within or out with the organisation.

 

Information collected as part of Fraudulent Claims Investigations

As part of our fraudulent claims workload, we are required to carry out lawful investigations to prevent and detect crime, using publicly available data sources, such as but not limited to:

  • Social media
  • General internet browsing
  • Companies House
  • HM Land Registry

Further to the above, we may also be required to search, cross reference and exchange information with database providers and organisations to verify information and/or prevent and detect crime. These databases and organisations can include, but are not limited to:

  • Fraud prevention and financial crime databases
  • Law enforcement and regulatory agencies
  • Identity verification or tracing databases, such as Experian, Equifax or GB Group Connexus
  • Screening (Using SmartSearch and InfoTrack) for the purposes of identifying money laundering concerns, sanctions, politically exposed persons, terrorist financing and other associated crimes
  • Claims history databases, such as the CUE (Claims and Underwriting Exchange)
  • Motor vehicle databases, such as the MIAFTR (Motor Insurers Anti-Fraud & Theft Register)

 

Retention Periods

Per the Limitations Act 1980, legal files are kept for a minimum period of 6 years from the date the legal matter is closed. There are certain circumstances where records concerning legal matters may be kept for longer than 6 years.

If you would like further information regarding this, please contact the Risk & Compliance team using the below listed contact information.

 

Marketing

We will not use your information for marketing purposes unless you have explicitly given your consent for us to do this. If you no longer wish for your information to be used for the purposes of marketing, please review your rights in the ‘Rights regarding your information’ section.

 

Rights regarding your information

Under data protection legislation you have the right to:

  • Request a copy of the information that we hold about you. This is called a Data Subject Access Request (DSAR). Please contact us if you wish to exercise this right. We may ask you for proof of identity before considering this request.
  • Request any information we hold about you is corrected if it is incorrect and/or inaccurate.
  • Request that the processing of your information is restricted. If you object to processing, we will restrict the processing of your information for the purpose to which you are objecting whilst we review your objection.
  • Request that your information is ‘erased’ from our records. You have a right to request the deletion of your information in advance of our standard retention periods. We will delete this information unless there is a lawful reason for the information to be retained.
  • Be informed about how your information is processed. We hope that the information contained in this Privacy Notice has achieved this but please contact us if there is any additional information you require.
  • Request data portability. Please get in touch and we will consider this request dependent upon the nature.
  • Object to any processing which is based on automatic profiling.

If you wish to exercise your above listed rights, please submit a request to HF using the contact information detailed in the ‘How to contact us’ section of this document. We will review each request submitted on a case by case basis and you will be advised on the outcome of your request in writing. HF reserves the right to reject your request if necessary.

 

Use of Third-Party Provider for AML Checks

To comply with applicable laws regarding anti-money laundering (AML), we utilise Smartsearch as a third-party provider for electronic checks. Smartsearch processes personal data, including your ID and address, to verify your identity and check for any sanctions or watchlist entries. This helps us ensure compliance with legal requirements and prevent fraud.

 

The lawful basis for the processing

We rely on lawful basis to collect and use personal data. Consent is obtained when individuals give clear permission for their data to be processed for specific purposes. Legal obligation applies when processing is necessary to comply with the law, excluding contractual obligations. Legitimate interests are used when processing is essential for our legitimate interests or those of a third party, provided there is no overriding reason to protect the individual’s personal data.

 

Lodging a complaint with the Information Commissioner’s Office (ICO)

Individuals have the right to lodge a complaint with a supervisory authority if they believe their personal data has been mishandled. You can do so by calling the ICO helpline on 0303 123 1113 or via their website. This right ensures that concerns about data processing can be formally addressed. In the UK, the Information Commissioner’s Office (ICO) serves as the supervisory authority. If you are dissatisfied with how your personal data has been processed, you can contact the ICO to file a complaint and seek resolution.

 

Data Protection Officer

In order to align with General Data Protection Regulations, we have assigned a specialist Data Protection Officer, within our firm, to deal with Data Protection policies, processes and data subject queries. Information on how to contact our Data Protection Officer can be found in the ‘How to contact us’ section.

 

Changes to our privacy notice

We keep our privacy notice under regular review and the most up to date version is available at www.h-f.co.uk. This privacy notice was last updated in March 2025.

 

How to contact us

Should you have any questions regarding our privacy policy or the information we hold about you, you can contact us by:

  • Telephone: 03300 240 711
  • Email: compliance@h-f.co.uk
  • Mail: Risk & Compliance – FAO The Data Protection Officer, PO Box 149, BLYTH, NE24 9FZ

 

Please note:

Any enquiries regarding the legal matter should be directed to your file handler. Contact information for your file handler is detailed within your client care letter.