Privacy Policy

Privacy Policy

Irwell Law is committed to protecting your information and privacy.

This notice (together with our terms of business) explains how we use and process personal information that we collect from you. It addresses information provided to us

  • When visiting our site
  • When instructing us in connection with provision of legal services
  • As a result of our communications with you
  • When subscribing to our email updates or other marketing activity

It sets out how we process it, with who we may share it, and choices you can make regarding use of information collected.

We also describe measures taken to protect security of information provided and how you can contact us about our privacy practices. Please read it carefully to understand our views and practices about why personal information is collected, what we do with it, and how we use it.


This notice may change from time to time. Changes will be incorporated on this page. Please review it periodically. Further information about data privacy may be found in our client care letter sent to you along with our terms of business.

The last update was April 2021.

Data protection

For Data Protection legislation notification purposes, we are registered as a data controller with the Information Commissioners Office (ICO). Our registration details are as follows:

  • Peninsula Legal Services Limited t/a Irwell Law A8917199.

Who we are

Irwell Law The Peninsula Victoria Place Manchester M4 4FB is regulated by the Solicitors Regulation Authority (SRA) number SRA ID: 815945 in England and Wales.

As a regulated practice, we process personal information in accordance with data protection legislation and in line with obligations imposed on us under the SRA Code of Conduct 2011.

How we collect your personal information

We collect, retain and process personal information to enable us to give legal advice, provide legal services and conduct legal proceedings and transactions on behalf of our clients.

We may collect personal information in a number of ways, including:

  • Online via our website
  • Emails to us
  • In hard copy by post, in person, or over the telephone
  • Through the provision of legal or training services to you
  • During the course of our dealings with you for or on behalf of a client
  • When you contact us via this site by filling in a form to enquire about our legal services
  • When you contact us with queries, we may keep a record of that correspondence
  • When you attend in person at our office
  • When we collect your personal data from other companies within the Peninsula Group of companies
  • When we collect publicly available information about you or your business, including, directly or indirectly, through electronic data sources, for example (but without limitation) for the preparation or filing of legal documents and forms, and in connection with anti-money laundering and credit risk reduction
  • For placement, recruitment and selection purposes.

Personal information collected

The type of information collected depends upon our relationship with you and the context in which we obtain and process your personal data.

Information collected and processed may include details of the following types of information:

  • Contact information (name, address, (including postal and email addresses), telephone and fax numbers and gender)
  • Occupational information, (job title, former job titles, organisational associations, professional experience and qualifications, interests and preferences where you advise us of these details in order to provide you with relevant tailored information about our services)
  • Identification documents, including date of birth and photographic identification
  • Online services in respect of which you have expressed an interest
  • Other information collected and used in the course of the provision of our legal services
  • Details of your visits to our site, the resources accessed, including traffic data and other communication data
  • Images captured by CCTV cameras at our offices
  • Where necessary and legally permitted, we may also collect sensitive data, such as diversity and health data and details of offences and related proceedings.

What we do with personal information collected

We use the information provided to:

  • Ensure content from our site is presented in the most effective manner
  • Contact you by email, post or phone where you have provided contact details. We may also keep a record of that correspondence
  • Notify you about any changes to our services
  • Improve our products and services
  • Conduct our legitimate business interests and those of our clients in connection with the provision of our legal services
  • Maintain internal records
  • Ensure good governance, accounting, management, auditing and risk management
  • Carry out our obligations arising from any contracts entered into
  • Provide you with information, products or services which you request from us
  • Facilitate the provision to you of online or other training services
  • Send you information, or newsletters and legal updates which you may find of interest where you have indicated your wish to be contacted for such purposes
  • Pass your details to experts, including counsel and other professionals for the purposes of obtaining professional advice and complying with our contractual obligations
  • Pass your details to secure third party service providers, who are under contract to assist us in our provision of legal services
  • Contact you in the course of providing our legal services
  • Assist with recruitment and selection process
  • Convert into anonymised, statistical or aggregated data which can’t be used to identify you but may be used for the purposes of statistics, research reporting and future planning for our business and strategic objectives
  • Where we have other legitimate reasons, such as to enforce our terms of use, or take other action required or permitted by law or for other safety and security reasons
  • To respond to complaints against us
  • We also process personal data in anonymised form for statistical and/or insurance and/or legal advice purposes.

Who do we share your information with

In providing our services, we may provide your personal information to staff in our office or other third parties, such as:

  • Any successors in title to our business, or as part of mergers
  • To other suppliers, such as expert witnesses, counsel, or other external agencies that we engage on your behalf. When we do so, they are required to act in accordance with our instructions and keep your personal information secure with an adequate level of protection
  • To courts, tribunals and other government bodies and relevant regulators (SRA, Law Society and the ICO) in connection with matters relating to provision of our services
  • To fraud prevention agencies
  • To professional indemnity insurers, brokers, auditors and other professional advisers
  • To our clients in connection with the provision of our services
  • To auditors in connection with maintenance of our quality certifications
  • To other third parties when required by law or other regulatory authority, where we are under a duty to do so to comply with legal or professional obligations (for example to comply with anti-money laundering obligations and counter terrorism measures)
  • To enforce or protect our rights, property or the safety of our partners, staff and clients. (This includes exchanging information with other companies and organisations for the purposes of fraud prevention and detection and credit risk reduction)
  • To other parties in legal proceedings, including solicitors acting on the other side of a case or transaction
  • To costs draftsmen
  • To financial institutions providing finance for transactions.

On what basis do we process your information

The legal grounds for processing your personal data depends upon the nature of our relationship with you and the context of processing and are as follows:

  • Processing is necessary for the performance of a contract with you, or to take steps prior to entering into a contract with you. Our retainer is comprised of our engagement letter and our terms of business which sets out the terms of the contract and the services to be provided to you. If you ask us to provide online training, we will invite you to sign our terms and conditions for the supply of online training services
  • Processing is necessary for the purposes of our legitimate interests or those of our clients in the provision of legal services and use in legal proceedings, except where those interests are overridden by the interests, rights or freedoms of affected individuals. In order to determine this we shall weigh up a number of factors, including what you were told at the time you provided your data, what your reasonable expectations were, and the nature of the data as well as its impact upon you
  • Processing is necessary for compliance with mandatory legal obligations to which we are subject.

How long do we keep your personal information

We only retain your information for as long as is necessary for the purpose for which it was obtained. This could include compliance with legal obligations (by way of example, in relation to anti-money laundering regulations where we are required to keep information for minimum periods). It could also include conducting legal work as instructed or establishing or defending claims which could be made against us, for example for negligence in the performance of our obligations.

Information collected from you concerning other people

Where you provide personal information to us about other people, we accept it on the understanding that you have made the other person aware about how we will use and disclose their information.


Our services are not aimed at children. In matters involving children they will be represented by parents or legal guardians. Where we are acting in matters involving children we will explain why their personal data is needed and how it will be used.

Where will your personal information be processed

Here in the UK; we will never be required to transfer your personal information to countries outside the European Economic Area, (EEA) which do not provide the same level of data protection as in the UK.


We may provide you with information which we think you may find interesting via our newsletters, updates, competitions, seminars and other events. You can choose to restrict the collection or use of your personal information for this purpose. You can ask us to change your preference for receiving such communications, including legal updates and newsletters at any time.

Whenever you receive marketing communications from us, you will be able to indicate whether you wish to update your details or preferences.

If you would prefer not to receive this information please let us know via the contact form provided.

You have the right to ask us not to process your personal information for marketing purposes.

When we collect contact information (for example when you pass us your business card at one of our events or meetings) we may add your details to our marketing database and mailing list. In all other cases if we intend to process your information for marketing we will inform you before collecting your information.

IP addresses and cookies

Some information about website users is collected automatically and may be used by us to review and analyse how our site is used.

We may collect information about your computer, including where available your operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. This includes IP addresses, which all of our reporting systems anonymise.

We may also use information obtained by using a cookie file stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They are widely used to make sites work efficiently. They help us improve our site and deliver a better and more personalised service.

They enable us to:

  • Estimate our audience size and use patterns
  • Store information about your preferences and so allow us to customise our site to your individual interests
  • Speed up searches
  • Recognise you when you return.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Cookies used

Session cookies

These are cookies which are only on your computer for one visit. Once you close your browser, they are deleted. They’re used to do things like remember that you’ve logged into a site.

Tracking cookies

We have Google Analytics implemented on this site. This uses tracking cookies. These are also session cookies. They do not collect any personal data and help us collect information in an anonymous form.

Third party advertising cookies

We have LinkedIn's advertising cookies on the site. This allows us to track the efficacy of our LinkedIn ads and to understand the demographics of website visitors based on anonymised LinkedIn data. They do not collect any personal data.

Most web browsers allow some control of most cookies through browser settings. To find out more about cookies and how to manage or delete them, visit

Links to other websites

We may include links on our site to enable you to access third party sites directly. If you follow any links, this privacy notice will not apply. Third party sites operate their own privacy policies regarding processing of personal information and the use of cookies. Please check these policies before you submit any personal data to these external sites. We do not accept any responsibility for a third party site or use of your information or their use of cookies.

Access to your information

You have the right to request details of personal information which we hold about you.

If you would like a copy of your personal information, please write to [email protected].

Other rights

You also have the right to correct or complete information held by us.

If you think any information we have about you is incorrect, incomplete or needs updating please also let us know. We will update any information as soon as possible.

You may also in certain circumstances:

  • Request that we erase the personal data we hold about you
  • Restrict its processing whilst we continue to hold it
  • Where we process your data by automated means, ask us to transmit that data to another data controller. If you wish to request this we will let you know whether this is possible, taking into account compatibility of systems of the other data controller to whom you wish the transfer to be made
  • Object to processing. If you raise such objection we must stop unless we can demonstrate (1) an overriding legitimate business interest or (2) such processing is necessary in relation to legal proceedings
  • To have a decision taken by a human. We are however unlikely to take decisions which have a legal or similarly significant effect on you by automated means
  • Have a right to be notified of a personal data breach if it results in a high risk to your rights and freedoms
  • Right to withdraw your consent if you have given your consent to our processing of any of your personal data. (Please note that if you withdraw your consent, this will not affect the validity of any processing carried out prior to withdrawal).

These requests are free of charge.

Depending on the nature and extent of your request, we may be unable to continue acting for you. In this event, you will remain liable for our fees and disbursements incurred before the request was made.

Our contact information in connection with the exercise of these rights or other privacy issues appears at the bottom of this page.

If you consider we have breached our obligations in respect of your personal data you may raise your concerns with us. Alternatively, you can complain to the Information Commissioners Office. Further details can be found at

Security and storage

We have just one office in the United Kingdom. All information you provide to us in electronic format is stored on our secure servers within the United Kingdom.

The internet is a global environment. It can involve transmission of data on an international basis. Transmission of information via the internet or any social media is not completely secure. By using our site and communicating with us electronically, you acknowledge and accept our processing of your personal information in this way.

Although we adopt appropriate technical and organisational measures to protect your personal information, we cannot guarantee its security when sent to this site. Transmission is at your own risk.

Once your information is received by us either in electronic or physical form, we take all reasonable steps necessary to prevent unauthorised access and ensure your information is handled securely and in accordance with this privacy notice. We have put in place suitable electronic, physical and managerial procedures to protect and secure the information collected.

How to contact us

If you have any queries or requests regarding this notice, or our practices concerning your personal data, please contact [email protected].

We will take reasonable steps to resolve or answer concerns as soon as possible and normally within 30 days.

(Kindly note that queries about legal claims/legal matters should be directed to the file handler with conduct of the case as identified in our correspondence with you.)