We value the personal data that individuals, clients and organisations choose to share with us, and we take their privacy very seriously.
About this Privacy Policy
This privacy notice sets out the categories of personal data we may ask you to supply, why we need that data, how we will use it and how long we will retain it.
We undertake to draw this privacy notice to the attention of all relevant parties, and should you engage our services we will take it to mean that you are satisfied with its contents.
Should you have any concerns or wish to discuss the contents of this notice further, please contact our Managing Partner at info@marlegal.co.uk
We may update this notice from time to time and we recommend you refer to it regularly on our website.
1.1 Who We Are
MAR Legal Ltd is a company registered in England and Wales (registered number 16300369). Its registered office is 27 Minto Street, Ashton-Under-Lyne, England, OL7 9DE
We are also registered with the Information Commissioner’s Office (the “ICO”) in the UK under registration number ZA318959.
MAR Legal Ltd collects, uses and is responsible for processing certain personal information about you. When we do so, we are regulated under the General Data Protection Regulations (GDPR) and the Data Protection Act 2018, and we are responsible as a “controller” of that personal information for the purposes of those laws.
1.2 What Personal Data Might We Need?
Our collection of personal data will be limited to the information required for our interaction with you. This includes data necessary for the performance of a contract between us and information that is essential for us to provide you with the requested services.
2. Categories of personal data we may collect from you include:
Your identification details (e.g. your title, full name, date of birth, marital status, gender, passport and/or ID number, contact details and email address);
Your bank and payment details; and/or
Information about your finances; and/or
Information to assist us with providing a service to you
Information when you attend a seminar, webinar or other event hosted by us.
2.2 The following are the types of personal data we collect:
- Information about you or your business that is available publicly, including through electronic sources, such as HMRC details, national insurance number, tax returns, and tax-related information.
- Information about your spouse, partner, dependents, or other family members.
- Employment records, including sickness and attendance, performance, disciplinary, conduct, and grievances, where relevant.
- Details of your pension arrangements.
- CCTV footage of you at our offices.
- Technical data obtained through cookies and similar technologies when you visit our website.
- Any personal data you provide to us.
- Other personal data found in correspondence and documents related to a matter in which you may be involved.
2.3 We may collect your personal data directly from you. However, on some occasions, we may also collect your personal data from other sources or third parties, including the following:
- Publicly accessible sources such as Companies House and the Land Registry.
- Third party service providers such as credit reference agencies.
- Your bank, building society or other financial institution or advisor.
- Your employer, professional body or pension administrator.
- Consultants and other professionals engaged in relation to your matter.
- An executor or a trustee providing details of beneficiaries.
- Through our website – we use cookies in order to collect certain personal data. Please see our Cookies Policy for further information.
- We do not seek to obtain personal data that falls outside the scope of this privacy notice and we kindly request that individuals do not furnish us with any unnecessary personal data. In accordance with data protection legislation we may destroy personal data supplied to us where we do not believe we have a sufficient legal basis to retain it.
Ensuring the accuracy and currency of your personal data is crucial. Kindly notify us of any changes to your personal data while we maintain our relationship.
2.4 Why Do We Need Your Personal Data?
We base our processing of your personal data on the following grounds:
- Performance of a contract we have with you, such as providing legal or other services.
- Compliance with legal obligations, such as conducting an anti-money laundering check.
- Pursuing our legitimate interests, such as reaching out to you with promotions or updates after providing you with our services.
- Consent given by you, such as signing up for our legal updates newsletter.
3. How Will We Use Your Personal Data?
We use your data exclusively for the purpose for which it was collected. The following are the ways we may utilise your data:
- Recruitment purposes.
- Provision of legal services as specified on our website.
- Provision of legal advice.
- Contacting you about our services, promotions, or updates.
- Invoicing purposes.
- Compliance with our legal obligations, such as performing ID verification checks and AML/bankruptcy and credit searches, and running conflict checks.
- Any other necessary use of your personal data to comply with our legal and regulatory obligations.
3.1 The following are the legal bases on which we rely to utilise your personal data:
- Our legitimate interests or those of specialist credit reference agencies for credit control and ID verification purposes.
- Compliance with our legal and regulatory obligations.
- Our performance of the contract for providing legal services to you.
- Our legitimate interest, as well as yours, to detect and prevent any criminal activity that could damage our reputation and/or yours.
- Our performance of the professional indemnity insurance contract with our insurer.
- We are responsible for all the information you provide to us, and we will inform you why we require the information when we request it. We will not sell your information and will strive to maintain its security as best we can since we take data security seriously.
We may also share your personal information with other entities connected with MAR Legal Ltd which are based within the United Kingdom.
4. Third Party Processors
As a law firm, we keep the personal information of our clients and prospective clients confidential unless required or permitted by law or consented to by the individual. Our officers, employees, and self-employed consultants may access your data when necessary. We may disclose personal data to regulatory bodies such as the SRA, HM Revenue & Customs, and the ICO in certain circumstances.
We may also share your data with third-party service providers that we have outsourced certain tasks to, such as IT, business administration, and marketing and analytics services. Additionally, we may share your personal data with our insurers and professional advisors, including lawyers, bankers, auditors, corporate financiers, and brokers in connection with the services they provide to us.
For advertising and analytics purposes, we share personal data with Facebook and Google. This enables us to display adverts to you on Facebook and the world wide web and utilize Google Analytics. For more information on Facebook’s advertising practices and how you can control your settings, visit this link. For more information on Google and how you can control your settings, visit Google’s Privacy & Terms site
Occasionally, we may need to transfer your personal data to third-party data processors to facilitate our relationship with you. Such processors have obligations under data protection legislation, as well as contractual obligations with us, regarding your data.
We ensure that all third parties respect the security of your personal data and handle it in accordance with the law. We do not permit our third-party service providers to utilise your personal data for their own purposes and only allow them to process your personal data for specified purposes and in accordance with our instructions.
4.1 The following are examples of the third-party data processors that we may use:
- Our professional advisers and auditors
- Our IT service providers
- Credit reference agencies
- Professional advisers whom we instruct on your behalf or refer you to
- Other stakeholders involved in your matter, including the other party and their advisers
- Government authorities and law enforcement officials, where necessary
- Our professional indemnity insurance insurers, brokers, or other relevant third parties, where necessary
- Our bank
- Potential buyers or acquirers of all or part of our firm
- Successors in the interest of our firm, in the unlikely event of administration, liquidation, or bankruptcy
- Third parties involved in hosting or organising events or seminars that you have expressed an interest in attending.
- Our marketing agency or for marketing reasons
- We will not transfer your personal data outside the European Economic Area (“EEA”) without your consent.
5. Marketing
If we have previously provided you with our services, we may contact you about other services, promotions, or events that we think may interest you. If you do not want to receive such communications from us, you can let us know by contacting us at info@marlegal.co.uk or by clicking the “unsubscribe” link at the bottom of any of our marketing emails.
If you choose to withdraw your consent for us to contact you for marketing purposes, we will securely dispose of your personal data and will no longer contact you, subject to our retention policy. We will only use the personal data you have provided for marketing purposes and will not share it with any third parties. You have the right to withdraw your consent at any time, and you can do so by contacting the Directors or using the unsubscribe option in our marketing emails.
We may use your personal data to market our firm, our people and the services we can provide to you, whether you are a previous or existing client of ours.
We will seek your consent before publishing any client testimonials as part of our marketing strategy. You will be given adequate notice and information about the process, including your right to withdraw your consent at any time.
6. International Data Transfers
a) From the UK (including England, Scotland, Wales, and Northern Ireland) to countries outside the UK
We may store copies of your personal and other data on computers located outside the UK. At times, we may share personal data with third parties located outside the UK. In such cases, we adhere to the regulations set forth in the UK General Data Protection Regulation. When we transfer your personal data outside the UK, we ensure that it receives an equivalent level of protection as afforded by the UK data protection laws, either through our own adequacy assessment or by using standard mechanisms available to us. These mechanisms may include:
Transfers outside the UK that are covered by adequacy regulations confirmed by the Information Commissioner’s Office.
The use of specific mechanisms approved by the Information Commissioner’s Office that provide personal data with the same protection as it receives in the UK.
7. Retaining Your Personal Data
As a company, employer, and provider of legal services, we have legal obligations to retain records containing personal data even after the main purpose of our relationship with you has ended.
However, we will stop processing and dispose of all personal data once our obligation to retain it ends. To determine the appropriate retention period for personal data, we consider various factors such as the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purpose of processing, and the applicable legal requirements.
We maintain appropriate security measures to prevent misuse, loss, or disclosure of your personal data. If you would like more information on the retention periods for different aspects of your personal data, you can request our retention policy from our Data Protection Compliance Manager.
Please note that this notice applies to all personal data we obtain, whether directly from you or through a third party. If you have been referred to us, we will assume that you are aware of who provided us with your information. However, if this is not the case, please inform us as soon as possible.
We will provide you with sufficient notice and information to request your consent before publishing any client testimonials as part of our marketing strategy. You have the right to withdraw your consent at any time.
8. Your Rights
You have certain rights regarding your personal data that we hold, including the right to access, rectify, erase, or transfer it to another data controller. We will not charge a fee to access your personal data or to exercise any of these rights, unless your request is unfounded, repetitive, or excessive.
You also have the right to be forgotten, which means you can request that we delete or remove your personal data, subject to applicable data protection laws.
You may object to the processing of your personal data if we rely on legitimate interest as our basis for processing or if we process your data for marketing purposes. However, we may have compelling legitimate grounds to continue processing your personal data that override your rights and freedoms.
Additionally, you may request the restriction of processing of your personal data, allowing you to temporarily suspend or restrict the processing of your personal data in certain circumstances.
Lastly, you may request the portability of your personal data held by us, allowing you to receive it or transfer it to another data controller in a structured, commonly used, machine-readable format.
To exercise any of these rights, please contact our Directors. Please note that we may refuse to comply with your request in certain circumstances.
If you have concerns about our handling of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection issues. We encourage you to contact us first to allow us the opportunity to address your concerns before approaching the ICO.
9. How to Complain
We strive to address any concerns or questions you may have regarding our use of your personal information through our Directors. However, if you are not satisfied with our response, you have the right under the GDPR to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner, who can be contacted via their website at https://ico.org.uk/make-a-complaint/, by telephone at 0303 123 1113, or by post at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
10. Cookies
We gather standard internet log information and visitor behaviour patterns when someone visits our website. This enables us to assess the traffic to different areas of the site and manage our systems efficiently. The information is collected anonymously and we do not make any attempt to identify or collect personal information about our website visitors without their knowledge.
Cookies, which are small text files that websites place on your device when you visit them, are also used on our website. They help to enhance website functionality and provide us with information about website usage. Most web browsers offer options to control cookies via the browser settings.
For more information about cookies, including instructions on how to view cookies that have been set and how to manage and remove them, please visit www.aboutcookies.org.
11. Google Analytics
Google Analytics tracks visitors who have enabled JavaScript and collects information such as the web browser used, operating system, IP address, pages visited, and time spent on each page. This data is used to optimize the website and for marketing purposes, but does not include any personally identifiable information. Reports are compiled using this information to help improve the site and target marketing efforts. The cookies used by Google Analytics store information about the current visit, whether the visitor has been to the site before, and what site referred them to the page. The information is collected anonymously and used to report website trends without identifying individual visitors. If you wish to opt-out of being tracked by Google Analytics, visit this Google page: https://tools.google.com/dlpage/gaoptout.
11.1 Facebook & Instagram and other social media
Certain pages on this website may incorporate links to Facebook and Instagram for the purpose of sharing, liking, and displaying content from these platforms. As a result, cookies may be placed on your computer.
To find out more please visit Facebook’s privacy policy:
http://www.facebook.com/about/privacy/
11.2 Twitter
Some pages on the site may be integrated with Twitter for sharing content, liking content, and displaying content from Twitter. These links may cause cookies to be set on your computer.
To find out more please visit Twitter’s privacy policy: http://twitter.com/privacy
11.3 LinkedIn
Some pages on the site may be integrated with LinkedIn for sharing content, liking content, and displaying content from LinkedIn. These links may cause cookies to be set on your computer.
To find out more please visit LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy
12. Google Ads
We utilise Google AdWords Remarketing to promote MAR Legal Ltd on the Google Display Network and other websites across the Internet. This service places a cookie on your browser to show you ads based on the sections of the MAR Legal Ltd website you have viewed. The cookie does not contain personal information or grant access to your device.
Its purpose is to inform other websites that you have visited a particular page, so they can display ads relevant to that page. This technique enables us to personalise our marketing strategy to fit your interests and needs.
If you prefer not to receive MAR Legal Ltd ads, you can opt out of Google’s cookie usage by visiting Google’s Ads Settings or the Network Advertising Initiative opt-out page to opt out of third-party cookies.
12.1 Google AdSense:
This website uses Google AdSense, a web advertising service provided by Google Inc., (“Google”). Google AdSense utilises “cookies” (text files) that are stored on your computer to analyse the use of the website. In addition, Google AdSense uses “web beacons” (small invisible graphics) to collect information, such as visitor traffic on the website. This information, including your IP address, is transmitted to and stored by Google on servers in the United States. Google uses this information to analyse your use of the website, generate reports on website activity and advertisements, and provide other services related to website and internet usage. Google may also transfer this information to third parties if required by law or if such third parties process the information on Google’s behalf. However, Google will not merge your IP address with other data held by Google.
You can prevent the storage of cookies on your hard drive and the display of web beacons by adjusting your browser settings to “no cookies accepted” (in MS Internet-Explorer under “Extras > Internet options > Data protection > Settings”; in Firefox under “Extras > Settings > Data protection > Cookies”). Please note that by doing so, you may not be able to use all the features of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
12.2 Automatic Data Processing:
We may collect information from you automatically in certain situations. This information is commonly obtained from the following sources:
- Logs generated by web servers
- Cookies
- Pixel tags or clear GIFs
- Third-party web analytics services
- Targeted advertising
- Your device or the apps you use
- General and precise location information, including geolocation
- Social media sites
- Business partners, contractors, and other third parties
12.3 Third party web analytics services
We collaborate with third-party service providers, such as Google Analytics, to gain a better understanding of how you utilise the MAR Legal Website. These service providers may place cookies in your browser to collect data, including how you found the MAR Legal’ Website, how you navigate it, what services you purchase, and what traffic is driven by different marketing methods. This data will help us to enhance our service and provide you with more tailored information and product offerings. We do not permit third-party service providers to collect sensitive information such as your credit card details, email address, or password. These providers can only utilise your personal data to deliver services on our behalf and may not share it with others or use it for any other reason except for an aggregated, non-personally identifiable basis.
For more information about Google’s privacy practices, please read its privacy policy available here. To disable Google Analytics cookie and other third-party web analytics service provider cookies, you can select to have your browser alert you when cookies are being written to your computer or accessed or choose to disable cookies altogether.
13. How do we protect your personal information?
While we make every effort to safeguard your personal information from unauthorised access, use, or disclosure, it is important to note that no method of transmission over the Internet or electronic storage is completely secure. In the unlikely event of a breach to your personal information, we will notify you in accordance with applicable law. Notification may be sent to you electronically, in writing, or by telephone if permitted by law.
14. MAR Legal does not sell or share your personal information.
MAR Legal does not engage in the sale or sharing of your personal information. We do not exchange your name, phone number, address, email address, or any other personally identifiable information with third parties in exchange for monetary compensation.
14.1 Lawful basis, and any legitimate interests, for the processing
The following table outlines the specific lawful basis for processing personal data, depending on the type of personal data and the reason for processing. Please be aware that we may process your personal data for multiple lawful bases, depending on the specific purpose for which your data is being used.
| Purpose/activity | Type of data | Lawful basis for processing including basis of legitimate interest |
| To provide the Site to you | (a) Technical Data | Legitimate interests (to promote our business and services via the web) |
| We will add you to our newsletter and update the recipient list. | (a) Identity Data(b) Contact Data(c) Technical Data(d) Marketing and Communications Data | a) We process personal data based on our legitimate interests, such as sending direct marketing materials to promote our business and services, including the soft opt-in method. b) In some cases where electronic marketing requires consent under the Privacy and Electronic Communications Regulations, and we are not relying on your opt-in, we will process personal data based on the lawful basis of consent. (Refer to Advertising, marketing, and your communication preferences section below for more information) |
| To manage our relationship with you which will include: (a) Notifying you about changes to our terms or Privacy Policy (b) Asking for feedback | (a) Identity Data (b) Contact Data (c) Enquiry Data (d) Correspondence Data (e) Marketing and Communications Data | The following are the lawful bases we rely on to process your personal data: (a) To perform a contract with you (b) To comply with legal obligations (c) To pursue our legitimate interests, such as keeping our records up-to-date and providing our services based on the latest terms. |
| To register you as a new client and respond to your enquiry | (a) Identity Data (b) Contact Data (c) Enquiry Data (d) Correspondence Data | (a) Performance of a contract with you (b) Legitimate interests, including pursuing an opportunity to win you as a new client before ground (a) above applies |
| To administer and protect our business and our Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) Identity Data (b) Contact Data (c) Enquiry Data (d) Correspondence Data (e) Technical Data (f) Marketing and Communications Data | (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)(b) Necessary to comply with a legal obligation |
| To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity Data (b) Contact Data (c) Enquiry Data (d) Correspondence Data (e) Technical Data (f) Tracking Data (g) Marketing and Communications Data | Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
| To use data analytics to improve our Site and the client experience | (a) Identity Data (b) Technical Data (c) Tracking Data | Required for our legitimate interests (to identify customer segments for our products and services, maintain our website’s relevance and accuracy, grow our business, and execute our marketing strategy). |
| To target potential new clients and lawyers via social media and the web | (a) Identity Data (b) Technical Data (c) Tracking Data | We believe it is necessary for our legitimate interests to use social media and the web to engage with new clients and potential new lawyers, for example, through LinkedIn. |
15. Updating our Privacy Policy
We regularly update this Privacy Policy. The latest version is always displayed on our Site and available on request. We have updated this policy in February 2025.