At Olivia McLaren, Ltd. we believe in being open and honest about the Personal Data that we hold about you.
By Personal Data we mean information that relates to you as a living individual and allows us to identify you, either directly or in combination with other information that we may hold.
By law, we can only process your Personal Data if we have a proper reason to do so (our lawful basis) as follows:
- to fulfil a contract we have with you
- if we have a legal duty
- if we have a legitimate interest to do so, or
- when you consent to it
We will only process your Personal Data for the purpose it is intended, that is to provide the advice and services you instruct us to supply.
We will be especially careful with special category data (Sensitive Data) and we will only collect and process this type of personal data if you have given us your explicit consent to do so.
We will make it easy for you to tell us how you want us to communicate with you and we will provide easy ways for you to contact us.
Who we are and what we do
Olivia McLaren, Ltd. is a foreign law practice dedicated to the provision of strategic immigration assistance for businesses wishing to establish or strengthen a U.S. presence and individuals interested in visiting, working in or immigrating to the United States of America.
We are registered with the Information Commissioners Office (ICO) registration no ZA367242 and any Personal Data collected will be used and held in accordance with the requirements of the EU General Data Protection Regulation (GDPR).
The person responsible for data protection compliance within the Company is Olivia McLaren, Principal Attorney. If you have any enquiries relating to the processing of your personal data please contact Olivia McLaren by email at Olivia@mclarenltd.com, or by phone on +44 (0) 131 221 6513.
How we collect Personal Data
We collect Personal Data from you when:
- you enquire about our services through completion of our on-line contact form, by email, phone, post or any other communication channel you choose; or
- you register with us as a client and communicate with us in person, by phone, post, internet, social media or by sending and receiving emails, faxes and texts.
Sometimes as part of the services you instruct us to provide we may obtain your Personal Data from third-party service providers but only if they provide the appropriate evidence that you have agreed for your Personal Data to be shared with us.
If we don’t collect your personal data, we may be unable to provide you with all of our services.
Accessing Our Website
A visit to our website or an inquiry does not create a client relationship between you and Olivia McLaren, Ltd.
We do not collect Personal Data indirectly, for instance by tracking people individually when they have used our website.
You have a choice if you wish to receive communications from us.
We will only communicate with you if you have chosen to contact us to enquire about our US Immigration Law Advisory Services or in the course of the advice and services you instruct us to supply. We do not collect or use any Personal Data for the purposes of direct marketing and we do not create and hold email subscriber lists.
If at any point you would like to change the way in which we communicate with you just let us know by contacting Olivia McLaren at Olivia@mclarenltd.com.
What Personal Data do we collect?
In the course of providing US Immigration Law Advisory Services as instructed by you, we may collect Personal Data about you and your family members, including children under the age of 13. This is to help us verify your identity, respond to your requests, deliver our services and comply with any applicable laws and regulatory requirements.
The Personal Data we collect may include your name, email, IP address, current address, telephone numbers, date of birth, gender, place of birth, nationality, citizenship, previous addresses and countries of residency, travel history, NI/Social Security Number, employment history, education, qualifications and financial information.
Sensitive Personal Data
Data Protection law recognizes that certain categories of Personal Data are more sensitive. The GDPR refers to this as Special Category Data. Sensitive Personal Data covers health information, race or ethnic origin, religious beliefs, political opinions, trade union membership and biometric data.
In order to provide the advice and legal services you instruct us to supply we collect Sensitive Personal Data for the purpose of providing US Immigration Law Advisory Services. The Sensitive Personal Data we collect about you might include biographic information, ethnic origin, sexual orientation, and medical information. We may also collect sensitive Personal Data about your family members, including children under the age of 13. This may include biographic information, ethnic origin and medical information.
We will always ask for your explicit consent to collect and use any Sensitive Personal Data about you and we will always ask for your permission to collect and use any Sensitive Personal Data about children under the age of 13.
In addition, we will always ask your family members for their explicit consent to collect and use any Sensitive Personal Data about them.
Criminal Offence Data
In the course of providing the services you instruct us to, we may also collect criminal record information about you and/or your family members, including criminal offences and police certificates. If this is the case, we will always ask for your explicit consent to collect and use this type of personal data.
How and why we use your Personal Data
If we process any Personal Data that you share with us, we will make it clear what we intend to do with it and our lawful reason for doing so.
We may use your Personal Data collected via our website, and our other communication channels which has been supplied by you in the course of providing US Immigration Law Advisory Services:-
- dealing with your enquiries and requests in relation to US immigration and nationality laws
- delivering our services and performing our obligations as part of a Contract you have with us
- complying with our legal obligations and regulatory requirements
Consent on how your Personal Data is used
We will always tell you why we are collecting and processing your Personal Data. Where it is necessary to obtain your consent, we will ask for this to be given by a positive opt in choice and we will provide you with information to enable you to make an informed choice. You can be confident that your Personal Data will not be used for any additional purpose without further consent being obtained. We will also tell you how you can withdraw your consent.
With whom we share your Personal Data
We do not share Personal Data with any third-parties for marketing purposes.
We will only share your Personal Data to a third-party service provider when it is necessary to deliver our service, as part of a contractual agreement we have with you, or if we are required to do so by law. For example, we may need to share with US government agencies, US law enforcement bodies and regulators.
We may also use third-party service providers to support the delivery of our services to you, for example, legal firms, translation services, medical specialists, credentials evaluators, and background checking services. When this happens, the third-party provider may use Personal Data or Sensitive Personal Data that you have provided to them in order to carry out their obligations as part of any contracts you have entered into with them. We will always tell you in advance if this is the case, and if the personal data is Sensitive Personal Data, we will ask for your explicit consent before any information is shared.
All our employees and third-party service providers who have access to, and are associated with the processing of Personal Data, are legally obliged to respect the confidentiality of your Personal Data.
Under the EU General Data Protection Regulation (GDPR) you have the following rights:
- The right of access to your Personal Data
- The right to edit and update your Personal Data
- The right to request to have your Personal Data deleted - this does not apply where your Personal Data is being processed on the basis of a legal obligation
- The right to restrict processing of your Personal Data where it may be incorrect or you think the processing is unlawful
- The right to data portability of your Personal Data
- The right to object to the processing of your Personal Data for the purposes of direct marketing, scientific or historical research or statistical purposes
- The right to make a complaint
Right to access, correct, delete, move or object to Personal Data
You have the right to request a copy of the Personal Data that we hold about you. The first copy response is free of charge. Thereafter we have discretion to charge a small administration fee. If you wish to access this right, please contact us at Olivia@mclarenltd.com and we will provide you with a Subject Access Request Form to complete.
The accuracy of your Personal Data is important to us. If you believe your Personal Data held with us is inaccurate, incorrect or incomplete, you can ask for it to be updated by contacting us at Olivia@mclarenltd.com and completing a Personal Data Control Form.
You have a right to have your Personal Data deleted if:
- it is no longer necessary for the purpose we originally collected and processed it for
- you withdraw your consent
- you object to the processing of your Personal Data and we have no legal reason to continue to process it
- your Personal Data was unlawfully processed by us
If you wish to object to us processing your Personal Data, this must be on grounds relating to your particular situation and you must explain this in your request. We will agree to stop processing your Personal Data unless we can show you that we have compelling legitimate or legal grounds for processing it.
If you wish to obtain and re-use your Personal Data under your right to data portability, you can do this if you provided the Personal Data to us and where the processing is based on your consent or related to a contract we have with you.
When you request to access your Personal Data or for it to be updated, deleted or moved, or you object to it being processed, we will normally respond to you within one month of the request being received. Sometimes, we may need to extend this timescale to three months and if this is the case we will tell you.
In order to protect you and your Personal Data we will collect, process, store and share your data safely and securely. To ensure this, we have in place manual, electronic and managerial procedures to safeguard and secure the Personal Data we collect.
Your Personal Data will be retained and disposed in line with UK and US legal and regulatory requirements and our Data Retention and Disposal Schedule.
If we have given (or where you have chosen) a password which allows you to access cloud-based applications for the delivery of our services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Transferring your personal data outside of Europe
As part of the services we provide to you, the Personal Data that you supply to us with will be transferred between the UK and the US. Your personal data will only be transferred outside of the EEA where this is required to meet our obligations as part of the contract you have with us and because the service is provided in whole or part from the US. Your Personal Data may, depending on your circumstance, also be transferred to other countries outside the European Economic Area (“EEA”). If we transfer your Personal Data outside of the EEA, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
Retention of data
In addition, we will not retain your Personal Data if you have asked for it to be deleted and there is no legal or compelling legitimate reason for us to keep it.
We aim to meet the highest standards when collecting and using your Personal Data. However, if you wish to make a complaint about the way that we have processed your Personal Data, you can do this by contacting Olivia McLaren, Principal Attorney at Olivia McLaren, Ltd.:
Olivia McLaren, Ltd. Forth House, 28 Rutland Square Edinburgh, EH1 2BW Scotland, United Kingdom Telephone: +44 (0) 131 221 6513
Email: at Olivia@mclarenltd.com
If you are not satisfied that we have addressed your concerns adequately, you have the right to complain to the ICO. Their contact details are:
The Information Commissioner’s Office – Scotland 45 Melville Street Edinburgh, EH3 7HL Telephone: + 44 (0) 303 123 1115 Email: firstname.lastname@example.org
We aim to ensure that we process your Personal Data in a transparent and lawful way, respecting your rights as an individual. However, if we become aware of a suspected Personal Data breach we will investigate this immediately.
If having assessed the situation, we believe that the Personal Data breach is likely to result in a risk to the rights and freedom of an individual then we will report the breach to the ICO within 72 hours of becoming aware of it. Examples of this may be Personal Data breaches that result in financial loss or loss of confidentiality, discrimination, damage to your rights as an individual, or our company reputation. We will also inform all individuals affected by the breach.
As part of our services to you we may provide links to other websites for your convenience and information. Please be aware that these sites may have different security and privacy policies. We recommend that you read these as we have no control over and take no responsibility for any information submitted to these other sites.
It will be amended as required to ensure it is up to date and reflects how we use your Personal Data as well as a result of any changes in relevant laws or regulatory requirements. If there is a significant change, where practical we will notify you of this. However, we recommend that you review this Policy from time to time.