Skip to content

Privacy Policy

  1. Who we are and our privacy policy

We take privacy seriously and we are committed to protecting it.

Assessment Legal Limited is the data controller in relation to the processing activities described below. This means that we decide why and how your personal information is processed. We are registered with the Information Commissioner’s Office (ICO), which is the UK regulator for data protection. Our ICO number is ZB186663.

Our policy explains when and why we collect personal information about you, how this information is used, the conditions under which it may be disclosed to others as well as how it is kept secure.

This is our main privacy policy. We may, however, provide additional, specific privacy information to you as you interact with us in different ways (e.g. that we will only use certain information for specific purposes). To the extent that any of that information differs from what we say below, those specific statements will apply in those circumstances.

  1. Information we collect, how we use it, and how long we keep it for

We will only collect information about you if we have lawful reasons to do so. This may include performing our contract (where you are our client), where we have a ‘legitimate interest’ (for example, if you are referred to in a matter on which we are advising), and where you have given your permission for us to use your personal information in a particular way (for example, marketing or training updates).

We may collect personal information about you for the following reasons.

2.1 Marketing

If you have given us permission to do so, we may send you information promoting us and our products/services. This includes keeping you up to date with updates and news on topics you have opted to receive, whether new manuals or updates on regulation.

We will not share your information for marketing purposes outside of our company.

You can decide not to receive marketing communications or change how we contact you at any time. If you want to do so, please contact our Audit Manager, Lana Velkov (  

If you request us not to send you marketing emails, we will maintain a record of your preference not to receive emails by keeping this information.

We tell other clients and potential clients in general terms (without revealing personal information) about the products and services we provide. In some instances, they ask for more details on specific examples of our work. If we would like to give the party information specifically about you or the work we carry out for you, we will ask for your permission.

If you have provided information by filling in the general enquiries form on our website, we will use that information to respond to your enquiry and to record and monitor enquiries.

2.4 Automated decision-making and profiling

Automated decision-making is where a decision is made about you by a computer system without any human involvement. Profiling is the automated processing of personal information to assess certain things about you. We do not use any automated decision-making systems and we do not profile individuals.

2.5 Administration

We also use the information you give us for related purposes, such as:

  • Meeting our legal and regulatory obligations;
  • Keeping records;
  • Analysing operational and financial systems; and
  • Training and quality control.
  1. Who has access to your information

3.3 Regulatory purposes and outsourcing

We may need to reveal information about you in other situations to other people, such as our auditors and for audit, quality control and other purposes.

  1. Cross-border transfers

In the normal course of doing business, we will not transfer any of your information. However, if we need to use experts in other countries, given your permission, we make sure that appropriate protection is in place to transfer your information securely.

  1. Security precautions

We use a variety of physical and technical measures to keep your information available, safe from loss, accurate, and to prevent unauthorised access to it.

We store electronic data and databases on secure computer systems and control who has access to information (using both physical and electronic means). We use ‘the cloud’, which means that we store client information on servers which we do not own and which are not kept in our offices. We access these servers through secure connections. All of our cloud computing suppliers meet strict requirements for security and confidentiality.

Our staff receive data protection training and we have a set of detailed data protection policies which they must follow when handling personal information.

  1. Your rights

You have the following legal rights.

  • The right to ask us to confirm whether we hold your personal information and, if we do, to get a copy of the information we hold. This is known as a ‘subject access request’. Exemptions, including legal privilege, could mean you may not be entitled to receive all the information we hold on you. We will tell you if there is any information we have not provided and the reason for doing this.
  • The right to have your information erased, although this may not apply if we need to continue to hold or use it for lawful reasons.
  • The right to move your information to another organisation in an electronically readable form.
  • The right to have inaccurate information corrected.
  • The right to object to your information being used for marketing.

Please keep in mind that there are exceptions to the rights above and, although we will always try to respond to your satisfaction, there may be situations where we are unable to do so.

  1. Complaints about how we handle your information

If you believe that we have broken your data protection or privacy rights, you can complain to us direct by contacting our Data Protection Officer using the details set out above.

If you are not happy with our response, or you want to contact the UK Information Commissioner’s Office, which regulates and enforces data protection law in the UK, you can find details about how to do this at If you are unhappy about any other aspect of our service, you can find our complaints procedure here.

  1. Our information and how to contact us

We are a Private Limited Company incorporated in England and Wales. Our registered number is 11825472 and our registered office is at 23 Chepstow Court, Barleythorpe, Oakham, Rutland, LE15 7TT.

For the purposes of addressing any questions related to this privacy notice, please write to us at Assessment Legal Limited, 23 Chepstow Court, Barleythorpe, Oakham, Rutland, LE15 7TT.

  1. Changes to this privacy notice

Without warning, we may amend this privacy notice from time to time to make sure it is up to date and accurately reflects how and why we use your personal information. The current version of our privacy notice will always be posted on our website.