Privacy Policy


At Aspen Crown Solicitors, we are committed to protecting and respecting your personal information and privacy. This privacy policy relates to our use of any personal information we collect from you for any of our services. Whenever you provide us with such information, we are legally obliged to use your information in compliance with all applicable laws relating to the protection of personal information, including the Data Protection Act 2018 (DPA) and since 25 May 2018, The General Data Protection Regulation (GDPR).

We are regulated by the Solicitors Regulation Authority [SRA] and as such the SRA lays down guidelines on what we can do with all information you provide to us and the information we collect in the course of dealing with our clients individual legal matters. Such information can be very sensitive in a number of different ways, and as a controller, we have to keep it confidential and private.


Aspen Crown Solicitors Ltd is the controller and responsible for your personal data (collectively referred to as Aspen Crown Solicitors”, “we”, “us”, or “our” in this privacy notice.

Contacting us About Privacy & Data Protection

You can contact us regarding issues relating to this Privacy & Data Protection Policy in the following ways:

By e-mail:

By post: The Privacy Officer, Aspen Crown Solicitors, The North Colchester Business Centre, 340 The Crescent, Colchester, Essex CO4 9AD

By phone: 01206 489 077 asking for Tajammal N Butt

Aspen Crown Solicitors are committed to compliance with relevant UK and European data protection laws. We are regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom). We are responsible as ‘controller’ of that personal data for the purposes of the GDPR. Our use of your personal data is subject to the GDPR, other relevant UK and EU legislation and with regard to our clients their instructions and our professional duty of confidentiality.

We would request you to read this Privacy Policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or our regulatory authorities in the event you have a complaint. Please do not send us any information about you which you do not want to be used in the ways described in this Privacy Policy.

Personal data we may collect about you

We set out below the personal data we may collect. Personal data we regularly collect:-

  • – Your name, address and telephone number
  • – Electronic contact details, eg your email address and mobile phone number
  • – Information about your use of our IT, communication and other systems, and other monitoring information, eg if using our secure online client portal Personal data we may collect where and depending on why we have been instructed you:-
  • – Information relating to the matter on which you are seeking our advice or representation
  • – Information to enable us to check and verify identity, eg your date of birth or passport details Your National Insurance and tax details
  • – Financial details so far as required by the money laundering regulations or as relevant to your instructions including your ability to meet our invoices
  • – Bank and/or building society details
  • – Details of your professional online presence, eg LinkedIn profile
  • – Details of your spouse/partner and dependants or other family members, eg if you instruct us on a family matter or a will
  • – Your employment status and details including salary and benefits, eg if you instruct us on matter related to your employment or in which your employment status or income is relevant
  • – Your nationality and immigration status and information from related documents, such as your passport or other identification, and immigration information, eg if necessary for compliance with the money laundering regulations
  • – Your medical records, eg if they are material in court proceedings in immigration or family matter

This personal data is required to enable us to provide our service to you. If you do not provide personal data we ask for, it may delay or prevent us from providing services to you.

How your personal data is collected

We collect most of this information from you direct. However, we may also collect information:

  • – from publicly accessible sources, eg Companies House or HM Land Registry;
  • – directly from a third party, eg:
    1. > sanctions screening providers;
    2. > client due diligence providers;
  • – From a third party with your consent, eg:
    • > your bank or building society, another financial institution or advisor;
    • > consultants and other professionals that you or we may engage in relation to your matter;
    • > your employer, professional body or accountants;
    • > your doctors, medical and occupational health professionals;
    • > your authorised agent(s)
  • – via our website—we use cookies on our website (for more information on cookies, please see our website privacy statement published on our website)

This personal data is required to enable us to provide our service to you. If you do not provide personal data we ask for, it may delay or prevent us from providing services to you.

How we use cookies

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Website Privacy Notice

Any data that you submit using our website form will be held by Aspen Crown Solicitors as Data Controller and will be held securely and in accordance with the General Data Protection Regulation (the Data Protection Act 2018) for 12 months before being securely and confidentially destroyed.

Your data will not be disclosed to any third parties without your consent or as otherwise allowed by the relevant Data Protection legislation and will only be used for responding to your query (or purposes associated with that purpose).

You have the right to be informed about what data we hold about you along with other rights set out in the legislation. Further information about your rights under the data protection legislation can be found at

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over those websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a proper reason for doing so, eg:

  • – where you have given consent;
  • – to comply with our legal and regulatory obligations;
  • – for the performance of our contract with you or to take steps at your request before entering into a contract; or
  • – for our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

Records in Immigration Matters

Due to the nature of immigration services, a full record of information obtained from you, third parties and advice provided by us shall not be retained longer than 06 years unless you request that it be erased.

This is because we consider that it is in your best interests that we retain a full history of data which may be relevant to future matters you instruct us to deal with.

Such data can also be relevant to your immigration position should there be any dispute with the authorities or for us to be able to provide you with a record should you misplace important immigration documents. If you would like us to rectify or erase your data please refer to the section on ‘You and your rights’ below.

How long your personal data will be kept

We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. As a general guideline we will not hold your data for more than six years unless there is a specific need, or you instruct us to do so. When it is no longer necessary to retain your personal data, we will delete or anonymise it.

We will keep your personal data after we have finished advising or acting for you. We will do so for one of the following reasons:

  • – to comply with your instructions;
  • – to respond to any questions, complaints or claims made by you or on your behalf;
  • – to show that we treated you fairly;
  • – to keep records required by law.
Protection and storage of the information

We hold information securely in electronic or physical form and prevent any unauthorised access, modification or improper disclosure. Information relating to client’s matters is stored in the following ways:

Paper files
In personalised electronic files, bearing their own reference on a password protected integrated computer network
Secure off-site outsourced paper storage following the conclusion of the matter.

Our information security practices are supported by a number of security safeguards, processes and procedures. We store information in access controlled premises or in password protected electronic form. We require our third party IT providers to comply with appropriate information security industry standards. All staff and third party providers with access to confidential information are subject to confidentiality obligations.

Your rights

Subject to applicable laws, you may have certain rights regarding information that we have collected and that is related to you. We encourage you to contact us to update or correct your information if it changes or if you believe that any information that we have collected about you is inaccurate.

You can also ask us to:
i. see what personal information we hold about you,
ii. to erase your personal information

You may tell us if you object to our use of your personal information.

You have a right to complain to the Information Commissioner’s Office (ICO), but we would prefer you to contact us first. We should be able to resolve any matter quickly and to your satisfaction.

The Information Commissioner’s Office (ICO) is contactable through their website at or their help line on 0303 123 1113 or 01625 545745.

The address of the ICO is:
Information Commissioner’s Office
Wycliffe House
Water Lane

Changes to this privacy policy

This is a living document which we may update from time to time.
The Privacy Policy was last reviewed on 25th Dec 2019.

For more information please Contact Us