01642 225 553

Website Privacy Policy
Last updated: December 2025

Introduction

This notice explains why and how we process your data, and explains the rights you have around your data, including the right to access it and to object to the way it is processed. This Policy may be subject to change without notice.  You are expected to check this page from time to time to take notice of any changes we make, as they are binding on you.  This Policy links to our website Terms of Use.

General

The Website is provided by JRS-FDS Limited (referred to as “JRS Consultants” “us” “our” or “we” in these Terms of Use).   Our registered office is at Business Central, 2 Union Square, Central Park, Darlington DL1 1GL. Our company registration number is 08435479. The term ‘you’ refers to the user or viewer of our Website.  

Personal data

‘Personal data’ is any information that relates to a living, identifiable person. This data can include your name, contact details, and other information we gather as part of our relationship with you. It can also include ‘special categories’ of data, which is information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, trade union membership, genetic or biometric data, sex life or sexual orientation. The collection and use of these types of data is subject to strict controls. Similarly, information about criminal convictions and offences is also limited in the way it can be processed.

 

We are committed to protecting your personal data, whether it is ‘special categories’ or not, and we only process data if we need to for a specific purpose, as explained below. We collect your personal data mostly through our contact with you, and the data is usually provided by you, but in some instances, we may receive data about you from other people/organisations. We will explain when this might happen in this Notice.

Later sections of this Policy contain more information about:

  • Contacting you
  • Our grounds for processing your date when we work with you
  • Who we share your data with
  • How we store your data and how long we keep it for
  • Your rights as a data subject

Contacting you about events or areas of interest

As an individual, we will only send general invitations or updates to you if you have provided your consent for us to do so.  If you represent an organisation, we may write to you from time to time unless you have told us that you do not wish to receive further mailings. Any marketing and briefing emails will provide you with the option to opt out of future mailings.  You can also use this option to manage the type of mailings that you receive from us.

If you do not provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may stop providing that service, but we will notify you if this is the case at the time.

Personal data received from third parties

Our clients and other legal professionals may include personal data about individuals that is project that we are working on. We are committed to protecting all personal data that we hold and will treat this data with the same care that we treat data held about our clients.

Processing your data to provide you with our services

In general terms, we process your data to fulfil our responsibilities in the relationship that we have with you.  The table below lists more specific purposes for processing your data, and the legal basis for each type of processing.

Data we may process to provide our services to you

We may process the following personal data:

  • Your contact details so that we can share information with you
  • Information contained in emails or other correspondence from you and records of telephone calls or meetings with you
  • Details of your preferences where you have requested to be contacted about events, products or services, legal updates and/or news which we feel may interest you,
  • Information about you that we retain on your behalf

Under the UK General Data Protection Regulation (UK GDPR), a lawful basis is necessary whenever organisations process personal data. The core lawful basis for processing the personal data of our clients is one of ‘contractual obligation’, in that we need to process client personal data in order to deliver the services that we agree under this contractual retainer with you.

 

Additional grounds under which may process your data are:

  • Where you have provided us with explicit consent to the process your data; or
  • Where the data we are processing has already been made public by you.

Who we share your data with

Our IT system providers have access to data so that we can ensure that our systems operate effectively and that we are running current versions of software. Financial auditors view data to monitor that we are complying with statutory and regulatory requirements. Specialist confidential waste disposal contractors manage our paper archive records and carry out controlled destruction of the records when they reach the end of their retention period.

How we store your data

We recognise that your information is valuable, and we take all reasonable measures to protect it whilst it is in our care. We have exceptional standards of technology and operational security to protect personally identifiable data from loss, misuse, alteration or destruction. Similarly, we adopt a high threshold when it comes to confidentiality obligations and both internal and external parties have agreed to protect confidentiality of all information; to ensure all personal data is handled and processed in line with our stringent confidentiality and data protection policies.

 

We use computer safeguards such as firewalls, malware protection and data encryption. We also enforce, where possible, physical access controls to our premises and IT equipment to keep data safe.

Your personal data is held in both hard copy and electronic formats. All electronic personal data, including emails, is stored on secure cloud-hosted servers, which are located in the UK.

 

We will not normally send such data outside the EEA. We may sometimes send such data to a recipient in a country outside the EEA which has been designated by the EU Commission as providing adequate data protection. If we need to send the data to a country outside the EEA that has not been so designated, we will have appropriate contract clauses agreed with the recipient place to protect the data.

How long we retain your personal data

Our document retention schedule applies dates that meet a statutory requirement, reflect limitation periods for action following completion of a consultancy assignment or reflect good business practice. We will normally retain your personal data for no longer than six years from the conclusion of a consultancy arrangement. Once the applicable retention period expires, unless we are legally required to keep the data longer, or there are important and justifiable reasons why we should keep it, we will securely delete/destroy the data. 

Your rights as a data subject

The UK General Data Protection Regulation (UK GDPR) provides you with a number of rights. These include:

  • Requesting a copy of the personal information we hold about you. We require you to prove your identity with two pieces of approved identification. Please address requests to the Data Protection Manager  at the email address below. Please provide as much information as possible about the nature of your contact with us to help us locate your records. This request is free of charge unless the request is manifestly unfounded or excessive.
  • Having any inaccuracies in your data corrected. If you would like to update the details we hold about you, please contact our Data Protection Manager  at the email address below.
  • Requesting that we delete your personal data so it is erased from our records.
  • Having the data we hold about you transferred to another organisation.
  • Objecting to certain types of processing such as direct marketing.
  • Objecting to automated processing, including profiling. If you wish to exercise any of these rights, please contact the Data Protection Manager  at the email address below.

Exercising your rights, queries and complaints

For more information on your rights, if you wish to exercise any right or for any queries you may have, or if you wish to make a complaint, please contact our Data Protection Manager, Andrew Bean at:

 

JRS Consultants
Business Central
2 Union Square
Central Park
Darlington
DL1 1GL

Email: mailto:jrs@we-are-jrs.co.uk

 

Changes to this Policy

We may change this privacy notice from time to time. If we make any significant changes in the way we treat your personal information, we will take reasonable steps to draw your attention to this.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.