Privacy Policy

Last updated: 10/07/2026
Guden Solicitors Ltd respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, share and protect personal data when you use our website, contact us, become a client, make an enquiry, apply for a role, or otherwise interact with us.

1. Who We Are

Guden Solicitors Ltd is a company registered in England and Wales.
Company name: Guden Solicitors Ltd
Company number: 14944821
SRA number: 8005081
Registered office: 2 Portman St, London W1H 6DU
Email: info@gudenlaw.com
Telephone: 020 3154 8930
VAT number: GB477460853

Guden Solicitors Ltd is authorised and regulated by the Solicitors Regulation Authority.
For the purposes of data protection law, Guden Solicitors Ltd is the data controller for the personal data we process, unless we tell you otherwise.

2. How to Contact Us About Privacy

If you have any questions about this Privacy Policy or how we use your personal data, please contact us using the details below:
Privacy contact: [Insert name or role, for example Data Protection Contact]
Email: [Insert privacy email address]
Postal address: [Insert postal address]
If we have appointed a Data Protection Officer, their details will be provided here:
Data Protection Officer: [Insert details or state “We have not appointed a Data Protection Officer.”]

3. Personal Data We May Collect

We may collect and process the following types of personal data:
Identity and contact details
This may include your name, title, date of birth, address, email address, telephone number, nationality, job title, company details and other contact information.

Client and matter information
This may include information you provide when instructing us, making an enquiry, completing forms, sending documents, attending meetings, communicating with us, or asking us to advise or represent you.

This may include personal, business, financial, immigration, employment, family, contractual, corporate, dispute-related or other information relevant to the legal services requested.
Identity verification and compliance information

As a regulated law firm, we may need to collect information to verify your identity, comply with anti-money laundering requirements, conduct sanctions checks, prevent fraud, assess source of funds or source of wealth, and comply with legal and regulatory duties.
This may include copies of passports, identity cards, driving licences, proof of address, company documents, beneficial ownership information, bank details and other due diligence information.

Financial and payment information

This may include billing details, payment records, bank account information, invoices, transaction details, funds received, disbursements, money on account and information required for accounting and regulatory compliance.

Special category data

Depending on the nature of your matter, we may process special category personal data, such as information about your health, racial or ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, biometric data, sexual orientation or other sensitive information.
We will only process this information where we have a lawful basis and an additional condition under data protection law, such as where it is necessary for legal claims, legal advice, regulatory obligations, substantial public interest, or where you have given explicit consent where required.

Criminal offence data

In some matters, we may process information about criminal allegations, offences, convictions, penalties, investigations or related proceedings. We will only process this where permitted by law and where relevant to the services we provide or our legal and regulatory obligations.

Website and technical data

When you use our website, we may collect technical information such as IP address, browser type, device information, operating system, referral source, pages viewed, date and time of visit, approximate location, website usage data and cookie information.
Please see our Cookie Policy for more information about how we use cookies and similar technologies.

Marketing and communication data

This may include your preferences for receiving updates, newsletters, legal briefings, event invitations or other communications from us.

Recruitment data

If you apply for a job, work experience, internship or consultancy role with us, we may collect CVs, covering letters, employment history, education details, references, interview notes, right-to-work information and other recruitment-related information.

4. How We Collect Personal Data

We may collect personal data directly from you when you:
  • use our website;
  • submit an enquiry form;
  • email, telephone, message or write to us;
  • instruct us or request legal services;
  • send documents or information to us;
  • attend meetings or consultations;
  • sign engagement documents;
  • make payments to us;
  • apply for a role with us;
  • subscribe to newsletters or updates;
  • interact with us on social media or professional platforms.

We may also receive personal data from third parties, including:
  • clients;
  • other parties to a matter;
  • courts, tribunals and public authorities;
  • barristers, experts, translators and other professional advisers;
  • banks, payment providers and financial institutions;
  • Companies House, HMRC, Home Office, Land Registry and other public bodies;
  • identity verification, AML and sanctions-checking providers;
  • referrers, introducers or business contacts;
  • employers, recruitment agencies and referees;
  • publicly available sources.

5. How We Use Personal Data

We may use personal data for the following purposes:
  • to respond to enquiries;
  • to assess whether we can act for you;
  • to provide legal advice and legal services;
  • to manage client matters;
  • to verify identity and carry out AML, sanctions and conflict checks;
  • to communicate with clients, contacts and third parties;
  • to prepare documents, correspondence, applications, contracts, submissions and legal advice;
  • to represent clients in negotiations, transactions, applications, disputes or proceedings;
  • to issue invoices and process payments;
  • to manage client money and accounts;
  • to comply with legal, professional and regulatory obligations;
  • to prevent fraud, money laundering and financial crime;
  • to deal with complaints, claims, audits and regulatory enquiries;
  • to manage our website, IT systems and security;
  • to improve our services and website;
  • to send legal updates, newsletters or marketing communications where permitted;
  • to recruit staff, consultants, trainees or other personnel;
  • to administer and protect our business.

6. Lawful Bases for Processing

We will only use your personal data where we have a lawful basis to do so. Depending on the circumstances, we may rely on one or more of the following lawful bases:

Contract
We may process personal data where it is necessary to perform a contract with you or to take steps before entering into a contract, such as assessing your enquiry or providing legal services.
Legal obligation

We may process personal data where necessary to comply with legal or regulatory obligations, including anti-money laundering, sanctions, accounting, tax, professional conduct, court, tribunal and regulatory requirements.

Legitimate interests
We may process personal data where necessary for our legitimate interests or the legitimate interests of a client or third party, provided those interests are not overridden by your rights and freedoms.

Our legitimate interests may include operating a law firm, managing client matters, preventing fraud, protecting our systems, improving services, managing business relationships and communicating with clients and contacts.

Consent
We may rely on consent in limited circumstances, such as for certain marketing communications or where explicit consent is required for certain types of sensitive data.
Where we rely on consent, you may withdraw your consent at any time.

Vital interests
In rare circumstances, we may process personal data where necessary to protect someone’s life.

Public task
In limited circumstances, we may process personal data where necessary for tasks carried out in the public interest, where applicable.

7. Legal Professional Privilege and Confidentiality

As a law firm, we are subject to professional duties of confidentiality.
Some information we process may also be protected by legal professional privilege. Where legal professional privilege applies, we will handle the information in accordance with our professional and legal obligations.

However, we may still be required to disclose information where required by law, regulation, court order, anti-money laundering obligations, sanctions rules or professional conduct requirements.

8. Who We May Share Personal Data With

We may share personal data where necessary and appropriate with:
  • clients and authorised representatives;
  • courts, tribunals, regulators and public authorities;
  • the Solicitors Regulation Authority and other regulatory bodies;
  • the Legal Ombudsman, where relevant;
  • barristers, foreign lawyers, experts, consultants and professional advisers;
  • translators, interpreters and document service providers;
  • identity verification, AML and sanctions-checking providers;
  • banks, payment processors and financial institutions;
  • insurers and insurance brokers;
  • accountants, auditors and tax advisers;
  • IT, cloud, hosting, software, cybersecurity and case management providers;
  • email, communications and document management providers;
  • marketing and website analytics providers, where permitted;
  • debt recovery providers, where necessary;
  • prospective buyers, investors or successors if our business or assets are transferred;
  • law enforcement agencies or other authorities where required by law.

We will only share personal data where there is a proper reason to do so and, where required, appropriate safeguards are in place.

9. International Transfers

We may need to transfer personal data outside the United Kingdom where this is necessary for a matter, for example where clients, counterparties, lawyers, experts, authorities or service providers are located overseas.

This may include transfers to countries that may not provide the same level of data protection as the UK.

Where required by law, we will use appropriate safeguards for international transfers, such as adequacy regulations, approved contractual clauses, transfer risk assessments or other legally recognised transfer mechanisms.

10. How Long We Keep Personal Data

We will keep personal data only for as long as necessary for the purposes for which it was collected, including legal, regulatory, accounting, insurance and professional obligations.
Client matter files are usually retained for a minimum period after the matter is closed. The exact retention period may depend on the type of matter, legal limitation periods, regulatory requirements, insurance requirements and our file retention policy.
Typical retention periods may include:
  • client matter files: [6 years or longer depending on matter type];
  • AML and identity verification records: [6 years or longer depending on matter type];
  • financial and accounting records: [6 years or longer depending on matter type];
  • website enquiry records: [6 years or longer depending on matter type];
  • recruitment records: [6 years or longer depending on matter type];
  • marketing records: until you unsubscribe or object, subject to lawful retention requirements.
We may retain some information for longer where necessary for legal claims, regulatory investigations, complaints, professional indemnity insurance, audits or legal obligations.

11. How We Protect Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.
These measures may include access controls, password protection, secure systems, encryption where appropriate, staff training, confidentiality obligations, secure document handling, cybersecurity controls, data backup procedures and supplier due diligence.
No method of transmission over the internet is completely secure. You should take care when sending information to us electronically, especially sensitive or confidential information.

12. Your Data Protection Rights

Subject to certain conditions and exemptions, you may have the following rights under data protection law:
  • the right to be informed about how your personal data is used;
  • the right of access to your personal data;
  • the right to rectification of inaccurate or incomplete data;
  • the right to erasure, also known as the right to be forgotten;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability;
  • rights relating to automated decision-making and profiling;
  • the right to withdraw consent where processing is based on consent.

These rights are not absolute. In some cases, we may be unable to comply with a request because of legal professional privilege, confidentiality, legal claims, regulatory obligations, court obligations, anti-money laundering requirements or other lawful reasons.
To exercise your rights, please contact us using the details in section 2.
We may need to verify your identity before responding to a request.

13. Marketing Communications

We may send you legal updates, newsletters, invitations or marketing communications where permitted by law.

You can opt out of marketing communications at any time by using the unsubscribe link in our emails or by contacting us directly.

We will not sell your personal data to third parties.

14. Cookies and Website Analytics

Our website may use cookies and similar technologies to operate the website, improve functionality, analyse usage and support marketing, where permitted.
Non-essential cookies will only be used where required consent has been obtained.
Please see our Cookie Policy for more information.

15. Automated Decision-Making

We do not make decisions based solely on automated processing that produce legal or similarly significant effects on individuals, unless we tell you otherwise.
If this changes, we will provide appropriate information about the logic involved, the significance and the expected consequences of such processing.

16. Complaints

If you are unhappy with how we use your personal data, please contact us first so that we can try to resolve the issue.

Privacy complaints contact: A Guden
You also have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection matters.

Information Commissioner’s Office
Website: ico.org.uk
Telephone: 0303 123 1113

17. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices, content or security of those websites.
You should read the privacy policies of any third-party websites you visit.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, regulatory requirements or how we process personal data.
The latest version will be published on this website with the updated date shown at the top of this page.
Manage cookies
We use cookies to provide the best site experience.
Manage cookies
Cookie Settings
Cookies necessary for the correct operation of the site are always enabled.
Other cookies are configurable.
Essential cookies
Always On. These cookies are essential so that you can use the website and use its functions. They cannot be turned off. They're set in response to requests made by you, such as setting your privacy preferences, logging in or filling in forms.
Analytics cookies
Disabled
These cookies collect information to help us understand how our Websites are being used or how effective our marketing campaigns are, or to help us customise our Websites for you. See a list of the analytics cookies we use here.
Advertising cookies
Disabled
These cookies provide advertising companies with information about your online activity to help them deliver more relevant online advertising to you or to limit how many times you see an ad. This information may be shared with other advertising companies. See a list of the advertising cookies we use here.