PRIVACY POLICY

 1. Introduction

This Privacy Policy explains how LCCA (“LCCA”, “we”, “us”, “our”) collects, uses and protects personal data when you use our website and engage with our services. We are committed to protecting your privacy and handling your personal data in accordance with UK GDPR and the Data Protection Act 201

2. Who we are and contact details

LCCA is the data controller for the personal data processed via this website and in relation to our services. If you have any questions about this Policy or your personal data, you can contact us using the details on our “Contact” page, marking your enquiry “Data protection

3. Personal data we collect

We may collect and process the following categories of personal data, depending on how you interact with us:

  • Identification and contact details (for example name, email address, telephone number, postal address).

  • Enquiry and correspondence data (for example messages sent via contact forms, email, or event/call bookings).

  • Application and participation data (for example information you provide when applying for courses, events, programmes or memberships).

  • Marketing preferences (for example newsletter subscriptions, consent records, communication preferences).

  • Technical and usage data (for example IP address, browser type, device information, pages visited and interactions with our website, collected through cookies and similar technologies)

4. How we collect your data

We collect personal data in the following ways:

  • Directly from you when you fill in forms on our website, contact us by email or phone, apply for courses or events, or sign up to our mailing lists.

  • Automatically when you use our website, through cookies and similar technologies that record certain technical information and usage patterns.

5. Purposes and lawful bases for processing

We use your personal data for the purposes set out below and on the following lawful bases under UK GDPR:

  • To respond to enquiries and provide information you request (legitimate interests and/or performance of a contract or pre‑contract steps).

  • To process applications, registrations, bookings and participation in courses, events, or programmes (performance of a contract or pre‑contract steps).

  • To manage our relationship with you, including sending service messages about changes to terms, policies or services (legal obligation and/or legitimate interests).

  • To send you marketing communications about LCCA activities, events, courses and news where you have consented, or where permitted by law based on our legitimate interests; you can opt out at any time.

  • To administer, protect and improve our website, including troubleshooting, data analysis, testing, and monitoring usage (legitimate interests in running our organisation and IT services).

  • To comply with legal and regulatory obligations and to establish, exercise or defend legal claims (legal obligation and/or legitimate interests)

6. Marketing communications

Where you choose to receive marketing from us (for example by subscribing to newsletters or ticking an opt‑in box), we will use your contact details to send you information about relevant activities, events, and services.lawbite+1​
You can withdraw your consent or opt out of marketing at any time by using the unsubscribe link in our emails or by contacting us using the details in section 2.

7. Cookies and similar technologies

Our website uses cookies and similar technologies to make the site work, to understand how it is used and, where applicable, to personalise content or support analytics.
You can find more detail about the cookies we use, their purposes and how to manage your preferences in our Cookie Policy and via the cookie banner or settings tool on our site.

8. Sharing your personal data

We may share your personal data with:

  • Service providers and suppliers who support our website, IT, email, hosting, analytics, or other operational services, under appropriate data protection agreements.

  • Professional advisers (for example legal or financial advisers) where necessary for our legitimate interests.

  • Regulators, law enforcement bodies, or other authorities where required by law or to protect our rights or the rights of others.

We do not sell your personal data to third parties.

9. International transfers

Some of our service providers may be located outside the UK or may store data in other countries. Where this is the case, we take appropriate steps to ensure that your personal data remains protected, such as using standard contractual clauses or relying on other recognised safeguards in line with UK data protection law.

10. Data retention

We keep personal data only for as long as is reasonably necessary to fulfil the purposes set out in this Policy, including for the purposes of satisfying legal, regulatory, accounting, or reporting requirements.  Retention periods vary depending on the type of data and our legal obligations; when data is no longer needed, it will be securely deleted or anonymised.

11. Your data protection rights

Under UK data protection law, you have certain rights in relation to your personal data, subject to specific conditions and exemptions.

  • The right of access to your personal data and to receive a copy of it.

  • The right to rectification of inaccurate or incomplete data.

  • The right to erasure (“right to be forgotten”) in certain circumstances.

  • The right to restrict processing in certain circumstances.

  • The right to data portability in certain circumstances.

  • The right to object to processing based on legitimate interests or to direct marketing.

  • Where processing is based on consent, the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us using the details in section 2, and we will respond in accordance with legal time limits.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data; details are available at ico.org.uk.

12. Security of your personal data

We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. However, no system can be completely secure, and you acknowledge that the transmission of information over the internet is at your own risk; we recommend that you use appropriate security measures on your own devices.

13. Children’s data

Our website and services are generally directed at adults; where we process personal data relating to children or young people (for example for educational programmes), this will be handled with additional safeguards in line with applicable law and our internal policies.ico+1​
Where required, we will seek consent from a parent or guardian or rely on another appropriate lawful basis.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or services. Any changes will be posted on this page with an updated “last updated” date, and we encourage you to review it periodically.

15. How to contact us

If you have questions, concerns or requests regarding this Privacy Policy or our handling of your personal data, please contact us using the details on our “Contact” page, marked “Data protection enquiry”.