In this Privacy Policy the terms, ‘we’ or ‘us’ is a reference to Black Graf LLP.

Your privacy is important to us and we are committed to keeping your information secure and managing it in accordance with our legal responsibilities under applicable data protection laws. We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number Z6491001.

Please read this Privacy Statement carefully as it contains important information to help you understand how and why we process any personal information that you give to us.

The information we collect

We process personal information which you give us:

  • As a client to provide you with legal services.
  • Whilst servicing your account through our website, in writing or over the phone.
  • If you request information or assistance from us.

The personal information we process

This includes:

  • Personal details such as your date of birth, address, National Insurance Number, telephone number and email address.
  • Identity information such as your passport, driving licence, utility bills or national identity card.
  • Credit history and records relating to you, your partner or anyone else you are financially linked with (we obtain this information from credit reference and fraud prevent agencies).
  • Family, lifestyle, financial and social circumstances.
  • Financial details such as your income and information about your bank accounts.
  • Employment/self-employment details.

Providing a service and internal processing


To assess your needs and provide you with suitable
products and services

Contractual obligation to provide you with, or a proposal
including a costs estimate Where special categories of
personal data are processed, these are necessary
to assess your needs

To service and administer your matter including billing
Legitimate interests to provide and manage the service
To verify the identity of our clients
Legitimate interests to provide and manage the service
To confirm, update and improve our client records
To comply with legal obligations in the Data Protection legislation

To provide you with any information on the
services that you have requested

To meet our contractual obligation to provide information on the
services you have requested

Relationship Management


To manage and develop our relationship with you

Legitimate interest to service your matter and improve our service to you

To inform you of products and services that may
be of interest to you, where you have chosen to be made
aware of this

With your consent

Training and development


For training purposes and to improve our
service to you

Legitimate interests to improve our services and develop
our employees

Complying with Legal Obligations


To prevent, investigate and prosecute crime,
fraud and money laundering

To comply with legal obligations for prevention
of financial crime and money laundering

For auditing purpose
To comply with our legitimate interest to conduct audits

If we are obliged to disclose information by reason of
any law, regulation or court order

To comply with legal obligations



To transfer information to any entity
which may acquire rights in us

Legitimate interests for commercial interests

For any other purpose to which you agree

With your consent


How we retain your personal information

We will retain your personal information in accordance with applicable laws. We will take reasonable steps to destroy or anonymise personal information we no longer need for the purposes we have set out above.

Our retention periods are (unless you agree otherwise or there is a legitimate reason for retaining the data longer):

Type of personal Information Retention Period

General personal data which includes your
normal personal data, personal identity
and personal financial data

Residential Conveyancing
Commercial Property
Matrimonial & Family

After the end of our business relationship with you,
or the end of your matter which ever comes later

Client Due Diligence Material which includes copies
of your Passport, Drivers Licence, Bank Statements
and any associated documents and explanations
you have given to us to prevent fraud,
financial crime and money laundering

5 years after the end of our business relationship
with you, or the end of your matter which ever
comes later

Special categories of personal data

6 years after the end of our relationship with you

Call recordings

1 year

NOTE: The individual retention periods may be increased where required. The fee earner acting for you case handler will confirm any change with you at the conclusion of the matter.

How we share your information

Where necessary or required we share information with:

  • Regulatory authorities to comply with our legal obligations.
  • Credit reference agencies to check your identity in accordance with our legal obligations.
  • Property Search Companies as part of our property due diligence for you.
  • Insurers for the purpose of providing you with appropriate financial cover for an identified insurable risk, or in connection with any claim made by you against us.
  • Property Agents, Brokers, Lenders, third parties or other Solicitors involved in your transaction representing other party(ies).
  • Government Departments such as HMRC, Companies House, Probate Registry, Court of Protection or HM Land Registry to fulfil your and our legal obligations.
  • Experts and Barristers required to work on your matter.
  • Our Auditors and external assessment bodies as required to meet any Regulatory or Quality Assurance Standards and accreditations which meet our legal obligations and/or enable us to provide quality legal services to you.
  • Parties that we subcontract functions to in relation to the legal services that we provide including compliance consultants and external typing agencies.

Information Security

We invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.


We will keep this Privacy Policy under review and make updates from time to time. Any minor changes to this Privacy Statement will be posted on our website and we will communicate any major changes to you.


Our website uses cookies (including Google Analytics cookies to obtain an overall view of visitor habits and visitor volumes to our Website).

Your Rights

You have the right to request copies of your personal information. If you think any of the personal information we hold about you is inaccurate, you may also request it is corrected or erased. You also have a right, in certain circumstances, to object to our processing of your personal information, to require us to stop processing your personal information and/or to withdraw your agreement to processing based on ‘consent’, but this does not apply where we have other legal justifications to continue processing your data or an overriding legitimate interest.
In relation to all of these rights, please write to us at the address below.

Complaints Process

If you have a complaint about how we have handled your personal information you may contact us using the details below and we will investigate your complaint. You also have the right to complain to the Information Commissioner’s Office – ( ).

Contact Us

You can contact us by writing to:

The Data Protection Manager
Black Graf LLP
100 Baker Street London W1U 6WG

Our data protection manager is Jane McKee (

Telephone queries can be made to 020 7586 1141