PRIVACY POLICY

PRIVACY POLICY

1. Introduction This Privacy Policy explains how Immilex Global (“we”, “us”, “our”) collects, uses, discloses and protects personal data in the course of providing legal and related professional services and operating this website. We are committed to safeguarding personal information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR) and any applicable Solicitors Regulation Authority (SRA) requirements.
   By using our website or providing personal data, you acknowledge you have read this Policy.

2. Data Controller Controller: Immilex Global
   Address: 32 Design Drive, Dunstable, LU6 1FS
   Email: info@immilexglobal.com

3. Personal Data We Collect Depending on your interaction with us, we may collect:

• Identity Data: name, title, date of birth, gender, identifiers.
• Contact Data: address, email, preferred contact method.
• Matter Data: information you provide about a legal issue, dispute, transaction or enquiry.
• Financial Data: bank details, payment records, invoices, fee arrangements.
• AML / KYC Data: identity documents, source of funds, corporate ownership, sanctions screening results.
• Technical Data: IP address, browser type, device identifiers, time zone, operating system, referral URLs.
• Usage Data: pages visited, navigation patterns, interaction logs.
• Marketing & Communications Data: preferences regarding newsletters or events.
• Special Category Data: may include health, ethnicity, biometric, sexual orientation or criminal conviction data where strictly necessary; processed with appropriate safeguards and lawful bases.
  Do not send unnecessary sensitive data unless we request it securely.

4. How We Collect Data

• Direct Interactions: enquiry forms, emails, meetings, document uploads.
• Legal Engagement: onboarding, instructions, case progression.
• Automated Technologies: cookies, analytics scripts, security logs.
• Third Parties / Public Sources: Companies House, HM Land Registry, credit reference agencies, counterparties, courts, HMRC, regulatory bodies, sanctions lists, due diligence providers, professional referrers.

5. Lawful Bases for Processing We rely on one or more of:

• Contract
• Legal Obligation
• Legitimate Interests (balanced against your rights)
• Consent (for specific marketing or optional cookies)
• Vital Interests (rare)
• Establishment, Exercise or Defence of Legal Claims
• Substantial Public Interest (e.g., certain AML-related processing)

6. Marketing Communications We may send legal updates or event invitations only where lawful (consent or permissible soft opt-in). You may opt out at any time by using any unsubscribe method or contacting us.

7. Cookies & Similar Technologies We use necessary cookies for site operation and may use optional analytics or performance cookies. You can manage preferences through browser settings or (if provided) a cookie banner. Further cookie details are available on request.

8. Analytics & Tracking Aggregated usage data helps improve navigation, content relevance and performance. We do not attempt to identify individuals from analytics data unless required for security or legal compliance.

9. Automated Decision-Making / Profiling We do not conduct solely automated decision-making producing legal or similarly significant effects. If this changes, we will update this Policy.

10. Disclosures of Personal Data We may share personal data with:

• Internal personnel involved in service delivery.
• Opponents / counterparties and their advisers (where necessary).
• Counsel, experts, mediators, barristers’ chambers.
• Courts, tribunals, regulators, law enforcement.
• Professional indemnity insurers and brokers.
• AML / KYC and identity verification service providers.
• IT and cloud hosting providers.
• Document, practice and billing management platforms.
• Auditors and accountants.
• Referrers (where lawful).
  Processors are required to maintain appropriate security and act only on our instructions.

11. International Transfers If personal data is transferred outside the UK, we implement appropriate safeguards (such as legally recognised transfer mechanisms). Further information is available on request.

12. Data Security We apply layered technical and organisational measures including access controls, encryption (where feasible), monitoring, secure disposal, multi-factor authentication, staff training, confidentiality obligations and incident response procedures.

13. Data Retention We retain personal data only as long as necessary to:

• Fulfil the purposes collected.
• Comply with legal or regulatory obligations.
• Establish, exercise or defend legal claims.
  Retention periods vary by matter type. Data is securely erased or anonymised when no longer required. Further details are available on request.

14. Your Rights (Subject to Legal Exemptions) You may:

• Access your personal data.
• Request rectification.
• Request erasure (where no overriding lawful basis applies).
• Request restriction.
• Object to processing based on legitimate interests or direct marketing.
• Request data portability (where applicable).
• Withdraw consent (where consent is the lawful basis).
• Lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk).
  To exercise rights contact: info@immilexglobal.com (identity verification may be required).

15. Children Services are not directed at children without appropriate guardian involvement. If child data is processed, it is handled with heightened safeguards.

16. Third-Party Links Our website may contain links to external sites. We are not responsible for their privacy practices. Review their policies before providing personal data.

17. Changes to This Policy We may update this Policy to reflect legal, technical or operational changes. Material updates may be highlighted on the website or via direct notice.

18. Contact Immilex Global
    Email: info@immilexglobal.com
    Address: 32 Design Drive, Dunstable, LU6 1FS