Our site contains links to other sites, these third party sites have separate data collection and privacy policies. Whilst we vet all third party sites we are not responsible for the privacy practices of these other sites.
All our data shall be processed fairly and lawfully and in line with the Data Protection Act.
To help prevent unauthorised access, maintain data accuracy and ensure the appropriate use of information, we have put in place customary physical, electronic and managerial procedures to assist in safeguarding and securing the information we collect online.
We do not store credit card details nor do we share customer details with any 3rd parties.
We do not sell or share our data with any 3rd parties.
Our Data Protection Policy - May 2018
On 25 May 2018, the General Data Protection regulation (GDPR) comes into force.
This new regulation is one of the biggest shakeup of personal data privacy rules.
Under GDPR, individuals will have more control over their personal information and the level of privacy and security protections will increase.
At Expert Witness we take data protection seriously, and are in compliance with the GDPR and the Data Protection Act 2018. We have never sold our data or will ever share our data with third parties.
Does GDPR affect Expert Witness and your profile?
Yes – all expert witnesses, as an individual or part of an organisation, need to be GDPR compliant. Every expert witness who processes personal data as part of their work will be more accountable to
individuals and to the Information Commissioner. As a member of Expert Witness you are asked to
review your personal data at least one a year.
What does GDPR mean for Expert Witness?
Our data policy is as follows;
As an open access website, directory and telephone service we market your data to solicitors, barristers, courts of law and legal professionals.
Before we publish your data you will be supplied with a proof for approval.
During your membership you can authorise unlimited changes to your data and subsequent proofs will
At any time your data can be removed at your instruction.
In accordance with current legislation and the Data Protection Act, we ensure that all our
employees follow strict rules called ‘data protection principles’.
Our principles are, your information is:
Used fairly and lawfully
Used for limited, specifically stated purposes
Used in a way that is adequate, relevant and not excessive
Accurate (we will send you annual proofs via email or post, you can also request proofs at any time)
Kept for no longer than is absolutely necessary
Handled according to people’s data protection rights
Kept safe and secure (server updates and physical storage)
Not transferred outside the European Economic Area
Never sold onto/or shared with a third party outside the terms and conditions of your membership agreement.
We have an appointed person in our place of work is responsible for making sure we comply with the Data Protection Act.
Relevant people in our place of work have been trained in how to handle personal information.
When collecting personal information, we tell people how we will use it.
We have a process in place so we can respond to requests for the personal information we hold.
We keep records of people's personal information up to date and don't keep it longer than necessary.
We have measures in place to keep the personal data we hold safe and secure.
In the event of a data breach, we will inform our clients of the breach within 48 hours. We never retain records of any payment cards provided by our clients. This is also part of our Disaster Recovery Plan.
Our staff will contact you to ensure that the data we hold is correct, and details regarding your membership We will never contact you concerning third party sales.
Expert Witness utilise ‘Google analytics’ to measure the number of hits and search engines used only, we do not request or store IP addresses. Our bespoke website, records searches of terms searched for and does not record visits from individual persons or companies.
Access to the Server is restricted to 4 members of the senior development team, via SSH - using secure private keys.
There is no FTP enabled on the server.
Firewalls are in place to prevent access to non-authenticated users.
Control Panel Access
Access to the Control Panel is restricted to 4 members of the senior development team, with secure passwords and 2-factor authentication.
Servers are backed up nightly and backups are stored for a maximum of 1 week.