Class Legal believes in transparency when it comes to the use of customer data, your privacy and protecting your data. We only collect and retain what’s necessary to provide our services and to communicate with our customers. We only use trusted third parties to process the data we have under our control and we endeavour to keep your data safe through the use of secure technology.
We do not share data with third parties other than with the data processors listed below. If we wanted to share data for commercial reasons, we would obtain your consent before doing so.
Class Legal is the data controller for classlegal.com and the other sites managed by Class Legal set out below
Suite 19A Queensway Business Centre
What this policy covers
What information do we collect and why?
If you order / enquire about a Class Legal product or service
If you order something or request a trial from us either via this website, by phone or by post your data will be processed by our third party customer relationship software, currently Salesforce https://www.salesforce.com/gdpr/overview/,
our event management provider, Eventbrite (see their site https://www.eventbrite.co.uk/support/articles/en_GB/Troubleshooting/eventbrite-eu-data-protection?lg=en_GB) if you have booked an event.
our webinar host, GoToWebinar, if you have registered for a webinar
We only collect data that we need to fulfil the order and to manage any ongoing responsibilities.
We process and store this data in order to carry out our contractual requirements to fulfil the order or enquiry and, if the service requires it, to supply you with updates / news of updates.
We may also occasionally contact you, as part of our legitimate interests, with details of closely related products and services that we think you will find useful but you can always ask that we do not send unrelated marketing emails by responding to the instructions on the email or emailing email@example.com at any time. Where we do sent marketing communications, we will match your purchasing data against the new product to indicate relevance but no other automated profiling is carried out, nor do we use third party data in combination with our own.
Your data is processed then stored while there is a continuing contractual relationship. Once that relationship ends, data will be stored for the duration of any relevant legal or contractual obligations.
Any payment details processed online are held by our third party services provider WorldPay using a secure connection. If we take an order by phone any details supplied will be destroyed as soon as the order is processed and the payment approved.
If you sign up to one of our newsletters we only collect your name and email address so we can provide you with the email newsletter and occasional offers based on your consent. You always have the right to unsubscribe, details of how to achieve this are set out in any emails sent.
If you visit one of our websites
We use necessary session cookies to ensure that you can use the ecommerce and other sites functions properly. These are deleted after 30 minutes of inactivity.
If you create an account on one of our websites but do not use it
Where you can create user accounts on a website as a precursor to subscribing, purchasing or to trial a product we will store your details in the relevant database. Each year we review the accounts held and delete any that have been dormant for 12 months prior to the review date.
If you email us
We use TLS to encrypt and protect email traffic in transit. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Email is retained while there is a continuing contractual relationship or once that relationship ends, for the duration of any relevant legal or contractual obligations.
Where possible data is processed and stored within the EU. Where we use third party processors listed below, data may be stored overseas but only in countries with equivalent data protection standards or under the current EU / US privacy shield agreement.
For details of our data processors’ own privacy policies please visit their sites
We use session cookies on our sites to ensure that the site works effectively. We also use Google Analytics https://support.google.com/analytics/answer/6004245?hl=en to monitor anonymous site usage and performance.
Cookies may be supplied through third parties to provide sharing options. See Twitter https://help.twitter.com/en/rules-and-policies/twitter-cookies, Facebook https://www.facebook.com/policies/cookies/ and LinkedIn https://www.linkedin.com/legal/cookie-policy for further details
Videos visible on our website are hosted by Vimeo. Cookies may be used when you visit a page with a hosted video. https://vimeo.com/cookie_policy
How do I change my cookie settings?
Most web browsers allow some control of most cookies through the browser settings.
Find out how to manage cookies on popular browsers:
To find information relating to other browsers, visit the browser developer's website.
To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
You can also check what cookies are being used on any website using the Google Chrome browser by following these instructions. On any page you visit
select the tools menu top right
> select More tools
> select Developer tools
> then in the console displayed select Application
> then open the drop down under Cookies
What rights do you have in respect of your data?
Under the GDPR you can request a copy of the personal data we hold on you and we will supply it free of charge (subject to some exemptions as set out in the GDPR) within 28 days. This is known as a subject access request.
You can also request that we amend any inaccurate data or delete any data we hold (again certain to some exemptions, such as to fulfil legal obligations). We will do this within a month of the request which you make in writing or by phone.
If you think we have mishandled your data in any way that is incompatible with the GDPR, Data Protection Act 2018 or the Privacy & E-commerce Regulations 2003 you can make a complaint to the Information Commissioner’s Office using the form on their site or by calling them.