Introduction
We respect our clients' privacy and are dedicated to protecting their personal information. This policy sets out how we aim to do this when you visit our website and informs you of the law that protects you and your rights when it comes to the privacy of your personal data.
Locksley Law Solicitors is a trading name of RH Law Limited SRA No: 659355, herein referred to as "the company".
This policy aims to provide you with details of how the company will collect and process your personal data when you use our website. This includes any of your data you may input through our website when you complete our online forms or sign up for any of our services.
Our website is intended for the use of adults, and therefore we do not knowingly collect any data in relation to children.
This policy aims to complement our other policies and notices, with no intention of overriding them. Therefore, it is key to read this policy along with any other notice that we may provide to you on specific matters where we collect or process your personal data, to ensure you are informed of the reasons why we require your personal data.
Version date: this policy was in effect from 21st October 2025. Any historic versions can be provided upon request.
ICO Registration: ZA567603 - View on ICO register
Data Controller (Organisation): RH Law Limited
Data Controller (Individual): Rozita Hussain
For the purposes of data protection legislation, we are the data controller, and we will process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR).
RH Law Ltd is registered with the Information Commissioner's Office (ICO). Our ICO registration is ZA567603.
Address: 2a Egerton Crescent, Manchester, United Kingdom, M20 4PN
Telephone: 0330 127 1950 (Local Charges may Apply)
Email: contact@locksleylaw.co.uk
If you are dissatisfied at any time, please contact us and we will try our best to resolve your concerns. You also have the right to contact the ICO (UK supervisory authority): ico.org.uk.
It is crucial that personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
We may update this privacy policy at any time. Changes will be posted on this page. Please check back periodically for updates.
If we intend to use previously collected personal data for purposes unrelated to those originally notified, we will provide notice and, where required, seek your consent. If the change relates to your claim (for your benefit), we may process your personal data without your knowledge or consent where permitted by law.
Our activities on external social media platforms are subject to each platform's terms and privacy policies. Use such platforms with caution when supplying personal data.
Our site may use social sharing buttons. Use these at your discretion; platforms may track usage. We cannot be held liable for any damages from visiting shortened URLs.
Our website may include links to third-party websites, applications, and plug-ins. Clicking those links may allow third parties to collect or share data about you. We are not responsible for their privacy policies. Please review their notices when you leave our website.
Personal Data
We may collect and process personal data from:
Credit Check Providers (Soft Search)
Note: Soft searches do not leave a mark on your credit file and can provide your vehicle finance agreements since 2007.
Categories of Personal Data
If you do not provide data required by law or under a contract, we may be unable to perform the contract and may need to cancel a product or service.
We may collect device and IP information for fraud protection, system administration, and aggregate reporting. This statistical data does not identify individuals
If we identify you as a vulnerable customer, we may collect health data (with your consent) to tailor our service. If you are in an IVA, debt management plan, or similar, we may share this with lenders assigned to your case to meet legal/regulatory obligations.
We do not collect other special category data or information about criminal offences/convictions.
We may collect, use, and share aggregated data (e.g., demographics). If combined with personal data so you can be identified, we treat it as personal data.
We may analyse your engagement within our group to improve customer experience.
Direct Communications
Automated Technologies/Interactions
We collect technical data via cookies and similar technologies. See our Cookies Policy.
Third Parties/Public Sources
We may use your personal data for the following purposes:
| Purpose/Activity | Data Types | Lawful Basis |
|---|---|---|
Register you as a new customer | Identity, Contact | Performance of a contract; Consent (where applicable) |
Process and deliver your order; manage payments/fees/charges; recover debts | Identity, Contact, Financial, Transaction, Marketing & Communications | Contract performance; Legitimate interests (debt recovery) |
Manage our relationship (notify changes to terms/privacy) | Identity, Contact | Contract performance; Legal obligation |
Request reviews/surveys; keep records updated; study product/service use | Identity, Contact, Usage | Legitimate interests |
Administer/protect our business and website (troubleshooting, testing, security) | Identity, Contact, Technical | Legitimate interests; Legal obligation |
Use analytics to improve website, services, marketing | Technical, Usage | Legitimate interests |
Suggestions/recommendations about goods/services | Identity, Contact, Technical, Usage, Profile | Legitimate interests |
Contact you following submission of an enquiry | Identity, Contact | Consent |
Learn about mis-selling circumstances; provide claim updates | Identity, Financial, Transaction | Contract performance |
Soft credit search by research firm | — | Consent |
Recommend an appropriate law firm for investigation/representation | Identity, Contact, Transaction | Consent |
Share Special Category Data with relevant parties for vulnerable customers | Identity, Contact, Transaction | Explicit Consent |
Reviews, testimonials, satisfaction surveys | Identity, Transaction | Consent |
Respond to DSARs | Identity, Contact | Legal obligation |
Monitoring & oversight (call recording/quality/compliance) | Identity, Contact, Transaction | Legal obligation |
Internal group administration | Identity, Contact, Technical, Usage | Legitimate interests |
We may identify further avenues to obtain information about you or your claim to maximise success without negatively impacting you.
You agree that your electronic signature may be used on Letters of Authority for your claim/enquiry.
1. You have instructed us to access your credit report on your behalf.
2. You have provided all information required to validate your identity.
3. You will inform us of any issues with using your data across multiple search companies.
We offer clear choices around marketing. We may rely on legitimate interests to recommend products and services, after assessing any impact on you. You can update preferences or opt out at any time (this does not affect service emails).
- Unsubscribe via links in communications, or
- Email contact@locksleylaw.co.uk with your name and contact details.
If you opt in to marketing, we may contact you for up to two years from consent.
A cookie is a small data element websites store in your browser. See our Cookies Policy for details. Refusing cookies may affect site functionality.
We may use your personal data (legitimate interests) to:
Examples of Recipients
| Company Name | Company Details | Processing Activity/Purpose |
|---|---|---|
Information Commissioner's Office | Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF | Regulatory reporting |
DPD Local UK Ltd | CRN: 01421773 — DPD Local UK Ltd, Roebuck Lane, Smethwick, West Midlands, B66 1BY | Secure pickup and delivery |
Oval Mail Group Limited | CRN: 04138203 — 100 Victoria Embankment, London, EC4Y 0HQ | Postal services |
DHL Ltd | CRN: 12712144 — 64 Chelmsford Road, Holland-On-Sea, Clacton-On-Sea, CO15 5DJ | Postal services |
Mini Shred Ltd | CRN: 12106275 — Vantage House, Euxton Lane, Euxton, Chorley, Lancashire, PR7 6TB | Confidential waste disposal |
My Legal Audit Software Ltd | CRN: 13537519 — C/O Ascendis Unit 3, Building 2, The Colony, Altrincham Road, Wilmslow, SK9 4LY | Legal audit services |
Valid8 IP Ltd | CRN: 10568205 — 98 Lancaster Road, Newcastle, ST5 1DS | Credit reporting |
Equifax Ltd | CRN: 02425920 — 1 Angel Court, London, EC2R 7HJ | Credit reporting |
Experian Ltd | CRN: 00653331 — The Sir John Peace Building, Experian Way, NG2 Business Park, Nottingham, NG80 1ZZ | Credit reporting |
TransUnion International UK Ltd | CRN: 04968328 — One Park Lane, Leeds, West Yorkshire, LS3 1EP | Credit reporting |
We may share data with staff, affiliated entities, IT providers, professional advisers, HMRC/regulators, and in business transfers/mergers. We may disclose data to police, regulators, legal advisers, or others where legally required. We do not sell personal data.
We only share data in line with UK data protection laws and require third parties to use it lawfully and for intended purposes.
We do not generally transfer data outside the UK/EEA. If we do, we ensure an appropriate lawful basis (e.g., adequacy, SCCs, binding rules, consent, contract necessity, public interest, legal claims, vital interests, or public registers).
We maintain technical and organisational measures to protect personal data against loss, unauthorised access, or misuse, limiting access to those who need it. All personal data breaches must be reported to our DPO; we will notify affected persons and regulators where required.
We keep personal data only as long as necessary for the purposes collected or as required by law. When no longer needed, we erase or securely dispose of it. For future claims activities, data from DSARs may be retained until no longer required.
We may monitor/record communications (calls, emails) for quality, training, fraud prevention, and compliance. For regulated claims activities, we keep personal data (including online enquiries, calls, emails) for at least 12 months after last contact. CCTV may be used on premises for crime prevention and health & safety.
• Right of Access (DSAR)
• Right to be Informed
• Right to Rectification
• Right to Erasure
• Right to Restrict Processing
• Right to Object (incl. marketing)
• Right to Data Portability
• Right to Withdraw Consent
To exercise these rights, see Key Contact Details.
We operate a "no-spam" policy. We may send service/administrative emails necessary to provide our services (you cannot opt out of these). We take appropriate security measures and restrict access to personal information to those who need it and are bound by confidentiality.
If we are involved in a merger, acquisition, or asset sale, we will provide notice before personal information is transferred and becomes subject to a different privacy policy.
For complaints submitted via our contact page, we will respond and, where necessary, cooperate with relevant authorities to resolve issues.
What You're Entitled To
• Confirmation we are processing your personal data
• A copy of your personal data
• Supplementary information
Requests may be made by a third party on your behalf (e.g., a solicitor) with appropriate authority.
Format & Timing
Electronic requests are provided in a commonly used electronic format unless you request otherwise. We will respond without undue delay and within one month (extensions apply for complex/multiple requests). We may request reasonable ID verification.
Fees
No fee for most requests. A reasonable fee may apply for manifestly unfounded/excessive requests or additional copies.
For questions about this policy or your personal data, contact our Data Protection Officer at contact@locksleylaw.co.uk.
You can also contact the ICO: https://ico.org.uk/global/contact-us
2a Egerton Crescent | Manchester United Kingdom | M20 4PN
Locksley Law Solicitors is a trading name of RH Law Limited - authorised and regulated by the Solicitors Regulation Authority (SRA Number: 659355). Company Number: 11444626. ICO Registration Number: ZA567603. VAT Number: 338 5514 87. A list of Directors is available for inspection at the company's registered offices.
Eligibility depends on your individual circumstances and the terms of your agreement. While commissions are not unlawful per se, unusually high or unexplained commissions may be unfair. Any figures shown are for illustrative purposes only. FCA timelines and scheme rules may change. This page provides general information and does not constitute legal advice.
The Financial Conduct Authority (FCA) has indicated that consumers making a car finance complaint may receive on average £700* in compensation, although actual outcomes vary depending on individual circumstances. You can read more directly on the FCA website here.
Other issues such as balloon payments, affordability concerns or hidden charges are not included in the FCA's redress scheme. In some cases, these types of complaints may not succeed. In very limited situations, other legal routes might be available, but these are uncommon and success is uncertain.
You do not need to use a claims management company or solicitors to pursue a complaint regarding motor finance commission arrangements. Consumers are entitled to submit complaints directly to their lender and, if necessary, to the Financial Ombudsman Service (FOS), free of charge.
The Financial Conduct Authority (FCA) is currently consulting on a potential redress scheme for certain motor finance commission complaints. During this consultation period, lenders have been granted an extension and are not required to issue final responses to eligible complaints until 31 May 2026. This temporary pause does not prevent consumers from submitting complaints during this time.
If you wish to raise a concern about our service or conduct, you can contact the SRA at sra.org.uk.