Individual members of 7BR recognise that, from time to time, they may be a joint data controller within the meaning of Art. 26 of the General Data Protection Regulation (“GDPR”) when accepting instructions from solicitors (who are also data controllers).
Joint controllers are required to come to a transparent arrangement which determines each of their responsibilities for complying with the GDPR. Such an arrangement must in particular:
- Cover responsibilities for assisting data subjects to exercise their rights under the GDPR.
- Outline the joint controllers’ respective duties to provide information in the form of Privacy Policies under Arts. 13 and 14 of the GDPR.
In the absence of an alternative arrangement to the contrary, the following principles represent the way in which 7BR barristers will—whenever they are joint controllers under the GDPR—fulfil their responsibilities under Art. 26 of the GDPR, alongside instructing solicitors.
- Chambers as a whole and individual 7BR barristers have taken into account the nature of the processing normally undertaken by them and have implemented appropriate technical and organisational measures to comply with their obligations under the GDPR. They are in particular ready to assist instructing solicitors, insofar as this is possible, to respond to requests for exercising data subject’s rights laid down in the GDPR.
- Instructing solicitors will also take into account the nature of the processing normally undertaken and implement appropriate technical and organisational measures to comply with their obligations under the GDPR. They will, in particular assist Chambers and 7BR barristers, insofar as this is possible, to respond to requests for exercising data subject’s rights laid down in the GDPR.
- Where personal data has not been obtained from the relevant data subject it is the instructing solicitor’s responsibility to ensure that the relevant information, as required by Art. 14 of the GDPR, is provided to the data subject.
All barristers and 7BR itself are registered with the Information Commissioners Office.
Anyone who has any questions about the arrangements outlined above should not hesitate to get in touch with Chambers’ Data Protection Officer (Harry Charlton) by email.