Please note, we have recently updated our Privacy Policy



A handy glossary of terms in relation to Data Protection is set out below;

Data Generally any information held either on our computer systems or in physical format. It also includes information held on email system and held in electronic personal or shared folders.
Personal data

Any one of the below listed types of information from which a living individual can be identified.

Examples of personal data include:

  • names,
  • addresses,
  • email addresses,
  • passport numbers,
  • dates of birth,
  • National Insurance numbers,
  • bank account details,
  • tax identification numbers,
  • reference numbers,
  • photographs of an individual,
  • call recordings,
  • physical descriptions,
  • IP addresses,
  • location information,
  • user IDs,
  • online identifiers,
  • factual information,
  • comments or opinions about an individual or intentions relating to an individual (including remarks made within emails).

Information about a corporate entity or a deceased individual will not, in itself, be personal data, although it could constitute personal data about another identifiable living individual.

Personal data will not just relate to clients and staff, it also relates to other parties involved in a matter.

Special categories of personal data

Special categories of personal data refer to information which requires a further level of protection.

Special categories of personal data include information about an individual’s:

  • Physical or mental health
  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs
  • Trade union membership
  • Sexual life

In addition, special categories of personal data include genetic data (e.g. biological samples) and biometric data (such as data used for facial or fingerprint recognition software).

Personal data relating to criminal convictions and offences

Personal data relating to criminal convictions and offences refers to information pertaining to:

  • the commission or allegation of an offence
  • any proceedings for an offence
Processing This will include everything that the firm does with the personal data including receipt, collection, storing, amending, disclosure and destruction. 
Purpose The purpose for which the processing is carried out is the intended use for the information. 
Data subject The individual to whom information relates. 
Controller The person or organisation that determines the purpose(s) for which and the manner in which the personal data will be processed.
Processor Someone who processes data on behalf of the Controller (excluding employees), for example service providers that work has been outsourced to. 

Additional reading

Additional reading can be found on the Information Commissioners' websites:

U.K. Information Commissioner here.

Isle of Man Information Commissioner here