Fuelling success with legal knowledge.

24 Upper Brook Street London W1K 7QB +44 (0) 333 444 5544 info@maybrooklaw.com LinkedIn Instagram Twitter
+44 (0) 333 444 5544 info@maybrooklaw.com 24 Upper Brook Street London W1K 7QB
Back to top

Privacy Policy

  /  Privacy Policy

MAYBROOK LAW LIMITED

PRIVACY POLICY

1 SEPTEMBER 2025

Maybrook Law Limited (“we/us/our”) are committed to protecting and respecting your privacy and your personal data.

 

ABOUT THIS POLICY

This privacy policy explains how we handle your personal data (as defined below) and your rights in relation to your personal data. This policy applies to your use of our site http://www.maybrooklaw.com (the “Site”) and any services offered through or associated with the Site (the “Services”). By using our Site or Services, you agree to the terms of this policy, as amended from time to time.

 

ABOUT US

The Site is owned and operated by Maybrook Law Limited, a limited company registered in England under number 14109561 (“Maybrook Law”). Our registered address is: 24 Upper Brook Street, London, England, W1K 7QB. In this policy, “we,” “us” or “our” refers to Maybrook Law Limited. 

When we process personal data, we are responsible as a “controller” of that personal data for the purposes of the General Data Protection Regulation and the Data Protection Act 2018 (the “data protection laws”).  We are authorised and regulated in England and Wales by the Solicitors Regulation Authority.

 

THIRD-PARTY LINKS

Our Site may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data personal data. We do not control these third parties and are not responsible for their privacy practices. When you leave our Site, you will be subject to the third-party’s privacy policy. We encourage you to read the relevant privacy policy before providing any personal data on a third-party website.

 

WHAT IS “PERSONAL DATA”?

Personal data” refers to any information that identifies an individual person, excluding data about a company or anonymous data (for example, data where the personal identity has been removed).

 

HOW WE COLLECT DATA RECIEVED FROM YOU

Most of the data we collect is collected directly from you. When visiting our Site or communicating with us in-person, by phone, text, email, or other means, you provide your personal data to us. This includes data collected when you fill out forms on our Site (i.e., contact forms and signing up for the newsletter), requesting or using our legal services, your provision of services to us, providing feedback, or applying to work with Maybrook Law.

It is important that the personal data we hold about you is accurate and current. Please notify us if your personal data changes during your relationship with us. We may also collect, use, and share aggregated data such as statistical or demographic data. While aggregated data is sometimes derived from your personal data, it is not considered personal data since it does not directly or indirectly reveal your identity.

 

DATA FROM THIRD PARTIES

We may also receive information from third parties, including our website host, analytics providers, marketing automation providers, reviews providers, e-signature providers, payment service providers, cloud service providers, practice management software, publicly available sources (such as Companies House and social media platforms we engage with) and other third parties we use to help us deliver our Site and Services.

Maybrook Law also employs third party suppliers to provide services related to our “know your customer” (KYC) obligations, including utilising the services of a credit reference agency, TransUnion. You can find a link to TransUnion’s Privacy Policy here.

We may also receive your personal data from those who have referred you to us, including our partners and current or past clients.

For more information on how these third parties handle your personal data, please refer to the individual parties’ privacy policies.

 

DATA AUTOMATICALLY COLLECTED

When you visit our Site, we automatically collect technical data about your equipment, browsing actions and patterns (as detailed below). We use cookies and similar technologies on our website to collect data. This Privacy Policy should be read alongside our Cookies Policy (www.maybrooklaw.com/cookies-policy).

 

DATA COLLECTED ABOUT YOU

The personal data we collect about you may include:

  • Identity data, including first name and surname, date of birth;
  • Contact information, including email address and phone number;
  • Identity verification,, including personal photo identification, personal identification numbers, date of birth, mailing address and proof thereof;
  • Financial data, including billing information, bank account or payment card details and billing address;
  • Transaction data, includes purchase history and  information about past services you have engaged us for;
  • Business information, including company name and job title;
  • CV information, including education information, past employment information, and professional memberships and qualifications;
  • Technical information, including your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operation system and platform, and information about other devices you use to access our Site;
  • Usage data, including information about how you use our Site and Services; and
  • Marketing preferences, including your preferences in receiving newsletters from us and any additional communication preferences.

Where we need to collect personal data by law, or under the terms of a contract with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel the services you have with us but we will notify you if this is the case at the time.

We do not collect any special categories of personal data (which includes race or ethnicity, religious or philosophical beliefs, sexual preferences, political opinions, trade union membership, information about your health, and genetic and biometric data).

We also do not collect any information about criminal convictions and offences unless you supply this to us voluntarily and consent to our using it, for instance, as part of any application you make to work with us or if the information is relevant to the legal services we are providing to you.

We do not use automated profiling or automated decision-making in a way that affects you legally or otherwise significantly affects you.

 

THE USE OF YOUR DATA

Under data protection laws, we can only use your personal data if we have a legitimate reason for doing so, including compliance with legal and regulatory obligations, fulfilling our contractual obligations to you (or taking any requested actions from you before entering into a contract) with given consent, or for our (and third party’s) legitimate interest. A “legitimate interest” is when we have a business or commercial reason to use your information, which is a proper reason for using your personal data so long as our legitimate interest is not overridden by your own rights and interests. This section explains what we use your personal data for and our reasons for doing so.

 

PROVIDING OUR SITE TO YOU

We use your personal data for Site administration, to ensure the effective presentation of content on the Site for you and your device(s), as part of our efforts to keep the Site safe and secure, and to allow you to submit contact information through our Site (when chosen). We use your personal data this way for our legitimate interests in maintaining our Site and keeping it updated, obtaining information about prospective clients and candidates, maintaining network security, and preventing fraud.

 

PROVIDING SERVICES TO YOU

We use your personal data for internal operations, to register you as a new client and to administer and manage our relationship with clients, respond to communications from you and provide you with any requested information, manage payments, fees, and charges, keep our records updated, notify you about Service changes, and conduct other obligations arising from any contracts between you and us. We use your personal data this way to fulfil contractual obligations to you (or take steps at your request before establishing a contract), as well as for our legitimate interests in providing Services to you, managing our relationship with you, processing and receiving payments and maintaining accurate records.

 

IMPROVING OUR SITE AND SERVICES

We use your personal data to make our Site and Services effective and efficient, such as troubleshooting, data analysis, testing, research, and statistical and survey purposes. We use your personal data this way for our legitimate interests in improving our Site and Services to manage and expand our organisation.

 

IMPROVING OUR MARKETING

We use your personal data to measure and understand the effectiveness of our marketing strategies deliver relevant marketing to you and make provide appropriate suggestions and recommendations to you. We use your personal data this way for our legitimate interests in promoting our business and Services, running, and expanding our firm, and developing and improving our marketing strategy.

 

MANAGING YOUR APPLICATION TO WORK FOR US

If you enquire about a job with us or apply to work with us, we use the personal data you provide to process and evaluate your candidacy. We use your personal data this way for our legitimate interests in recruiting and hiring job candidates and in running and expanding our firm.

 

LEGAL OBLIGATION COMPLIANCE

We also use your personal data to comply with legal and regulatory obligations including, mandatory identity verification, reporting and record retention, ensuring the confidentiality of privileged and commercially sensitive information, and responding to any requests from regulatory or legal authorities. We use your personal data this way to comply with legal and regulatory obligations.

 

MARKETING AND PROMOTIONAL COMMUNICATIONS

We will only send you communications about Services you have engaged us for or that we think might be of value to you, including promotions or new Services. Please note, we have a legitimate interest to process your personal data for promotional purposes, which means in most cases we do not need your explicit consent to send you these types of communications. However, we will not subscribe you to an automated mailing list without your explicit consent. You can ask us to stop sending you marketing messages at any time by the following the opt-out links contained in those messages or by contacting us directly.

 

SHARING YOUR DATA

We routinely share personal data with third parties we use to help manage our business and deliver our Services, including marketing automation providers, e-signature providers, payment service providers, cloud service providers, practice management software, customer relationship management (CRM) system, document automation providers and other third parties we use to help us deliver our Services. We only allow these service providers to handle your personal data if we are satisfied that they act appropriately to protect your personal data. A list of third-party providers with whom we share your data is available upon request.

We also share personal data with third parties as required to carry out any Services you have engaged us for, including consultant lawyers, government and regulatory authorities and parties involved in your transaction.

We work with partners who offer complementary services to ours, including tax and accounting services, insurance providers, fundraising and grant consultants, board advisors and non-executive directors, virtual office spaces and legal service providers in other jurisdictions. We may share your personal data with partners if you have expressed interest in services they offer, but only with your explicit consent.

We also share personal data with companies that are members of our group, which means our subsidiaries, our holding company, and its subsidiaries (as defined in the UK Companies Act 2006).

On occasions, we may disclose and exchange information to law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, enforce any of our rights or protect ourselves and others. We will use our best efforts to notify you in advance, unless we are legally restricted from doing so. 

We may also need to share some personal data with other parties, such as potential buyers of some, or all, of our business or during a restructuring. The recipient will only be permitted to use the data for the purposes we originally collected it for, and they will be bound by confidentiality obligations.

We may use social media sites such as LinkedIn and Instagram and we direct you to each sites’ individual privacy policies to understand how they may handle your personal data. 

 

KEEPING YOUR DATA

We typically only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for (including for the purposes of satisfying any legal, regulatory, tax, accounting, payment or reporting requirements, or to provide any Services you have engaged us for). We may retain your personal data for a longer period in the event of a complaint, or if we reasonably believe there is a prospect of a dispute in respect to our relationship with you.

Please note that different retention periods apply for different forms of personal data. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. 

For details of our retention periods for the types of personal data we hold about you, please contact us.

 

SECURING YOUR DATA

We have appropriate security measures to prevent personal data from being accidentally lost, used, or accessed unlawfully. We limit access to your personal data to those who have a genuine business requirement to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures established to handle any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where required.

Unfortunately, sending personal data via the internet is not completely secure. Although we work hard to protect your personal data, we cannot guarantee the security of data sent to our Site. As such, you send personal data to us at your own risk.

 

STORING YOUR DATA

To deliver our Services to you, it is sometimes necessary for us to share your personal information throughout the world. This may include transferring data outside of the European Economic Area (“EEA”), such as with our offices outside of the EEA, with service providers located outside the EEA or if you are based outside the EEA. These countries may have different data protection regimes and in some cases which are not deemed to provide an adequate level of protection for personal data. These transfers are subject to special rules under data protection laws.

Although non-EEA countries may not have the same data protection laws as the EEA, we will ensure any such transfers comply with data protection laws and that all personal data will be secure. This includes ensuring at least one of the following safeguards applies:

  • The transfer is made to a country or to a third party that has been deemed to provide an adequate level of protection for personal data by the European Commission. For transfers to the US, this means that the recipient is part of the EU-US Privacy Shield.
  • The transfer is pursuant to contractual clauses that give your personal data the same protection it has under data protection laws.
  • We have your consent to the transfer data to non-EEA countries.

If you would like more information about what happens to your personal data when it is transferred outside the EEA, please contact us at dpo@maybrooklaw.com.

 

YOUR RIGHTS

Under certain data protection laws you have the right to:

  • be informed of what personal data we hold, our processing purposes and request certain information, known as a subject access request;
  • require us to correct any mistakes in your personal data;
  • require us to delete your personal data in certain circumstances;
  • require us to restrict processing of your personal data in certain circumstances;
  • the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and/or transmit that data to a third party, in certain circumstances;
  • the right to object to your personal data being processed for direct marketing (including profiling) and, in certain circumstances, the right to object to our continued processing of your personal data;
  • the right not to be subject to a decision that has legal effects on you or significantly affects you based solely on automated processing (including profiling);
  • the right to complain to a supervisory authority if you think any of your rights have been infringed by us. In the UK, this is the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns before you make a complaint, so please contact us using the contact details below if you have a complaint.

If you would like to exercise any of these rights, please contact us at dpo@maybrooklaw.com

 

COOKIES

Defined as small files of letters and numbers placed on your device when your browser requests access to our Site, cookies distinguish you from other users of the Site. Cookies are used to tailor your experience to your preferences, and to help us improve the Site.

 

COOKIES WE USE

STRICTLY NECESSARY COOKIES

These cookies are required to save your session and to carry out other activities that are strictly necessary for the operation of the Site. They include, by way of general example, cookies that enable you to log into secure areas of the Site, use a shopping cart, or make use of e-billing services. These cookies are session cookies, which means they are temporary and will usually expire when you close your browser.

 

ANALYTICAL/PERFORMANCE COOKIES

These cookies allow us to recognise and count the number of visitors to our Site and to see how visitors interact with the Site. These cookies help us improve the way the Site works by, for example, ensuring that users easily find what they are looking for. The vendor we use for this category of cookies is Google Analytics, read more.

 

FUNCTIONALITY COOKIES

These cookies are used to recognise you when you return to the Site. They enable us to personalise our content for you, greet you by name and remember your preferences.

 

TARGETING COOKIES

These cookies record your visit to the Site, the pages you visit, and the links you follow. We use this information to make the Site and marketing delivered to you more relevant to your interests. We also share this information with third parties for the same purpose.

 

SOCIAL MEDIA COOKIES

These cookies work together with social media plug-ins. For example, when we embed photos, video and other content from social media websites, the embedded pages contain cookies from these websites. Similarly, if you choose to share our content on social media, a cookie may be set by the service you have chosen to share content through.

 

THIRD PARTY COOKIES

Please note that some of the above cookies are placed by third parties and that the Site does not block third party cookies. All third-party cookie suppliers are responsible for their cookies.

 

CONSENTING TO COOKIES

You will be shown a pop-up message requesting your consent to any non-essential cookies before any are placed on your device. Note that when you give your consent, a unique token is generated to show that you have consented, and you may not receive the pop-up message again when you return to our Site.

 

DISABLING COOKIES

By default, most internet browsers accept cookies, but you can choose to enable or disable some or all cookies via the settings on your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third-party cookies. For further details, please consult the help menu in your internet browser.

Some of the cookies we use are essential for the Site to operate. If you use your browser settings to block essential cookies, you may not be able to access all or parts of our Site.

You have the right to opt out of social media cookies and third-party cookies. To enforce this right, please contact us.

By using our website without disabling cookies you are consenting to our use of cookies as described above.

 

CHANGING THE POLICY

We may update this policy from time to time to account for changes to our services or privacy practices, or changes to the data protection laws. Any changes we may make to this policy will be posted on this page. The changes become effective when we publish the update and generally do not provide notice of changes (although we will notify you of any changes that materially affect you). Please check back frequently for updates and changes.

 

CONTACT US

Questions, comments, and requests regarding this policy are welcomed. You can contact us by post at our registered address (above) or by email at: dpo@maybrooklaw.com.

Contact Us

24 Upper Brook Street London W1K 7QB +44 (0) 333 444 5544 info@maybrooklaw.com

Copyright © 2026 Maybrook Law Limited

Authorised and regulated by the Solicitors Regulation Authority (www.sra.org.uk) | SRA number: 8000993 | Copyright © 2026 Maybrook Law Limited  | Company Number 14109561 | Registered Office Address: 24 Upper Brook Street, London, England, W1K 7QB | A list of the company’s directors is available for inspection at the registered office address. | We collect, report and publish data on the diversity of our workforce. Please contact us at admin@maybrooklaw.com if you would like to receive a copy of our latest report.