GDPR Policy

Commitment to Your Privacy

We, Lamonts Law Limited, a law firm regulated by the Law Society of Scotland, are committed to safeguarding and respecting your privacy rights.

For the purpose of the EU General Data Protection Regulation (GDPR) and applicable legislation in force from time to time, the Data Controller (and the Data Lead) for the firm is:

Lamonts Law Limited, Solicitors, Lothian House, 31 South Tay Street, Dundee DD1 1NP
(Tel: 01382 220202; Email:

This policy sets out the basis on which any personal information we obtain from you will be processed and retained by us. Please read the following carefully to understand our practices regarding your personal information and how we will treat it.

Personal Information

What kinds of personal information do we use?
The type and quantity of information we obtain, how we use it and who we share it with, depends on the nature of the legal service we are providing. 

We may obtain, process and retain data about you which includes, but is not strictly limited to, the following:

Sensitive Information
We generally do not ask you to disclose any sensitive personal information (e.g. information related to racial or ethnic origin, political opinions, religion or other beliefs, health or medical condition, criminal background or trade union membership).

In certain circumstances we may require certain sensitive personal information where, for example, your health/medical condition is significant to the legal service being provided (e.g. your capacity in relation to granting a Power of Attorney, executing a Will, Deed or other document), or the information is necessary in order to comply with our obligations in relation to our internal Anti-Money Laundering, Fraud Prevention and Risk Assessment procedures (e.g. your nationality).

How do we obtain your personal information?
Information about you may be obtained from a number of sources, including the following:

Please note we are not responsible for the privacy, information or other practices of any third parties from which information is received and you should review their policies and practices to ensure you are happy with how they treat your data.

How do we use your personal information?
We may use information held about you in a number of ways including:

Disclosure of your personal information

In the course of providing our legal services, we may also require to share your personal information with appropriate third parties such as other service providers. When we share personal information with such third parties we endeavour to ensure that they use your personal information, strictly and confidentially, to the extent necessary for providing services to us (or you, as the case may be) and not for their own purposes unless you have explicitly consented to them doing so (where applicable). These third parties include, but are not strictly limited to, the following:

There may be some instances of use of personal information that may require your specific consent. If this is the case, we will contact you separately to ask for your consent which you are free to withdraw at any time.

Storage & Security

All information we obtain is stored as follows:

Your Rights

You have the right to request access to the personal information we hold about you. Your right of access can be exercised free of charge. You can ask for this data to be provided in hard copy or in a structured, commonly used electronic format, so it can be easily transferred.

You have the right to object to how we use your personal information. If you have previously given us your consent to use your personal information, you can withdraw this consent at any time.

You can ask us to make changes to any inaccurate or incomplete personal information held about you. You can also ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn your consent, or where we have no lawful basis for retaining it.

If you wish to request access, changes or deletion of your personal information, or withdraw your consent, please contact the Data Controller.

We will try to comply with your requests as soon as reasonably practicable and in accordance with our obligations under the applicable data protection laws. However, please note that we may need to retain certain information for record-keeping purposes or where a lawful basis applies.

Data Retention

We will retain your personal information only for the period necessary to fulfil the purposes outlined in this Privacy Policy. We have an internal retention policy, in accordance with the Law Society of Scotland's rules, where there are varying retention periods for different categories of legal services and whether there is a lawful basis for continuing to retain certain data (such as valuable documents like Title Deeds and Wills/Testamentary Writings). After a retention period has elapsed, the data is deleted unless a lawful basis applies.


Our legal services are not aimed specifically at children because in legal work individuals under the age of 16 are generally represented by their parent or guardians. In relation to data protection, a child who has reached the age of 12 in Scotland can generally be deemed competent to provide consent on his or her own behalf and exercise their own data subject rights. If you are a child or the parent or guardian of a child and need further advice or explanation about how we would use a child's personal information, please contact the Data Controller.

Changes to the Privacy Policy

This Privacy Policy was last updated on 25th May 2018 and will be regularly monitored and reviewed at least every 2 years.

Your consent to our collecting, processing and retaining your personal information will remain valid for any future business we carry out on your behalf unless there are any subsequent changes to the GDPR or applicable legislation in force from time to time, or any changes to our other regulatory requirements, at which point we shall require renewal of your express written consent based on the revised Privacy Policy.


Please do not hesitate to contact the Data Controller if you have any questions, comments or concerns about this Privacy Policy.

As stated in the sections above, you have various rights with regard to your personal information including the right to tell us if you:

If you have any questions or complaints about this Privacy Policy, please contact the Data Controller. We will investigate any complaint and notify you of our decision in relation to the complaint, as soon as practicable after it is received.

If we are unable to satisfactorily resolve your concerns about our handling of your personal information, you can contact the Information Commissioner's Office (ICO), either through their website: or through the ICO telephone helpline: 0303 123 1113.