Chat with us, powered by LiveChat
About Us
Join us
Additional services
Call us on

Privacy Policy

Neil Hudgell Limited is a law firm that takes protecting your data and respecting your privacy extremely seriously.

This policy explains our data processing practices on data that you provide us with, or any that we collect.  Please read the following information carefully with regard to how we will treat your personal data.

The Data Controller in this instance and for the purpose of General Data Protection Regulations (GDPR) and the Data Protection Act 2018 (the ACT) IS Neil Hudgell Limited whose head office is located at No 2 @ The Dock, 46 Humber Street, Hull, HU1 1TU.

If you require further information, your enquiry should be directed to the Data Protection Officer, Lauren Dale by writing to the above address or by emailing

Data Protection Act
    Neil Hudgell Limited is regulated by the Solicitors Regulation Authority (SRA) Codes of Conduct 2019 and where we believe there to be a legitimate interest in holding your personal data or where you have consented to receive marketing materials, we may use your information to provide and personalise our service directly to you.
    Where we collect personal data, we store securely in both hard copy and electronic copy. This data may be used to compile reports and statistics that comply with contractual requirements and for general administration purposes (eg correspondence by letter).
    We ensure that the provisions and obligations imposed by the GDPR, the Data Protection Act 2018 and the Data Protection Principles together with any subsequent re-enactment or amendment in storing and processing personal data, are complied with at all times. We may use your information to send you news about our products or services (or, with your consent, those of other legal services providers) which we think may be of interest to you. We may contact you by post, email, telephone or fax for these purposes. We will never pass your personal data to anyone else (outside of the uses detailed below), except for any successors in title to our business and suppliers that process data on our behalf. Please ensure you update whoever is handling your claim, or (if you are not a current client) our marketing team with any changes to your personal contact details. You can do this by emailing
    You have the right to correct any other data that relates to you. You also have the right to request access to your information and request erasure regarding any information we hold. You can do this by writing to Lauren Dale, Neil Hudgell Limited, No 2 @ The Dock, 46 Humber Street, Hull HU1 1TU, or emailing him at
What are your rights?
    You have the following rights, which you can exercise free of charge:
    Access: The right to be provided with a copy of your personal information (the right of access)
    Rectification: The right to require us to correct any mistakes in your personal information
    To be forgotten: The right to require us to delete your personal information—in certain situations. We are not able to delete your information in every circumstance due to our regulatory obligations
    Restriction of processing: The right to require us to restrict processing of your personal information—in certain circumstances, eg if you contest the accuracy of the data
    Data portability: The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
    To object: The right to object:
    * at any time to your personal information being processed for direct marketing (including profiling);
    * in certain other situations to our continued processing of your personal information, eg processing carried out for the purpose of our legitimate interests.
    Not to be subject to automated individual decision making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
    For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation or as enacted in to national law under the Data Protection Act 2018 or subsequent legislation.
    If you would like to exercise any of those rights, please:
    • email, call or write to us OR our Data Protection Officer—see below: ‘How to contact us’; and
    • let us have enough information to identify you [(eg your full name, address and customer or matter reference number;
    • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
    • let us know what right you want to exercise and the information to which your request relates.
How we collect personal data and information
    We may also collect information:
    • correspondence – If you contact us either via email, letter, fax or text we may keep a record of that correspondence. This may also include information submitted for recruitment purposes.
    • telephone calls – If you contact us by telephone, we may keep a record of your number on our own internal systems and on the systems of any external provider engaged by us to assist with tracking the success or otherwise of our marketing campaigns. All calls may be (at our complete discretion) recorded for training and monitoring purposes
    • from publicly accessible sources, e.g. social media, bankruptcy register, Linked In
    • directly from a third party with your consent, when required such as a medical practitioner or without such as an identification verifying platform.
    • from cookies on our website—for more information on our use of cookies, please see our cookie policy
    • web site forms and LiveChat enquiries – information collected on web forms would include information provided by you when you registered to use our services or when requesting more information on the services we provide. This may also include commenting on articles and information on the web site via feedback forms. The type of information collected could include your name, address and contact details, including email address as well as details of your interest in the firm’s services, including (but not limited to) the type of claim you wish to enquire about.
    • via our IT systems, such as door entry systems and reception logs; [automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email and instant messaging systems.
Personal information we store about you
    We may collect and use the following personal information about you including by not limited to:
    • Personal Information about you including your name, address, date of birth and contact details.
    • Details in relating to medical or health issues including medical record history where relevant
    • Information in relation to your financial position including whether you have been declared bankrupt and whether you receive compensation
    • Whether you have any criminal convictions.
    • Information about how you use our website, IT, communication and other systems]
    This personal information is required to provide a service to you. If you do not provide personal information we ask for, it may delay or prevent us from assisting you.
Where do we store your personal data?
    The personal data that is provided to us by you is stored on our dedicated secure servers and with our secure cloud providers; or on the secure servers of those to whom we outsource specific services.
    There may be occasion for such activities as payment transactions or online reviews through Trustpilot for example, when data that we collect may be transferred to a destination outside the European Economic Area (“EEA”). In submitting your personal data for this purpose, you agree to this transfer, storing or processing. We will however take all steps that are reasonably necessary to ensure that your data is stored in accordance with this privacy policy and securely.
    We do have strict procedures and security applications to try to prevent any unauthorised access to you data when stored on our servers. However, information transferred via the internet cannot be guaranteed as secure and information transferred on this basis is at your own risk.
    Information may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above (see above: ‘Who we share your personal information with’).
    Some of these third parties may be based outside the European Economic Area. We will ensure that any recipients provide adequate assurance to ensure compliance with data protection law.
How and why we use your information?
    Under data protection law, we can only use your personal information if we have a proper reason for doing so, eg:
    • to comply with our legal and regulatory obligations;
    • for the performance of our contract with you or to take steps at your request before entering into a contract;
    • for our legitimate interests or those of a third party; or
    • where you have given consent.
    A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
    The below explains what we use (process) your personal information for and our reasons for doing so:
    To provide services to you: For the performance of our contract with you or to take steps at your request before entering into a contract.
    Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies: To comply with our legal and regulatory obligations
    Ensuring business policies are adhered to, eg policies covering security and internet use: For our legitimate interests or those of a third party, ie to make sure we are following our own internal procedures so we can deliver the best service to you
    Operational reasons, such as improving efficiency, training and quality control: For our legitimate interests or those of a third party, ie to be as efficient as we can so we can deliver the best service for you at the best price
    Ensuring the confidentiality of commercially sensitive information: For our legitimate interests or those of a third party, ie to protect trade secrets and other commercially valuable information
    To comply with our legal and regulatory obligations
    Statistical analysis to help us manage our business, eg in relation to [our financial performance, customer base, product range or other efficiency measures]: For our legitimate interests or those of a third party, ie to be as efficient as we can so we can deliver the best service for you at the best price
    Preventing unauthorised access and modifications to systems: For our legitimate interests or those of a third party, ie to prevent and detect criminal activity that could be damaging for us and for you
    To comply with our legal and regulatory obligations
    Updating client records: For the performance of our contract with you or to take steps at your request before entering into a contract
    To comply with our legal and regulatory obligations
    For our legitimate interests or those of a third party, eg making sure that we can keep in touch with our customers about existing orders and new products
    Ensuring safe working practices, staff administration and assessments: To comply with our legal and regulatory obligations
    For our legitimate interests or those of a third party, eg to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you
    External audits and quality checks, eg LEXCEL , ATE Insurance providers or disbursement or other funding providers and the audit of our accounts: For our legitimate interests or a those of a third party, ie to maintain our accreditations so we can demonstrate we operate at the highest standards
    To comply with our legal and regulatory obligations.
Who we share your personal information with
    We may disclose your personal information to third party contacts for the following purposes:
    • third parties we use to help deliver our services to you, eg g. barristers or counsel chambers, medical agencies.
    • other third parties we use to help us run our business, eg PR/marketing agencies or website hosts;
    • our bank.
    We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, eg LEXCEL accreditation, to meet audit requirements from ATE Insurance providers, disbursement or other funding providers and for the audit of our accounts.
    We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
    We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
Links to other websites
    Our website may contain links to other websites which are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.
Will we provide you access to your information?
    The Data Protection Act ensures you the right to have access to information held about you. Any such request should be made to Lauren Dale
How long will we store your data for?
    We will keep your personal information while you have a matter or enquiry with us or we are providing services to you.
    Thereafter, we will keep your personal information for as long as is necessary:
    • to respond to any questions, complaints or claims made by you or on your behalf;
    • to show that we treated you fairly;
    • to keep records required by law.
    When you make an enquiry you will consent to share information with us and advice will be provided. Your personal data and advice given will be held for 7 years.
    When you instruct one of our solicitors you become a client of Neil Hudgell Limited and your data and case file will also be held for 7 years (from the date your file is closed).
    When you contact us in connection with recruitment, a copy of your application or general enquiry (and any attached personal information) will be kept for 6 months from the date of receipt, unless the same results in you being successfully recruited (in which case your details will be retained in accordance with our employee privacy policy).
    When it is no longer necessary to retain your personal information, we will delete or anonymise it.
What will happen if we make changes to our privacy policy?
    We may revise this privacy policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you. Some of the provisions contained in this privacy policy may also be superseded by provisions or notices published elsewhere on our site.
Transferring your personal information out of the UK and EEA
    To deliver services to you, it is sometimes necessary for us to share your personal information outside the UK and/or European Economic Area (EEA), eg:
    • with your and our service providers located outside the UK/EEA;
    • if you are based outside the UK/EEA;
    These transfers are subject to special rules under European and UK data protection law. This means we can only transfer your personal information to a country or international organisation outside the UK/EEA where:
    • the European Commission has issued an ‘adequacy decision’ in relation to that country or international organisation; or
    • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or
    • a specific exception applies under data protection law
    These are explained below.
    European Commission adequacy decision
    The European Commission has the power to determine whether a country or international organisation provides an adequate level of protection for personal information and, if it does, to issue an ‘adequacy decision’. The effect of such a decision is that personal information can flow from the UK/EEA to that country without any further safeguards being necessary.
    It can take several years for the European Commission to issue an adequacy decision and only a small number of countries currently benefit from one.
    We may transfer personal information to countries that have the benefit of a European Commission adequacy decision
    Other countries or international organisations we are likely to transfer personal information to do not have the benefit of an adequacy decision. This does not necessarily mean they provide inadequate protection for personal information, but we must look at alternative grounds for transferring the personal information, such as implementing safeguards or relying on an exception, as explained below.
    Transfers with appropriate safeguards
    We may transfer your data to a third country or international organisation on this ground where we are satisfied the transfer complies with data protection law, appropriate safeguards are in place, and enforceable rights and effective legal remedies are available for data subjects.
    The safeguards will usually include using standard data protection contract clauses approved by the European Commission. In relation to transfers to our overseas offices or other companies within our group, the safeguards may instead include legally binding rules and policies that apply which have been approved by the UK data protection regulator.
    Transfers under an exception
    In the absence of an adequacy decision or appropriate safeguards, we may transfer personal information to a third country or international organisation where an exception applies under relevant data protection law, eg:
    • you have explicitly consented to the proposed transfer after having been informed of the possible risks;
    • the transfer is necessary for the performance of a contract between us or to take pre-contract measures at your request;
    • the transfer is necessary for a contract in your interests, between us and another person; or
    • the transfer is necessary to establish, exercise or defend legal claims
    We may also transfer information for the purpose of our compelling legitimate interests, so long as those interests are not overridden by your interests, rights and freedoms. Specific conditions apply to such transfers and we will provide relevant information if and when we seek to transfer your personal information on this ground.
    Further information
    If you would like further information about data transferred outside the UK or EEA, please contact our Data Protection Officer.
Keeping your personal information secure
    We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We continually test our systems.
    We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Further questions?
    If you have any questions regarding our policies and procedures and how we handle you personal data please forward these or any comments to Lauren Dale, Neil Hudgell Limited, No 2 @ The Dock, 46 Humber Street, Hull. HU1 1TU or email
    The General Data Protection Regulation as enacted nationally in the Data Protection Act 2018 also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at or telephone: 0303 123 1113.

Get in touch

Feel free to give us a call, or begin your claim online

Request a Call Begin your claim

What Our Clients Say

Start your claim