Privacy Policy

Last updated: 24th October 2023

About Us

Motion Paradox is the trading name of Motion Paradox Consulting Limited (“Motion Paradox”), a limited company registered in England and Wales. The company number of Motion Paradox at Companies House is 10645866. Its registered office address is:

17 Red Lion Square, London, WC1R 4QH, United Kingdom

Motion Paradox not only provides business consulting services, but also unreserved legal activities. It is therefore not regulated by the Solicitors Regulation Authority.

Motion Paradox is committed to looking after all of the personal data you share with us. We respect your privacy and want you to be sure that any personal data we hold is processed lawfully, in a professional way, and is secure.

This privacy policy (the “Policy”) explains how we collect, store, and process your personal data, whether it is provided to us by telephone, via our website, through written correspondence, or where you may otherwise communicate with us in the course of the services we provide.

This Policy applies to data we hold. It applies to clients and other visitors to our website but does not apply to:

  • services we provide as a data processor, which will be governed by a written agreement with the third-party data controller and/or their own privacy policy; or
  • our employees.

We may change this Policy from time to time, so please check back regularly to keep yourself informed of any updates.

References to “we”, “us”, or “our” (and similar terms), unless mentioned otherwise, refer to Motion Paradox.

Information We Collect About You

Personal data means any information about you from which you can be identified. Personal data collected by Motion Paradox will be limited only to what is necessary dependent upon the nature of your relationship with us and may include:

  • identification data (including your name, date of birth, photo ID and video footage);
  • contact details (including postal address, email address, and mobile number);
  • professional information (such as job title, qualifications, previous experience, and National Insurance number/social security number);
  • financial information (including bank account details, signatures, and payment card details);
  • details of visits to our website (including your IP address, login information, and other analytical information). Please refer to our Cookies Policy for more details; and,
  • any other personal data we collect while providing services or in the course of operating our business.

Sometimes we may collect certain “special category data”, which is data relating to race, ethnicity, religious beliefs, trade union membership, previous convictions, and data concerning health (including a disability).

We will collect personal data about you by various means, including:

  • in person when meeting with you;
  • by correspondence (including by post, text, email, or otherwise);
  • by telephone, including mobile phone calls;
  • from CCTV footage collected by us and/or our landlords;
  • networking events (e.g. law fairs, conferences, and talks);
  • publicly accessible sources such as from government agencies; and,
  • from third parties. Third parties may include your insurer, your bank or other financial institution, other professionals we may engage on your behalf, your employer, professional body, or pension administrator.

If you provide us with information about another person, for example a member of your family or details of an employee, you must ensure that:

  • you have the authority to give us that information; and,
  • all personal data disclosed is complete, accurate and up to date.

If you are a business, you must ensure that the disclosure is made in accordance with all applicable data protection and privacy law.

How We Will Use Your Information

In general we use your personal data for the following:

  • to administer our relationship with you (and/or your business);
  • for business management purposes;
  • to provide business and legal services and respond to enquiries;
  • to carry out any necessary conflict checks, anti-money laundering and identity checks, and to fulfil our professional obligations;
  • to seek advice from third parties in connection with your matter, including specialist lawyers or other business/professional advisors;
  • to facilitate marketing and business development (including legal and business updates, publications, and details of events);
  • staff administration (including recruitment);
  • to provide telephone support (including recording conversations for monitoring/quality purposes);
  • to allow the billing of services provided and to obtain payment;
  • to process and respond to any complaints;
  • to comply with any other legal, professional, or regulatory obligations imposed on us; and,
  • to audit the use of our websites.

We do not use your personal data for automated decision making.

Legal Grounds for Processing Your Information

We rely on the following legal reasons for processing your personal data:

Legal Obligations
We will process your personal data when it is necessary to comply with a legal or regulatory obligation (e.g. identity checks, external auditing, and statutory returns).

Contractual Necessity
We will process your personal data when it is necessary to perform a contract you have entered into, or in order to take steps at your request prior to entry into a contract. The legal basis for collecting information includes fulfilling contracts between us and those for whom we provide services. We also rely on the consent of our clients and others to use our services.

Legitimate Interests
We will process your personal data when we, or a third party, have a legitimate interest in processing it (e.g., responding to complaints, ensuring our policies are adhered to, or improving our business by monitoring and recording information relating to our services). We only process for this reason if the legitimate interest is not overridden by your own interests or fundamental rights or freedoms.

We will only use your personal data for the purpose, or purposes, for which we have obtained it. If we reasonably consider that we need to use it for another reason we will only do so if that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will inform you and explain the legal basis which allows us to do so.

We may process your personal data without your knowledge or consent where this is required by law.

Please contact us if you would like further information on the lawful basis for any specific data processing activity.

Sharing Your Information

We will share your personal data when:

  • you specifically request it, or it is necessary for us to provide our services and fulfil our contractual obligations to you and/or our clients;
  • we are under a legal or regulatory duty to disclose your information (e.g. money laundering and fraud prevention);
  • as a result of any changes in business ownership or organisation; or,
  • in the course of providing you our services where we believe it is in your best interests to use the products or services of a third party (e.g. a specialist lawyer or other business adviser).

With whom exactly we share your data will depend on the nature of the service we are providing but may include:

  • our HR, IT, facilities, printing, and accounting service providers;
  • our bank (Motion Paradox’s bank is C. Hoare and Co.);
  • our insurers or their agents or representatives (both yours and ours);
  • law enforcement agencies;
  • public bodies;
  • other professional advisors or third parties who we may instruct in the course of providing our business and legal services to you; and
  • any other third party with whom you may ask us to share your data.

International Transfers

Motion Paradox will store all your personal data on servers within the United Kingdom. Employees based in the USA will have access to your information but when accessing your data they will do so in accordance with our policies and procedures.

Under the GDPR, we are considered a processor or co-processor of the information of EEA and UK residents and provide processing of data at the request of our clients, who may be controllers or processors of such data. By providing information to us for the purpose of obtaining information about us and our services, clients consent to the processing of such data in the United States as well as the United Kingdom.

The transfer of information to the United States is necessary for the performance of a contract between clients and us. Please note that the United States does not have federal data protection laws equivalent to those in the EEA, United Kingdom, and other jurisdictions.

Rights of EEA and United Kingdom Residents

This section of the Privacy Policy is applicable to residents of the European Economic Area (“EEA”) and the United Kingdom. The EEA consists of the member states of the European Union, i.e., Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the United Kingdom, and Iceland, Liechtenstein, and Norway. Residents of Switzerland are referred to within this policy as “EEA Residents.”

From 25th May 2018, all processing of information of EEA and United Kingdom residents is performed in accordance with the General Data Protection Regulation (2016/679) of the European Parliament (“GDPR”).

Although we are based in the United Kingdom, and operate also in the United States, we may obtain the information of EEA Residents.

Under the GDPR EEA and UK residents may have the right to:

  • obtain confirmation that we hold information about them;
  • receive copies of the information we maintain about them;
  • request access to and receive information about the information we maintain about them;
  • update and correct inaccuracies in the information we hold about them;
  • object to the continued processing of information about them; and
  • have the information we hold about them blocked, anonymized, or deleted, as appropriate.

You have the right to obtain confirmation from us as to whether we are processing your personal data and, if we are, to request a copy of the personal data we hold about you. This is known as a ‘data subject request’. You also have the right to ask that we update any information we hold about you that may be incorrect. It is important that the information we hold about you is accurate and up to date. If any of your information changes, please let us know.

In certain circumstances you have the right to request that we restrict the way in which we process your data, or that we erase all information that we hold about you.

You have the right to object to certain types of processing.

The right to access information may be limited in some circumstances by local law and by our ethical and legal obligations. We are also limited by the terms of our agreements with our clients in responding to such requests and may refer any requests received from EEA and/or UK residents to our clients.

We will try our best to comply with any request to restrict, object, or erase your personal data, however processing of some data may still be required for legitimate business purposes or to comply with legal obligations. Please also note that if you want us to restrict or stop processing your data this may prevent us from ever acting for you.

You have the right to request that we send a copy of your personal data, that you have provided to us, to another organisation for your own purposes (e.g., if you wish to change service provider). This data must be provided in a structured and usable format. This right only applies to personal data processed by way of consent or in pursuit of a contract we have with you. If you wish us to transfer your personal data, please let us know.

You will not have to pay a fee to access your personal data or to exercise any of your other rights. However we may charge a reasonable fee should your request be clearly unfounded, repetitive, or excessive. To prevent unauthorised access to information we may ask for proof of identity.

When we receive a request we will confirm receipt of the request within 10 business days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.

If you wish to contact us in relation to any of your rights stated within this Policy please contact us at:

info@motionparadox.com

We may ask individuals making any request under this section, or under the California Privacy Rights Section below, to provide additional information for identity verification purposes.

California Privacy Rights

The following section pertains to the rights of individuals or households in California (California Consumers).

Civil Code Section 1798.83

Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California Consumer, a business may be required to provide detailed information regarding how that business has shared the California Consumer’s information with third parties for direct marking purposes. However we reserve the right to state that this section does not apply to businesses like ours that do not disclose information to third parties for direct marketing purposes without prior approval and/or give customers a free mechanism to opt out of having their information disclosed to third parties for their direct marketing purposes. Moreover, we reserve our right to put forward other reasons why this section does not apply to Motion Paradox.

Rights under the CCPA

As of January 1, 2020, the CCPA (California Civil Code Section 1798.100 et seq.) provides California Consumers with additional rights regarding information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of information are generally described above but differ for individual consumers depending on the services used by such consumers. Under the CCPA, qualifying California Consumers may have the following rights:

Right to Know and Right to Delete

A California Consumer has the right to request that we disclose what information we collect, use, disclose, and sell. A California Consumer also has the right to submit requests to delete information.

When we receive a request to know or delete from a California Consumer, we will confirm receipt of the request within 10 business days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.

Our obligation to delete Personal Information is not required when the information is necessary, among other things:

  • to provide services to our clients;
  • to detect and resolve issues related to security or functionality;
  • to comply with legal obligations, including our responsibilities under ethical and other rules, obligations, and privileges relating to the legal profession;
  • to exercise free speech or to ensure another’s exercise of free speech; or
  • for internal purposes that a consumer may expect.

Right for Disclosure of Information

A California Consumer may also submit requests that we disclose specific types or categories of information that we collect.

Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable, and unreasonable risk to the security of that information, or the security of our systems or networks. We will not disclose California Consumers’ social security numbers, driver’s license numbers, or other government issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers. Our obligations to disclose information are subject to legal and ethical restrictions placed on us, including our duty to protect client information from disclosure or restrictions placed by legal or court authority.

We also reserve the right to assert that attorney-client privilege applies.

In the event we receive requests from a California Consumer who has a relationship with a client (for example, from an employee or customer of a client), we will inform that client.

Submitting Requests

If you are a California Consumer and would like to make any requests under the CCPA, please contact us at:

info@motionparadox.com

Verifying Requests

If we receive any request we will use a two-step process for requests where the California Consumer must first, clearly submit the request and then second, separately confirm the request.

In submitting a request, a California Consumer must provide sufficient information to identify the consumer, such as name, email address, home or work address, or other such information that is on record with us so that we can match such information to the information that we maintain. Do not provide social security numbers, driver’s license numbers, account numbers, credit or debit card numbers, medical information, or health information with requests. If requests are unclear we will provide the California Consumer with specific directions on how to submit the request and/or remedy any deficiencies. If we cannot verify the identity of the requestor, we may deny the request.

California Do Not Track Disclosures

Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers’ DNT signals.

Storage and Retention of Your Personal Data

For how long we retain your personal data will vary from matter to matter but will be determined in accordance using the following criteria:

  • the length of time necessary to complete any contract we have with you;
  • any time limits for establishing or defending legal claims or responding to complaints;
  • any period necessary to comply with our business and legal obligations; and
  • any periods for retention that is recommended by industry regulators or professional bodies.

Due to the nature of the work we do, clients usually expect us to maintain a copy of their file for archiving purposes beyond the end of any applicable limitation period. Unless contrary to a legal or contractual requirement, we typically retain personal data for 15 years.

Please contact us if you would like further information on the retention period for your personal data.

Your Concerns

If you wish to raise a concern about how we have handled your personal data please contact us at:

info@motionparadox.com

You have the right to raise a concern at any time to the Information Commissioner’s Office who is the United Kingdom supervisory authority for data protection issues. For more information on submitting a concern, or the data protection regime in general, please visit their website.