Legal Compliance

Privacy Policy & GDPR

How we collect, use, and protect your personal data — in full compliance with UK GDPR and our professional regulatory obligations.

1. Overview

Bennington Legal LLP ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our legal services. We are registered with the Information Commissioner's Office (ICO).

2. Data Controller

Bennington Legal LLP is the data controller for personal data processed in connection with our services. Our registered address is 15 Charlotte Square, Edinburgh, EH2 4DR. You can contact our Data Protection Officer at dpo@benningtonlegal.co.uk.

3. UK GDPR & Legal Basis

We process personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our legal bases include: (a) contract performance; (b) legitimate interests; (c) legal obligation; and (d) consent for marketing communications. You may withdraw consent at any time.

4. Data We Collect

We collect identification data, contact information, financial data where necessary, and correspondence provided to us. We may also collect special category data in estate planning or employment matters with your explicit consent.

5. How We Use Your Data

Your personal data is used to provide legal advice; communicate about your matter; comply with anti-money laundering requirements; manage our client relationship; and improve our services. We do not sell or rent your personal data to third parties.

6. Sharing with Third Parties

We may share your data with courts and regulatory bodies where required; counsel and expert witnesses engaged in your matter; our professional indemnity insurers; IT and cloud service providers under appropriate contracts; and law enforcement where legally required.

7. Data Retention

We retain client files for a minimum of six years following conclusion of a matter, in accordance with our professional obligations and the Limitation (Scotland) Act 1973. Files relating to wills and trusts are retained indefinitely.

8. Your Rights

Under UK GDPR you have the right to: access your data; rectify inaccurate data; request erasure; restrict processing; data portability; and object to processing. Contact us at 15 Charlotte Square, Edinburgh or dpo@benningtonlegal.co.uk. We will respond within 30 days.

9. Cookies

Our website uses essential cookies for basic functionality and analytics cookies (Google Analytics) with your consent. You can manage cookie preferences via the banner on your first visit or through your browser settings.

10. Security

We implement appropriate technical and organisational measures including encryption in transit (TLS), access controls, and regular security reviews. In the event of a breach affecting your rights, we will notify you and the ICO as required by law.

11. Regulatory Information

Bennington Legal LLP is authorised and regulated by the Law Society of Scotland. We maintain professional indemnity insurance meeting the minimum requirements of the Law Society of Scotland.

12. Complaints

If you are unhappy with how we have handled your personal data, you may lodge a complaint with the Information Commissioner's Office at ico.org.uk. We would appreciate the chance to address concerns first — contact dpo@benningtonlegal.co.uk.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The most recent version will always be published here. This policy was last updated on 1 April 2026.

Bennington Legal LLP. Regulated by the Law Society of Scotland. Registered with the ICO.

Last updated: 1 April 2026.

Ready to speak with our team?

No-obligation consultations available Monday – Friday, 9am – 5:30pm.

Request a Consultation