Our Privacy Policy

Gilwater Legal (”we”, “us” or “our”) are committed to protecting and respecting your privacy. This policy outlines how any personal data we collect from you, or that you provide to us, will be processed and used by us whether via our website, email, telephone or in-person. By visiting this website you are accepting and consenting to the practices described in this policy.

This policy is provided in accordance with the UK General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (the Act), the data controller is Gilwater Legal of 26 Hyde Mill Drive, Wollaston, Stourbridge, DY8 4GD. Our nominated representative for the purpose of the Act is Kevin Gilbert, Founder and Principal of Gilwater Legal.

Information we collect 

We may collect and process the following data:

  • Identity data (such as name and title)

  • Contact data (such as email address, telephone number, postal address)

  • Professional or business information

  • Information provided in enquiries or communications, including details relating to potential legal matters

  • Client onboarding and compliance information (where applicable)

  • Technical data, including IP address, browser type, operating system, and website usage data

  • Any other personal data you voluntarily provide to us

Submitting information to us does not create a solicitor-client relationship.

This data may be collected in the following ways:

  • Through our website contact forms

  • Via email or telephone correspondence

  • In meetings or written communications

  • Through client onboarding processes

  • Through cookies or similar technologies, or third-party integrations (where used)

  • When you report a problem with our site

  • When you apply for a job with us

  • When you sign up for our newsletter

How we use your information

We use this information in the following ways:

  • To respond to enquiries and communications

  • To assess whether we can act for you (i.e. conflict checks)

  • To carry out our professional obligations and to provide you with information and services;

  • To provide you with information about other services we offer that are similar to those that you have already enquired about;

  • To provide you with information about services we feel may interest you;

  • To notify you about changes to our service;

  • To ensure that content from our site is presented in the most effective manner

  • Client administration, billing and record keeping

  • To comply with our legal and regulatory obligations

  • To manage and improve our website and services

  • To protect our legal rights and interests


Lawful use of your information

We are bound by the provisions of the Data Protection Act 2018 and GDPR. The information you provide us is confidential and we process personal data on the following lawful bases:

  • Legitimate interests - to respond to enquiries and operate our practice

  • Contractual necessity - where processing is required to provide legal services

  • Legal obligation - to comply with regulatory, professional, or legal requirements

  • Consent - where you have provided consent (for example, for optional cookies or marketing communications)

Where consent is relied upon, it may be withdrawn at any time.

Our work for you may require us to give information to third parties in order to carry out both our obligations towards you, and our own legal obligations in the course of providing you with our professional services.

  • We may release information that we are required to disclose by law or by any professional or regulatory body, or which becomes public knowledge. 

  • We may in certain circumstances be required by law to report to the National Crime Agency (“NCA”) any evidence or suspicion we have of money laundering. In such an event we are prohibited from notifying the client of the fact or content of such a report.

  • In the event that we sell or buy any business or assets, in which case we may disclose personal data we hold to the prospective seller or buyer of such business or assets.

  • If we or substantially all of our assets are acquired by a third party, personal data held by us about our clients will be one of the transferred assets.

We do not sell personal data and do not share personal data for third-party marketing purposes.

We are subject to professional duties of confidentiality. However, information provided prior to formal engagement may not be protected by legal professional privilege. You should avoid submitting confidential or sensitive information unless and until we have confirmed that we are able to act for you.

Where we store your information

All information you provide to us is stored on our secure servers.

Please be mindful that the transmission of information via the internet is not completely secure. We will do our best to protect your personal information, but cannot guarantee the security of information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

We only retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, including:

  • The duration of any client relationship

  • Applicable limitation periods

  • Legal, regulatory or professional obligations

Personal data is securely deleted or anonymised when no longer required.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise this right at any time by contacting us at gilwaterconsultants@gmail.com.

Our site may, from time to time, contain links to other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.

Please check these policies before you submit any personal data to these websites.

Under GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure of your data

  • Restrict processing of your data

  • Object to processing

  • Request data portability

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, please contact us at gilwaterconsultants@gmail.com. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Cookies and Website Analytics

Our website may use cookies and similar technologies to enhance user experience and analyse website usage.

Cookies may include:

  • Strictly necessary cookies

  • Analytical or performance cookies

  • Functionality cookies

Where non-essential cookies are used, we will obtain your consent in accordance with applicable law. 

Changes to This Policy

We may update this policy from time to time. Any changes will be updated on this page.

Contact Us

If you have any questions about this policy or our data practices, please contact gilwaterconsultants@gmail.com or at 26 Hyde Mill Drive, Wollaston, Stourbridge, DY8 4GD.