Teji | Cowie wordmark logo in a transparent format

PRIVACY POLICY

Last updated: 10 October 2025

1. INTRODUCTION

This privacy policy explains how Teji Cowie Ltd (“we,” “us,” or “our”) collects, uses, and protects personal information as the data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting your privacy and handling your personal information in accordance with applicable data protection laws and the professional standards expected by the Solicitors Regulation Authority (SRA).

Contact Details:

  • Firm Name: Teji Cowie Ltd
  • Address: One Lyric Square, London, W6 0NB, United Kingdom
  • Tel: +44 (0)20 7664 4588
  • Email: enquiries@tejicowie.com
  • SRA Number: 8012614
  • Data Protection Officer: Alex Teji

2. INFORMATION WE COLLECT

We collect and process the following types of personal information:

From Website Visitors:

  • Contact information (name, email, phone number, address)
  • Communication preferences
  • Technical information (IP addresses, browser type, pages visited)
  • Cookies and similar tracking technologies

From Clients and Prospective Clients:

  • Identity and contact information
  • Financial information relevant to legal services
  • Legal matter details and documentation
  • Correspondence and communications
  • Payment and billing information
  • Information about employees, clients and other people related to your work

Special Category Data:

Where necessary for legal services, we may process special category personal data including health information, criminal convictions, or other sensitive data with appropriate legal basis and safeguards.

 

3. HOW WE USE YOUR INFORMATION

We process personal data based on six lawful bases, primarily:

Contract Performance:

  • Providing legal services under our retainer agreement
  • Managing client accounts and billing
  • Communicating about your legal matters

Legitimate Interests:

  • Marketing our services to prospective clients
  • Business administration and development
  • Defending legal claims
  • We recommend using contract or legitimate interests as the lawful basis, rather than consent, because someone can withdraw their consent at any time

Legal Obligations:

  • Anti-money laundering checks and reporting
  • Professional indemnity insurance requirements
  • SRA regulatory compliance
  • Court orders and legal proceedings

Consent:

Where specifically obtained for marketing communications or cookies (where required)

4. SHARING YOUR INFORMATION

We must tell you who we are and how we’ll use your information, including if it’s being shared with other organisations. We may share your personal information with:

  • Barristers and expert witnesses engaged on your matters
  • Third-party service providers (IT support, document storage, accounting services)
  • Professional advisers (auditors, insurers, banking partners)
  • Courts and tribunals as required for legal proceedings
  • Regulatory bodies including the SRA when required
  • Law enforcement agencies where legally required
  • Other parties with your consent or as necessary for legal services


We have written contracts with all data processors who handle personal data on our behalf.

5. INTERNATIONAL TRANSFERS

Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions for the destination country
  • Standard Contractual Clauses
  • Other approved transfer mechanisms under UK GDPR

6. DATA RETENTION

We retain personal information for as long as necessary to:

  • Provide legal services and comply with professional obligations
  • Meet legal and regulatory requirements
  • We review whether we could reduce the amount of personal data we hold or how long we store it for

General Retention Periods:

  • Client files: Minimum 7 years from matter completion (longer for certain matter types)
  • Marketing contacts: Until consent is withdrawn or legitimate interest ceases
  • Website analytics: Up to 26 months
  • Financial records: 7 years from transaction date

7. YOUR RIGHTS

Under UK GDPR, you have the right to request access to personal data we hold about you, and we must provide a copy within one month. Your rights include:

  • Access: Request a copy of personal data we hold about you
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion in certain circumstances
  • Restriction: Limit processing in specific situations
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent


We ensure we can respond to individual requests to see, correct or delete their data.

8. DATA SECURITY

We implement appropriate technical and organisational measures to protect personal information against:

  • Unauthorised access or disclosure
  • Accidental loss or destruction
  • Unlawful processing


The ICO reports that the largest source of data breaches within the legal sector are as result of data being sent to an incorrect recipient by email. We have specific procedures to prevent such incidents.

9. DATA BREACHES

If there is a data breach that is likely to harm individuals, we must report it. This is likely to be the case for any incident involving personal information that isn’t already publicly available. We’ll only have 72 hours to report a breach to the ICO.

We will notify affected individuals where required by law and take immediate steps to mitigate any harm.

10. COOKIES AND WEBSITE TRACKING

Our website uses cookies and similar technologies. Please see our Cookie Policy for detailed information about:

  • Types of cookies we use
  • How to manage cookie preferences
  • Third-party cookies and tracking

11. MARKETING COMMUNICATIONS

We may send marketing communications about our legal services where:

  • You have consented to receive them
  • We have a legitimate interest (existing clients/recent enquirers)
  • We upgrade our consent process to ensure individuals genuinely opt in and review existing consents and mailing lists


You can unsubscribe at any time using the link in our communications or by contacting us directly.

12. COMPLAINTS PROCEDURE

Internal Complaints: If you have concerns about how we handle your personal data, please contact:

  • Data Protection Officer/Privacy Lead: Alex Teji
  • Managing Partner: Alex Teji


External Complaints: You can also complain to:

  • Information Commissioner’s Office (ICO): ico.org.uk or 0303 123 1113
  • Legal Ombudsman: legalombudsman.org.uk or 0300 555 0333
  • Solicitors Regulation Authority: sra.org.uk

13. UPDATES TO THIS POLICY

Due to the Data (Use and Access) Act coming into law on 19 June 2025, this guidance is under review and may be subject to change. We will update this privacy policy as needed to reflect changes in law, regulation, or our practices. Please check this page periodically for updates.

14. CONTACT US

For any questions about this privacy policy or how we handle your personal information:

Teji Cowie Ltd Address: One Lyric Square, London, W60NB Email: enquiries@tejicowie.com Phone: +44 (0)20 7664 4588 SRA ID: 8012614

  1. Cookie Policy: Create a separate, detailed cookie policy to complement this privacy policy
  2. Legal Basis Documentation: Maintain records of your legal basis for each type of processing activity