When we say 'Brodies', 'we' or 'us' in this notice, it means Brodies LLP, which is the 'controller' of your personal information.

We collect, use and store different types of personal information about you, which we have grouped together as follows:

Types of personal information Description
Publicly Available Data Details about you that are publicly available, such as on Companies House or elsewhere on the internet
Marketing Data Details about your preferences in receiving marketing communications from us and our third parties
Consents Data Any permissions, consents or preferences that you give us
Usage Data Information about how you use our website, products and services

How we use your information


Our website www.brodies.com uses cookies. For more information on our cookies use, please read our cookies statement.


The table below outlines how we use your personal information and our reasons. Where these reasons include legitimate interests, we explain what these legitimate interests are.

What we use your information for Our reasons Our legitimate interests
  • To provide you with information you may ask for
  • Legitimate interests
  • To fulfil enquires you might make of us
  • To allow you to register for updates or for notifications of posts on our website
  • Consent
  • To provide you with information that you may request from us
  • To allow you to register for events that we may be hosting
  • Consent
  • To hold events, such as seminars or corporate hospitality to promote our business and its services
  • To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Legitimate interests
  • To provide efficient client care and services
  • To ensure that our technology operates efficiently and without error
  • To assess which of our services may be of interest to you and to tell you about them
  • To develop new products and services and improve existing ones
  • To manage our relationship with you which will include notifying you about changes to our privacy notice and our website terms and conditions
  • Legitimate interests
  • Contract performance
  • To provide efficient client care and services
  • To keep you updated about changes in the legal terms that apply to the use of our website. For record keeping and firm management
  • To manage the systems that contain our marketing database
  • To manage marketing preferences and keep our records up to date
  • Legitimate interests
  • For data management for marketing and business development purposes
  • To improve our systems and services
  • To seek feedback
  • To seek your consent when we need it to contact you
  • To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
  • Legitimate interests
  • Consent
  • To improve our marketing strategy and the services that we provide

Where we collect your personal information from

We may collect personal information about you from the following sources:

  • Directly from you
  • Cookies – see our cookie statement which can be accessed here
  • Analytics providers, such as Google Analytics
  • Advertising networks

Who we share your information with

We may share your personal information with the following third parties:

  • Our agents and service providers who we use to help us with marketing and providing legal services, such as Thomson Reuters, Microsoft, Aderant and Google Analytics
  • Event organisers (if we are organising an external event which you are attending)
  • The police and other law enforcement agencies
  • Relevant regulators, including the Information Commissioner's Office in the event of a personal data breach
  • (a) Subsidiaries or affiliates of Brodies LLP, (b) Brodies Middle East LLP (ADGM Branch), or any of its subsidiaries or affiliates, and (c) Brodies & Co (Trustees) Limited and any of its subsidiaries or affiliates
  • Potential or actual purchasers of any part of our business or assets, or other third parties in the context of a possible transfer or restructuring of our business

How long we keep your personal information

Where we use your personal information for marketing purposes we will retain your personal information for so long as we have your consent to do so (where we use your personal information with your consent in order to send you marketing messages) or, in other cases, for so long as we have a legitimate business or commercial reason to do so (unless you ask us to stop).

Where you withdraw your consent to receiving marketing materials or otherwise ask us to stop marketing we will add your details to a suppression list which ensures that we remember not to contact you again.

For further information as to how to withdraw your consent or to ask us to stop other marketing activities see Withdrawing consent using your information and Objecting to how we may use your information.

If you withdraw your consent to receiving marketing materials or ask us to stop our marketing activities, we will still communicate with you for other purposes in the normal course of any other relationship we may have with you.

International transfers 

We also use ancillary IT systems hosted outside the United Kingdom or where data is backed up in a data centre outside the United Kingdom.

If your information is to be processed outside the United Kingdom, then we will ensure that it is protected to the same standards as if it were being processed within the United Kingdom by using appropriate safeguards, which may include:

  • ensuring that your information is only transferred to countries that have been recognised under data protection law as adequately protecting personal information to the same standards as the United Kingdom (for example, the European Union or European Economic Area).
  • putting in place a contract with the recipient of your information which requires them to protect that information to the same standards as if the information were being processed within the United Kingdom.

The safeguards we use will depend on the location of the recipient, the function they are performing and the personal information being transferred.