Website Privacy Policy

1. Who we are

AZJ Legal is the trading name of Anthony Jimenez & Company (UK) Limited and Anthony Jimenez & Company (Gibraltar) Limited. For this website, the controller is Anthony Jimenez & Company (UK) Limited, unless a page or form expressly states that the Gibraltar office is the controller for that interaction.

Address: 8-10 Hill Street, Mayfair, London. W1J 5NG

Telephone: +44 (0) 20 7129 1158

2. What this notice covers

This notice explains how we collect, use, store and protect personal data when you browse our website, submit an enquiry, sign up for updates/events, download materials, or apply for a role via the site. Client matters are covered by our engagement terms and our internal privacy policy which is available on written.

3. Personal data we collect via the website

3.1 When you use our website, we may collect and process the following categories of personal data:

3.1.1 Contact and enquiry data – such as your name, email address, telephone number, organisation, and the contents of your enquiry or message.

3.1.2 Marketing preferences – information you provide when signing up for newsletters or events, together with records of your subscription status and any opt-outs.

3.1.3 Technical and usage data – including your IP address, device and browser type, pages visited, referral source, time and date of access, and cookie identifiers. Further details about the use of cookies and similar technologies are set out in our Cookie Policy.

3.1.4 Recruitment data – where you apply for a role via the website, this may include your CV, cover letter, right-to-work documentation, and any notes arising from interviews or recruitment assessments.

3.1.5 Special category and criminal offence data – we do not routinely request this information through our website. However, you may choose to provide such data in a free-text field, or it may be necessary in the context of a recruitment application (for example, health information or criminal record checks). Where this occurs, we will only process such data in accordance with the conditions set out in the UK GDPR and the Data Protection Act 2018.

4. How we collect data

4.1 We collect personal data in the following ways:

4.1.1 Directly from you – for example, when you complete a contact form, sign up for an event or newsletter, apply for a role, or contact us by email or telephone.

4.1.2 Automatically – when you use our website, we collect certain technical and usage information through cookies and similar technologies. Further details are available in our Cookie Policy.

4.1.3 From third parties – where relevant to recruitment, we may receive information from third-party sources such as job boards, recruitment agencies, or referees.

5. How we use your data and our lawful bases

5.1 We only use your personal data where we have a lawful basis under the UK GDPR, the Data Protection Act 2018, and (where relevant) the Privacy and Electronic Communications Regulations (PECR). The purposes for which we process your data, and the lawful bases on which we rely, include:

5.1.1 Responding to enquiries and providing information – where you contact us via our website or otherwise request information, we process your data on the basis of our legitimate interests (to operate our website and respond to prospective clients, partners or other enquirers). 

5.1.2 Operating, securing and improving our website – this includes diagnostics, maintaining security logs, and using essential cookies or similar technologies. These activities are carried out on the basis of our legitimate interests in ensuring the proper functioning and security of our website. Where we use non-essential cookies or analytics, we rely on your consent under PECR/UK GDPR.

5.1.3 Marketing communications – if you sign up to receive newsletters, legal updates, or event invitations, we will rely on your consent (which you may withdraw at any time). In some cases, we may rely on the “soft opt-in” under PECR where you are an existing or prospective client and the communication relates to similar services. You will always have the right to opt out in every communication we send

5.1.4 Recruitment – if you apply for a role with us via our website, we will process your personal data as necessary to take steps prior to entering into a contract with you and in reliance on our legitimate interests in managing recruitment. We may also process certain information to comply with legal obligations, for example, verifying your right to work in the UK.

5.1.5 Legal and regulatory compliance – we may process your data to comply with legal obligations, for example, for fraud prevention, anti-money laundering, or sanctions screening (where applicable). We may also rely on our legitimate interests in protecting our business and complying with professional obligations.

5.1.6 Special category or criminal offence data – if you choose to provide us with special category data (such as health information) or criminal offence data via the site, we will only process it where a UK GDPR or Data Protection Act 2018 condition applies. This may include your explicit consent, or where necessary for the establishment, exercise, or defence of legal claims, or for compliance with our legal and regulatory obligations.

6. Cookies and similar technologies

We use cookies and similar technologies to run the site and, with your consent, to measure audience and improve content. See our Cookie Policy for the types of cookies, purposes, and how to manage your choices.

7. Sharing your data

7.1 We share personal data only where necessary and on a lawful basis, including with:

7.1.1 our IT, website hosting, email, marketing, and analytics service providers, who act as processors under contract;

7.1.2 event management platforms and email delivery services, for the purpose of managing sign-ups and communications;

7.1.3 recruitment platforms, background-check providers, and referees, where relevant to an application process;

7.1.4 our professional advisers (such as lawyers, accountants, and auditors), insurers, and, where required, regulators or law enforcement authorities.

8. International transfers

8.1 As we operate across the UK and Gibraltar, certain personal data will be shared automatically with our Gibraltar office. Gibraltar is recognised by the UK Government as providing an adequate level of data protection, meaning transfers of personal data between the UK and Gibraltar do not require additional safeguards.

8.2 Some of our third-party service providers may process personal data outside the UK. Where this occurs, we will ensure that an appropriate safeguard is in place in accordance with the UK GDPR. These may include:

8.1.1 the UK’s adequacy regulations (for example, Gibraltar and other jurisdictions formally recognised as adequate); 

8.1.2 the ICO’s International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs), together with supplementary measures where required; or

8.1.3 the UK Extension to the EU–US Data Privacy Framework, where the recipient is certified under that framework.

8.3 We take steps to ensure that any international transfer of personal data is carried out in compliance with applicable data protection laws and that your rights remain protected.

9. How long we keep your data

9.1 We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or to meet legal, regulatory, or business requirements. Typical retention periods are:

9.1.1 Enquiry data – usually 24 months from the date of last contact. If the enquiry leads to an engagement, our client-file retention schedule will apply.

9.1.2 Marketing data – retained until you opt out or we determine that your subscription is inactive.

9.1.3 Technical and usage logs – typically retained for up to 12 months. Certain security logs may be kept for longer where necessary for system integrity, fraud prevention, or investigation purposes.

9.1.4 Recruitment data – for unsuccessful applicants, generally retained for 6–12 months following the conclusion of the recruitment process. For successful candidates, relevant information is incorporated into personnel records and retained in line with our HR retention schedule

9.1.5 Legal and compliance – we may retain records for longer periods where required to comply with law, regulatory obligations, or to establish, exercise, or defend legal claims.

10. Security

We apply technical and organisational measures appropriate to the risk, including access controls, encryption in transit where appropriate, resilience/backup and staff training. Internet transmission is not completely secure; any transmission is at your own risk.

11. Your rights

You can request access, rectification, erasure, restriction, portability, and you may object to processing based on legitimate interests and to direct marketing. Where we rely on consent, you may withdraw it at any time. To exercise these rights, contact enquiries@azj-legal.com. We may need to verify your identity.

12. Children

Our website is not directed at children under 16. Please do not submit children’s data via our forms.

13. Third-party links and social media

Our website may link to third-party websites or embed third-party content. Those providers have their own privacy policies and controls; we are not responsible for their practices.

 

14. Changes to this notice

We may update this notice from time to time; changes take effect on publication. Please check this page periodically.