Effective Date: 1 January 2026
Last Updated: 7 January 2026

British Rights Barrister takes your privacy seriously. This Privacy Policy explains how your personal information is collected, used, stored, and protected in compliance with the Bar Standards Board (BSB) Handbook, Public Access rules, and applicable data protection law (including GDPR).

1. Data Controller

The data controller for the purposes of this policy is:

Anna Roffey
Contact: [email protected]

I am a Public Access authorised barrister regulated by the BSB. All data processing is conducted in accordance with professional and regulatory obligations.

2. Information We Collect

We may collect personal information in order to provide services, verify identity, comply with regulatory requirements, and deliver our educational content. This includes:

Client / Member Information

Full name, email address, phone number, postal address, date of birth

Case details, submitted questions, and supporting documents

Billing and payment information (Stripe or other payment processors)

Educational and Membership Data

Module access records, progress, and completion status

Engagement with videos, and templates

Compliance and AML Data

Identity verification information collected for AML/CDD compliance

Red flags or risk indicators relevant to regulatory obligations

3. How We Use Your Information

Your information is used for:

Providing personalised legal advice under Public Access rules

Delivering educational content and membership services

Administering payments, refunds, and cancellations

Regulatory compliance, including AML checks and record-keeping

Responding to questions, booking calls, and providing guidance

Maintaining communications and keeping an audit trail of services provided

Handling complaints and ensuring transparency in line with BSB requirements

4. Legal Basis for Processing

For members receiving personalised legal advice, processing is necessary for the performance of a contract and to comply with regulatory obligations under the BSB Handbook.

For educational content and membership access, processing is necessary for contract performance and legitimate interests in providing educational services.

Consent is obtained for marketing communications if applicable.

5. Sharing of Information

Your personal information is not shared with third parties for commercial purposes.

Information may be shared with:

Payment processors (e.g., Stripe) to handle fees securely

Regulatory bodies if required under BSB rules or AML legislation

Legal advisers or IT service providers who support the delivery of services under contractual obligations

6. Data Retention

Personal and case-related data is retained in accordance with BSB record-keeping rules for Public Access work.

Educational module access records may be retained for membership and audit purposes.

AML and financial records are retained for a minimum of 5 years as required by anti-money laundering regulations.

7. Your Rights

You have the right to:

Access personal data held about you

Request correction of inaccurate or incomplete data

Request deletion of personal data where it is no longer needed or where legally permissible

Object to or restrict processing in certain circumstances

Withdraw consent for any optional processing (e.g., marketing)

Request data portability, where applicable

To exercise your rights, contact [email protected]

8. Security of Your Data

Personal data is stored securely on encrypted systems and access is limited to authorised personnel.

We implement appropriate technical and organisational measures to protect data against loss, misuse, or unauthorized access, in line with GDPR and BSB guidance.

9. Cookies and Tracking

Our website may use cookies or similar technologies to improve usability and analyse traffic.

No cookies are used to identify individual clients for legal advice purposes.

Members may disable cookies via their browser settings, but some functionality may be affected.

10. International Transfers

Where personal data is processed outside the UK, appropriate safeguards (e.g., EU/UK adequacy, standard contractual clauses) are applied to ensure compliance with GDPR.

11. Complaints

If you believe your data has been misused, you can contact:

Data Protection Officer / Contact: [email protected]

The Information Commissioner’s Office (ICO): https://ico.org.uk/

Data-related complaints are separate from service complaints, which are handled via the complaints procedure outlined in your engagement letter.

12. Updates to this Policy

This Privacy Policy may be updated from time to time to reflect regulatory changes or improvements in services.

The effective date is noted at the top.

Members and clients will be informed via the website or email of any material changes.