Privacy & Data Governance Statement

Effective: May 2026

Our website address is: https://smalleyandsharples.co.uk.

1. Independent Data Controller Notice

Smalley & Sharples | Legal Review (“the Review,” “we,” “us”) operates as an independent legal analysis publication. In accordance with the Data (Use and Access) Act 2025 and the UK General Data Protection Regulation (UK GDPR), we act as the Data Controller for personal information processed via smalleyandsharples.co.uk.

Our historical transition from automotive commerce to statutory legal review has necessitated a rigorous audit of our data processing activities. We maintain a “Forensic Privacy” standard, ensuring that data integrity is prioritized with the same precision we apply to our legal analysis.

2. Forensic Data Collection: Categories & Methods

We limit data collection to the minimum necessary for providing forensic legal intelligence. We process the following categories of information:

  • Professional Identity Data: Name, professional title, and firm affiliation when you submit an article for peer review or subscribe to our 2026 Legislative Forecast.
  • Forensic Usage Data: IP addresses, browser archetypes, and jurisdictional access patterns, processed to optimize our multi-jurisdictional delivery (UK vs. US perspectives).
  • Communication Records: Detailed logs of professional inquiries via our “Counsel’s Inquiry” portal.

3. Lawful Basis for Processing

Under Article 6 of the UK GDPR (as amended 2026), we rely on the following bases:

  1. Recognised Legitimate Interests: For the distribution of legal analysis and the maintenance of our editorial contributor network.
  2. Statutory Obligation: Where data must be retained for compliance with the Economic Crime and Corporate Transparency Act.
  3. Consent: Explicitly obtained for the delivery of high-end legal marketing or specific white-paper downloads.

4. Data Protection by Design & Default

In line with ICO 2026 Guidelines, Smalley & Sharples implements “Privacy by Design.”

  • Structural Shielding: We utilize advanced encryption for all contributor submissions.
  • Data Minimisation: We do not store “Special Category Data” (health, criminal records, etc.) unless strictly necessary for a specific personal injury legal review, in which case it is siloed and subject to enhanced DUAA 2025 security protocols.

5. Transatlantic Data Transfers

As our review bridges UK Common Law and US Federal Statutes, we occasionally transfer data between these jurisdictions. All such transfers are governed by International Data Transfer Agreements (IDTAs) or the UK-US Data Bridge, ensuring that “Forensic Privacy” standards are maintained regardless of geography.

6. Enhanced Data Subject Rights (2026)

Following the 19 June 2026 commencement of the new right to complain, you have the following refined rights:

  • The Right of Forensic Access: Request a detailed audit of the data we hold.
  • The Right to Statutory Objection: Object to processing based on legitimate interests.
  • The Right to Data Portability: Obtain your contributor history in a structured, machine-readable format.
  • Complaints Procedure: You have the right to raise a formal complaint regarding data handling. We commit to acknowledging all complaints within 30 days and providing a forensic resolution without undue delay.

7. Direct Contact: Data Protection Officer

For inquiries regarding our statutory data frameworks or to exercise your rights under the Sentencing Act 2026 related privacy clauses (for legal practitioners), please contact:

The Editorial Board | Data Governance Division Smalley & Sharples | Legal Review

Home
Articles
Enquires
Privacy
Scroll to Top