eNotary in UK Logo - Online Notary UK - eNotary UK
Get Started

Updated: 23 December 2024

Data Protection Policy

eNotary Public (trading as Wharf Notaries)

INTRODUCTION

This Data Protection Policy (“Policy”) outlines the principles that eNotary Public (trading as Wharf Notaries) (“Business”) adheres to when processing personal data in the course of providing notarial services. Our commitment to data protection ensures the secure and lawful handling of personal information.

The Appendix contains a Glossary of defined terms used within this Policy.


COMPLIANCE WITH THIS POLICY

The Business, including the Notary, all Personnel, and Suppliers, is committed to ensuring personal data protection in line with this Policy.

A breach of data protection laws by any party could lead to financial penalties, reputational damage, and a loss of trust in the notarial profession as a whole.


DATA PROTECTION PRINCIPLES

The Business complies with the following principles when processing personal data:

  1. Fairness and Transparency:

    • Personal data must be processed fairly, with transparency about how and why it is used.
    • A privacy notice is provided to clients, Personnel, and Suppliers, detailing:
      • The Business’s identity as Controller.
      • Purpose and legal basis for data processing.
      • Legitimate interests (where applicable).
      • Recipients of the data.
      • Transfers to third countries or international organizations, along with safeguards.
      • Data retention periods.
      • Rights of the data subject, including withdrawal of consent and lodging complaints.
      • The existence of automated decision-making, including profiling, and its implications.
    • Privacy notices are included in client engagement letters, service agreements, or on the Business website.

  2. Lawful Processing:

    • Personal data, including special categories, must be processed lawfully based on:
      • Contractual necessity.
      • Legitimate interests of the client or Business.
      • Legal obligations.
      • Explicit consent.
      • Vital interests or public interest processing.

  3. Purpose Limitation:

    • Personal data is collected for specific, explicit, and legitimate purposes.
    • Typical processing includes data related to:
      • Client services and relationships.
      • Personnel administration.
      • Supplier management.
    • The Business avoids unsolicited electronic marketing and complies with legal requirements when necessary.

  4. Data Minimization:

    • Only the minimum necessary personal data is processed.
    • Clients must ensure that the data provided is limited to what is required.

  5. Data Accuracy:

    • Reasonable steps are taken to ensure data is accurate, complete, and up-to-date.
    • Clients are contractually obliged to provide accurate and current data.

  6. Individual Rights:

    • Individuals can exercise their rights, including access, rectification, erasure, portability, and objection.
    • The Business responds to all valid Individual Rights Requests.

  7. Storage Limitation:

    • Personal data is retained only as long as necessary.
    • For example, notarial acts in public form are preserved permanently, while Personnel records are retained no longer than 12 months post-employment unless legally required otherwise.

  8. Data Security:

    • Appropriate physical, organizational, and technical security measures are in place:
      • Locked offices and secure cabinets.
      • Access restricted to authorized Personnel.
      • Disposal of documents through secure methods.
      • Firewalls, antivirus software, and regular system updates.

  9. Accountability:

    • The Business ensures compliance with these principles through documented policies, training, and governance processes.


GOVERNANCE PROCESSES

  1. Documented Policies:

    • This Policy and other data protection documents are maintained to ensure compliance.

  2. Assurance:

    • Personnel and Suppliers are trained to handle personal data securely and in compliance with data protection laws.
    • Suppliers must adhere to data processing agreements.

  3. Advice:

    • The Business seeks legal or professional advice as needed to maintain compliance.

  4. Third-Party Contractors:

    • Third parties processing data on behalf of the Business comply with relevant policies and agreements.

  5. Data Protection Impact Assessments (DPIAs):

    • High-risk processing activities undergo documented DPIAs to identify and mitigate risks.

  6. Record-Keeping:

    • Records of processing activities are maintained, detailing:
      • Processing purposes.
      • Categories of personal data and recipients.
      • Retention periods.
      • Security measures.

    • Whether acting as Controller or Processor, the Business keeps clear and accurate records.


This Policy reflects the Business’s dedication to safeguarding personal data in compliance with applicable laws. It will be reviewed periodically to ensure ongoing compliance and relevance.

For more information, please contact eNotary Public (trading as Wharf Notaries).

© eNotaryPublic.co.uk. All Rights Reserved 2025.

eNotaryPublic.co.uk is a trading name of Wharf Notaries (Companies House Number: 14151425).

Company

About Us
FAQs
Blogs
Documents we notarise
Online Notary Services

Services

Remote Online Notarisation
eApostille
Online Business Notary

Legal

Privacy Policy
Terms of Business
Data Protection Policy

Copyright © eNotary Public UK | Designed and Developed By UK Web Creators