1 - About Us

Bar Mutual Indemnity Fund Ltd (“Bar Mutual”) provides professional indemnity insurance to self-employed barristers in England & Wales and to certain entities approved and regulated by the Bar Standards Board (the “BSB”).  As part of the insurance contract we handle any claims that are made against barristers we insure ("Our Services").  To enable us to provide Our Services we need to collect and process personal data.  This makes us a "data controller" for any personal data that you provide to us which makes us responsible for complying with data protection laws.

Bar Mutual outsources management of its operations to Thomas Miller Professional Indemnity Ltd, which is a member of the Thomas Miller Group of companies.  This means that in order to provide our Services, Bar Mutual, Thomas Miller Professional Indemnity Ltd and Thomas Miller Holdings Ltd are all jointly data controllers.  This privacy notice covers the activities of Bar Mutual and Thomas Miller Professional Indemnity Ltd.  For further information on how Thomas Miller collects and uses personal data, please see its privacy policy at https://www.thomasmiller.com/cookie-privacy-policy/ .

A data protection officer (“DPO”) has been appointed on behalf of the Thomas Miller Group and, accordingly, if you have any questions about this privacy policy, including any requests to exercise your legal rights or if you are unsure about who the data controller of your personal data is, please contact the DPO using the details set out in section 10. 

Bar Mutual and Thomas Miller Professional Indemnity Ltd’s contact details as Data Controller are:
Name: Bar Mutual Indemnity Fund Limited
Email: info@barmutual.co.uk
Address: 90 Fenchurch Street, London, EC3M 4ST

2. Our processing of your personal data

Personal data means any information about an individual from which that person can be identified.  It does not, however, include anonymous data.

The types of personal data that we collect and our uses of that personal data will depend on your relationship with us.  For example, we will collect different personal data depending on whether you are a barrister, claimant, witness, a third party with whom we engage with or a website user.

Special category data is information that relates to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership.  Whilst we do not actively collect or request special category data, we will sometimes receive some of your “special category data”. For example, we may receive information about your health or criminal convictions if it is relevant to a claim being made against a barrister that we are dealing with.

Where you provide personal data to us about other individuals (for example, claimants, witnesses or contacts at your chambers) we will also be a data controller of and responsible for their personal data.  You should therefore refer them to this privacy policy.

In order to make this privacy policy as user friendly as possible we have divided it into different sections. Please click on the section below that best describes your relationship with us.

3. What marketing activities do we carry out?

We do not carry out any marketing activities or send marketing communications. 

4. How long do we keep your personal data for?

Retention of specific records may be necessary for one or more of the following reasons:

  • To fulfil statutory or other regulatory requirements;
  • To discharge our contractual obligations;
  • To evidence events/agreements in case of disputes;
  • To meet our operational needs;
  • To meet any historical purposes.

We apply the following policy in relation to the secure deletion of your personal information.

Renewal Data

We retain the personal data you provide in relation to obtaining or renewing your professional indemnity insurance with Bar Mutual for as long as we remain potentially liable to meet claims made against members of Bar Mutual.

Claims Data

  • Our Standard Claims Data Retention Period is 15 years (subject to the exceptions below), and the period is calculated from the date a claim, or circumstances that could give rise to a claim, is first notified to us.  
  • We apply a shorter retention period of 3 years and 6 years from the date of first notification (the “Reduced Claims Data Retention Period”) where the circumstances of the case justify it.
  • We apply an Extended Claims Data Retention Period of an additional 10 years to the Standard Claims Data Retention Period, where the circumstances of the case justify it.  The total maximum period for which personal claims data can be retained on application of the Extended Claims Data Retention Period is therefore 25 years from the date of first notification. 
  • In applying the Extended Claims Data Retention Period, a review of the need to continue to do so is undertaken 5 years into the Extended Claims Data Retention Period.  

Where the retention periods explained above are applied and have expired, we will delete your personal information and retain information in anonymised format. 

5. What is our approach to sending information overseas?

We do not transfer or disclose your personal data to countries or third parties located outside of the European Economic Area ("EEA").

The personal data we collect about you will be stored and processed in the United Kingdom.  Should we need to transfer your personal data to any other country (for example, in order to instruct professional advisers to defend a claim notification) we will take all reasonable measures to safeguard the transfer of your personal data in a manner that complies with data protection laws.

If you would like further information regarding our data transfers and the steps we take to safeguard your personal data, please contact us using the details set out in section 10. 

6. How do we protect your information?

We take all steps necessary to ensure that your personal data is treated securely and in accordance with this privacy policy.  All information we are provided with will be stored on our secure servers protected by data-encryption, with perimeter firewall technology and intrusion protection software. 

7. Profiling and automated decision making

Please note that we do not carry out any profiling or automated decision making.

Profiling is any form of automated processing of personal data to evaluate certain personal aspects and automated decision making refers to a situation where a decision is taken using personal data that is processed solely by automatic means (i.e. using an algorithm or other computer software) rather than a decision that is made with some form of human involvement.

8. Your rights

Under data protection law you have a number of rights in relation to the personal data that we hold about you which we set out below. These rights might not apply in every circumstance. You can exercise your rights by contacting our DPO at any time using the details set out in section 10. We will not usually charge you in relation to a request.

Please note that although we take your rights seriously, there may be some circumstances where we cannot comply with your request such as where complying with it would mean that we couldn't comply with our own legal or regulatory obligations. In these instances we will let you know why we cannot comply with your request.

The right to access your personal data
You are entitled to a copy of the personal data we hold about you and certain details about how we use it. We will usually provide your personal data to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal data will be provided to you by electronic means where possible.

The right to rectification
We always take care to ensure that the information we hold about you is accurate and where necessary up to date. If you believe that there are any inaccuracies, discrepancies or gaps in the information we hold about you, you can contact us and ask us to update or amend it.

The right to restriction of processing
In certain circumstances, you are entitled to ask us to stop using your personal data, for example where you think that the personal data we hold about you may be inaccurate or where you think that we no longer need to use your personal data. 

The right to withdraw your consent
In very limited circumstances, if you are a witness, we will rely on your consent in order to process your personal data and you have the right to withdraw such consent to further use of your personal data.

The right to erasure
This is sometimes known as the 'right to be forgotten'. It entitles you, in certain circumstances, to request deletion of your personal data. For example, where we no longer need your personal data for the original purpose we collected it for or where you have exercised your right to withdraw consent. Whilst we will assess every request, there are other factors that will need to be taken into consideration. For example, we may be unable to erase your information, as you may have requested, because we have a legal or regulatory obligation to keep it.

The right to object
In certain cases, you have the right to object to our processing. This arises in relation to:

Marketing:  Please note that we do not carry out any marketing activity. In the event that this changes, we will update this section and inform you of your right to object to marketing.

Processing based on our legitimate business reason: Where we process your personal data because we have a legitimate business reason to do so, you can object to such processing, unless our purpose outweighs any prejudice to your privacy rights.

The right to data portability
In certain circumstances, you can request that we transfer personal data that you have provided to us directly to a third party.

Rights relating to automated decision-making
Please note that we do not carry out any automated decision making. In the event that this changes, we will update this section and provide more information about your rights relating to automated decision-making.

The right to make a complaint to the ICO
You have a right to complain to the Information Commissioner's Office (ICO) if you believe that we have breached data protection laws when using your personal data. You can visit the ICO's website at https://ico.org.uk/ for more information.  Please note that lodging a complaint will not affect any other legal rights or remedies that you have.

9. Cookies policy

a. Cookies may be used by the Website to allow us to recognise you and your preferred settings e.g. to store your ID and password for future sessions. This saves you from re-entering information on return visits to the Website. You have the option not to use this feature, in which event no cookies will be retained on your computer.

b. If the site has a secure log-in for our registered users, it may use a temporary ’session cookie’ in order to perform the secure login to our website. This cookie contains no personal information, just a long random number, and is deleted from your web browser when you exit the Website.

c. Temporary cookies are used in the transactional part of the Website to authenticate you as an authorised user after you have logged in.

d. Your browser may be capable of being programmed to reject cookies, or to warn you before downloading cookies, and information regarding this may be found in your browser’s ‘help’ facility.

For an explanation of cookies see: www.allaboutcookies.org

If you have any questions regarding cookie use, please contact us by email at info@barmutual.co.uk.

Below is a table of all cookies on this website – their name, type and purpose:

Cookie Type Cookie Name Cookie Purpose
Session & TYPO3 Content Management Cookie Session & fe_typo_user & s_sq s_cc We use session cookies to record an individual users preferences that the user has specified, so that each time the user returns their preferences remain. Commonly this would be language settings, shopping carts, anything where you have indicated a preference. Where forms are used on the site, we hold the information in a session cookie so that we can improve the user experience on the site. Should a user, for example, forget to fill in parts of a form when submitting a form, we can auto-fill the values for those fields that have been filled in, thereby reducing the amount of fields a user needs to amend. This information is stored only in your browser and is destroyed once your browser is closed.
Google Analytics __utmz __utmc __utmb __utma These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

10. Contacting us

If you would like further information about any of the matters in this privacy policy or if you have any other questions about how we collect, store or use your personal data, you may contact our data protection officer:

Email:  DataProtection@thomasmiller.com

Adcress: 90 Fenchurch Street, London EC3M 4ST.

11. Updates to this notice

From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. We will provide you with the most up-to-date notice on this web page.

This notice was last updated on 18th January 2019.

Other Websites

This privacy policy only covers the Website. Any other websites which may be linked to by the Website may be subject to their own privacy policy, which may differ from ours and we are not responsible for the content provided on any third party websites.

You are currently offline. Some pages or content may fail to load.