Privacy Policy
Last updated: 15 May 2026
Privacy Policy
General
We, South Square, are a set of commercial law barristers and are committed to protecting your privacy. We are the owners and operators of our website www.southsquare.com.
This privacy policy is addressed to users of our website, our clients, recipients of our marketing communications, individuals making enquiries, individuals who relate to client matters on which we are instructed and any other individuals who we are in contact with whether in their capacity as an individual or as director, shareholder, partner, employee or other representative of a company or other organisation.
Please read this privacy policy as it will help you to understand what personal data we collect, how and why we use your personal data, your rights in relation to your personal data and how you can exercise those rights.
Who we are
Whilst we trade as “South Square”, our company name is Chambertin Services Unlimited, which is the service company that supports barrister members of South Square. Chambertin Services Unlimited is a private unlimited company registered in England and Wales under company registration number 02360982 and with its registered office address at 24 Old Bond Street, London, United Kingdom, W1S 4AP. We are registered with the Information Commissioner’s Office (“ICO”) as a data controller under data protection registration number Z8439830.
In respect of our website and any mobile sites which we operate, marketing communications (for example, newsletters) sent out by us and handling enquiries, we are the data controller of any personal data you provide to us and are subject to the requirements under UK data protection laws applicable to a controller. This means we are responsible for the way in which your personal data is handled and the purposes for which it is processed.
Client Matters
In respect of any personal data received in relation to client engagements (“client data”), the relevant data controllers in respect of that client data are:
- the individual member(s) of South Square who is (are) responsible for the provision of the legal services required to fulfil the client’s instructions (“Members”), and any pupil barristers working with such Members following the first six months of shadowing their supervisor (“Pupils”);
- (where applicable) the instructing solicitor (“Solicitor”); and
- South Square, in respect of client data received in relation to client engagements other than for the provision of legal services.
In most cases, Members, Pupils and the Solicitor will each be independent data controllers of client data which they are processing. This means that they will each be independently responsible under data protection laws for their collection and use of client data. In some circumstances, South Square, Members, Pupils and the Solicitor may be acting as controllers jointly with one another. This, however, does not affect your rights under data protection laws.
Also, in certain circumstances, we generally act as processor for the Members and Pupils, particularly when:
- we provide information technology facilities to enable Members and Pupils to provide legal services, including practice management, client management, document / record management, cloud storage, communications (including email), billing and accounting software and internet facilities; and
- as otherwise agreed with the Members and Pupils from time to time (particularly in circumstances where we carry out a data processing activity on the specific, written instruction of the Member or Pupil (as controller)).
On certain occasions, a Member or Pupil may be a processor for South Square when, as agreed with us, they carry out a data processing activity on the specific, written instruction of South Square. They may also in certain circumstances act as processor for the Solicitor.
Our data protection arrangements with Members and Pupils are set out in more detail in the terms of our agreements with them but are in accordance with this privacy policy.
This privacy policy covers data processing activities carried out by South Square, Members and Pupils. Therefore, for convenience, references in this privacy policy to“South Square”, “we”, “our”, and “us” are references to South Square, Members and Pupils as applicable.
As a client, we recommend that you also review the privacy policy of the relevant Solicitor acting for you (which is separate to this privacy policy) to understand how the Solicitor collects and uses your personal data and how to contact the Solicitor to exercise your data privacy rights.
In any case, whether it is a Member, Pupil or Solicitor processing your personal information, each of them remains responsible for complying with all of the obligations under data protection laws applicable to them.
How to contact us
If you have any questions about this privacy policy or any personal data which we hold about you, or if you wish to exercise any of your rights as described in this privacy policy or under applicable data protection laws, please contact our Privacy Officer, (The Chambers Director)[FW1] :
(a) by email at enquiries@southsquare.com[FW2] ;
(b) by telephone on +44 (0)20 7696 9900; or
(c) by post at South Square, 3-4 South Square, Gray’s Inn, London WC1R 5HP.
Data protection principles
Where we are the data controller of your personal information, we comply with the core data protection principles as follows:
- Lawfulness, fairness and transparency – data must be processed lawfully, fairly and in a transparent manner.
- Purpose limitation – data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data minimization – data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy – data must be accurate and, where necessary, kept up to date.
- Storage limitation – data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Integrity and confidentiality – data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing (including unauthorised access) and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
This privacy policy describes the personal data that we collect and use, and explains how we comply with these principles.
What personal data do we collect?
You may choose to provide us with personal data about yourself by corresponding with us through any form on our website, by phone, email, or otherwise. When you correspond with us, we collect your contact details and other details which you may provide to us. This information will only be used in respect of the event, enquiry, matter or service to which your correspondence relates.
The personal data we collect from you will depend on your role. For example, whether you are a client of a barrister practising at South Square, or an employee, director, shareholder, partner, or other representative of a client of South Square, or a professional adviser (e.g. Solicitor) dealing with South Square.
In the course of providing legal services to our clients, we collect the personal information as necessary to enable us to carry out your instructions and to manage and operate our business, and to comply with our legal and regulatory obligations.
The personal information that we may collect includes, but is not limited to, the following:
- your name;
- home and business address;
- contact details (such as telephone numbers and email address);
- date of birth;
- gender;
- marital status;
- professional information (such as place of work and role);
- bank details;
- marketing and communications data including your preference in receiving marketing from us and your communication preferences;
- copies of passport, national identity card, driving licence, utility bills, bank statements and similar documents;
- nationality, immigration status, work permits and information from related documents;
- information relating to, and which forms part of, the matter in which the client is seeking advice or representation;
- other personal information contained in correspondence and documents which the client may provide to us;
- information we obtain from our IT and communications monitoring; and
- other personal data about our clients and individuals involved in transactions and business with them.
When a client enters into an agreement with us to use any service, we send an instruction letter acknowledging receipt of instruction papers and confirming the individual responsible for provision of the required legal services. That letter may contain further detail about how we will process the data we have received.
You confirm that you are authorised to provide to us the personal information which we shall process. Where the personal information relates to your directors, shareholders, beneficial owners, employees, agents, associates or family members it is not reasonably practicable for us to provide to them directly the information set out in this privacy policy. Accordingly, you confirm that your provision of this personal information to us is lawful under data protection laws and that you have duly provided any required information or notices to those individuals. This does not affect our own obligations as a data controller under applicable law.
We may also collect information about you from publicly accessible sources (for example, Companies House and legal research sources such as Chambers and Partners, information you have made public on websites associated with you or your company or on social media platforms such as LinkedIn), from third party providers such as the person who referred or introduced you to us or professional advisors (such as the Solicitor engaged by you) and other third party sources of information.
We automatically collect data about users of our website by using cookies or similar tracking technologies (for ease, we refer to all of these as “cookies”). Cookies allow us to recognise users and their preferred settings and use of some cookies may avoid users having to re-enter information when they visit our website in the future. Please see our Cookie Policy below for more information about the cookies we use.
We may also automatically collect, store and use information about your visits to our website and about your computer, tablet, mobile or other device through which you access our website. This includes the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location; and
- information about your visit and use of our website, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), pages you viewed and searched for, page response times, download errors, and length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and website navigation and search terms used.
What do we do with your personal data?
We will only use your personal data where we have a legal basis under data protection laws for processing it. Your personal data will be used by us in order to:
- provide legal services to you relating to your matters (and carry out activities which are ancillary to those legal services and matters such as associated administration, record keeping, billing, accounting, client management, document / record management, and communications (including email)) in order to carry out our obligations arising from any contracts entered into between you and us (or, if the contract is not with you individually, as necessary for our legitimate interests in providing legal and ancillary services to you);
- conduct the appropriate client checks, including for Know-Your-Client or anti-money laundering purposes, as necessary to comply with our legal obligations or otherwise in our legitimate interests to ensure client checks are carried out in the appropriate way; and
- provide you with the information, products and services that you request from us. It is in our legitimate interests to respond to your queries and provide any information and materials requested in order to generate and develop business.
Where we consider it is in our legitimate interests to do so (and where those interests are not overridden by your interests, rights and freedoms), your personal data will be used by us in order to:
- provide you with information about other goods and services we offer, news, updates, legal developments, publications (including our newsletters), seminars, events and other information which we think will be of interest to you. Where required by law, we rely on your consent to send you unsolicited marketing;
- comply with our internal business policies and for operational reasons such as improving efficiency, training and quality control so we are able to deliver an efficient service;
- assist with any external audits or regulatory compliance checks so we can demonstrate operation at the highest standards (and, where necessary, to comply with our legal requirements);
- address any complaints or claims and to enforce or defend our legal rights (including terms and conditions and other relevant contracts) or those of Members, Pupils, staff or anyone else associated with South Square;
- carry out market research to ascertain website user and client demographics, interests and behaviours so that we can better understand our users, clients and potential clients and generate and improve our services;
- protect the security of our website, systems and data used to provide our services and to prevent unauthorised access and alterations to our systems;
- administer our website including troubleshooting, data analysis, testing, research, statistical and survey purposes, to monitor the use of our website, and to record traffic flows to our website;
- notify you about changes to our services, policies, terms and conditions and other administrative information as appropriate to ensure you are up to date;
- ensure that content from the website is presented in the most effective manner for you and your computer, tablet, mobile or other device through which you access our website;
- for other purposes set out in our Cookie Policy (see below).
In addition, if any of the personal data which you provide to us is special category personal data (being personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation), by providing that data to us you are giving explicit consent to us collecting and using that sensitive personal data in accordance with the purposes set out in this privacy policy, including to provide legal services to you. Alternatively, we may process such personal data without your consent where such processing is necessary for the establishment, exercise or defence of legal claims or for reasons of substantial public interest, in accordance with applicable law.
We may also use aggregate information and statistics for the purpose of monitoring website usage in order to help us develop our website and our services. These statistics will not include information that can be used to identify any individual.
Data relating to criminal convictions and offences
We may also collect and store personal data relating to criminal convictions and offences (including the alleged commission of offences).
This data is only processed where it is necessary for the purposes of:
- the prevention, investigation or detection of an unlawful act and is necessary for reasons of substantial public interest;
- providing or obtaining legal advice; or
- establishing, exercising or defending legal rights.
Marketing
We will only send you marketing messages if you have given us your consent to do so, unless consent is not required under applicable law (for example, you are a corporate subscriber or we have a pre-existing relationship where your consent is not required). Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal. In any case, you have the right to opt out of receiving electronic marketing communications from us at any time by:
- contacting us using the contact details set out in the “How to contact us” section above; or
- using the “unsubscribe” link in emails.
Email monitoring
Emails which you send to us or which we send to you may be monitored by us to ensure compliance with regulatory or self-regulatory practices or procedures. Monitoring is not continuous or routine, but may be undertaken where there are legitimate grounds for doing so.
International data transfers
It may be necessary for us to share and store your personal data outside the UK, or the European Economic Area (together “European Territories”) as follows:
- with our service providers from time to time which are located, or processing data, outside the European Territories;
- if you are based outside the European Territories; and/or
- where there is an international aspect to the matter on which we have been instructed.
Where applicable data protection laws apply, and personal data is transferred by us to, and stored outside, the European Territories, we take steps to provide appropriate safeguards to protect your personal data, including:
- transferring your personal data to a country, territory, sector or international organisation which the appropriate supervisory authority has determined ensures an adequate level of protection, as permitted under applicable data protection laws;
- entering into standard contractual clauses in a form approved by the appropriate supervisory authority (including, where appropriate, the International Data Transfer Agreement or International Data Transfer Addendum to the EU Commission Standard Contractual Clauses issued by the ICO), obliging recipients to protect your personal data as required under applicable data protection laws;
- in the absence of an adequacy decision or of appropriate safeguards as referenced above, we will only transfer personal data to a third country (that is, outside the European Territories) where permitted under applicable data protection laws, including where the transfer is necessary for the establishment, exercise or defence of legal claims.
Please contact us (using the contact details set out above in this privacy policy) if you would like further information on the specific mechanism we use when transferring your personal data out of the European Territories.
To whom might we disclose your personal data
Personal data will be retained by us and may be shared, transferred or otherwise disclosed as set out in this privacy policy and where we have a lawful basis to do so.
We may provide your personal data to third parties that we engage to provide services to us. Such services may include those relating to IT infrastructure and support, information security, device management, data storage and back-up, office administration, record keeping, billing, accounting, expenses, client management, document and record management, printing, posting, recruitment, marketing and advertising, data analytics, and online communications. Some of these third parties may be located outside the European Territories (and please see the section above regarding international data transfers and the safeguards we use). If we use a third party to process your personal data, and that third party is processing your personal data on our behalf, we will require that third party to process your data only in accordance with our instructions and to protect your personal data, including as regards confidentiality and as against unauthorised or accidental use, access, disclosure, alteration, damage, loss or destruction.
We may also disclose your personal data to third parties where there is a legitimate reason to do so including:
- to an auditor or legal adviser of South Square;
- to a court, tribunal or regulator;
- to comply with any law, order, rule of court, regulation or rule or code of professional conduct;
- to the police, any law enforcement agency or other person, as South Square thinks appropriate, to assist in the identification and location of anyone who may have committed an unlawful or illegal act;
- in the event that we sell or buy any business or assets (or plan to do so), in which case we may disclose your personal data to the prospective seller or buyer of such business or assets and any third parties related to the transaction including any professional advisors; or
- if all or substantially all of our assets are acquired by a third party, in which case personal data held by it may be one of the transferred assets;
- to third parties with whom South Square engages for the hosting of events or other marketing initiatives.
In respect of client data and if we are working with other professional advisers (including other counsel and lawyers (such as the Solicitor)) in relation to any matter handled by us on your behalf then, unless you instruct us otherwise, we may disclose your information to them as appropriate in relation to the client matter.
At South Square, given the nature of our business, we may disclose and share personal information as needed:
- with our Members, Pupils, staff, agents and consultants;
- to other professional advisers and third parties in accordance with your instructions;
- to our professional indemnity insurers or brokers, auditors, lawyers and compliance or risk managers;
- if we, acting in good faith, consider disclosure to be required by law or the rules of any applicable governmental, regulatory or professional body.
Your rights
Access to your information and updating your information
You have the right to request a copy of the personal data which we hold about you. If you so request, we shall provide you with a copy of your personal data which we are processing (“data subject access request”). We may refuse to comply with a data subject access request if the request is manifestly unfounded or excessive in nature.
You may also have the right, in certain circumstances, to receive your personal data in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
We would like to keep your personal data accurate and up to date. You have the right to ask us to correct or complete personal data you think is inaccurate or incomplete.
Right to object to marketing
You have the right at any time to object to our processing of your personal data for direct marketing purposes. Please refer to the ‘marketing’ section above for further details.
Right to object where we process your information based on our legitimate interests
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Your other rights
In certain circumstances, you have the right to:
- request the erasure of your personal data (“right to be forgotten”);
- restrict the processing of your personal data where you contest the accuracy of the personal data, the processing is unlawful, we no longer need it for processing but you need it for the establishment, exercise or defence of legal claims or you have exercised your right to object as summarised above.
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under applicable law apply. We may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request if it is manifestly unfounded or excessive or repetitive in nature.
Exercising your rights
You can exercise any of your rights as described in this privacy policy and under data protection laws by contacting us using the details given in the “How to contact us” section above.
Save as provided under applicable data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee (subject to any limits imposed by applicable law) taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Links to other websites
In relation to the websites you use, this privacy policy applies only to South Square’s website. That website may contain links to websites operated by others. These other websites may collect and use personal data in a way which is different from the way in which we collect and use personal data. When you visit a website operated by a third party, you should read their privacy policy (so far as one is available). We do not accept any responsibility or liability for the way in which third parties collect and use your personal data through such other websites.
Security
We store your information in hard copy and in electronic format. We use industry standard technical and organisational measures to protect information from the point of collection to the point of destruction. For example:
- Hard copy information files are restricted to authorised individuals.
- We use, as appropriate, encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access.
- Where appropriate, we use pseudonymisation and / or encryption to protect your information.
- We will only transfer personal data to a third party if we are satisfied that it puts in place adequate security measures itself.
Unfortunately, the transmission of information via the internet is not completely secure. Despite the precautions we take, we cannot guarantee the security of your data transmitted via the internet; any transmission is at your own risk. However, once we have received your personal data, we take steps to ensure that it is treated securely and in accordance with this privacy policy.
Where data processing is carried out on our behalf by a third party, we will endeavour to ensure that appropriate security measures are in place including to prevent unauthorised disclosure of your personal data.
How long we keep your personal data
Personal data received by us will only be retained for as long as necessary to (i) fulfil the purposes described in this privacy policy, (ii) to fulfil our engagement with you, or (iii) for the appropriate period of time as necessary and permitted for legal, regulatory, fraud and other financial crime prevention and legitimate business purposes, after which time it will be destroyed in a secure manner.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, reporting or other requirements we may be subject to as a barristers’ chambers.
Complaints
You should address your complaints to our Privacy Officer whose details are set out in the “How to contact us” section above. Where we receive a complaint relating to the processing of your personal data, we will acknowledge receipt of the complaint no later than 30 days from when we received the complaint and, without undue delay, take appropriate steps (making enquiries into the subject matter of the complaint, to the extent appropriate) to respond to the complaint, keeping you up-to-date on the progress and informing you of the outcome of the complaint.
Whilst we would appreciate the chance to deal with your concerns before you contact the regulator, you also have the right to complain to the Information Commissioner’s Office about our data processing activities in relation to your personal information if you think they infringe applicable data protection laws (ICO helpline on 0303 123 1113 or https://ico.org.uk/make-a-complaint/). However, in most cases, if someone complains to the ICO about the way an organisation has handled their personal information, the ICO will ask them to raise the complaint with the organisation first.
Cookies Policy
What are cookies?
Cookies are small amounts of data which often include a unique identifier that is sent to your computer, tablet, mobile or other device (your “device”) from a website and is stored on your device’s browser or hard drive. They are used by almost every website to improve your online experience. We use cookies to give you access to certain parts of our website and to let us know how you are using our website.
Consent to our use of Cookies
The law allows us to freely store cookies on your computer if they are essential to the operation of our website (for example, we use an ‘essential’ cookie to check if you have given your consent to other non-essential cookies). However, we need your consent (via your engagement with our website cookie banner which pops up when you visit the website) to set non-essential cookies on your computer. If you agree, we use the data collected by these cookies for the purposes set out in this cookie policy.
Declining Cookies
Some of the cookies we use are essential for our website (see above). If you decline them, some of the features of our website may not work as well as we intend and you may not be able to access or use some features or services.
Unless you have set your browser so that it will decline cookies, our system will set some cookies as soon you visit our website. You can block cookies by setting your browser to refuse all or some cookies or to alert you to when a cookie is being sent. For information about this you should look in your browser’s ‘help’ facility.
If you have previously browsed or used our website and no longer wish to accept cookies, you should be aware that some cookies will have already been set.
More information about how to manage cookies for all the commonly used internet browsers can be found by visiting www.allaboutcookies.org.
Cookies we use
Google Analytics: Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses cookies to gather analytical information about the users of our website to help us to understand better usage patterns. We typically use Google Analytics for this purpose. The Google Analytics cookies enabled on our website expire after 13 months.
The information generated by the Google Analytics cookie about your use of our website (including your IP address) may be transmitted to and stored by Google on servers in the United States. Google use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage.
Google may also transfer this information to third parties where required to do so by law, or where third parties process the information on Google’s behalf.
For further detail regarding the cookies set by Google, please visit their website.
For further information on how to opt out of Google Analytics, please click here.
Contact
If you have any queries about our use of cookies on our website please contact us using the details set out in the “How to contact us” section in our privacy policy.
Changes to this Privacy and Cookies policy
We keep this policy under review and may change it from time to time. The updated policy will appear on this webpage and, where appropriate, be notified to you. You should check it each time you visit our website or provide us with any personal data.
'An unrivalled collection of the best talents currently at the Bar.'LEGAL 500
