We’re not deluded. We may write these things for a living but we know that not many people read them. Seeing as we sell them though, we thought we’d show off our skills by explaining what this is all about in plain English.

This is our privacy notice. We have to have one of these to explain how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) and the PECR (Privacy and Electronic Communications Regulations) and to tell you what we do with the information we collect about you when you visit our site.


If you want to know about all the boring bits, read this together with our Website Terms and Conditions to get a full picture of what we do and what we need you to do.

To comply with the law, we need to let you know that our data controller (which is the company that makes decisions about what to do with your personal data) is the The Law Boutique Limited with company registration number 09509112. Our very cool offices are in The Relay Building at 114 Whitechapel High St, London, England, E1 7PT - you should visit.


+ Information we collect about you

If you come onto our website and submit a form or email us, we will keep the information that you give us so that we can email you back. You probably won't go into much detail about your private life when you email (it's not like we're family lawyers) so we will probably only know very basic things about you like your name, address, e-mail address and phone number and whatever information you give us about your company. The only reason we need this information is so that we can write back to you or call you if you want us to. It would be rude to ignore you after all and if we never got back to anyone, we wouldn't have a business.

We also collect technical data about you like IP addresses. To many peoples' dismay, data protection law says that these are actually considered to be personal data. We use Google Analytics and for that to work, we need to collect your IP address. The reason we use analytics is primarily to find out if anyone comes to visit our website and whether all our efforts to write about clever stuff is going to waste. We also want to know what you're interested in so we can write more of the stuff you like.

We also have the Facebook Pixel installed so that we can try to sell you our services. We might be on a mission to change the world but we are a business after all and we want you to spend money with us. The Facebook Pixel means that we can see how people interact with our site and any Facebook adverts we create and then we try to sell you relevant services that you might like.

Our website is hosted on Squarespace (for now) so your IP address will also be stored in its back-end when you visit us. To be honest, we don't do anything with that information (we're lawyers, not data scientists remember?) but if we wanted to we could see that a person or many people have interacted with the website in a specific way.


+ Delicious cookies

Like most websites, ours uses cookies. For more information on the cookies we use and to find out more about why we use them, visit our Cookie Policy. If you don’t want them then you need to block them on your browser, but don't say we didn't warn you when our site stops working as well as it should.


+ How do we use this information?

We will use the deets you give us to:

• do our job and provide you with our excellent legal services

• let you know when we make changes to our services

• send you our newsletter, if you want it

• manage our site and for our internal ops, including troubleshooting, data analysis, testing, research and to put pretty reports together for our monthly meetings where we get croissants

• make our site better and make sure that what's on our site is presented in the most effective way for you and for your computer or phone

• let you take part in interactive features of our site, like making snarky comments on our blogs for example

• keep our site safe and secure.

+ How do we share your information?

We may have to share your data with other companies or people so that we can actually do our job. These include:

• Microsoft Inc., to store documents that include your personal data on One Drive. We also use Outlook to email you if you we need to and we can

• Google LLC. (“Google”) based in the US, so we can store more documents that include your personal data on Google Drive

• Xero Limited (“Xero”) based in the EU, Australia, Singapore and the US, so we can get that dolla

• Slack Technologies (“Slack”) based in the US, so we can talk about you with our colleagues

• Zoom Video Communications, Inc. (“Zoom”) based in the US, so we can video call you

• Formagrid, Inc., doing business as Airtable so that we can organise our lives and write down the bits of work we're doing for you which might include information about you

• J.N Projects Inc., to collect e-signatures through their app, Hellosign

• Rocket Science Group, LLC., to use their service Mailchimp to send you our newsletter, if you want us to

• other awesome business partners, suppliers and sub-contractors so we can deliver our services to you

• analytics and search engine providers that assist us in the improvement and optimisation of our site (we already told you about this one)

• with other people or organisations if we have to, by law

+ Where do we store your information?

Our staff is in the UK so your data is kept here but for IT hosting and maintenance your data will be stored on servers that are in the European Union and the US because we use Squarespace.

Your data might also be stored in the US. This is because if we use Mailchimp to send you our newsletter or store documents that include information about you on One Drive or Google Drive, your data actually travels to the US and gets stored on servers there. We've meticulously read all the privacy policies of all the companies we use (for inspo mainly and they are all much more boring than this one) and take it from us as field experts, they are kosher. There's a special deal between the EU and the US called the 'Privacy Shield' which is basically a certification US companies need to get to show the EU that they are good enough to be graced with data that belongs to people who live in the EEA. The US companies we trust with your data have this certification which means the law says they are good enough to look after your data. Max Schrems isn't quite so sure but this is what we've got for now so we'll have to go with it. If we ever need to share you information with anyone else, we'll make sure they have similar rules in place to store your data securely and that they comply with the EU Commission's sassy standards when it comes to data protection.

We don't share you data with anyone else without telling you and we definitely don't sell any data either.

Seeing as we are data protection specialists (and damned good ones too) we have a proper data protection regime in place to make sure we look after all the information you give us, in the right way. We also paid some money to an IT guy to make sure that we have good security to try to prevent anyone from trying to steal the information we have about you.

+ How long do we keep your information for?

If you become a customer, UK tax law says that we need to keep your basic personal data (name, address, contact details) for a minimum of 6 years. We'll get rid of it after that. If you contact us to ask us about our service and we don't end up working with you, we'll usually delete your information within 6 months.

If you say yes to our are rare but delightful newsletters, we'll keep your infromation until you ask us to delete it. You can do that each time you get an email by clicking on the 'unsubscribe' link. That will hurt our feelings but feel free if you must.

+ What are your rights?

As a human (or 'data subjects' as the law likes to affectionately refer to you), you have certain rights that you can freely exercise with all your might and power. This means that you can ask us to do any of the following things and if it won't get us in trouble (remember the UK tax law bit we mentioned earlier?) we'll have to do it:

• Ask us for a copy • Ask us to correct it if we have it wrong • Ask us to delete it • Ask us to stop or restrict processing it • Ask us to send it to another company in a sensible way (e.g. not on a floppy disk) • Withdraw your consent if you've given it to us.

If you ask us to do any of the above and we don't do it right, then we should really be out of a job but you can also angrily complain about us to the Information Commissioner’s Office

+ Changes to our Privacy Notice

If we make any changes to this Notice that you need to know about, we'll inform you, otherwise we won't bother you with nonsense.

We hope the above wasn't too painful to read and that you are now confident that we treat your data with the love it deserves.

Hit us up to find out how we can create a similarly stunning piece of art for you at

Peace out.