Privacy Policy
How we collect, use, and protect your personal data, in compliance with UK GDPR.
1. Data controller
The data controller for your personal data is Francophone Legal & Administrative Services UK Ltd (FrancoLegal).
Registered with the Information Commissioner's Office (ICO) under reference ZC135640.
Data protection contact: operations@francolegal.co.uk.
2. Data collected
We only collect data necessary for service execution:
For quote or contact requests: name, surname, email, phone (optional), description of your need.
For service execution: ID document, proof of address, original documents to be processed, banking details (for invoicing).
For website browsing: IP address, browser type, pages visited (via analytics cookies with your consent).
3. Processing purposes
Your data is used exclusively to:
Respond to your quote or contact request.
Execute the service you've entrusted to us (apostille, Will, LPA, etc.).
Issue your invoice and maintain accounting in accordance with legal obligations.
Keep you informed of your case progress.
Improve our website quality (anonymised analytics).
We never use your data for third-party marketing.
4. Legal bases
We process your data on the following legal bases (UK GDPR Art. 6):
Contract performance: processing necessary for executing your service request.
Legal obligation: retention of invoices and accounting records for 6 years (HMRC obligation).
Legitimate interest: improving our website and preventing fraud.
Consent: newsletter (only if you explicitly request) and analytics cookies.
5. Retention period
Active client data: throughout the commercial relationship.
Closed client data: 6 years after case closure (HMRC accounting obligation).
Prospect data without follow-up: 18 months after last contact, then deletion.
Analytics cookies: 13 months maximum.
6. Data sharing
Your data is shared only with third parties strictly necessary for service execution:
FCDO and foreign embassies for apostille and legalisation.
Office of the Public Guardian for LPA registration.
Partner notaries for notarisations.
Certified translators for translations.
Carriers (Royal Mail, DHL) for secure shipments.
Stripe (United States) for payment processing.
Our certified accountant for tax obligations.
All our subcontractors are bound by contractual confidentiality and UK GDPR commitments.
7. Transfers outside the UK
Some international transfers occur (e.g., Stripe payments to the US, or processing your file with a non-EU embassy). These transfers are framed by UK GDPR Standard Contractual Clauses or applicable adequacy decisions.
Our back-office team in Madagascar (Antananarivo) handles standardised operational tasks under strict confidentiality contract, compliant with UK GDPR.
8. Your rights
Under UK GDPR, you have the following rights regarding your data:
Right of access: obtain a copy of the data we hold about you.
Right of rectification: correct inaccurate data.
Right to erasure: request deletion (subject to legal retention obligations).
Right to restriction: request processing limitation.
Right to portability: receive your data in a structured format.
Right to object: object to certain processing.
Right to withdraw consent at any time.
To exercise these rights: email operations@francolegal.co.uk. Response within 30 days.
9. Complaint
If you believe your data isn't processed lawfully, you can lodge a complaint with the Information Commissioner's Office (ICO) in the UK: ico.org.uk.
10. Security
We implement technical and organisational measures to protect your data: transmission encryption (HTTPS), restricted access to authorised personnel, secure archiving, regular team training.
No internet transmission is fully secure. We cannot guarantee absolute security but commit to applying best practices.
11. Policy updates
This policy may be updated. The last update date is shown at the top. For substantial changes, we'll notify you by email if you're an active client.