Website Privacy Policy

We are committed to handling personal data supplied to us fairly and securely and to protecting and respecting your privacy. By using this website, you acknowledge and accept this Privacy Policy.

RedTower Law Limited (3.11 World Trade Centre, Bayside Road, Gibraltar GX11 1AA, Company Number 116824) is a data controller under the Data Protection Act.

The Firm’s lead data protection supervisory authority is the Gibraltar Regulatory Authority (the GRA, We do not transfer data outside the European Economic Area. You have the right to make a complaint at any time to the GRA. We would always appreciate the chance to deal with any concerns before you approach the GRA, and we should be grateful if you would contact us in the first instance.

1. When you ask us for information, we may request and collect from you personal information and data about you, including data in relation to your identity, contact details, finances, transactions you have entered into, electronic technical data, electronic profile data, website usage data, marketing and communications data. We shall use this information/data in order primarily to perform our retainers (contract) with clients, including:

  • to process enquiries;
  • for the purposes for which the information was provided and to provide the advice, assistance and other services which we have been requested to provide;
  • to confirm or update information provided;
  • for any other purposes disclosed at or before the time the information is collected;
  • to update or notify about any changes to our services;
  • to provide information about other services we offer that are similar to those already used or enquired about, where we have been given consent to make contact for such purposes (subject to any person’s the right to ask us not to process personal data for this purpose at any time - please contact us to confirm this).

2. We may process and transfer any or all of this information to Agent Law Firms for the purpose of progressing claims; and also to any group company, which means our subsidiaries, our ultimate holding company and its subsidiaries (as defined in section 1159 of the UK Companies Act 2006); and also to other entities for the purposes of outsourcing one or more of the functions described in paragraph 1, as well as the storage and processing of that data by staff who work for us or for one of our outsourcers. This includes claims acceptance agents and other entities, who are not employed by the Firm, for the purposes of administrative and non-legal functions engaged in, among other things, the gathering and processing of claims and other personal information and the provision of ancillary and support services.

3. We may also disclose personal information to third parties:

  • in the event that we sell or buy any business or assets, in which case we will disclose personal data to the prospective seller or buyer of such business or assets;
  • if the Firm or substantially all of its assets are acquired by a third party, in which case personal data held by us about our clients will be one of the transferred assets;
  • if we are under a duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our engagement terms or other agreements; and
  • if we are under a duty to protect the rights, property or safety of the Firm, our clients or others (this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
4. Our policy is to retain complete files, including identification records, for a period of at least 6 years after completion of a business relationship to take account of the limitation periods for potential negligence actions.

5. We attempt to use all appropriate organisational and technical security measures to protect personal data against accidental or unlawful destruction, loss or alteration, and unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

6. The Data Protection Act gives any person the right to request access to data/information held by us about them; and also the right to request rectification or erasure of data, to object to and request the restriction of processing of data, and to data portability.

7. To help facilitate the use of our website, we may also collect and store information using "cookies” and other digital marker technologies, in order to monitor and improve our website and to collect information, such as which pages a visitor accesses. There is a box fixed to the bottom of our website, which allows users to choose whether to accept cookies on our website. Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit However, please note that if you choose to disable cookies, then parts of our website may not function correctly. To opt out of being tracked by Google Analytics across all websites, visit