Privacy Policy

We are committed to safeguarding your privacy and adhering to applicable data protection laws. This Privacy Notice provides critical information about us, how and why we collect, store, use, and disclose personal information, your rights regarding your personal information, and how to contact us and the Information Commissioner’s Office (ICO), the supervisory authority, if you have a complaint.

If you are reading this Privacy Notice on our website, www.mekongcitizen.org (our site), you should also review our Cookie policy, which describes how our site uses cookies.

Who we are

Mekong Citizen operates the website www.mekongcitizen.org. Mekong’ and ‘Mekong Solicitors’ are Mekong Citizen’s trading names. Mekong Citizen is an English limited liability partnership (registered number O232327). Griffin House, 12325 High Street, Crawley, West Sussex, RH11 1DQ is its registered office, and it is approved and regulated by the Solicitors Regulation Authority.

Mekong Citizen gathers, utilises, and is accountable for some personally identifiable information about you. When we do so, we are governed by the General Data Protection Regulation (GDPR) (EU) 2016/679, which is currently applicable throughout the European Union (including the United Kingdom), and the Data Protection Act 2018, and we are accountable as the ‘controller’ of that personal information under those laws.

The personal information we collect and use

We collect information about you.

We will or may collect and handle the following personal data about you in the course of delivering legal, planning, and/or other services:

You supplied the information.

  • Contact information, such as a person’s name, address, contact details (including a phone number and an email address), or personal data about other members of your organisation.
  • Information that enables us to provide you with a service or to register you for a seminar, webinar, or other event sponsored by us.
  • Information gathered through the completion of forms on our site. This includes information you submit when you subscribe to a newsletter, conduct a service search, or respond to a survey, as well as information you provide when you report a problem with our website.
  • Special categories of personal data, such as when you attend a seminar, webinar, or other event held by us in order to detect disability or dietary restrictions, or when you file a personal injury claim.

We acquired this information.

  • Information about you or your business that is publicly available (including through electronic sources).
  • Video surveillance of your visit to our offices.
  • When you visit our site, we collect the Internet protocol (IP) address used to connect your computer to the Internet, your browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and the Uniform Resource Locators (URL) clickstream to, through, and from our site (including date and time); the services you viewed or searched for; page response times, download errors, length of visits to certain pages, and page interaction information (such as
  • Other technical information, such as data from cookies and other similar technologies, collected when you visit our site. If you are reading this privacy notice online, more information about our cookie policy is available.

How do we collect your personal data?

We may gather personal data about you or your organisation in a variety of ways, including the following:

  • When you contact us for legal or planning advice or services;
  • When you or your organisation makes an offer to provide us with goods or services;
  • When you access, browse, submit an inquiry, or engage with our site in any other way; and
  • When you participate in a seminar, a webinar, or another type of event.

Information we receive from other sources

We may get personal data about you from others who communicate with us in connection with the services or events (which may include webinars, seminars, networking events, and so on) that we provide to you.

Accountants, financial advisers, business partners, and other professional advisors are just a few examples.

Additionally, we may collect your personal information from persons acting on your behalf with your agreement, such as attorneys-in-fact, executors, or trustees.

We may also get information about you from third parties, such as subcontractors in technical, payment, and delivery services, analytics providers, search information providers, and credit reference agencies, due to our close collaboration with them.

Personal data about other people which you provide to us

If you supply us with personal data about another person, you must guarantee that you have the authority to submit that data to us and that, without our verifying this, we may collect, use, and disclose such data as specified in this Privacy Notice.

It is your obligation to make this Privacy Notice available to the individual affected.

How we utilise your personally identifiable information in the course of providing our services

We use the following methods to process your personal information:

  • To fulfil our contractual commitments to you and to provide you with the information and services you request from us;
  • To adhere to our legal and regulatory responsibilities;
  • To analyse and improve our services and communications with you, as well as to notify you of any service changes;
  • To safeguard the security of and manage access to our facilities, information technology and communication systems, online platforms, the site, and other systems, proactively preventing and detecting security risks, fraud, and other criminal or harmful activity;
  • For the purpose of insurance;
  • For the purpose of monitoring and evaluating adherence to our rules and standards;
  • For the purpose of investigating and resolving existing or potential claims and complaints brought against us;
  • To abide by court orders and to assert and/or defend our legal rights;
  • To guarantee that material from our site is shown to you and your computer in the most effective manner possible;
  • To operate our site and conduct internal operations, such as troubleshooting, data analysis, testing, research, statistics, and survey purposes, and to enhance our site in order to guarantee that content is delivered to you and your computer in the most effective manner possible;
  • To enable you to take part in interactive parts of our service if you so want;
  • To tell you of further services we provide that are comparable to those we have already supplied to you or about which you have inquired;
  • To provide you with information about goods or services that we believe may be of interest to you, or to let chosen third parties to do so. If you are a current client, we will only contact you electronically (by email, and other instant messenger) with information on comparable products and services to those covered by a prior or potential instruction. If you are a new client and we allow chosen third parties to access your data, we (or they) will contact you electronically only with your approval. If you do not want us to use your data in this manner or to share it with third parties for marketing reasons, please indicate this by checking the relevant box on the form on which we collect your data, if one is available, or by emailing [email protected];
  • For any other reason for which your personal data was supplied to us that is linked and/or supplementary to any of the above or any other purpose for which your personal data was submitted to us.

In the remainder of this Privacy Notice, we will refer to the above as the Services.

How we use Information we receive from other sources.

This information may be combined with information you provide to us and information we gather about you. We may use this information alone or in combination with other information to provide the Services.

Who we share your personal information with

We may share your personal information with other Mekong Citizen organisations located in the United Kingdom, including MC Corporation Limited (Company number 0245324937), which acts as a processor and controller, and MC Service Company Limited (Company number 012423), which acts as a processor.

Additionally, we may share and/or disclose your information with carefully chosen third parties, including the following:

  • Business partners, professional advisers, suppliers, and subcontractors for the purpose of performing any contract entered into with them or you;
  • Barristers, mediators, arbitrators (or other legal specialists), experts, consultants, or any other professional who may be involved in your situation;
  • Foreign law firms (based in the EEA and other countries) for the purpose of obtaining foreign legal advice;
  • Service providers acting as processors who are based in the EEA and provide us with information technology and system administration services;
  • Any law enforcement agency, court, regulator, government entity (including HM Revenue & Customs), or other third party, if we think that doing so is essential to comply with a regulatory duty or to defend our or a third party’s rights;
  • The Solicitors Regulation Authority, as well as other industry regulators including the Legal Ombudsman;
  • Collaborating with business partners and professional advisers to co-host seminars, webinars, networking events, and other activities;
  • Our insurers and any legal providers that our insurers appoint;
  • Analytics and search engine optimization companies that aid us in improving and optimising our site; and
  • Quality assurance organisations such as Lexcel.
  • Credit reference agencies for the purpose of determining your credit score when entering into a contract with you or for the purpose of confirming your identity and address.
  • On a confidential basis, to business development consultants in order to get feedback on the firm’s services;
  • If we sell or acquire a business or asset, we may disclose your personal information to the prospective seller or buyer.
  • If Mekong Citizen or substantially all of its assets is bought by a third party, personal data regarding its clients will be transmitted as part of the transaction.
  • To enforce or implement our website’s terms of service (available here if reading this online website terms of service) and other agreements; or to defend Mekong Citizen’s, our clients’, or others’ rights, property, or safety. This may involve exchanging information with other businesses and organisations for the goal of preventing fraud and reducing credit risk.

We expect all third parties to safeguard your personal data and to treat it lawfully. We do not let our third-party service providers to use your personal data for their own purposes and only allow them to treat your personal data in line with our instructions and for stated reasons.

Whether information has to be provided by you, and if so why

You may be needed to furnish us with some personal data in order for us to perform the Services.

For instance, we may require personal data in order to carry out your orders and adhere to our regulatory requirements.

At the time we collect information from you, we will advise you whether you are obligated to disclose the information to us.

If you are unable to supply us with the necessary personal data, we may be unable to deliver the Services to you.

How long your personal information will be kept

We will preserve your personal data for as long as required to fulfil the purposes for which it was acquired, including to comply with any legal, accounting, or reporting obligations, including the investigation of any legal claims made against us.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether those purposes can be accomplished through alternative means, and applicable legal requirements. Kindly contact us if you want any information about our retention policy.

Justifications for collecting and using your personal information

We shall treat your personal data in accordance with one or more of the following legal justifications:

  • Where we are required to fulfil a contract with you that we are planning to engage into or have already entered into to provide you with the Services.
  • When necessary to protect our legitimate interests (or those of a third party). A genuine interest exists when we (or a third party) have a business or commercial justification to use your information, provided that this interest is not superseded by your own rights and interests.
  • Where we are required to adhere to a legal or regulatory requirement.
  • Where we rely on your consent – for example, when you consent to us sending you information about our seminars, webinars, or other events, or when you consent to us sharing your information with chosen third parties.

When we handle criminal data, such as information on criminal convictions and crimes, we do so on one or more of the following grounds and under the authority of the United Kingdom’s laws or under the control of an official authority.

We will process special categories of personal data (racial or ethnic origin, political views, religious or philosophical beliefs, trade union membership, physical or mental health or condition, sexual life or sexual orientation, genetic data or biometric data) only with your explicit consent or as a result of our compliance with mandatory regulatory checks, such as anti-money laundering compliance.

If you require any further information on the legal basis on which we treat your personal data, please contact our Data Protection Officer, whose contact information is provided below.

Transfer of your personal data beyond the EEA

We may transmit and keep the data we gather from and about you to a destination outside the European Economic Area (“EEA”). This may include nations that do not adhere to the same degree of data protection as the EEA’s data protection rules. We shall ensure that any such overseas transfers are subject to the proper or adequate protections needed by the GDPR or other applicable legislation.

We shall require any agents, consultants, and subcontractors, as well as anyone else located outside the EEA who receives your personal data, to adhere to a same degree of data protection. We shall comply with applicable data protection laws and implement suitable procedures to ensure the security and integrity of your personal data in the process.

You may contact us at any time using the contact information provided below if you require further information on such measures.

Your GDPR rights

You have a number of significant rights under the GDPR, subject to specific limitations. In summary, these include the following:

1. Make a request for access to your personal data that we hold on you (sometimes referred to as a Data Subject Access Request);

2. Request that we rectify any inaccurate personal information we may have on you;

3. Require us to delete personal data we hold on you if there is no legal basis for us to continue processing or retaining it;

4. Restriction of our handling of your personal data;

5. Receive the personal data you’ve submitted in a structured, generally used, and machine-readable format. Additionally, you have the right to request that we transmit your personal data to another organisation;

6. Oppose to our use of your personal data (including for the purpose of sending you marketing materials);

7. Withdraw your consent for us to use your personal data if we are depending on it; and

8. Not to be subjected to a decision primarily based on automated processing (including profiling) that has legal consequences for you or has a similarly material effect on you.

For further information on each of those rights, including the conditions under which they apply, read the UK Information Commissioner’s Office’s (ICO) Guidance on Individuals’ Rights under the General Data Protection Regulation.

To exercise any of those rights, please contact our Data Protection Officer at the following address:

Mekong Citizen, 6 Hope Street, Dauntsey Lock, England

Email: [email protected]

To complete your request, you must give the following information:

  • Adequate information to enable you to be identified, such as your name, address, and contact information;
  • Identification and proof of address (a copy of your driver’s licence or passport, as well as a current utility or credit card statement);
  • A sufficiently detailed explanation of your request in relation to the aforementioned rights.

If you wish to unsubscribe from any electronic marketing information that may have been provided to you, you may do so by clicking on the ‘unsubscribe’ button located at the bottom of all our marketing materials, or by clicking here if you are reading this Privacy Notice online.

Please keep in mind that this process may take up to 28 days.

Maintaining the security of your personal information

We have implemented necessary security measures to guard against the accidental loss, misuse, or unauthorised access to personal information. We restrict access to your personal information to those who require it for legitimate business purposes. Those that process your information will do so in an authorised manner and are bound by a confidentiality obligation.

Additionally, we have mechanisms in place to address any suspicious breach of data security. We will inform you or any applicable regulators if we are legally compelled to do so in the event of a suspected data security breach.

How to lodge a complaint

We hope that our Data Protection Officer will be able to address any concerns or questions you may have regarding how we utilise your information.

Additionally, the GDPR grants you the right to make a complaint with a supervisory body, most notably in the European Union (or European Economic Area) state in which you work, ordinarily reside, or where any alleged data privacy law violation happened. In the United Kingdom, the supervisory authority is the Information Commissioner, who may be contacted via the website https://ico.org.uk/make-a-complaint/, by telephone at 877 554 332, or by mail at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK22AF.

Changes to this Privacy Notice

This Privacy Notice was first published in May 2018 and was last updated on May 1, 2021. We may update this Privacy Notice from time to time to reflect changes in the way we treat your personal data and to ensure compliance with applicable laws. Any changes to the Privacy Notice will be posted on our website and will take effect immediately upon publication.

Contact information

If you have any queries concerning this Privacy Notice or the information we have about you, please contact our Data Protection Officer using the contact provided above.

If you require a copy of this Privacy Notice in a different format, such as large print or Braille, please contact us using the information above.