Privacy Policy
Last updated: 26 June 2026
Introduction
Who we are
BriefNet is the data controller for personal data processed through this platform. We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to services we offer to individuals in the European Economic Area (EEA).
Contact: admin@briefnet.co.uk
Key terms
It would be helpful to start by explaining some key terms used in this policy:
| We, us, our | BriefNet |
| UK GDPR | UK General Data Protection Regulation |
| Personal data | Any information relating to an identified or identifiable individual |
| Special category personal data | Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership; genetic and biometric data; data concerning health, sex life or sexual orientation |
Personal data we collect about you
| Personal data we will collect | Personal data we may collect depending on your use of the platform |
|---|---|
| Your name and work email address | Your work telephone number |
| Your role (e.g. solicitor, clerk) | Your SRA or BSB number |
| Your firm or chambers name | Details of instructions or tenders you submit |
| Usage and audit data (login events, IP address, browser type) |
This personal data is required to enable us to provide our services to you. If you do not provide the personal data we ask for, it may delay or prevent us from providing services to you.
How your personal data is collected
We collect most of this information from you directly when you register an account, complete forms, post instructions, submit tenders, or correspond with us by email.
However, we may also collect information:
- from publicly accessible sources, e.g. the Solicitors Regulation Authority or the Bar Standards Board, for verification purposes;
- via our website and platform — we use cookies and similar technologies (for more information on cookies, please see below);
- via our information technology (IT) systems, e.g. automated monitoring of our platform, access control systems, and communications systems.
How and why we use your personal data
Under data protection law (UK GDPR), we can only use your personal data if we have a proper reason for doing so, e.g.:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
| What we use your personal data for | Our reasons |
|---|---|
| To provide the BriefNet platform and matching services to you | For the performance of our contract with you or to take steps at your request before entering into a contract |
| Conducting checks to identify our users and verify their identity | To comply with our legal and regulatory obligations |
| To prevent fraud, abuse, and breaches of our Terms and Conditions | For our legitimate interests or those of a third party, i.e. to protect the integrity of the platform and our users |
| Operational reasons, such as improving efficiency, training and quality control | For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you |
| Ensuring the confidentiality of commercially sensitive information | For our legitimate interests or those of a third party, i.e. to protect our intellectual property and other commercially valuable information |
| Preventing unauthorised access and modifications to systems | For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you |
| Updating and enhancing client records | For the performance of our contract with you or to take steps at your request before entering into a contract; for our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our clients about existing and new services |
| Marketing our services to existing and former clients | For our legitimate interests or those of a third party, i.e. to promote our business to existing and former clients |
| Statutory returns and regulatory reporting | To comply with our legal and regulatory obligations |
Marketing
We will use your personal data to send you updates (by email) about our services, including new features, promotions or changes to our terms. We have a legitimate interest in using your personal data for marketing purposes (see above). This means we do not usually need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.
You have the right to opt out of receiving marketing communications at any time by contacting us at admin@briefnet.co.uk or using the ‘unsubscribe’ link in any marketing email.
We will always treat your personal data with the utmost respect and will never sell or share it with other organisations for marketing purposes.
Who we share your personal data with
We routinely share personal data with:
- Other users of the platform — Counsel and chambers details are revealed to the instructing solicitor only upon confirmed selection. Solicitor details are shared with the relevant chambers when a tender is submitted or a selection is made.
- Sub-processors — We use carefully selected sub-processors for hosting, database services, and email delivery. All sub-processors are based in the UK or EEA and operate under appropriate data processing agreements.
- Regulators and authorities — We may share personal data with regulatory bodies, law enforcement agencies, or courts where required by law or to establish, exercise or defend legal claims.
- Professional advisers — We may share personal data with our legal, accounting, or insurance advisers where necessary.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes — they may only process it for specified purposes and in accordance with our instructions.
International transfers
We do not transfer your personal data outside the UK or EEA. All hosting, database, and email services are provided within the UK or EEA. If this changes in the future, we will ensure that appropriate safeguards are in place in accordance with UK GDPR requirements.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These measures include:
- Industry-standard transport encryption (TLS/SSL);
- Row-level access controls within our database;
- Secure password hashing;
- Regular security monitoring and breach detection;
- Limited access to personal data on a need-to-know basis.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Suspected security issues should be reported to admin@briefnet.co.uk.
Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including contact, identity, and transaction data) for six years after they cease being customers for tax and professional indemnity purposes.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your rights
Under data protection law (UK GDPR), you have rights including:
- Your right of access — You have the right to ask us for copies of your personal data.
- Your right to rectification — You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure — You have the right to ask us to erase your personal data in certain circumstances.
- Your right to restriction of processing — You have the right to ask us to restrict the processing of your personal data in certain circumstances.
- Your right to object to processing — You have the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability — You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
- Your right to withdraw consent — Where we are relying on consent to process your personal data, you may withdraw that consent at any time.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
To exercise any of these rights, please contact us at admin@briefnet.co.uk.
If you are not happy with how we have used your personal data, you can complain to the Information Commissioner's Office (ICO). The ICO's address is:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
Website: www.ico.org.uk
Cookies and similar technologies
We use cookies and similar tracking technologies to improve your experience on our platform, to understand how our platform is used, and to ensure security.
Cookies are small data files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and to provide information to the owners of the site.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this platform may become inaccessible or not function properly.
Links to other websites
This privacy policy does not cover any third-party websites that may be linked to from our platform. We encourage you to read the privacy policies on those websites.
Changes to this privacy policy
We may change this privacy policy from time to time. When we do, we will inform you by posting the updated policy on this page with a revised “Last updated” date. We encourage you to review this privacy policy periodically to stay informed about how we are protecting your personal data.
How to contact us
If you have any questions about this privacy policy or our data practices, please contact us at:
Email: admin@briefnet.co.uk
We will do our best to assist you and resolve any concerns you may have.