Paul Norton & Co. – Privacy Policy

We take the security of your personal information very seriously. We are committed to protecting the privacy and identity of the visitors to this website. Our privacy policy sets out how we use the personal information we collect from you through our website. We will at all times seek to comply with our obligations under the Data Protection Act 1998.

Collecting Your Information

You can view most pages on this website without giving us your personal information. However, you may choose to give your personal information, for instance by completing an enquiry form, or asking a question. By submitting your personal information, you consent to our use of the information as set out in this privacy policy below.

Using Your Information

We may need to disclose your information to our agents and service providers for the purpose or purposes of processing your case. Email addresses will not be provided to a third party unless they are related to your case or the processing of your case. We do not sell our client email addresses under any circumstances either at the time of your case or once your case/transaction has been completed. At a future date we may send you information by e-mail about services that we offer and which we think will be of interest to you. You have a right at any time to stop us from contacting you or giving your details to others for these marketing purposes. Please e-mail us if you wish us to stop.

Users should be aware that in the event that we take payment over the telephone by way of card payments we retain no information relating to clients’ card details.


We have a duty always to keep information about you confidential. However in some cases were may need to allow outside organisations to have access to your files such as our professional regulator the Solicitors Regulation Authority or the Legal Ombudsman. Further if there is a bank or lender providing funding for your case then they may also require access.

Money Laundering

We have a duty to comply with the Money Laundering Act and Regulations 2007 and associated legislation (such as The Proceeds of Crime Act 2002 (as amended by the Crime and Courts Act 2013 and the Serious Crime Act 2015, The Terrorism Act 2000 (as amended by the Anti-Terrorism, Crime and Security Act 2001, the Terrorism Act 2006 and the Proceeds of Crime Act 2002(Amendment) Regulations 2007 and GDPR 2016). In a case where you are sending us monies or funds we reserve the right not to proceed with a transaction should the funds arrive from a source that is different from one already notified until we can make any necessary investigations concerning where those monies have arrived from and who has sent them to us. If such transfers are questioned then monies sent in such way can delay your case unless you satisfy us about where the funds have been sent from or who sent them. In such cases were also reserve the right to stop acting. In cases where third parties pay monies to us we must have identification from that source so that we can know the source of the funds sent to us – for example a copy of their bank statement.

Cookies and IP logging

Cookies are small data files stored on your computer. When you access our website, the internet will store a session cookie on your computer for the duration of your visit to enable us to monitor overall website traffic; however, we do not use cookies to monitor your particular use of our website.

You may disable the use of cookies in your Internet browser to stop this happening.

When you visit our website, our server will automatically record your IP address and the time and duration of your visit.

How to Access your Information

Under the GDPR 2016, you are entitled to receive a copy of the personal information which we hold about you if you apply to us in writing at Paul Norton & Co, 158 Marsh Road, Luton, Bedfordshire LU3 2QL. We will be happy to comply with your request, although to safeguard your privacy we will only supply you with the information to which you are entitled, once you have supplied to us such information as would reasonably be required by us to satisfy ourselves as to your identity, or contact us. We charge a statutory fee under the GDPR 2016 to cover our expenses.