Professional, Experienced, Helpful & Approachable

 Privacy and Cookies Policy 

Masson Cairns Limited is a law firm regulated by The Law Society of Scotland. We are committed to being a responsible custodian of the information you provide to us and the information we collect in the course of operating our business and providing legal services.

This Notice sets out how Masson Cairns Limited may collect, use and share any personal information and describes:

• Principals of Data Protection
• What information we collect about you?
• Our responsibilities to you?
• How we may use and share the information we collect
• Legal grounds for using personal information
• The measurements we have in place to protect and safely store the information we collect
• Retention of the information we collect
• Your choices and rights in respect of the information we hold
• How to contact us
• Cookies
• Changes to our privacy policy

Principals of Data Protection

The firm has adopted the following principals to govern our use, collection and disclosure of personal data.

The firm’s core principals provide that personal date must:

• Be processed fairly and lawfully and with valid and informed consent
• Be obtained for specific and lawful purposes;
• Be kept accurate and up to date;
• Be adequate, relevant and not excessive in relation to the purpose for which it is used;
• Not be kept for longer than is necessary for the purposes for which it is used;
• Be kept secure to prevent unauthorised processing and accidental loss, damage or destruction; and
• Not be transferred to any subsidiary or service provider appointed by the firm where these core principals cannot be met.

What information do we collect about you?

We collect your personal data when you provide it to us.

Personal data is information which relates to an individual and from which he or she can be identified either directly or indirectly through other data which the firm as or is likely to have in its possession. These individuals can sometimes be referred to as data subjects.

We may also collect other information that you voluntarily provide to us, including when you communicate with us via email, post, telephone or other channels; and when you respond to our communications or requests for information.

We collect information about you when you sign up for or request that we send you alerts, or other legal or marketing materials; and when you sign up for an event. We also collect information when you voluntarily complete an enquiry form on our website. Website usage information is collected using cookies.

We may receive information about you from other sources, including third parties and publicly available information that helps us to update, expand, and analyse our records; identify new customers; or prevent or detect fraud. We may also receive information about you from social media platforms, including but not limited to, when you interact with us on those platforms or access our social media content. Please note that the information we may receive from those third-party sites is governed by the privacy settings, policies, and/or procedures of the applicable platform, and we strongly encourage you to review them before submitting any information to them.

What are our responsibilities to you?

Masson Cairns Limited is registered as a data controller with the Information Commissioner’s Office (registration number ZA147999).

The firm is the data controller of personal data we process and is responsible for ensuring our systems, processes, people and suppliers comply with data protection laws in relation to the information we handle.

All of our people must abide by this Notice when handling personal data and must take part in any required data protection training. Any breach will be taken seriously and may result in disciplinary action.

We have a data protection leader who oversees our compliance with data protection laws and this Notice and provides guidance and advice to the firm and our people as required. Our data protection leader will be responsible for reporting any failures to comply with the data protection legislation.

How we may use and share the information we collect

We may use the information we collect:

• To respond to your queries
• To provide you with legal and other services that you request;
• To send you alerts and other legal updates, marketing communication and other information or materials that may be of interest to you or which you have expressed an interest in receiving;
• To maintain our list of contacts;
• For the firm’s business purposes, including improving the provision of our legal services, data analysis; submitting invoices; detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement;
• To assess the effectiveness of our events, promotional campaigns and publications; and

• As we believe reasonably necessary or appropriate to: comply with our legal obligations or requests for information issued by government authorities or other third parties; or protect your, our, or others’ rights.

How we may share information we collect:

We do not sell, rent or otherwise share any information with unaffiliated entities except as expressly described in this Notice, or with your prior permission. We may share anonymised information that does not reasonably identify you or your organisation only as permitted by applicable law.

We may also share information we collect with:

• Our people, but their use shall be limited to the performance of their duties and in line with the reason for processing. Our employees are required to keep that information confidential and are not permitted to use it for any purpose other than to provide legal services, to deal with requests which are submitted to us for the purposes of facilitating our use of that information in accordance with this Notice.
• Third-party service providers engaged by us to perform services on our behalf, such as web-hosting companies, information, technology providers, analytics providers, marking and communications services and event hosting services.
• Law enforcement, courts or tribunals, other government authorities, or third parties (within or outside the jurisdiction in which you reside) as may be permitted or required by the laws of any jurisdiction that may apply to us; as provided for under contract; or as we deem reasonably necessary to provide our legal services. In these circumstances, we take reasonable efforts to notify you before we disclose information that may reasonably identify you or your organisation, unless giving prior notice is prohibited by applicable law or is not possible or reasonable in the circumstances
• Service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a transaction in which we are acquired by or merged or amalgamated with another company or we sell, liquidate, or transfer all or a portion of our assets.

Legal grounds for using personal information

We rely on the following legal ground to process personal information, namely:

Consent: we may use personal information as described in this Notice, and as detailed in our Terms of Business, subject to your consent. To withdraw your consent to such use, you may unsubscribe at any time by emailing:

Performance of a contract: we may need to collect and use personal information to enter into a contract with you or to perform a contract that you have entered into with us. For example, when you engage Masson Cairns Limited to provide legal services we will use your personal information to respond to provide you with such services.

Legal obligation: we may need to collect and use personal information to comply with legal obligations to which the firm is subject. This includes undertaking client due diligence and background checks as well as all other anti-money laundering or other legal obligations.

Legitimate interests: we may use your personal information for our legitimate interests to provide legal services and to improve our services. Consistent with our legitimate interests to and consent that may be required; we may use personal information for our marketing purposes and other technical information as described in this Notice.

The measures we have in place to protect and safely store the information we collect:

Information security is a key element of data protection. The firm takes appropriate measures to secure personal data and protect it from loss or unauthorised disclosure or damage. However, no information system can be 100% secure. So, we cannot guarantee the absolute security of your information. We are not responsible for the security of information you transmit to us over networks that we do not control, including the Internet and wireless networks.

We use a small number of suppliers in connection with the operation of our business and they may have access to the personal data we process. For example, an IT supplier may see our personal data when providing software or support, or a company which we use for a marketing campaign may process contacts’ personal data for us. When contracting with suppliers and/or service providers, the firm takes appropriate steps to ensure that there is adequate protection in place and that the principals are adhered to.

Retention of information we collect

We retain the information we collect for no longer than is reasonably necessary to fulfil the purposes for which we collect the information and to comply with our legal obligations.

Following completion of the legal services provided by us, we will either retain the file and working papers or store these records digitally. The Law Society of Scotland provides guidance on when these files and papers may be destroyed or deleted from storage. That guidance varies according to the type of work being carried out. We shall retain files, papers and/or records in accordance with that guidance. You can find out more about the Law Society’s guidance by visiting

Where personal data is retained for the purposes of sharing promotional material, and you no longer want to be contacted by us, you may unsubscribe at any time by emailing

Your choices and rights in respect of the information we hold

Personal data must be processed in line with individuals’ rights, including the right to:

• Request a copy of their personal data;
• Requests that their inaccurate personal data is corrected;
• Request that their personal data is deleted and destroyed when causing damage or distress; and
• Opt out of receiving communications (including electronic) from the firm.

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at:

Katie Dollman
Data Protection Leader
Masson Cairns Limited
Strathspey House
Grantown on Spey
PH26 3EQ

When marking your request please provide:

• Your full name and address
• Details of the information you want. Please be as specific as possible, and if it is not obvious, it would be helpful if you could explain why you expect us to hold your personal information.

We may also ask you to provide further information in certain circumstances including to clarify the terms of your request or to confirm your identity.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.


Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

We do not use cookies for any other reason and do not store any personal information during or after your use of our website for any reason other than to collect standard internet log information and visitor behaviour information.

You can adjust the setting in your web browser not to accept cookies. If you’ve visited our website before, there may be previously set cookies on your computer. Visit or to find out how to remove cookies from your browser. In a few cases, some of our website features may not function as a result.

You can also opt out of being tracked by Google Analytics across all websites by installing Google’s opt-out browser add-on.

Our website may contain links to other websites. This privacy policy only applies to this website. When you link to other websites you should read their own private policies.

How to contact us

If you have any queries concerning your personal data or any questions on our use of that information, please contact our data protection leader, Katie Dollman by email or at the address above.

Changes to this Privacy Notice

We keep this Notice under regular review and will notify you by posting notice of the changes in a clear and conspicuous manner on our website

More information

Detailed information about your rights under Data Protection Legislation can be found on the website of the United Kingdom Information Commissioner, the address of which is (as at the date of this policy)