Free Traffic Legal Advice

Subject: Response to your Letter of Claim – Ref: [reference number]

Dear Sirs,

Your Letter Before Claim contains insufficient detail of the claim and fails to provide copies of the evidence your client intends to rely upon. It is therefore non‑compliant with the Pre‑Action Protocol for Debt Claims (PAPDC). As a supposed firm of solicitors, one would expect you to comply with paragraphs 3.1(a)–(d), 5.1 and 5.2 of the Protocol, and paragraphs 6(a) and 6(c) of the Practice Direction. These provisions exist to facilitate informed, proportionate resolution, and I suggest you reacquaint yourselves with them.

The Civil Procedure Rules 1998, Pre‑Action Conduct and Protocols (Part 3), require each party to exchange sufficient information to understand the other’s position. Part 6 clarifies that this includes disclosure of key documents relevant to the issues in dispute. Your template letter refers to a “contract” yet encloses none. That omission undermines the very basis upon which your client’s claim allegedly rests. It is not possible to engage in any form of meaningful pre‑litigation dialogue while you refuse to furnish the documents you purport to enforce.

I confirm that, once I am in receipt of a Letter Before Claim that complies with paragraph 3.1(a), I shall seek advice and submit a full response within 30 days. Accordingly, please now provide:

1. A copy of the original Notice to Keeper and the full notice chain relied upon to assert any alleged PoFA 2012 liability.
2. An actual photograph of the sign(s) in situ on the material date (not stock images), together with a contemporaneous site map showing sign locations.
3. The precise wording of the contractual term(s) your client alleges were breached.
4. The written agreement between your client and the landowner evidencing authority to manage, enforce and litigate in their own name.
5. A clear breakdown of the sums claimed, identifying whether the principal amount is alleged consideration or damages, and clarifying the legal basis and VAT position of the £70 add‑on.

These documents are required under paragraphs 6(a) and 6(c) of the Practice Direction to enable me to meet my obligation under paragraph 6(b).

Your letter’s attempt at intimidation

I also note that your accompanying schedule manages to refer to a “CCJ” four times, in what is clearly intended as a coercive device rather than legitimate legal information. The repetition is telling: it demonstrates not confidence in your client’s position, but reliance on fear as a substitute for substance.

To be clear: I am fully aware that a County Court Judgment only arises after your client wins a claim (which is unlikely on the facts), and even then, any judgment paid within one calendar month is removed from the register and has no impact on credit. Your overuse of the term “CCJ” is therefore not only pointless but improper.

Your firm is on notice that this conduct will now be reported to:

• the Solicitors Regulation Authority, for use of misleading and oppressive tactics contrary to the SRA Code of Conduct; and
• the Competition and Markets Authority, under the Digital Markets, Competition and Consumers Act 2024, given the statutory prohibition on coercive and misleading commercial practices.

If you proceed to issue a claim without first providing the documents and information required under the PAPDC and Pre‑Action Conduct, I will draw your non‑compliance to the Court’s attention and seek appropriate sanctions, including a stay and case‑management orders pursuant to paragraph 15(b) of the Practice Direction. Any unreasonable conduct by you or your client will be relied upon in support of an application for costs.

For the avoidance of doubt, I will not engage with any web portal. I will respond only via email or post.

Yours faithfully,

[Your Name]

Subject: Formal Data Protection Complaint – Non-Functional DPO Contact, Obstruction of Rights, and Intentional Misrepresentation

To: Data Protection Officer, Moorside Legal Services Limited help@moorsidelegal.co.uk
Cc: Data Protection Officer, APN Group dpo@apn.co.uk; enquiries@apn.co.uk; [your own email address]

Dear Data Protection Officer,

I am writing to you in your statutory capacity under the UK GDPR and the Data Protection Act 2018, in relation to Moorside Legal Services Limited and the wider APN Group.

Moorside Legal’s own Privacy Notice (updated December 2023) states in the “How to contact us” section that, if I wish to exercise any of my data subject rights or have questions about the notice, I should contact you by:

“Emailing our appointed Data Protection Officer at help@moorsidelegal.co.uk (subject heading: Data Subject Rights – Your Name); or writing to us at Ground Floor Jade Building, Albion Mills, Albion Road, Greengates, BD10 9TQ (attention of: Data Protection Officer).”

Relying on that representation, I sent a detailed email to help@moorsidelegal.co.uk in response to a Letter Before Claim. That email contained personal data and included objections and restrictions to processing, making it plainly a data subject communication within the meaning of Articles 12 and 21 UK GDPR.

A few days later, instead of any meaningful response, I received a boilerplate email from Moorside Legal stating that the mailbox is “not monitored” and instructing me to use an online portal. This was not an automatic server rejection. It was a template reply that somebody at Moorside Legal manually sent days after the original email. In other words, a human has clearly accessed my message, decided not to engage with its content, and then sent a stock response asserting that the very address your Privacy Notice designates for DPO contact is “not monitored”.

Those facts speak for themselves. Either:

1. The help@moorsidelegal.co.uk mailbox is in fact monitored by staff who read and action messages, in which case the claim that it is “not monitored” is knowingly false and is being used to deter data subjects from exercising their rights; or

2. The help@moorsidelegal.co.uk mailbox is genuinely not monitored for DPO and data subject purposes, in which case your Privacy Notice is materially inaccurate and misleading because it holds out that address as the primary route for contacting the DPO and exercising rights.

In both scenarios your current conduct appears to be incompatible with:

– Article 5(1)(a) UK GDPR (lawfulness, fairness, transparency).
– Article 12 UK GDPR (duty to facilitate the exercise of rights and to avoid undue obstacles).
– Articles 13, 14 and 37(7) UK GDPR (duty to provide accurate contact details and to enable data subjects to contact the DPO easily).

Your own Privacy Notice also states that you process emails as part of “Records of your contact with us” and that you may share information with “email service providers for the purpose of responding to you once you have consented by email”. It is therefore not open to you to pretend that emails sent to your published DPO address somehow fall outside your responsibilities, or that you can simply ignore them and direct people to a payment portal instead.

From a technical standpoint, the position is straightforward. I have independently checked your domain configuration. The addresses help@moorsidelegal.co.uk and litigation@moorsidelegal.co.uk are both reported as a catch-all on a Barracuda hosted system, with MX record d238565.a.ess.uk.barracudanetworks.com and a stable corporate domain that has been in use for well over two years. A catch-all configuration means your server will accept mail for any address at moorsidelegal.co.uk and return a 250 OK SMTP status even if no specific mailbox exists, in order to mask mailbox validity.

That behaviour may frustrate external verification, but it does not alter the key fact that once your server has accepted a message at SMTP level with a 250 OK success code, delivery into your system is complete. What you choose to do internally with that message, including routing it to staff who then take the time to send a boilerplate “mailbox not monitored, use the portal” reply, does not change the fact that you are in possession of the personal data, you are the controller responsible for handling it lawfully, fairly and transparently, and you must not operate a dummy or dead-end address in your privacy notice for the DPO while instructing staff to fob people off with an untrue “not monitored” line.

Requiring individuals to use a payment-oriented portal as the only practical route of communication, while simultaneously publishing a DPO email address that generates a dead-end reply, is not facilitating data subject rights. It is obstructing them.

In addition, Moorside Legal’s Privacy Notice expressly states that Moorside Legal Services Limited “is part of the APN Group”. APN Group’s own privacy policy designates dpo@apn.co.uk as the group DPO contact. The APN Group DPO therefore has a clear responsibility to ensure that group entities, including Moorside Legal, provide functional, accurate and accessible DPO contact details and do not operate sham contact channels that frustrate the exercise of rights.

For the avoidance of doubt:

– My email to help@moorsidelegal.co.uk was sent in reliance on your Privacy Notice.
– It was accepted by your server, handled by your staff and responded to (albeit with a boilerplate obstruction).
– It therefore constitutes personal data in your possession, and you are obliged to treat it as a valid data subject communication and as formal pre-action correspondence under the Pre-Action Protocol for Debt Claims.

Accordingly, I now require, in writing:

1. A clear statement, without evasion, confirming whether the mailbox help@moorsidelegal.co.uk is in fact monitored for DPO and data subject communications. If it is monitored, you must explain why your staff are sending boilerplate messages claiming it is “not monitored”, and what immediate steps you will take to stop that misrepresentation. If it is not monitored, you must explain why you continue to publish it as the DPO contact address in your Privacy Notice and what immediate steps you will take to correct that and provide a functional DPO contact route.

2. Confirmation that my previous email (sent on [date]) has been retrieved, added to the relevant file and is being treated as a valid data subject communication (including an objection to processing and a request to restrict processing) and as formal correspondence in response to the Letter Before Claim. You must confirm the date on which this has been done.

3. Confirmation that you will, going forward, accept and process information-rights correspondence (including objections, restriction requests, erasure requests, rectification requests and complaints) sent to help@moorsidelegal.co.uk and to dpo@apn.co.uk, without insisting that I use a payment or “customer” portal.

4. Confirmation of the concrete changes you will make, and the timescale for implementation, to ensure that:

– All DPO and contact email addresses published in your privacy notices are accurate, functional and properly monitored; and
– No further “mailbox not monitored, use the portal” replies are sent in response to data subject communications sent in accordance with those notices.

Please treat this as a formal data protection complaint and as a data subject communication under Articles 12 and 21 UK GDPR. I require a full, substantive response within one calendar month.

If you fail to respond, or if you refuse to correct the disconnect between your published DPO contact details and your actual email handling practices, I will escalate this matter to:

– The Information Commissioner’s Office (ICO), with copies of your Privacy Notice and the boilerplate “mailbox not monitored – use the portal” reply, on the basis that your practices breach the requirements of transparency, fairness and facilitation of rights.
– The Solicitors Regulation Authority (SRA), in respect of Moorside Legal Services Limited, on the basis that obstructing written correspondence and data subject rights in favour of a payment portal undermines access to redress and public confidence in the profession.
– The Competition and Markets Authority (CMA) under the Digital Markets, Competition and Consumers Act 2024 (DMCC) and the unfair commercial practices regime, on the basis that maintaining a non-functional DPO contact channel while funnelling all contact into a payment portal may amount to an unfair commercial practice and obstruction of consumer redress.

You are fully responsible for the configuration and monitoring of your email systems and for ensuring that all DPO and contact details published in your privacy notices are truthful, functional and compatible with your obligations under UK data protection and consumer protection law. This letter puts you expressly on notice of the issues and of my intention to escalate if they are not addressed.

I look forward to your prompt and substantive reply.

Yours faithfully,

[Your Name]
[Your Address]
[Relevant reference numbers]