With this Policy, according to Art. 13 of the General Data Protection Regulation (GDPR), we provide you with the necessary information in relation to the processing of your personal data, which we perform as data administrator within the meaning of Art. 4, para. 7 of the GDPR. When we collect personal data through the website, this is done in compliance with the principles of minimizing processed data, legality, transparency and security.
This Policy is intended to explain to you how we use the personal data, which we collect about users of our website, the purpose for its collection and your respective rights. It does NOT apply and does not regulate the attorney-client relationship regarding to the personal data processing concerning providing legal services. In the event of a contractual relationship between us regarding the provision of legal services, we will provide you with additional information regarding the processing of your personal data.
What information do we collect?
We collect information about you when you choose to contact us by email, including through the contact form, by phone, or by fax.
To comply with the principle of data minimization, we would like to ask you to refrain – until the moment when we have a legal service contract, from providing us with documents containing personal data, especially regarding to documents containing special categories of personal data (e.g. personal data revealing racial or ethnic origin, political views, religious or philosophical beliefs or membership in trade union).
For what purpose and for how long do we store your personal data?
We store your personal data solely for the purpose of providing you with the services mentioned above and only for the period necessary for it, namely:
- for the information sent by e-mail: 12 months;
- for the information shared over the phone: the calls are not recorded, therefore the information is not saved;
- the information sent by fax: until we respond to your request.
Upon expiry of the specified storage periods, your personal data will be destroyed.
The above data are only processed by the Law Firm through its associate attorneys, other associate attorneys, as well as by law firm employees who have administrative functions that have committed to confidentiality and are not provided to third parties.
We may also need to provide this personal data to the courts, prosecutors, administrative and other governmental bodys, insofar as is necessary to protect ourselves in disputes over our existing relationships.
We will process your personal data using Microsoft’s Office 365 cloud service, which has been designed to meet the requirements of the GDPR (https://privacy.microsoft.com/en-US/).
On what basis do we process your data?
We process your personal data according to Art. 6, para. 1, it. “B” of GDPR according to which processing is necessary for the performance of a contract to which the data subject is a party, or for taking steps at the request of the data subject before the conclusion of the contract. When you contact us by e-mail, including through the contact form, by telephone or fax, you are contacting us to obtain information about our services and to advise you on any questions you may have.
How do we protect your rights?
We only process your personal data in accordance with the above purposes and deadlines. When we collect personal data, we do it in a minimal amount and only for clearly and in advanced defined purposes and storage periods.
What are your rights?
In the capacity of data subject, you have the following rights under the GDPR:
- Right of access: This right enables you to receive up-to-date information on any of the issues discussed in this Policy, as well as a copy of your personal data that is being processed;
- Right of Correction: This right enables you to request us to correct inaccurate personal data relating to you without undue delay.
- Right of erasure (right to be “forgotten”): This right enables you to want to erase your personal data if the relevant grounds exist, specified in the GDPR, namely:
- personal data are no longer required for the purposes for which they were collected or otherwise processed;
- the personal data have been illegally processed;
- personal data must be erased in order to comply with a legal obligation under EU or national law that is applicable to the administrator.
This right is not available if the processing is necessary for the pursuit of a right or performance of an obligation that applies to the administrator under the GDPR or the applicable law.
- Right to restrict processing: This right enables you to want to restrict the processing of personal data, if the relevant grounds exist, specified in the GDPR, namely:
- the accuracy of the personal data is contested by the individual for a period allowing the administrator to verify the accuracy of the personal data;
- the processing is unlawful, but the individual does not wish to have the personal data erased, but instead requires a restriction on their use;
- the administrator no longer needs the personal data for the purposes of processing, but the individual requires them to establish, pursue or defend legal claims;
- Data Transfer Right: This right enables you to receive personal data that concerns you and which you have provided to us in a structured, widely used and machine readable format and to transfer this data to another administrator or we could transfer it to this other administrator by your wish, if the processing is done in an automated manner and this is technically feasible.
If you would like to pursuit any of your rights described above, please contact us at firstname.lastname@example.org.
Upon such request, you may need to provide us with information confirming your identity. This requirement is part of our data protection measures and aims to guarantee that personal information is not provided to a person who is not entitled to receive it.
You will receive a response to your contact details within one month of receiving the request. If necessary, this period may be extended by another two months in view of the complexity and number of requests, for this you will be notified by indicating the reasons for the delay.
The information will be provided to you free of charge. If your requests are manifestly unfounded or excessive, in particularly because of its repetitive nature, we will be forced to refuse to take action on your request.
- Right to complain to the Commission for Personal Data Protection: According to Art. 77 of the GDPR, you have the right to file a complaint with the supervisory authority, the Personal Data Protection Commission, if you think that we are processing your personal data incorrectly. Nevertheless, we invite you, if you find any irregularities in the processing of your personal data, please contact us first by e-mail: email@example.com.
What would be the consequences if you do not provide us with your personal data?
If you do not provide us with your personal data, we could practically not respond to your request.
If you have any questions about your personal information we process, you could contact us at the email above.
What are cookies and why are they needed?
A cookie is a small text file that is downloaded to an “end device” (such as a computer or smartphone) when a user accesses a website. It allows the website to function properly, to recognize the user’s device and to store some information about the user’s preferences or past actions (such as language selection, size, etc.) that are stored for a period of time, for not to filling information again. You should not register or provide personal information to browse on our website.
In order to control the cookies used on our website, you need to set up your browser. How to do this depends on the browser you use and its settings: For Google Chrome, click here, for Mozzila, click here, for Internet Explorer, click here. To learn more about cookies, we recommend you to visit aboutcookies.org as well as www.whatarecookies .com, www.cookiechoices.org.
By using the above method, you can control and / or delete cookies whenever you like. You can delete all cookies already stored on your computer, and you can set most browsers to block them in advance. However, if you do this, you may need to manually set some parameters each time you visit a website, also some services and functions may not work, incl. not to load our website.
What types of cookies do we use?
The information generated by cookies when using the website is transmitted to Google’s servers in the United States and stored there. Google uses this information on behalf of the Data administrator to analyze the use of the website, to compile reports on website activity, and to provide other similar services as well. The IP address provided by your browser for Google Analytics purposes will not be compared to other data held by Google. You can disable the use of these cookies through the appropriate settings on your browser. We would like to point out that this may make it impossible for you to use the full functionality of the website. You can also prevent cookie data (including your IP address) from being shared with Google by installing a browser plugin from this link: https://tools.google.com/dlpage/gaoptout?hl=en. For more information on how Google Analytics processes personal data, see Google’s personal data policy: https://support.google.com/analytics/answer/6004245?hl=en.