1. What is this privacy notice about?
"Personal data" (or "data" hereafter) refers to all information that can be associated with a particular person. In this privacy notice, we explain how we use personal data primarily within the framework of our business activities and in connection with our website. If you wish to receive more information about our data processing, please feel free to contact us (Section 2).
2. Who is responsible for processing your data?
The following entity is the "controller" for data processing under this privacy notice, i.e., the entity primarily responsible for data protection (also referred to as "we"):Dr. iur. Magda Streuli-YoussefSonnenrain 4P.O. BoxCH-8700 Küsnacht
If you have any questions about data protection, please feel free to contact us at:+41 43 222 35 email@example.com
You may provide us with personal data relating to other individuals (e.g., connected individuals, representatives, or represented individuals, participants in proceedings, etc.). In this case, we assume that this personal data is accurate and that you are allowed to provide us with it. Since we often have no direct contact with these individuals and are unable to inform them directly about our data processing, we ask you to inform these individuals about our personal data processing if possible (e.g., by pointing them to this privacy notice).
3. How do we process data in connection with our services?
If you retain us, or if you are in contact with us regarding a potential engagement, we process personal data to prepare and execute our engagement:
- If you contact us regarding a potential engagement, we collect and use data, for instance when you provide us with instructions, documents and other information. This primarily concerns personal data that you disclose to us, e.g., your name and contact details, information about the subject of a potential engagement and other elements, related documents, and communication with you. If you involve other companies or individuals in addition to us (e.g., representatives, other law firms, tax consultants, or other experts), we can, according to your instructions, exchange information with these companies or individuals.
- In view of a possible engagement, we can conduct appropriate research, e.g., money laundering, conflict, reputation, sanction, and credit checks relating to you or to related individuals. For these purposes, we can collect corresponding information from information providers, e.g., credit agencies, public registers (e.g., the commercial register), WorldCheck and comparable information providers and further data from the media and the internet.
- If we conclude an engagement, we process personal data from the lead-up and details about the engagement (e.g., the conclusion date and subject matter). We also process personal data during and after the duration of an engagement. This refers for example to information on our services, discussions and meetings, payments, mutual claims, the termination of an engagement, and – if disputes should arise in connection with the contract – also about these disputes and corresponding procedures. As part of our services, we may collect and process further personal data related to research work, communication with authorities, participants in proceedings, experts, and third parties and in the context of participating in court, administrative and other procedures.
If our contractual partner is an entity, we process less personal data because data protection law refers to personal data of individuals only. But we do process personal data from contact persons with whom we are in contact, e.g., name, contact details, professional information, and information from communication, and details about executives, etc., as part of the general information on companies we are rendering services to.
4. How do we process data related to marketing?
We also process personal data to promote us and our services:
- Directories and Rankings: With your prior consent, we may use information about you and about our retention to submit entries to lawyer directories and rankings.
- Events: When we host an event, we collect and use information (especially contact information) to promote, to manage and to realize the event.
- Service Development: We also process personal data to improve our services and develop new ones, e.g., feedback from you as well as information from social media, media monitoring services and public sources. We may also use data for non-personal (statistical) evaluations.
5. How do we process data in connection with our website?
When you access our website for technical reasons log data is temporarily stored in log files, mainly the IP address of the device, information about the Internet service provider and the operating system of your device, information about the referring URL, details about the browser used, date and time of access, and content accessed during the visit to the website. We process that data on the basis that it is required for us to operate, maintain and improve our website as well as for system security and stability purposes and for statistical purposes.
6. How can we disclose personal data?
We primarily disclose personal data to our clients within the framework of our engagement. In addition, we also disclose personal data to other bodies, e.g., authorities, courts, participants in proceedings, experts and other third parties. We also make use of certain support services from third parties, especially IT services (examples are hosting service providers), shipping and logistics services, and services from banks, the post office, auditors, advisors, etc. These service providers may also process personal data to the extent necessary to render the supporting services.
These recipients are not only located in Switzerland they can also be located in the EU or EEA, but also in other countries worldwide, also in countries that do not provide the same level of protection as Swiss law. We compensate the lower protection through appropriate contracts, especially in making use of the so-called standard contractual clauses of the European Commission. However, in certain cases, we can transfer data in accordance with data protection regulations even without such contracts, e.g., if you have consented to the corresponding disclosure or if the disclosure is necessary to perform an agreement concluded or to assert, exercise or enforce legal claims, or where overriding public interests require such disclosure.
7. Are there additional processing?
Yes, many processes are not possible without processing personal data, including common and unavoidable internal processes:
- Communication with you: We participate in conferences and meetings and may collect contact and other personal data in this context that we can use to contact you. This refers also to contact details received directly from you or from third parties. When we communicate with you via email, phone, or otherwise, we process details about communication content, the time and place of the communication. We recommend not to send us confidential data via unencrypted email.
- Compliance with legal requirements: As part of a legal obligation or authorization and to comply with internal regulation, we may disclose personal data to authorities.
- IT security: We also process data for the monitoring, controlling, analysis, security, and review of our IT infrastructure, as well as for backups and archiving of data.
- Competition: We process data about our competitors and the general market environment (for example the political situation, the professional associations etc.). In this context, we may process personal data about key persons, especially name, contact details, role or function and about statements made in public.
- Legal Proceedings: To the extent that we are involved in legal proceedings – not on behalf of a client – we process data about the parties involved in the proceedings and other involved individuals, such as witnesses or persons providing information, and we may disclose data to such parties, courts, and authorities, potentially also abroad.
- Further Purposes: We process data to the extent necessary for other purposes such as for administration purposes (for example contact management, accounting, enforcement, and defense of claims, evaluation and improvement of internal processes, compiling anonymous statistics and evaluations); and to protect further legitimate interests.
8. How long do we process personal data?
We retain your personal data for as long as it is necessary for the purposes for which the data is collected, and as long as we have a legitimate interest in keeping personal data, for example to enforce or defend claims or for archiving purposes and IT security. We also retain your personal data as long as it is subject to a legal retention obligation (for certain data Swiss law provides for a ten-year retention period).
9. What are your rights?
Under certain circumstances and with certain limitations, you have the following rights relating to your personal data:
- You may request a copy of your personal data and further information about our data processing;
- You may object to our data processing;
- You may correct or complete incorrect or incomplete personal data or add a note that you dispute the data;
- You have the right to receive certain personal data in a structured, common, and machine-readable format, provided that the respective data processing is based on your consent or is necessary to fulfill legal obligations.
- Insofar as we process data based on your consent, you may withdraw your consent at any time. The withdrawal only applies for the future and we may continue to process personal data to the extent required or permitted by law.
If you want to exercise such a right, please feel free to contact us (Section 2). In general, we will have to verify your identity in the process (for example by a copy of your ID).