Version from 20 October 2022
1. Basic provisions
Legarithm is a leading law firm that values its reputation, therefore we attach great importance and care to protect the privacy and personal data of personal data subjects with whom we interact, as well as comply with relevant applicable legal provisions by taking the following actions: describing the “why” and “how” we use your personal data; educating and instructing our employees and regulating their access to your data; deletion or restriction of data as they are no longer needed for the purposes indicated below; and prompt response to your comments and requests.
1.4. Scope of application
This policy applies to data processing activities carried out as part of:
1.5. Our status
For the data processing activities described above, Legarithm is the person who determines the means and purposes and thus acts as the data controller in accordance with the applicable rules on personal data and in particular the EU Regulation 2016/679 on the protection of natural persons with regard to processing personal data and on the free movement of such data (hereinafter “GDPR”).
2. General provisions applicable to all transactions with personal data carried out by Legatihm.
2.1. Data minimization
Each contact form on the website is limited to collecting only those personal data that is strictly necessary and indicates the purpose(s) for which the data is collected, the recipient of the data in all cases is Legarithm itself. Please note that the information required to manage your request is marked with an asterisk on each form. If you do not complete these required fields, Legarithm will not be able to respond to your inquiries and/or provide you with the requested services. Other information is optional and allows us to better process your request and improve our communications and services to you.
2.2. Transfer of your data to third parties
2.2.1. We do not share your personal information with other companies for direct marketing purposes.
2.2.2. Each section on personal data processing operations details the external recipients responsible for accessing and processing the relevant data. The data may be shared with technical service providers selected for their experience and reliability, who act on our behalf and in accordance with our instructions (IT subcontractor, our server hosting providers, etc.). We authorize these providers to use your personal information only to the extent necessary to perform services on our behalf or to comply with legal requirements, and we are committed to ensuring that your personal information is protected at all times. Information about these companies and their privacy policies:
2.2.3. Legarithm may also disclose your data to third parties when such disclosure is required by law, government regulation or court order, or if such disclosure is necessary to protect our rights.
2.3. Security of your data
Legarithm is committed to protecting your personal data from loss, destruction, alteration, unauthorized access or disclosure. To this end, Legarithm will apply appropriate technical and organizational measures regarding the nature of the data and the risks associated with their processing, to ensure the security and confidentiality of your personal data and, in particular, to prevent their distortion, damage or access to them by unauthorized third parties. These measures include, but are not limited to, safeguards such as limiting access to data to authorized employees in connection with their functions, contractual safeguards in the event that an external provider is contacted, conducting privacy impact assessments, regularly reviewing our privacy practices and policies, and/or physical security measures (secure access, authentication process, backup, antivirus software, etc.). We use state-of-the-art infrastructure and security measures to ensure the privacy of your data. If we share your information with third parties, we only do so if they provide the necessary assurances that they maintain the same level of security and privacy as we do.
2.4. Processing of personal data of minors
Legarithm services are not intended for minors. Therefore, we do not knowingly collect or process personal data from minors. In the event that we become aware of the collection of personal data from minors without the prior consent of the person with parental responsibility, we will take appropriate steps to remove such personal data from our servers and/or those of our contractors.
3. What personal data we process, the purposes, legal grounds and period of storage for each type of personal data.
|Purpose||Legal Basis||Processed data||Retention|
|Providing you with the services you have requested, meeting your needs or answering your question||A contract with you or your company in your interest or your request before entering into a contractual relationship||— Your name / surname (other similar data)
— Name of your company
— Information about the service provided and payment for it
— Your contact details
— Data in messages you send
|2 years after the provision of the service or the last communication, unless otherwise provided by the relevant legislation|
Offering services based on services previously purchased by you, including software courses, consultations, any other legal services
Our legitimate interest in growing our business and meeting the needs of our customers
– Your name / surname (other similar data) – Your company name – Your position and company name – Your contact details
2 years after your last communication with our company, unless you objected to such processing
|Better understanding of our audience and their preferences||Legitimate interest in improving our services to grow our business||– Statistics of visits to our site, provided by Google and Facebook services
– Messages you enter into the chat window (sent and unsent) and associated technical data
You can read Google’s policy regarding the storage of your personal data here.
|Processing for recruitment purposes||Our legitimate interest to hire new employees||First name, last name, email address, phone number, professional experience and all information that you provide when applying and/or resume and/or during interviews: photos, skills, educational level, languages spoken, expected salary level, home address , hobby, etc.||In case of employment: for the period of work in Legarithm and after dismissal within 1 year.
In case of refusal: within 6 months after it, if you do not object to processing.
4. Data source
Data can come from the following sources:
5. Your rights regarding the protection of personal data
5.1. Under the GDPR, you have the right to access and rectify your personal data, as well as the right to request deletion (the right to be forgotten), the right to object to the processing of your personal data, and the right to restrict processing and the right to portability of your personal data, to the extent where applicable, where there are compelling legal grounds that Legarithm may provide to hold your data.
5.2. With regard to the personal data associated with your application, we ask that you update your information by notifying Legarithm of any changes.
5.3. You can request at any time not to receive our newsletter, any other communication about our services, news and events.
5.4. In accordance with Article 77 of the GDPR, you as a data subject have the right to lodge a complaint with a supervisory authority, in particular with the supervisory authority of the Member State of your habitual residence, place of work or alleged infringement of the GDPR.
5.5 Right to information
You have the right to be informed, free of charge, about how your personal data is being processed, in a concise, understandable and easily accessible form, written in clear and understandable language. You can exercise this right by sending a request to firstname.lastname@example.org.
5.6 Right to rectification
You have the right to have your personal data corrected if it is incorrect or incomplete, and we are required to notify third parties to whom we have shared your data. You can exercise this right by sending a request to email@example.com.
5.7 Right to be forgotten
You have a “right to be forgotten”, or the right to have your personal data deleted and prevent their processing. This right is not absolute and may not be possible in some circumstances (for example, if we are required to keep your personal data for legal or regulatory reasons). We must notify the third parties to whom your data was shared of your request. You can exercise this right by sending a request to firstname.lastname@example.org.
5.8 Right to withdraw consent
If you have given us express consent to the processing of your personal data, you have the right to withdraw that consent at any time, including but not limited to withdrawing your consent to be contacted for marketing purposes. You can exercise this right by sending a request to email@example.com.
6. Cookies on our website
6.2. A “cookie” is a small text file that can be stored in a special place on the hard drive of your device (computer, tablet, smartphone, etc.) when you visit a website. A cookie allows its “publisher” (us or our audience measurement service providers) to identify and recognize the device on which it is stored for the duration or duration of the cookie (maximum 14 months).
6.3. Our website uses 3 types of cookies, which you can set individually:
6.3.1. Internal cookies required for the operation of the website: These cookies ensure that the website functions optimally. You can object and remove them using your browser settings, but in this case your user experience may be degraded.
6.3.2. Audience Measurement Cookies: In order to tailor the site to the needs of visitors, we anonymously measure the traffic on our website using analytics services: number of unique visitors, number of pages viewed, country of origin of the connection to the website, service that granted access (in mode in real time, through a search engine or social network), the type of device used (computer, mobile phone or tablet), the most viewed and shared articles, and the time and date of the visit.