PRIVACY POLICY
1. Introduction
Privacy and data protection is important to us, and therefore this Privacy Policy will explain how we manage the personal data we obtain from our clients, and persons whom the clients’ matters pertain to.
When LEAD | Rödl & Partner processes personal data, LEAD | Rödl & Partner is a personal data controller. Therefore, LEAD | Rödl & Partner determines the purpose and means for processing the personal data and bears the responsibility under applicable data protection regulations.
2. LEAD | Rödl & Partner’s contact information:
The legal entity responsible as a data controller for the processing of your personal data is:
LEAD ADVOKATPARTNERSELSKAB
CVR-no. 32 32 14 88
Phone +45 4445 5000
E-mail info@lead-roedl.dk
Address Store Kongensgade 40 H, 2. Sal, DK-1264 København K
If you have any questions concerning LEAD | Rödl & Partner’s processing of personal data, please contact us at the above-mentioned e-mail address.
3. Description of processing
Below, we have described what types of personal data we process, the purpose, and the legal grounds upon which we base the processing. Company information is not subject to the General Data Protection Regulation (GDPR).
(1)
Personal data:
– Contact information 1:
– Full name
– E-mail address
Purpose:
– Registering companies as clients and contact persons at the client company.
– Registering natural persons as clients.
– Invoicing our clients.
– Complying with bookkeeping legislation.
Legal ground:
– Fulfilment of a contractual obligation.
– Complying with a legal obligation.
(2)
Personal data:
Contact information 2:
– Full name
– E-mail address
– Street address
– Personal identification no.
Purpose:
– To ensure that there is no conflict of interest.
– Invoicing our clients.
– Complying with bookkeeping legislation.
Legal ground:
– The processing is necessary in order to enter into a contract, which the person has requested.
– Fulfilment of a contractual obligation.
– Complying with a legal obligation.
(3)
Personal data
Information according to the Danish Money Laundering Act (hvidvaskloven) (DMLA):
– Identity information such as name, personal identification no. etc.
– A copy of the passport, or other similar document that can be used for identification and passport no.
– An assessment if the person is a politically exposed person.
Purpose:
– Complying with the DMLA legislation.
Legal ground:
– Complying with a legal obligation.
(4)
Personal data:
Information in connection with legal matters:
Given the nature of a law firm’s activities, it is not possible to provide an exhaustive list of types of personal data that will be processed. Below are some examples:
– Contact information
– Meeting notes etc.
– Mentions of persons in (drafting) documents.
– Other information that is required when handling the client’s case.
Purpose:
– A necessary step in order to enter into a contract, which the client has requested.
– To handle the client’s matter according to the client’s instructions, and in accordance with the ethics rules provided by the Danish Bar and Law Society.
Legal ground:
Regular personal data:
– Fulfilment of a contractual obligation
– Complying with a legal obligation
Depending on the circumstances, we will process sensitive personal data relating to criminal offenses or other sensitive categories of personal data, if necessary for establishing, exercising or defending legal affairs, cf. Section 8, item 3 and 4 of the Danish Data Protection Act (databeskyttelsesloven).
(5)
Personal data:
When signing up to our courses – contact information 3:
– Name
– Company
– Position
– E-mail address
– Telephone number
– Street address
Purpose:
– We may use this information in regard to our courses, if we need to contact you about cancellation, change of place, change of time etc.
– We may use this information for direct marketing of other relevant courses
Legal ground:
– The processing is necessary for the purposes of the legitimate interests pursued by the controller
LEAD | Rödl & Partner collects data from yourself with your prior consent. As a result, you can always choose, if you wish to give us the information, however LEAD | Rödl & Partner cannot provide its services unless the requested contact information and information according to the Danish Money Laundering Act are provided. You have the right to withdraw you consent at any time, but please note that this can have negative effects of your contract with LEAD | Rödl & Partner. Furthermore, you should note that if you withdraw your consent, the withdrawal will not affect our processing and disclosure prior to the withdrawal of your consent.
At times LEAD | Rödl & Partner may obtain your contact information through publicly accessible sources, your employer, your counter-party etc. In this case you still have the rights as described in point 7. This information may be processed without your prior consent to provide our services to our clients.
4. Recipients
We will treat your data as confidential and we will not unnecessarily disclose it to third parties, However, if necessary, the personal data may be transferred to the following categories of recipients:
- Courts, similar judicial entities and/or authorities.
- Other authorities, such as SKAT (the Danish Tax Authorities).
- Recipients whom LEAD | Rödl & Partner has been directed by the client to transfer information to.
- Companies that provide services, upon which, LEAD | Rödl & Partner relies for its core activities (such as digital infrastructure).
5. Transfer to third countries
LEAD | Rödl & Partner will not transfer your personal data to third countries (countries outside of the EU/EEA), unless this is necessary to carry out the assignment given by a client. If so is the case, and there is no decision from the EU Commission that the country, which the personal data will be transferred to, provides adequate data protection legislation to ensure the safety of the personal data, LEAD | Rödl & Partner will use relevant safeguards to ensure the safety of the personal data.
6. Storage and deletion of personal data
LEAD | Rödl & Partner stores all client related information as well as personal data, for as long as there are legitimate purposes. There is no general duration of this storage, but we base our assessment on i.e. the guidance from the Danish Bar and Law society about this issue, which as a main rule can entail storage for up to ten (10) years, after completion of the relevant assignment. Special legislation, including the Danish Bookkeeping Act, the Danish Money Laundering Act, and the Danish Limitation Act, may entail an obligation for us to store data for an extended period. If the data is anonymized, we may also process and store it for a longer time. The personal data collected by us according to the Danish Money Laundering Act is stored for five (5) years after the end of the client relationship and is then deleted.
7. Your rights
LEAD | Rödl & Partner is a law firm and is therefore subject to rules of professional secrecy. This means that LEAD | Rödl & Partner is not allowed to disclose information relating to the clients’ matters to anyone but the client.
The rights that a person has in regards of their personal data are not absolute, meaning that certain criteria must be at hand for the right to be exercised. Also, there are exceptions to some of the rights. LEAD | Rödl & Partner will accommodate request to the extent that LEAD | Rödl & Partner is obliged under the data protection regulations, and that doing so it not contrary to the interest of LEAD | Rödl & Partner’s clients.
A person has the following rights regarding their personal data:
– Access: you have the right to information about the processing, access to the personal data in question and the right to obtain a copy of it.
– Rectification: LEAD | Rödl & Partner must correct the personal data if it is incorrect.
– Deletion: LEAD | Rödl & Partner must erase the personal data in certain circumstances, such as if there is no purpose for processing it any longer.
– Object to processing: you have the right to object to LEAD | Rödl & Partner’s processing of personal data.
– Restriction of the processing: you have the right to have LEAD | Rödl & Partner restrict the processing of personal data (not to erase it).
– Data portability: if you want LEAD | Rödl & Partner to transfer the personal data to another personal data controller, LEAD | Rödl & Partner must accommodate this request.
If you wish to exercise any of your abovementioned rights regarding your personal data, please contact info@lead-roedl.dk with the subject “Privacy Policy”. Such rights may be subject to conditions or restrictions. Accordingly, there is no certainty that you will be entitled to exercise the right, as it will depend on the circumstances.
You are welcome to contact us on the above-mentioned e-mail, if you disagree with the way or the purposes for which we process your personal data. You may also lodge a complaint at the supervisory authority, if you believe that LEAD | Rödl & Partner’s processing of personal data infringes applicable data protection regulations. The supervisory authority in Denmark is Datatilsynet.
The Danish Data Protection Agency
Borgergade 28, 5th floor
1300 Copenhagen
Denmark
T: +45 3319 3200
E-mail: dt@datatilsynet.dk
If you are not based in Denmark, you may contact the supervisory authority that is relevant to you.
Updated December 2018