Data Protection Declaration
Please note that this is a translation of our German Data Protection Declaration. In case of deviations, the German version shall prevail.
Data protection is closely linked to protecting the trust you place in our law firm. For this reason we only process data relating to you if this is necessary. At the same time, we exercise the necessary diligence, not least in order to protect you from possible abuse.
With this Data Protection Declaration we would like to provide you with an overview of the processing of your data and your rights according to the provisions of the European General Data Protection Regulation (hereinafter called «GDPR») and the Liechtenstein Data Protection Act (Datenschutzgesetz, hereinafter called «DSG»):
1.1. Name and address of the Data Controller and the Data Protection Officer
Data Controller within the meaning of the GDPR is BATLINER WANGER BATLINER Attorneys at Law Ltd., Am Schrägen Weg 2, 9490 Vaduz, Liechtenstein, email@example.com, T +423 239 78 78.
You can contact our Data Protection Officer under firstname.lastname@example.org or our postal address with the supplement «Data Protection Officer».
1.2. Collection and storage of personal data and nature and purpose of the use of data
We only process necessary data. What is necessary may differ, depending on the particular category of persons involved.
If you contact or mandate us, we in particular collect the following information:
· Personal details (e.g. salutation, first name, last name)
· Address and contact details (e.g. address, e-mail address, land line / mobile phone number)
· Information necessary for asserting and defending your rights within the scope of the mandate.
The purpose of the collection of this data is:
· to enable us to identify you as our client;
· to provide you with proper legal advice and representation;
· to conduct correspondence with you;
· for invoicing purposes;
· to settle, assert or defend against any possibly existing (liability) claims.
Without this data, we are as a rule unable to enter into or maintain a client relationship. It is possible that we process data that is not collected directly from you, but for example from third parties, from publicly accessible sources or from other data subjects.
Generally, the processing of your data is performed upon your request for representation, and is necessary pursuant to Art. 6 Para. 1 lit b GDPR for the aforementioned purposes (performance of contract or pre-contractual measures) for the adequate handling of the mandate and for the mutual fulfilment of obligations arising from the client relationship.
Furthermore, your data is processed in order to fulfil legal duties (Art. 6 Para. 1 lit. c GDPR) or due to public interest (Art. 6 Para. 1 lit. e GDPR), in particular in order to adhere to statutory and supervisory requirements (e.g. DSG, Lawyers Act, provisions concerning due diligence, anti-money laundering and prevention of market abuse, tax laws and agreements).
In addition, your data can be processed to protect legitimate interests by us or third parties (Art. 6 Para. 1 lit. f GDPR) for specifically defined purposes, in particular to assert and enforce claims, to ensure IT security and IT operations as well as for building and equipment security.
In other respects, your data may be processed on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You have the right to withdraw your consent at any time. This also applies to consent given prior to the entry into force of the GDPR. The withdrawal of consent shall, however, not affect the lawfulness of the data processed prior to the withdrawal of consent.
We also reserve the right to further process personal data that was collected for one of the aforementioned purposes for the other purposes too, if this is compatible with the original purpose or permitted or provided for by law (e.g. reporting obligations).
1.3. Recipients or categories of recipients of the personal data
Within our law firm, employees may process your data if they require them to comply with our contractual, statutory and supervisory obligations and to protect legitimate interests. Third parties may also obtain personal data for these purposes, this includes processors, for example in the category of IT services.
Your personal data will also be transferred to third parties, insofar as this is necessary in the context of mandate relationships. This includes in particular the transfer of data to court opponents and their representatives as well as courts and other administrative authorities for the purpose of correspondence as well as to assert and defend your rights.
1.4. Transfer of personal data to third party states
Data is only transferred to countries outside the European Economic Area (so-called third countries) within the context of adequacy decisions of the European Commission or if this is necessary for the implementation of pre-contractual measures or the performance of a contract, if you have given us your express consent (e.g. within the context of specific services), if the transfer is necessary for important reasons of public interests or is stipulated by law.
1.5. Storage period for personal data
Generally, the personal data collected by us for purpose of the mandate shall be retained until expiration of the statutory retention period for attorneys-at-law (after expiration of 10 years from the date on which representation ends) and thereafter be deleted, unless we deem a longer retention period necessary pursuant to Art. 6 Para. 1 lit. c GDPR on the basis of statutory obligations under tax-, company- or supervisory law with regard to retention and documentation (in particular arising out of PGR, SPG or SteG/MwStG) or if you have consented to longer retention in accordance with Art. 6 Para. 1 lit. a GDPR. Further processing and longer storage may be conducted for reasons of preservation of evidence, for example for the duration of the applicable statutes of limitation.
1.6. Your data protection rights
As our client or in general as a data subject, you are entitled – subject to the lawyer’s duty of confidentiality – to be informed about your personal data at any time, in particular its origin and recipients as well as the purpose of the data processing. You also have the right to rectification, data portability, to object and to restriction of the processing or erasure of incorrect or improperly processed data.
We kindly ask you to inform us of any changes to your personal data.
You have the right to withdraw at any time any given consent to use your personal data. The exercise of your right to information, erasure, rectification, objection and/or data portability may be addressed to the contact details listed under item 1.1 of this Declaration.
If you are of the view that our processing of your personal data is in breach of applicable data protection law or that your statutory data protection rights have been infringed otherwise, you may file a complaint with the competent supervisory authority. In Liechtenstein, the Data Protection Office is the competent authority.
1.7. Valid version
This is the currently valid Data Protection Declaration as of May 2018.
Due to the continued development of our website and associated services or organisational modifications within our law firm or on the grounds of amended legal or regulatory requirements, it may become necessary to amend this Data Protection Declaration. You can access and print out the respective current Data Protection Declaration on our website at any time.
2.1. Provision of the website
Each time our website is accessed, our system automatically records data and information about the computer system of the accessing computer.
The following data is collected:
· information about the browser type and the version used
· operating system of the user
· internet service provider of the user
· IP address of the user
· date and time of access
· originating website
The three latter types of data are retained only in summarised form, meaning that it is not possible to attribute IP addresses to the originating website or the time of access. It is only possible to determine from which websites and at which time most accesses take place. There is no person-related evaluation and no transmission to third parties.
We retain this information in accordance with statutory regulations. Processing is performed for reasons of data security in order to ensure the stability and operating reliability of our system.
The legal basis is Art. 6 Para. 1 lit. f GDPR.
We do not use a web analysis tool on our website.
If you register for our newsletter, we will send without delay an e-mail containing a hyperlink to the specified e-mail address. Click on this link to confirm your newsletter registration (so-called double opt-in procedure).
If you confirm the newsletter registration, this means you grant consent to store your e-mail address including the date of entry, IP address as well as the list name of the desired newsletter. The legal basis for the retention of this data is Art. 6 Para. 1 lit. a GDPR. We only use your e-mail address to administer and send the newsletter requested by you, at the intervals specified at the time of registration.
Our newsletters do not contain any visible or concealed counters, third-party advertising or links to third-party websites that are not directly linked to the content of our newsletter.
Each newsletter contains information about how to unsubscribe from the newsletter.
2.4. Download of files
We do not require any personal data from you in order to enable you to download files from our website.