Privacy statement

Privacy Statement

Your privacy is important to us. We will observe due care in handling your personal data and undertake to comply with the applicable privacy legislation, such as the General Data Protection Regulation (GDPR). By way of these privacy regulations, we inform you of the way we handle your personal data and of your rights with regard to your personal data.

Purpose of these regulations

This Privacy Statement pertains to the processing of the personal data of our clients and of all other persons with whom Hamann Advocaat maintains contact or who use our services.

What personal data do we process?

We process the personal data that you have provided to us, for instance within the context of the services we provide to you. The personal data that we process may include the following:

  • Contact details and other data, including your name, address, telephone number, e-mail address, (copies of) identity documents obtained from you at the time you gave us instructions to provide legal services.
  • Other personal data, including, for example, financial data and health data, which form an integral part of the case file we handle for you.
  • Contact data you have provided to us in any other way, for example during seminars etc.

Purposes of use

We use your personal data for several purposes, namely:

1. For the execution of an agreement in which you have instructed us to provide legal services

If you instruct a lawyer to conduct a case, your contact data will be requested in any case. You may also be requested to submit an identity document. Furthermore, other personal data may be necessary for handling the case. Your data will also be used for invoicing the services provided.

In addition, the personal data of parties which are involved in (legal) proceedings may also be processed, such as personal data of the party with whom you are engaged in a dispute.

2. Compliance with statutory obligations

The Money Laundering and Terrorist Financing (Prevention) Act (Wet ter voorkoming van witwassen en financieren van terrorisme, WWFT) obliges lawyers to obtain and record specific information such as, for instance, a copy of an identity document (passport). When a copy is made, we ensure that the data that we do not need are not copied.

3. Maintaining contact with you, the Client

Your contact details are kept up to date in our client system, and can, for instance, be used to send newsletters, updates, invitations for events and seminars and to provide you with the information you requested. These contact details may have been obtained from the business card that you gave to us or from an e-mail you have sent us. You may state at any time that you no longer wish to receive e-mails from us.

4. Improving and securing our website

 

Legal basis of the processing

We only process personal data if there is a legal ground for it. We process personal data based on the following legal grounds:

a) Consent

If we have requested consent to process your personal data and you have granted this consent, you will still have the right to withdraw this consent at any time. This legal ground applies for instance when you are not a client of Hamann Advocaat.

b) Agreement or in the run up to the conclusion of an agreement

If you give us instructions to provide legal or tax services, we process personal data if and insofar as this is necessary for the execution of the agreement.

c) Legal obligation

The Money Laundering and Terrorist Financing (Prevention) Act (Wet ter voorkoming van witwassen en financieren van terrorisme, WWFT) obliges lawyers to obtain and record specific information such as, for instance, a copy of an identity document (passport).

d) Legitimate interest

We may also process personal data if we have a legitimate interest and do not therefore disproportionally infringe your privacy. For example, we use your contact information to invite you to relevant events and to send newsletters. You can sign out or unsubscribe at any time, if you so wish.

Providing personal data to third parties

In the context of our provision of services, it may be necessary to share personal data with other parties. For example, for the purpose of legal proceedings where it is necessary to provide your personal data to an expert. The lawyer conducting your case will discuss this with you beforehand in almost all cases in which it is required.

Transfer outside the (European Economic Area) EEA

We may pass on personal data to a party outside the EEA if this is necessary for the execution of the agreement for the provision of legal services, or if this is necessary in the context of a legal action for which we provide you with legal assistance.

Your rights

Any person may exercise certain rights under the law as regards his or her personal data.

For example, you have the right to:

  • Inspection (and a copy) of your personal data which we process.
  • Rectification (correction) of your (incorrect or incomplete) data.
  • Deletion of personal data.

You also have the right to object to the processing and use of your personal data or request to limit the use thereof. In specific cases, you may even retrieve your data and transfer these data to another party. You can find further information about your rights on the website of the Dutch Data Protection Authority: https://autoriteitpersoonsgegevens.nl.

Retention period

We will not retain your personal data for any longer than is necessary to achieve the purposes for which we have obtained the data unless a statutory retention period applies.

In the event we have assisted you by providing legal advice or in legal proceedings, we will in principle keep your case file in our filing system for a period of 7 years. There can be legal reasons to keep a case file for a longer period. In that case, we will inform the client of the longer retention period and the underlying reason or reasons.

Security measures

We have taken appropriate technical and organizational measures to protect your personal data against unlawful processing. An integral part of those measures is that we make use of encryption when storing data, that two factor authentication is used when logging onto our IT systems and that a backup is made of the data on our system.