We at MisikLaw value privacy and the data we come into contact with and we adequately protect it, be it data about our existing or potential clients and suppliers, their representatives and employees, or our existing or prospective employees and associates. For the purposes of this Policy, personal data means data that we come into contact with and that identifies or enables the identification of a particular individual as per Regulation (EU) 2016/679 on the protection of natural persons with regard to personal data processing and on the free movement of such data (“GDPR”).
In this Policy, we describe how we process your personal data and explain your rights in relation to personal data processing. To ensure you are adequately informed, we may also provide information about personal data processing by our firm in other appropriate ways, e.g. in a specific written correspondence or by email. Please note that MisikLaw is a law firm and, therefore, we may not provide information about personal data processing when providing legal services if this would lead to a violation of the attorney professional secrecy and confidentiality obligation.
If you wish to contact us in relation to personal data processing by our firm, please email us at firstname.lastname@example.org. If you prefer other means of communication, you can also contact us at our firm’s address stated above, or contact our partner, Mr. Viktor Mišík using the contact details on our website.
1. Which personal data do we process?
When conducting our business, we may process various personal data. Mainly, we may process your following personal data in specific situations:
- personal data, including special categories of personal data, provided to us by or on behalf of our client, and data created by us when providing our services to clients,
- personal data enabling the client identification and the data we need to assess potential conflicts of interest, perform KYC procedures and procedures required to prevent the legalization of proceeds of crime,
- personal data that allows us to identify our contractual partners and the personal data we need for our pre-contractual relationships with our contractual partners, including personal data of our business partners, i.e. the persons we deal with as part of our business or in relation to it,
- contact details for communication with the client, client’s partners, our contractors and partners or other persons (e.g.employees and other client representatives), together with other basic information relevant for contact list purposes (name and surname, telephone number, physical address, e-mail address, other contact details, company, position or other relationship within a company),
- data needed to make payments, e.g. billing information of the client and our suppliers,
- personal data needed to organize meetings with clients, counterparties, suppliers and other persons (e.g.employees and other client representatives),
- personal data provided during recruitment by our firm, in particular, first name, surname, address and contact details, and other candidate details, such as education, abilities, and experience stated in a CV,
- any other information that you provide to us, or provided to us by third parties.
2. Why and on what legal basis do we process personal data?
We collect and process personal data for the following reasons:
- to provide legal services in accordance with applicable law and perform our business activities, including establishing, enforcing, or defending the claims of our clients,
- to conclude and perform contracts between us and our clients, suppliers, and other contractual partners (e.g. landlords and property managers, cleaning services, telecommunication operators, accountants and tax advisors, IT service providers, translation services providers),
- to comply with obligations arising from specific regulations (e.g.tax and accounting rules, rules on preventing the legalization of proceeds of crime, archival rules, personal data protection rules),
- due to our legitimate interests and the legitimate interests of third parties (mainly our clients), including our legitimate interest in communicating with clients, suppliers, contractual partners, and other persons, and due to other legitimate interests stated in this Policy,
- to market our firm (for more information on marketing, please refer to section 3.2 of this Policy),
- to prove, enforce, or defend our claims,
- to find and evaluate the suitability of candidates for a particular position at our firm and the related pre-contractual relationships,
- for purposes for which you have given us special consent.
3. How do we use personal data?
At MisikLaw, we process personal data in various ways to achieve respective purposes. In particular, personal data may be:
- obtained, used, stored, and created to provide legal services to our clients to conduct our business, or to represent our clients according to their instructions, whereas information may also be provided to third parties to the extent required by client’s interests,
- obtained, used, and stored to communicate with our clients, suppliers, contractual partners, and other persons (e.g.employees and other client representatives),
- used in ways required by special regulations,
- used to provide you with the requested information,
- used to perform contracts with our contractual partners, or to conclude such contracts,
- used to evaluate a candidate during recruitment (please refer to section 3.1 below for more information on recruitment).
We do not sell, lease, or otherwise dispose of personal data for consideration.
We protect personal data at MisikLaw by using appropriate organizational and technical measures in accordance with applicable laws to prevent its misuse, accidental or unlawful destruction, loss, alteration, or unauthorized access or transfer.
Similar to other law firms, our firm also uses personal data for direct marketing. Our marketing mainly entails informing on the provision of legal services via advertising, newsletters, legal news, and seasonal greetings. Upon consent, we may publish information about legal advice (including references) and provide personal data to participate in ratings, rankings, and lists of recommended law firms.
If you receive marketing information from us which you are not interested in, do not hesitate to let us know at email@example.com and we will exclude you from further marketing correspondence.
4. Who may be provided with personal data?
Your personal data will primarily be used internally by the firm’s managers, and other authorized employees and individuals at the firm. Data may also be provided to lawyers (and/or their companies) who, either alone or through their companies, have a long-term working relationship with MisikLaw. A list of these lawyers is available at the MisikLaw website under the Professionals’ tab.
We may provide your personal information to some other persons if required for some of the above purposes. These persons are mainly:
- our IT service providers,
- our accountants,
- our external advisers, in particular, tax advisors, technical advisers, and auditors,
- suppliers to whom we have contracted ancillary services (e.g.translators),
- other third parties who, with the client’s consent, also participate in the provision of services to the client (e.g.other legal advisors, operators of various technical services).
It cannot be ruled out that in certain circumstances, we may need to provide your data to courts, arbitration tribunals, administrative bodies or other public authorities, or other entities pursuant to the relevant legislation, or this Policy. It is possible that in some cases, the applicable law does not permit us to inform you that we have provided such data.
We do not transfer your personal data to third countries or international organizations unless such transfer is permitted under the GDPR.
5. How long do we keep personal data?
Your personal data will be stored in accordance with our internal archiving and storage policies. Specific periods for keeping personal data are based on the requirements of the GDPR and the time required to fulfil the purpose of data processing, taking into account the archival periods required by the relevant legislation, the recommendations of the relevant public authorities and the Slovak Bar Association, and limitation periods for bringing claims and the legitimate interests of our firm.
6. How do we obtain personal data?
We may obtain your personal data in a number of ways, including:
- directly from you when concluding a contract with you as our client, or in our pre-contractual processes with clients and in assessments of potential conflicts of interest, KYC procedures and procedures to prevent the legalization of proceeds of crime,
- from our clients, our contractual partners, or other persons during the provision of legal services by our firm and when conducting our business, or when creating personal data on our own,
- directly from you if you voluntarily provide the data to us, or if you directly communicate with us (or with our employees, lawyers, or other associates),
- from your employer or from your contractual partners,
- from publicly available sources and registers for our legitimate interests and for the purpose of provision of legal services by our firm and for conducting our business, including the updating of your data we already have from other sources.
Cookies are short text files that are stored in a special browser box on the user’s computer. Web pages allow you to memorize your visit information, such as your preferred language and other settings. Your next visit of the website can be effective.
The user agrees to store cookies in their browser based on the settings of their internet browser. The user can disable cookies on their computer or mobile device by modifying the settings of their internet browser.
- the measurement of website traffic and the production of statistics on behalf of the visitor behavior,
- website functioning.
We also use the tools of the Google Analytics web application.
Cookies are considered in a similar way as a whole and pseudonymized form, which allows the identification of an individual only when a large and professional effort is made.
Cookies for ad targeting are processed based on your consent. You can withdraw consent to the collection of cookie data for marketing purposes at any time by changing the settings of the relevant Internet browser.
Collected cookies are processed by other processors:
- Google Analytics Provider, operated by Google Inc., Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland;
The above platforms further treat the cookies in accordance with their terms of service, which can be found here:
8. What are your rights regarding personal data processing?
At MisikLaw, we respect the rights of individuals, including those granted by the GDPR. Your rights pursuant to the GDPR, in particular, include the right to:
- request confirmation as to whether and why our firm processes your personal data, and to obtain a copy of this data,
- require the firm to correct inaccurate or incomplete data,
- request the deletion of personal data or that processing be stopped, for example, if personal data is no longer required for the specified processing purposes,
- object to the processing if the firm relies on legitimate interests as a legal basis for processing.
Should you wish to exercise any of your privacy rights, please email us at firstname.lastname@example.org and we will address your request in accordance with our mandatory obligations. That may also include our continuous processing of certain personal data of yours despite your request to delete your personal data or withdrawal of your previous consent, however only in the extent required or permitted by applicable laws (e.g.in connection with proving, enforcing or defending our claims, or to maintain compliance with our legal and regulatory obligations).
If you believe the firm has not observed your privacy rights, you may file a complaint with the Office for Personal Data Protection of the Slovak Republic.
Information on personal data processing will typically be provided free of charge. However, please note that in certain circumstances, especially if there are obviously unjustified or vexatious requests, we may reject your request or ask for a reasonable fee.
Please also note that we do not have a duty to provide information on personal data processing, to allow access to, or to allow data portability of, personal data under the GDPR if this could lead to a violation of the attorney professional secrecy and confidentiality obligation under the applicable law on advocacy or violation of other applicable law.