Interlegal is an association of independent law firms established in accordance with Art. 60 ff  of the Swiss Civil Code ("Interlegal" or "we".)

This Privacy Policy together with the Cookie Policy gives you information on how Interlegal collects and processes your personal data through our interaction with you and through your use of our website. This privacy policy does not apply to websites (this includes our Member Firms' websites) that you may be able to access via links on this Website. We are not responsible for the collection or use of your personal data from third party websites.

1. CONTROLLER

Interlegal is the controller and responsible for your personal data and for the content of this Privacy Policy.

If you wish to contact us regarding this privacy policy please write to us at:
Interlegal, Route des Jeunes 4, 1227 Geneva – Les Acacias, Switzerland
Email: officer@interlegal.net

Alternatively you can contact our Representative in the EU.

Representative in the EU

Our representative in the Union in accordance with Art 27 GDPR is:
Colin Russell
Russell Business Services Ltd
10 Timble Drive
Eldwick, Bingley, BD16 3PF
United Kingdom

Email: colin@russellbusiness.co.uk
Tel:  +44(0)1274783644


2. DATA WE COLLECT

Some data will be collected automatically by our Website (for further details, please see our Cookie Policy). Other data will only be collected if you voluntarily submit it, for example by filing in a form on our Website.

Technical data:

  1. technical information: including the type of device (and its unique device identifier) you use to access our Website, the IP address used, your login information, browser type and version, time zone setting, browser plug in types and versions, operating system, mobile network information.
  2. information on your visit to the Website including URL, referring site, your activity on our Website, and the site to which you exit.

Depending upon your use of our Website we may collect some or all of the following data you provide us with:

  1. name;
  2. business/company name;
  3. contact information (postal address, email address and telephone number);
  4. any other information you provide us with if you contact us or correspond with us


3. PURPOSE AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

We have set out below how we may plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are.

  1. To ensure that content on the Website is presented in the most effective manner for you and the device you use, and in order to generate analytics and reports  of the usage of the Website, we use the technical information mentioned above in Section 2.It is necessary for our legitimate interests to monitor how our Website is used to understand our Website visitors better and to help us keep the Website updated , improve the layout and information on our Website and provide a better service to users.
  2. To protect the security and effective functioning of our Website we use basic data, registration data, transaction data, and device data.
    It is necessary for our legitimate interests to monitor how our Website is used to detect and prevent fraud and the misuse of our Website which helps us to ensure that you can safely use it.
  3. To enable us to process an initial enquiry made by you, manage our relationship with you, deal with any enquiries, correspondence, concerns or complaints you have raised with us, we use the information provided by you, e.g. your name, title, address, telephone number, mobile phone number, email address, organisation details and details of the enquiry.
    Our legitimate interests are to enable us to respond to your enquiry, keep our records updated and to better understand users of our Website and our services.

4. SHARING YOUR PERSONAL DATA

We may share your personal data with the following categories of recipients:

  1. service providers (e.g. infrastructure and IT services providers, web-hosting services, CRM services)
  2. analytics and search engine providers
  3. our Member Firms and their personnel
  4. professional advisers such as lawyers, auditors and insurers
  5. government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons
  6. business partners, suppliers and sub-contractors for the performance of any contract we may enter into with you


5. RETAINING PERSONAL DATA

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

In order to determine the appropriate retention period for your personal data, we take into account the purpose for which we process your personal data, the nature,  and sensitivity of the data and the potential risk of harm from unauthorised use or disclosure.

Personal data related to marketing activities is retained for as long as you accept marketing communications from us, and we will delete such data upon request.


6. DATA SECURITY 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable Supervisory authority of a breach where we are legally required to do so.

Despite our efforts of ensuring an appropriately high standard of security, it cannot be ruled out that information you have provided via the internet will be accessed or used by other persons. Please note that we can therefore not assume any liability or the disclosure of information due to errors in the data transfer and/or unauthorised access by third parties not caused by us.


7. YOUR RIGHTS UNDER GDPR

If you are in the European Economic Area (EEA) you have the following rights:

Right of access
You have the right to access data we hold about you. We'll confirm whether we're processing your personal data and provide you with a copy of your personal data. We may require you to prove your identity before providing the requested information. 

Right to rectification
If the personal data we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified.

Right to erasure
You can request us to delete your personal data where we no longer need it or where applicable if you withdraw your consent. 

Right to restrict processing
You can ask us to restrict the processing of your personal information in certain circumstances, such as you believe such data to be inaccurate, our processing is unlawful, or we no longer need to process data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation

Data Portability
You have the right, in certain circumstances, to obtain personal information you've provided us with and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

Right to object
You can ask us to stop processing your personal information, if we are relying on legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing which override your interests and rights

Right to withdraw consent
If we rely on your consent  as our legal basis for processing your personal information, you have the right to withdraw that consent at any time. This includes cases where you opt out from marketing messages that you receive from us.

Contact
If you wish to exercise any of the rights set out above, please contact us at officer@interlegal.net or at the address indicated in Section 1.

Response to your requests
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

Right to lodge a complaint with the supervisory authority
If you are in the EEA you also have the right to lodge a complaint with the data protection authority in the Member State of your residence, place of work or place of the alleged infringement if you consider that our processing of your personal data infringes the GDPR.

Automated Decision-Making and Profiling
We do not carry out any automated decision-making and profiling.


8. CROSS-BORDER DATA TRANSFERS

We may transfer your personal data outside the European Economic Area (EEA). We also disclose personal data to our Member Firms some of whom are outside the EEA, to jurisdictions that may not provide the same level of data protection.

If you submit the form on our Website and inquire about assistance of a member firm in another jurisdiction, your inquiry along with the personal data you provide in the form will be transferred to the appropriate Member Firm(s) in the jurisdiction you are interested in for response. This jurisdiction may not provide the same level of data protection as your home country.

If we transfer personal data out of the European Economic Area (EEA) we have security measures in place to seek to ensure that your personal information receives an adequate level of protection as required or permitted by Articles 46 and 49 of the General Data Protection Regulation.


Our privacy policy was last updated on 25 May 2018