Download our privacy policy, or read the full text below

1. We comply with the General Data Protection Regulation (GDPR).

We process your personal data in compliance with the GDPR. Personal data is all data that could be used to identify you, directly or indirectly.

2. We act as a data controller.

Because we determine the purposes and means of the processing activities.

3. The personal data we process and the purposes we use them for.

If you are a (potential) client

Personal data This data is used Legal basis

Contact details – name, e-mail address, phone number

  • To keep and maintain contact with you.
  • To identify you, if we are required to do so pursuant to the Money Laundering and Terrorism Financing (Prevention) Act.
  • Legitimate interest
  • Performance of a contract
  • Legal obligation

Bank details – Account number, IBAN and BIC code

  • To check and administer payments.
  • To maintain our list of accounts receivable and outstanding invoices
  • Legitimate interest
  • Performance of a contract
  • Legal obligation

Client data in shared documentation – such as names, shareholder relationship, tax information and addresses.

We use this data to provide our legal design services.

  • Performance of a contract

If you apply for a job or internship

Personal data This data is used Legal basis

Contact details – name, e-mail address, phone number

  • To keep and maintain contact with you.
  • Legitimate interest

Application details – such as info in your cv, covet letter and LinkedIn profile.

  • To estimate which job applicant is a suitable candidate.

  • Legitimate interest

4. How long we keep you personal data

We store personal data for as long as we need it for the above purposes:

Personal data in our records for the tax authorities | This data is stored for seven (7) years. We may store this information longer if we are legally obliged to do so.

Personal data of clients | This data is stored as long as we have a contract for our services which the client and for a maximum period of 6 months after. We may store this information longer if we are legally obliged to do so.

Other information | We store other Personal Data only for as long as it is necessary for the purposes. This is deleted as soon as it is no longer necessary for the purposes for which we processed it.

5. We use processors that may receive your personal data

We use processors to assist us in our Services. Within this context these processors receive personal data from us which they process by our order. We use, for instance, the following Processors: Hoasted, MS Office 365, Gsuite, Tresorit and Notion. Our use of processors is always in accordance with the GDPR. Apart from the above, we will not share your personal data with third parties, unless we are legally obliged to do so. We will never sell your personal data to others or use it for advertising.

6. We may transmit personal data to parties outside the European Union, if one of our processors is established outside the EU.

The transmission of data outside the EU will always happen in conformity with the GDPR.

7. We protect your personal data

We protect all personal data we process from unauthorized and unlawful access, change, disclosure, use and destruction. For instance, we take the following measures:

  • Limited access to the personal data for authorized employees on a need-to-know basis.
  • Password protection of computers, laptops and other devices. If possible, two factor authentication is used for the use of software.
  • Locking of premises and areas where (devices containing) personal data are located.
  • All our employees have signed a confidentiality statement and attended a security awareness training.

8. We may update this Privacy Policy.

If we change our Privacy Policy significantly, then we will state so on our website together with the revised Privacy Policy.

9. Your rights and our contact data

As laid down in the GDPR, you have the right to ask us.

  • To rectify, update or remove your personal data.
  • For a copy of the Personal Data we process of you. We can also transmit such copy to another data controller at your request.
  • Withdraw your consent to process your Personal Data. This only affects the processing activities that are based on your consent and does not affect the validity of the processing activities before you have withdrawn your consent.
  • Object to the processing of your personal data;
  • File a complaint with the Dutch Data Protection Authority.

last updated: April 2020

Patroon Legal Design B.V.          Hamerstraat 19-1, 1021 JT, Amsterdam      |     +31 20 303 60 50       |        info@patroonlegaldesign.com

M

Fornier Legal Design is now

Patroon Legal Design