1. Introduction
Geradin Partners is a boutique law firm that specialises in competition law with offices in Brussels and London. Stek is a Dutch boutique law firm with offices in Amsterdam. We take the protection of your personal data seriously. We are committed to safeguarding the privacy of the personal data that we receive from you during the course of our business relationship and that collected from visitors to our website. We have implemented appropriate technological and organisational measures to protect the personal data that we process. This Privacy Policy sets out our privacy practices and your rights.
2. Data protection laws
Our use of your personal data is subject to the law (including but not limited to the European Union (“EU”) General Data Protection Regulation 2016/679 (“GDPR”), the GDPR as incorporated into the law the United Kingdom by virtue of the European Union (Withdrawal) Act 2018 (i.e., the “UK GDPR”), and other relevant UK and EU legislation). Unless otherwise indicated, references in this Privacy Policy to the GDPR include the UK GDPR.
In this Privacy Policy, the terms “personal data”, “controller”, “processor”, “data subject”, “consent”, “recipient”, “third party”, “processing” and “profiling” have the meanings given to them in the GDPR.
3. Contact details of controllers
The controllers for the processing of personal data under this Privacy Policy are:
Geradin Partners
City Pavilion,
27 Bush Lane,
London, EC3M 5AD
United Kingdom
Email: info@geradinpartners.com
Website: https://www.geradinpartners.com
Geradin Partners
475 Avenue Louise,
Brussels, 1000
Belgium
Email: info@geradinpartners.com
Website: https://www.geradinpartners.com
4. What personal data we collect and why we collect it
4.1 Clients
We use your personal data (and any related information) primarily to provide our legal services to you. This includes personal data you provide us when you are introduced to us, in person, by telephone, email, or via social media or our website. This may include information that can be used to identify you or that we can link to you, including your name, contact information, job title and any associated organisation and other information which we may use to identify you in relation to our services. This information may fall into the following categories:
- We may process information contained in any enquiry that you submit to us indicating your interest in our services, including the contacts of your enquiry and any contact details. We process such data for the purposes of responding to your enquiry and updating you in relation to our services where appropriate, unless you indicate that you no longer wish to hear from us.
- Where we enter into a contract to provide legal services to you or for the provision of third-party services to the firm, we may process personal data for the purposes of that contact and our related business services. This may include personal information contained within contract related correspondence, data provided for the purposes of the contract and/or transactional data and bank account information for the purposes of supplying and receiving services, making payments and record-keeping. We may also keep a record of contact details of individuals at your business or working on behalf of your business whom we may contact in order to carry out your instructions.
- We will also need to process your personal data for the administration of our relationship with you including (but not limited to) billing, record keeping and where necessary debt collection. In this regard, we act as a separate data controller in our own right.
- We may obtain information about you from other public sources or by introduction by third parties which we may use to help us update and analyse our records, identify potential new clients and for compliance and regulatory checks.
- We may use your personal data to send you updates (by email, text, telephone or post) about legal developments that might be of interest to you and/or information about our services, including exclusive offers, promotions or new services or products. You have the right to opt out of receiving promotional communications at any time by contacting the matter partner. We may also record telephone calls and monitor emails for training, regulatory and compliance purposes.
4.2 Individuals involved in or connected with a client matter
In the course of a client matter, we may collect personal data about individuals employed by the counterparties of our clients or prospective clients. Such personal data may include information collected about claimants, policyholders, witnesses, investigators, experts, advisors and consultants. We may obtain this personal data directly from the individual, from third parties or public sources.
The types of personal data we collect may differ depending on what is necessary for and relevant to a particular client matter. However, the types of personal data we will collect generally are as follows: names, addresses, contact details and job/business details.
5. How and why we share your personal information with third parties
5.1 Courts, law enforcement authorities and regulators
We may have to disclose some information to third parties, including courts, law enforcement authorities, regulators, attorneys and other authorities. We accept instructions only on the understanding that we have your authority to do so when reasonable and necessary for the purposes of dealing with any matter on which you instruct us on your behalf, or in addressing any issue or concern you or we may identify in your interest, or (in the context of our insurance arrangements) in our own interest, or if required by law. If we have any doubt as to whether you might object to the disclosure of any information, we will seek to obtain your consent before doing so unless disclosure is required by our regulators, insurers, professional advisers or as a matter of law.
5.2 Third party service providers
We also use third party service providers to help us deliver efficient and cost-effective legal services. We may share your personal data with these third parties in the following circumstances:
- We may share your personal data with our employees as well as other legal specialists, barristers, consultants and experts engaged in your matter on a confidential basis where required for the provision of our legal services, internal administration, billing, compliance and reporting, promoting our events and services and other business purposes;
- Where we provide legal services to you, we may share your personal data with third-party providers for the purposes of our litigation services;
- We may share your personal data with third party providers who host the services on which our data is stored, our IT and marketing consultants and other suppliers of business and administrative services including debt recovery;
- We may share your personal data with third party providers that help us with money laundering and other compliance and reference checks and for other fraud and crime prevention purposes;
- We may share your personal data with our insurers and professional advisors as is necessary for the purposes of obtaining and maintaining insurance cover, obtaining professional advice, managing legal disputes and maintaining accounts records and financial audits; and
- We may also disclose your contact details on a confidential basis to third parties for the purposes of collecting feedback on our services and to improve and promote our services.
These third parties may include “cloud” service providers for document/information hosting, sharing, transfer, analysis, processing or storage. If you instruct us to use an alternative provider for storing, sharing or exchanging documents/information, we are not responsible for the security of the data or the provider’s security standards.
Any information which we share with third party providers will be pursuant to contractual arrangements which we put in place which require that the data is processed only in accordance with our instructions for specified purposes and applicable law.
We also reserve the right to disclose any information which it holds where necessary: a) to appropriate courts, law enforcement authorities, governmental or regulatory authorities, if required to do so by law or regulation or by any governmental or law enforcement agency; and b) in order to protect the vital interests of the data subject or of any other individual.
6. Transferring your personal data abroad
As we work as a joined team across our offices, we may sometimes transfer personal data between them where necessary to provide our services. We may also need to transfer personal data outside of the UK and the EEA to receive local legal advice from foreign law firms as well as other legal specialists, consultants and experts engaged in your matter.
We protect your personal data overseas through the following measures:
- We always make any personal data transfers in compliance with the data privacy laws of your home country.
- We ensure that any overseas third party to which your personal data is disclosed to:
- only uses that personal data for the purposes for which it was disclosed;
- undertakes the necessary technical and organisational measures which are reasonable in the circumstances to secure that personal data;
- deletes that personal data when it is no longer required; and
- processes your personal data in accordance with this Privacy Policy and the local data privacy laws.
7. How long we will retain personal data
Any personal data will be deleted when it is no longer reasonably required for the purposes for which you provided your consent or you withdraw your consent and we are not otherwise legally permitted to continue storing your data.
Where necessary, we will retain your personal data where it may be required for Geradin Partners to assert or defend any legal claims or otherwise asserts its rights or those of third parties until the end of the relevant retention period or until any claims have been resolved. We will also retain personal data where necessary to comply with our legal obligations, regulatory requirements and reporting obligations. We may also hold data in backup systems which are put in place to maintain the integrity of our IT systems for the minimum retention periods.
8. Your rights
Your rights in relation to your personal data are as follows:
- You have the right to request access to and a copy of any personal data about you which we hold.
- You have the right to request information about whether your personal data has been transferred outside the EU and any safeguards relating to this transfer.
- You have the right to ask us to correct any incorrect or incomplete personal data we may hold about you.
- Under certain circumstances, you have the right to ask us to delete any personal data we hold about you.
- Under certain circumstances, you have the right to limit the way we use your personal data by asking us not to process your personal data for certain purposes.
- Under certain circumstances, you have the right to object to us processing your personal data for certain purposes.
- Under certain circumstances, you have the right to request a copy of your personal data.
- Where you have provided consent to the collection, processing and transfer of your personal data for a specific purpose, and we are collecting, processing and transferring your data on the basis of that consent, you have the right to withdraw your consent for that specific processing at any time.
You can find more information about these rights by visiting:
- https://www.autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/exercising-your-rights-sis-ii-vis and
- https://ico.org.uk/for-the-public/
To make a request pursuant to these rights, please contact the matter partners.
We keep the Privacy Policy under regular review.