Privacy statement

Polis Advocatuur B.V. (Polis Advocatuur) respects your privacy and ensures that the personal information I receive is treated confidentially. Polis Advocatuur is responsible for the careful processing of your personal data in accordance with the General Data Protection Regulation (GDPR).

Purposes of the data processing

Polis Advocatuur is the controller within the meaning of the GDPR. Personal data is any data that can provide information about an identifiable natural person. Polis Advocatuur ensures the lawful, proper and transparent processing of your data.
Polis Advocatuur only processes your personal data for the purposes set out below and will not process your data beyond what is necessary for those purposes:

• provision of legal services;
• compliance with legal obligations and obligations imposed by the Netherlands Bar Association (NOvA);
• prevention and combating of fraud and abuse;
• handling of complaints and questions;
• contacting relevant parties;
• provision of information;
• acquisition and marketing activities;
• improvement of the website and the provision of services;
• recruitment and selection;
• administration regarding internal and hired-in personnel;
• absenteeism and rehabilitation support.

Basis of the data processing

In principle, Polis Advocatuur will process your data because this is necessary for the performance of the agreement (such as the legal services agreement or the employment contract, including the conclusion of that agreement or contract), for the establishment, exercise or defence of legal claims, or in accordance with permission granted by you. Any permission granted may be withdrawn at any time.

Polis Advocatuur can also be obliged to process your data on the basis of a statutory obligation, for example, to be able to demonstrate that it complies with the rules of the GDPR or with its employer obligations.

Furthermore, Polis Advocatuur can process data on the basis of its legitimate interest or that of a third party, such as recruitment, direct marketing or improving the user-friendliness of the website.

Whose personal data are processed?

Polis Advocatuur processes personal data of:

• clients of Polis Advocatuur and other parties involved to the extent this is necessary for the provision of legal services;
• recipients of newsletters and commercial emails from Polis Advocatuur;
• visitors to the Polis Advocatuur website;
• participants in webinars, courses and meetings arranged by Polis Advocatuur;
• personal data obtained through social media;
• internal and hired-in personnel and job applicants.

Sharing data with third parties

Polis Advocatuur can share your data with third parties who process your data under its responsibility. These parties are called processors and can be engaged by Polis Advocatuur, for example, for ICT management in the context of data security. Polis Advocatuur enters into processor agreements with these third parties. The processor agreements stipulate that your personal data will not be processed by the processor for any purpose other than the performance of the processor agreement with Polis Advocatuur.

Furthermore, Polis Advocatuur can share your data with the competent authorities in accordance with a legal obligation, or in the event of fraud or abuse.

Who has access to your data?

The employees of Polis Advocatuur and the third parties they employ as processors will have access to your data, provided this is necessary for the performance of their duties. All parties have a duty to maintain confidentiality under the GDPR.

Know where your data are

Polis Advocatuur and its processors will keep a record of when and to whom they provide what information. You may request this information from Polis Advocatuur at any time.

Data retention period

Polis Advocatuur will not retain your data for longer than is necessary for the aforementioned purposes or for a legitimate interest of Polis Advocatuur. Your data will be deleted after the expiry of the retention period.

Data security

Polis Advocatuur takes physical (organisational) as well as digital (technical) measures to protect your data against loss, destruction or damage, and against the unauthorised and unlawful processing of your data.

The Polis Advocatuur website uses a secure connection (‘https://’). Information is encrypted so that only the sender and the receiver can read it. The web pages where you enter your data are secured by means of the SSL certificate. This ensures that this information cannot be read by third parties.

Polis Advocatuur will report any loss, theft or abuse of personal data to you as soon as possible if it is obliged to do so. Polis Advocatuur will render every assistance in the investigation by the Dutch Data Protection Authority relating to such security incidents or data breaches.

Cookies

Polis Advocatuur uses cookies on its website. These are small text files that are sent to your computer, tablet or smartphone through the internet page to make electronic communication easier and faster.

Information about enabling, disabling and deleting cookies can be found in your browser’s Help function.

Your privacy rights

You are entitled to:

• access your data:
• rectification (changes or additions) or deletion (removal) of your data;
• limitation of the relevant processing;
• object to the processing and use of your data;
• data portability, i.e. the right to receive your data for personal use or re-use, or for transfer to another organisation.

All this, if and insofar as the restrictions ensuing from the GDPR (Article 23) do not prevent this.

If you want to know what personal data Polis Advocatuur processes, you can submit an access request.  Are your data incorrect, incomplete or irrelevant? Then, you can submit an additional request to have the data changed or supplemented.

In addition, the data can be deleted at your request, to the extent this does not impede the performance of the current agreement with Polis Advocatuur or any other legitimate interest of Polis Advocatuur, and insofar this is not impeded by any legal obligation. After your personal data has been deleted from Polis Advocatuur’s active databases, the backups will be retained for five years.

You can exercise all your rights via the email address info@polisadvocatuur.nl. Polis Advocatuur will respond to your request within four weeks. If you request access and this is not subject to any restrictions, Polis Advocatuur will send you an overview of your data.

You can always unsubscribe from commercial emails and newsletters.

You are also entitled to lodge a complaint with the Dutch supervisory authority, the Data Protection Authority in the event of improper data processing. See for the contact details: www.autoriteitpersoonsgegevens.nl.

Changes to privacy statement

Polis Advocatuur reserves the right to change this privacy statement. Polis Advocatuur therefore recommends that you consult this privacy statement regularly. This privacy statement was last updated on 25 May 2018.