1. What is the purpose of this Policy?
2. Who is responsible for processing your data?
3. Why do we process your data?
4. Where does the data come from?
5. Who do we communicate your data to?
6. Is your personal data also transferred abroad?
7. What are your rights?
8. How are cookies, similar technologies and social media plug-ins used on our website and other digital services?
9. What else should you take into account?
AEB Law or Anthony Braham, lawyer (hereinafter “AEB” or “we”) is a law firm headquartered in Lausanne. In the course of our professional activities, we collect and process personal data, in particular those relating to our clients, persons connected to them, opposing parties, courts and authorities, affiliated law firms, associations professionals and other organizations, people who visit our website, participants in events, recipients of newsletters, as well as other organizations or their respective contact persons and employees (hereinafter also “you”). By means of this declaration, we inform you of the processing of this data. In addition to this document, we may inform you by other means (e.g. with forms or specific contractual clauses). If you provide us with data about other people (e.g. family members, representatives, opposing parties or other related persons), we assume that you are authorized to do so, that this data is correct and that you have ensured that these persons are informed of this communication, to the extent that a legal obligation to inform is applicable (e.g. by bringing this declaration to their attention beforehand).
2. Who is responsible for processing your data?
Anthony Braham, avocat
Rue Saint-Pierre 2
3. Why do we process your data?
When you use our services or browse www.aeblaw.ch (hereinafter the “website”) or contact us in any other way, we collect and process different categories of your personal data. We do this, as a general rule, for the following purposes:
we process personal data in order to be able to communicate with third parties or you, such as parties to proceedings, courts or authorities, by email, telephone, letter or in any other way (e.g. to respond to requests in the context of legal advice and representation as well as the preparation or execution of contracts). To do this, we process in particular the content of the communication, your contact data as well as the related metadata.
Preparation and conclusion of contracts: with a view to concluding a contract, in particular one which aims to establish the mandate, with yourself or your principal or employer, which also includes the clarification of possible conflicts of interest, In particular, we may collect your name, contact details, powers of attorney, declarations of consent, information about third parties (e.g. contact persons, information about family and opposing parties), the content of the contract, the date conclusion, creditworthiness information as well as all other data that you make available to us or that we collect from public sources or third parties (e.g. commercial register, financial information companies, criminal records, media, insurance legal protection or on the Internet).
Management and execution of contracts: we collect and process personal data in order to fulfill our contractual obligations towards our clients and other co-contractors (e.g. suppliers, service providers, affiliated law firms, partners project) and, in particular, to provide and demand the contractual services. This also includes data processing for the management of mandates (e.g. legal advice and representation of our clients before courts and authorities) as well as data processing for the execution of contracts (collection, legal proceedings, etc. .), accounting and public communication (if permitted). To do this, we process in particular the data that we receive or have collected as part of the pre-contractual procedures, the conclusion and execution of the contract, as well as the data that we establish during our contractual services or that we collect from public sources or other third parties (e.g. courts, authorities, opposing parties, information companies, media, detective agencies or on the Internet). This data may in particular include reports of interviews and consultations, notes, internal and external correspondence, contractual documents, documents that we prepare and receive in the context of proceedings before courts and authorities (e.g. e.g. acts concerning complaints, requests, appeals or appeals, judgments and decisions), general information concerning you, opposing parties and other persons, as well as other information related to the mandate , proof of services, invoices as well as financial and payment information.
Security and access controls: we collect and process personal data in order to ensure and continuously improve the appropriate security of our IT system and other infrastructure. This includes e.g. ex. monitoring and controlling electronic access to our IT systems as well as physical access to our premises, analyzing and testing our IT infrastructure, system and error checks, and creating security safeguards. For documentation and security purposes (preventatively and to clear up incidents), we may also keep access logs or visitor lists for our premises and use surveillance systems (e.g. security cameras). We inform you of the presence of these systems on site.
4. Where does the data come from?
From you (or your terminal) when you communicate to us the data that we process (e.g. in relation to our services, the use of our site and our applications or the communication which established with our study). You are not required to provide your data, except in special cases (e.g. when it is a legal requirement). However, if you wish to e.g. enter into a contract with our firm or use our services, you must communicate certain data to us. The use of our website also requires certain data processing.
From third parties: we may also collect data from publicly available sources (e.g. debt collection register, land register, commercial register, media or the Internet, including social media) or obtain it from (i) authorities, (ii) your employer or principal who is either in a business relationship with our firm or otherwise in a relationship, as well as (iii) other third parties. This includes, in particular, data that we process in the context of the preparation, conclusion and execution of contracts as well as data resulting from correspondence and interviews with third parties, but also all other categories of data in accordance with in Section 3.
5. Who do we communicate your data to ?
With regard to the objectives listed in Section 3, we transmit your personal data in particular to the categories of recipients mentioned below. If necessary, we ask for your consent or we are released from our obligation of professional secrecy by the competent supervisory authority.
Service providers: we collaborate with service providers in Switzerland and abroad who (i) process – on our behalf (e.g. IT service providers), (ii) in joint responsibility with our study or (iii) under their own responsibility – data they have received from us or collected for us. (These service providers include e.g. IT service providers, banks, insurance companies, debt collection companies, financial intelligence companies, address checkers, other law firms or consulting firms). We enter into contracts with these third parties relating to the use and protection of personal data.
Customers and other contractual partners: these are primarily our customers and other contractual partners for whom the transmission of your data arises from the contract (e.g. because you work for a contractual partner or they provide you benefits). Also included in this category of recipients are organizations with which we cooperate, such as other law firms in Switzerland and abroad, as well as legal protection insurance. Recipients generally process the data under their own responsibility.
Authorities and courts: we may transmit personal data to offices, courts and other authorities in Switzerland and abroad if this is necessary for the execution of our contractual obligations, in particular for the management of the mandate, or if we are legally required or authorized to do so, or if it seems necessary to safeguard our interests. These recipients process the data under their own responsibility. Opposing parties and other persons involved: to the extent that this is necessary for the execution of our contractual obligations, in particular for the management of the mandate, we also transmit your personal data to opposing parties and other persons involved (guarantees , financiers, related companies, other law firms, reference persons or experts, etc.).
Other people: these are other cases, where the involvement of third parties arises from the purposes mentioned in Section 3. This concerns p. ex. delivery recipients or payment recipients indicated by you, third parties in agency relationships (e.g. your lawyer or bank) or persons involved in administrative or legal proceedings. We may also transmit your personal data to our supervisory authority, in particular if this is necessary to release us from our obligation of professional secrecy in a particular case. If we collaborate with media and transmit material to them (e.g. photos), you may also be affected. As part of entrepreneurial development, we may sell or acquire new shares, certain of our activities, assets or companies, or enter into partnerships, which may again result in the communication of data (including information about you , e.g. as a customer or supplier, or as their representative) to persons involved in these transactions. As part of communication with our competitors, industry organizations, associations and other bodies, there may also be an exchange of data concerning you. All these categories of recipients may in turn use third parties, so that your data may also be accessible to them. We may restrict processing by certain third parties (e.g. IT service providers), but not by other third parties (authorities, banks, etc.).
6. Is your personal data also transferred abroad?
We process and store personal data mainly in Switzerland and the European Economic Area (EEA), but also potentially – e.g. ex. through subcontractors of our service providers or in proceedings before foreign authorities or courts – in other countries around the world. If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to comply with a sufficient level of data protection (for this purpose we use the revised standard contractual clauses of the European Commission, which can be consulted at https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX:32021D0914, including the necessary additions for Switzerland), to the extent that the same recipient is not already subject to a set of rules recognized by law to guarantee data protection. We may also communicate personal data to a country that does not have adequate protection, without entering into a specific contract, if we can rely on an exceptional provision in this regard. Such an exception may apply in particular in the event of legal proceedings abroad, but also in cases of overriding public interest or when the execution of a contract requires such communication in your interest (e.g. when we communicate data to our affiliated studies), when you have given your consent or obtaining it is not possible within a reasonable time and the communication is necessary to protect your life or physical integrity, but also that of a third party, or when it concerns data that you have made generally accessible and of which you have not refused the processing. We also rely, in certain circumstances, on the exception for data originating from a register provided for by law (e.g. the human resources register) and which we have been able to consult as of right.
7. What are your rights ?
You have certain rights in relation to our data processing. In accordance with applicable legislation, you may in particular request information on the processing of your personal data, have those that are inaccurate corrected, request their deletion, object to data processing, request the delivery of certain personal data in a digital format. current or their transfer to other responsible parties. If you wish to exercise your rights with regard to us, please contact us using the contact details given in Section 2. So that we can exclude any misuse, we must identify you (e.g. with a copy of your identity card, if necessary). Please note that conditions, exceptions or restrictions apply to these rights (e.g. to protect third parties or trade secrets or due to our obligation of professional secrecy). We reserve the right to redact documents or only deliver extracts for reasons of data protection or confidentiality.
8. How are cookies, similar technologies and social media plug-ins used on our site and other digital services?
Google Analytics Supplier: Google Ireland Data protection information: https://support.google.com/analytics/answer/6004245 Information for Google accounts: https://policies.google.com/technologies/partner-sites?hl=fr Some of the third-party providers we use may be located outside of Switzerland. You will find information on data communication abroad in Section 6.
From a data protection point of view, they are “only” subcontractors. Their data protection declarations contain further information on this. Some platform operators may be located outside of Switzerland. You will find information on data communication abroad in Section 6.
9. What else should you take into account ?
If the EU General Data Protection Regulation (“GDPR”) applies to certain data processing operations, this chapter further applies exclusively for the purposes of the GDPR and to the data processing operations subject to it:
As mentioned in Section 3, the processing is necessary for the performance of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at the request of the data subject (art. 6 al. 1 let. b GDPR);
The processing is necessary to safeguard our legitimate interests or those of a third party, as indicated in Section 3, in particular for communication with third parties or yourself, for the operation of our site, for the improvement of our digital offers and registration for certain offers and services, for security purposes, for the compliance with Swiss law and internal regulations for our risk management or business, and for other purposes such as education and training, administration, fixing of proof and quality assurance, organization , the carrying out and monitoring of events, as well as for the safeguarding of other legitimate interests (art. 6 al. 1 let. f GDPR);
The processing is prescribed or authorized by law due to our mandate or our status under the law of the EEA or a Member State (art. 6 para. 1 let. GDPR), or is necessary for safeguarding the vital interests of the data subject or another person (Art. 6 al. 1 let. d GDPR);
You have explicitly consented to the processing.
Please note that we process your data in principle for as long as our processing purposes permit (see Section 3), as long as legal retention periods and our legitimate interests require it, in particular for purposes of documentation and evidence, or if storage is technically necessary (e.g. in the case of backups or document management systems). If no legal or contractual obligation or technical reason prevents this, we will in principle delete or anonymize your data upon expiry of the storage or processing period as part of our usual procedures and in accordance with our retention policy. . If you do not provide certain personal data, it may be impossible to provide the corresponding services or conclude a contract. As a general rule, we indicate cases where the personal data we request is mandatory. In accordance with Section 7, the right to object to the processing of your data applies in particular to cases of direct marketing. If you do not agree with the way we handle your rights or data protection, please let us know (see contact details in section 2). If you are located in the EEA, you also have the right to lodge a complaint with the data protection supervisory authority in your country. You can find a list of EEA authorities under https://edpb.europa.eu/about-edpb/board/members_fr.