1. This privacy statement applies to the processing of personal data by the limited liability company Corporate & Recovery . Legal b.v., also trading under the names corporaterecovery.legal, C&R.L and corporate&recovery.legal (“C&R.L”, “we” or “us”).
2. In this Statement we explain, among other things, which personal data of which categories of persons we process and for what purpose we do so.
3. This Statement may be modified by us at any time. The most current version of this Statement can always be found on our website. We recommend you consult our website regularly so that you are aware of these modifications.
4. As a law firm, C&R.L processes personal data. This includes personal data of: • persons who are clients of C&R.L or who are employed by our clients (hereinafter: “Clients”); • persons from whom C&R.L purchases products or services or who are employed by our suppliers (hereinafter: “Suppliers”); and • third parties, such as persons who are not clients, but whose personal data do appear in the files we are handling (including counterparties) and other lawyers, attorneys and/or experts with whom we cooperate (hereinafter: “Third Parties”).
5. We process the following personal data of Clients: • Contact details (such as name and address details, telephone numbers and e-mail addresses), date of birth, gender and, where applicable, an identity document; • Data for the purpose of handling the case or settling the dispute, including data of counterparties or third parties; • Data for the purpose of calculating and recording fees and expenses, making payments and collecting claims, such as bank and salary data; and • Other data that are required or need to be processed with regard to the application of laws or regulations.
6. We process the following personal data of Suppliers: • Contact details (such as name and address details, telephone numbers and e-mail addresses) and gender; • Data for the purpose of placing orders or purchasing services; • Data for the purpose of calculating and recording expenses and making payments, such as bank details; and • Other data that are required or need to be processed with regard to the application of laws or regulations.
7. We process the following personal data of Third parties: • Contact details (such as name and address details, telephone numbers and e-mail addresses), date of birth, place of birth and gender if and to the extent that they have been made known to us; • Content of (electronic) messages originating from or intended for Third parties; • Data for the purpose of calculating and recording fees and expenses, making payments and collecting claims, such as bank details; and • Other data provided to us by Clients or other third parties or obtained from public sources in the context of the handling of a case.
8. If the processing of your personal data is based on consent, you have the right to withdraw this consent at any time. This does not affect the lawfulness of processing based on consent before this withdrawal.
9. We may share Clients’ personal data with: personnel or executives involved in the handling of a case; Suppliers, such as external translation agencies; Third parties, such as counterparties, lawyers, attorneys and experts in connection with our services; and others, with consent of the Client, or if there is a legal obligation.
10. We may share Suppliers’ personal data with: personnel or executives involved in the ordering or provision of services by the Supplier; and others, with consent of the Supplier, or if there is a legal obligation.
11. We may share Third parties’ personal data with: personnel or executives involved in the handling of a case; Clients or other third parties, such as counterparties or other lawyers, in the context of our services; Suppliers, such as external translation agencies; and others, with consent of the Third party, or if there is a legal obligation.
12. In the event of the disclosure of personal data to another party, we will, if necessary, enter into a (data processing) agreement with that party, which meets all the requirements of the General Data Protection Regulation. We do not provide personal data to other parties for commercial purposes.
13. Sometimes we have to transfer personal data to a country outside the European Economic Area (EEA). For example, when a judgment has to be enforced abroad or when we purchase services from Suppliers located outside the EEA. If such a situation arises and your personal data is transferred to a country which provides a lower level of protection for your personal data than countries within the EEA, we will put in place appropriate safeguards to protect your personal data, such as the conclusion of the EU Standard Contractual Clauses with the recipient of your personal data.
14. When processing personal data, we maintain at all times a level of security which, given the state of the art and the costs of implementation, is appropriate, among other things, to prevent unauthorized access, alteration, disclosure, loss or any other form of unlawful processing of personal data.
15. We do not retain your personal data longer than necessary for the purposes for which they are processed, unless the data must be kept longer in order to comply with legal obligations, such as a statutory retention period.
16. You have the right to request us access to (including a copy), rectify and/or delete your personal data, to restrict the processing of your personal data, as well as the right to object to the processing or to request the transfer of the personal data you have provided to us. You can contact us for this via email@example.com.
17. In order to prevent misuse, we may ask you to identify yourself adequately before we process your request. Circumstances may arise as a result of which we cannot, or cannot fully, comply with your request. Examples are the professional secrecy of lawyers and statutory retention periods. If such a circumstance arises, we will report it to you. In principle, we will respond to your request within one month of receipt.
18. We will be happy to help you if you have any questions, comments or complaints regarding this Statement. You can do so by mailing or by calling to the contact details provided below. You also have the right at all times to lodge a complaint with the Dutch Data Protection Authority, or if you live or work in another country, to the supervisory authority of that country. Mr. R.C.M. van Moorsel, e-mail: firstname.lastname@example.org, Tel. +31 70 22 007 22, Javastraat 21, 2585 AC, The Hague, the Netherlands.
19. This Statement was determined on 31-03-2022