Polis Advocaten B.V. (Polis Advocaten) respects your privacy and ensures that the personal information we receive is treated confidentially. Polis Advocaten is responsible for the careful processing of your personal data in accordance with the General Data Protection Regulation (GDPR).
Purposes of the data processing
Polis Advocaten is the controller within the meaning of the GDPR. Personal data is any data that can provide information about an identifiable natural person. Polis Advocaten ensures the lawful, proper and transparent processing of your data.
Polis Advocaten only processes your personal data for the purposes set out below and will not process your data beyond what is necessary for those purposes:
- provision of legal services;
- compliance with legal obligations and obligations imposed by the Netherlands Bar Association (NOvA);
- prevention and combating of fraud and abuse;
- handling of complaints and questions;
- contacting relevant parties;
- provision of information;
- acquisition and marketing activities;
- improvement of the website and the provision of services;
- recruitment and selection;
- administration regarding internal and hired-in personnel;
- absenteeism and rehabilitation support.
Basis of the data processing
In principle, Polis Advocaten will process your data because this is necessary for the performance of the agreement (such as the legal services agreement or the employment contract, including the conclusion of that agreement or contract), for the establishment, exercise or defence of legal claims, or in accordance with permission granted by you. Any permission granted may be withdrawn at any time.
Polis Advocaten can also be obliged to process your data on the basis of a statutory obligation, for example, to be able to demonstrate that it complies with the rules of the GDPR or with its employer obligations.
Furthermore, Polis Advocaten can process data on the basis of its legitimate interest or that of a third party, such as recruitment, direct marketing or improving the user-friendliness of the website.
Whose personal data are processed?
Polis Advocaten processes personal data of:
- clients of Polis Advocaten and other parties involved to the extent this is necessary for the provision of legal services;
- recipients of newsletters and commercial emails from Polis Advocaten;
- visitors to the Polis Advocaten website;
- participants in webinars, courses and meetings arranged by Polis Advocaten;
- personal data obtained through social media;
- internal and hired-in personnel and job applicants.
Sharing data with third parties
Polis Advocaten can share your data with third parties who process your data under its responsibility. These parties are called processors and can be engaged by Polis Advocaten, for example, for ICT management in the context of data security. Polis Advocaten enters into processor agreements with these third parties. The processor agreements stipulate that your personal data will not be processed by the processor for any purpose other than the performance of the processor agreement with Polis Advocaten.
Furthermore, Polis Advocaten can share your data with the competent authorities in accordance with a legal obligation, or in the event of fraud or abuse.
Who has access to your data?
The employees of Polis Advocaten and the third parties they employ as processors will have access to your data, provided this is necessary for the performance of their duties. All parties have a duty to maintain confidentiality under the GDPR.
Know where your data are
Polis Advocaten and its processors will keep a record of when and to whom they provide what information. You may request this information from Polis Advocaten at any time.
Data retention period
Polis Advocaten will not retain your data for longer than is necessary for the aforementioned purposes or for a legitimate interest of Polis Advocaten. Your data will be deleted after the expiry of the retention period.
Polis Advocaten takes physical (organisational) as well as digital (technical) measures to protect your data against loss, destruction or damage, and against the unauthorised and unlawful processing of your data.
The Polis Advocaten website uses a secure connection (‘https://’). Information is encrypted so that only the sender and the receiver can read it. The web pages where you enter your data are secured by means of the SSL certificate. This ensures that this information cannot be read by third parties.
Polis Advocaten will report any loss, theft or abuse of personal data to you as soon as possible if it is obliged to do so. Polis Advocaten will render every assistance in the investigation by the Dutch Data Protection Authority relating to such security incidents or data breaches.
Information about enabling, disabling and deleting cookies can be found in your browser’s Help function.
Your privacy rights
You are entitled to:
- access your data:
- rectification (changes or additions) or deletion (removal) of your data;
- limitation of the relevant processing;
- object to the processing and use of your data;
- data portability, i.e. the right to receive your data for personal use or re-use, or for transfer to another organisation.
All this, if and insofar as the restrictions ensuing from the GDPR (Article 23) do not prevent this.
If you want to know what personal data Polis Advocaten processes, you can submit an access request. Are your data incorrect, incomplete or irrelevant? Then, you can submit an additional request to have the data changed or supplemented.
In addition, the data can be deleted at your request, to the extent this does not impede the performance of the current agreement with Polis Advocaten or any other legitimate interest of Polis Advocaten, and insofar this is not impeded by any legal obligation. After your personal data has been deleted from Polis Advocaten’s active databases, the backups will be retained for five years.
You can exercise all your rights via the email address firstname.lastname@example.org. Polis Advocaten will respond to your request within four weeks. If you request access and this is not subject to any restrictions, Polis Advocaten will send you an overview of your data.
You can always unsubscribe from commercial emails and newsletters.
You are also entitled to lodge a complaint with the Dutch supervisory authority, the Data Protection Authority in the event of improper data processing. See for the contact details: www.autoriteitpersoonsgegevens.nl.
Changes to privacy statement
Polis Advocaten reserves the right to change this privacy statement. Polis Advocaten therefore recommends that you consult this privacy statement regularly. This privacy statement was last updated on 25 May 2018.