Privacy Policy

1. Introduction

1.1. This Privacy Policy describes how lawfy, a service provided by GlonetPartners GmbH, (“lawfy”) Process Personal Data (as defined subseq).

1.2. lawfy is committed to guarantee a high level of data protection.

1.3. This Privacy Policy is not necessarily a comprehensive description of the Processing within lawfy. It is possible that other data protection statements are applicable (e.g. employee information) or that the Processing is evident from the circumstances or is provided for by applicable law.

2. Processing of Personal Data

2.1. The term “Personal Data” shall mean all information relating to an identified or identifiable person, as set out section 2.5 hereinafter.

2.2. The term “Process” respectively “Processing” shall mean any operation which is performed on Personal Data (such as collection, recording, storage, adaptation, use, restriction, disclosure etc.).

2.3. lawfy Processes Personal Data of:
▪ users of websites and social media channels of lawfy (“User”);
▪ parties (including their employees) purchasing and receiving or otherwise benefitting from products and services of lawfy;
▪ suppliers (including their employees) delivering products and services to lawfy;
▪ other collaborating parties (including their employees) of lawfy;
▪ potential parties (including their employees) interested in products and services of lawfy;
▪ recipients of newsletters or other electronical or printed information of lawfy;
▪ participants of courses, seminars or other events organized by lawfy;
(all together “Customer”).

2.4. lawfy collects the Personal Data generally directly from its Customer, meaning during the course of their use of the websites or other IT systems of lawfy or during their communication via email, telephone or in any other way with lawfy respectively its employees.

2.5. In particular, lawfy Processes the following categories of Personal Data of its Customers:
▪ Personal Data and contact information including, but not limited to, first and last name, maiden name, address, telephone number, email address, age, date of birth, gender, marital status, relatives, information regarding emergency contact, picture, place of birth, nationality, information regarding debt prosecution and regarding sanction lists, etc.;
▪ data pertaining to orders and purchases including, but not limited to, payment information, credit card details and other payment details, billing and shipping address, Customer name and number, VAT registration number, services ordered and purchased, information connected to queries, complaints and disagreements relating to products and services or respective contracts entered into such as warranty claims, rescissions and disputes etc.;
▪ data in connection with marketing including, but not limited to, information such as newsletter opt-ins and opt-outs, documents received, invitations to and participations at events and special activities, etc.;
▪ data concerning the use of lawfy’s websites including, but not limited to, IP address and other identification such as e.g. user name of social media, mac (media-access-control) address of smartphones or computers, cookies, date and time of website visits, visited sites and contents, referring websites etc.;
▪ data in connection with communication including, but not limited to, preferred means of communication, correspondence and communication (both in writing or orally disclosed) with lawfy etc.;

3. Purposes of the Processing

3.1. In accordance with applicable law, lawfy may Processes Personal Data namely for, but not limited to, the following purposes:
▪ offering of services (legal advice, etc.), conclusions and executions of contracts;
▪ maintenance and development of customer relationships, communication, customer service and support;
▪ promotions, advertisement, events and marketing (including newsletters and mailing of promotional materials);
▪ operation of websites, social media channels and further IT systems of lawfy;
▪ statistics;
▪ compliance with legal and regulatory requirements and internal rules of lawfy, audits and controlling, financial accounting, enforcement and exploitation of legal rights and claims, defense against legal claims, litigation, complaints, engaging in legal investigations and proceedings and responding to inquiries of public authorities;
▪ other purposes as far as a legal obligation requires the Processing and such Processing was evident from the circumstances or indicated at the time of the collection;
(all together “Purposes”).

4. Legal grounds for the Processing

4.1. lawfy Processes the Personal Data on the following legal grounds:
▪ compliance with legal obligations of lawfy;
▪ performance of its services and contracts;
▪ consent of the Customer (only insofar as Personal Data is Processed after specific queries, can be withdrawn at any time, namely the receipt of newsletters for which the Customer has registered for);
▪ legitimate interests of lawfy, including but not limited to
− the protection of Customers, employees and other individuals as well as protection of data, secrets and assets of or entrusted to lawfy, security and safety of systems and premises of lawfy;
− advertisement and marketing activities;
− customer support, maintenance of contact and other communication with prospective Customers or other persons;
− statistics and understanding of customer behavior, activities, concerns, market studies;
− development and improvement of both existing and new services;
− ensuring and maintenance of business operations, websites and other IT systems;
− compliance with legal and regulatory requirements and internal rules of lawfy, concerns regarding the prevention of fraud, offences and crimes as well as investigation in connection with such offences and other improper conduct, handling of claims and actions against lawfy, cooperation in legal proceedings and with public authorities as well as the prosecution, exercise of and defense against legal actions;

4.2. lawfy may rely on one or several legal grounds for each individual Processing.

5. Disclosure of the Personal Data

5.1. In accordance with applicable data protection laws, lawfy may disclose Personal Data to the following categories of third parties:
▪ service providers;
▪ dealers, suppliers and other business partners;
▪ Customers of lawfy;
▪ local, national and foreign authorities;
▪ media, public, including visitors of websites and social media of lawfy;
▪ industry organizations , associations, organizations and other committees;
▪ competitors;
▪ other parties in potential or actual legal proceedings;
(all together “Third Parties”).

5.2. The Third Parties Process the Personal Data in accordance with the Purposes on behalf of lawfy or for their own Purposes.

6. Transfer of Personal Data
We may disclose your Personal Data within lawfy as well as to Third Parties in every country worldwide, including to countries in which service providers of lawfy Process their data. If Personal Data is disclosed to countries that do not guarantee adequate protection, lawfy will ensure adequate protection of Personal Data by way of putting adequate contractual guarantees in place, namely on the basis of EU standard clauses, binding corporate rules or it bases the transfer on the exceptions of consent, conclusion or performance of contract, the establishment, exercise or defense of legal claims, overriding public interests or it discloses the data in order to protect the integrity of these individuals.

7. Storage of Personal Data
As a rule, lawfy retains the Personal Data as long as the contractual relationship is ongoing and for ten years after the termination of the contractual relationship unless a longer statutory store obligation is applicable on a case- by-case basis. For operational data containing Personal Data (e.g. protocols, logs) shorter retention periods are applicable in general. Business records (including communication) will be retained as long as lawfy has an interest in them (namely an interest for reasons of proof in case of claims, documentation of compliance with certain legal or other requirements, an interest in non- personalized analysis) or is obligated to do so (by way of contract, law or other provisions).

8. Access, rectification or erasure of Personal Data

8.1. Any affected Customer may request information from lawfy regarding the Processing of the Personal Data. In addition, the Customers have the right to request the correction, destruction or restriction as well as to object to the Processing of Personal Data (“Subject Rights”).

8.2. Should the Processing of Personal Data be based on consent by Customer, the Customer may withdraw the consent at any time. However, such withdrawal shall not have retroactive effect.

8.3. lawfy reserves the right to restrict the Subject Rights in accordance with applicable law (e.g. not to disclose comprehensive information or not to delete data).

8.4. lawfy reserves the right to restrict the Subject Rights in accordance with applicable law (e.g. not to disclose comprehensive information or not to delete data).

9. Cookies and newsletters

9.1. lawfy reserves the right to use cookies within the legal framework to track User preferences and to improve the design of its websites. Cookies are a widespread technique that allocates an identification to the browser of the User of a websites which the User saves and shows upon request. The User may block the application of cookies on his browser or delete cookies there which may, however, impair the use of the website.

9.2. In accordance with applicable law, lawfy may send newsletters or other commercial communications in connection with its products and services to Customers. The respective Customer may object to a further mailing of newsletters or other commercial communications at any time by a link indicated in the mailing.

10. Google Analytics
lawfy may use Google Analytics (or similar services) on its website. These applications are third party services which allow lawfy to measure and analyse the use of its website. The provider of such such services may be located in any country worldwide (e.g. in the U.S.). The service provider uses permanent cookies for these applications. lawfy will not disclose any personal data to the service provider. However, the service provider may monitor the use of the website by the User and combines this data with data from other websites monitored by the same service provider which the User has visited and the services may use there findings for its own benefits. The service provider knows the identity of the User who has registered with the service provider. The service provider will provide data on the use of the website to lawfy.

11. Changes of the Privacy Policy

11.1. lawfy is entitled to amend this Privacy Policy at any time and without prior notice or announcement. The latest version according to the website shall be applicable.

11.2. Should the Privacy Policy form part of an agreement with Customers, lawfy may inform them of an up-date by email or in another appropriate manner. The update shall be deemed to have been accepted by the Customer unless an objection is raised within 30 days of notification.