HOYNG ROKH MONEGIER LLP (Amsterdam and Brussels), HOYNG ROKH MONEGIER VÉRON AARPI (Paris), Hoyng Reimann Osterrieth Köhler Haft Monégier du Sorbier Partnerschaftsgesellschaft von Rechtsanwälten mbB (Düsseldorf, Mannheim and Munich) and HOYNG ROKH MONEGIER Spain LLP (Madrid) are the members of HOYNG ROKH MONEGIER Europe LLP (collectively referred to as ‘HRM’ and singly as a or the ‘member(s)’).
Each member is a personal data controller in relation to its clients, potential clients, business contacts and any other persons that contact HRM/a member or whose personal data HRM/a member receives. HRM shares personal data with its members where and when necessary, in which case the members in question act as joint controllers.
This Privacy Statement describes the types and categories of personal data that are collected and processed by the members of HOYNG ROKH MONEGIER Europe LLP, the purposes of and legal bases for such data collection and processing, the duration of data processing, the measures taken to protect data, and the rights of data subjects.
Scope of this Privacy Statement
This Privacy Statement applies to all persons whose personal data are processed by HRM or any of its members, including:
• potential clients
• visitors to HRM’s website
• recipients of information sent by HRM or its members
• any other persons that contact HRM or a member or whose personal data HRM or a member processes, including applicants.
HRM processes personal data provided to us in the course of business, be it directly by the data subject, such as during a visit to our website, or indirectly, e.g. through other sources such as social media.
In addition to personal data obtained through our website, informational emails and related technologies, HRM also processes contact details and other personal data provided by data subjects:
• when necessary for the handling of a file by a lawyer or other service provider in that context;
• to respond to a request from or concerning the data subject;
• through the completion of contact forms or other electronic forms;
• during meetings, events, seminars etc. including business cards.
Use of similar technologies
HRM collects and processes personal data:
• available on or provided by the data subject through publicly available social media platforms such as Facebook, LinkedIn or Twitter;
• available on publicly accessible professional websites, such as trade registers and other public sources.
Purposes for which personal data are processed
HRM and its members process personal data for the following purposes:
• to perform an agreement with the data subject for the provision of services by our lawyers and/or others involved in the file and invoicing;
• to fulfil legal obligations;
• to enter into and maintain contact with contacts, clients and potential clients; contact details are stored in a database and can be used to send information, updates, invitations to events and seminars and requested information;
• to determine user statistics for HRM’s website and get an idea of the number of visitors and sections visited and propose improvements to the website. These data do not allow to identify data subjects.
• to control access and ensure security; please note that the owners of the buildings where HRM’s offices are located may impose additional security measures, such as video surveillance and visitor registration, and thus act as data controllers for such purposes.
Legal grounds for processing
Personal data are processed based on one of the following legal grounds laid down in the General Data Protection Regulation or GDPR (Regulation (EU) No 2016/679), depending on the categories of personal data concerned and the purposes for which they are used:
• to perform or conclude an agreement for the provision of legal or prosecution services, to the extent necessary;
• to comply with a legal obligation under the national laws applicable to HRM’s members;
• to promote HRM’s legitimate interests, for instance to send information and invitations to seminars and events, request the evaluation of our skills and services for legal directories, etc.;
• on the basis of consent for a specific use of personal data, in which case consent may be withdrawn at any time.
IT service providers that process personal data on HRM’s behalf do so solely further to our instructions. We have concluded agreements with such processors that meet the requirements laid down by the GDPR.
Sharing of personal data with third parties
When useful or required, HRM and its members may share personal data with third parties in order to handle a file, conclude an agreement, fulfil a legal obligation, comply with a court order, organise a seminar or in the event of a merger or reorganisation, etc.
Please note that personal data are never shared with third parties for purely commercial purposes.
Transfers of data outside the European Economic Area (EEA)
HRM may need to transfer personal data to parties located outside the European Economic Area (EEA) for the abovementioned reasons, in keeping with the GDPR requirements on an adequate level of protection.
Period for which personal data are kept
HRM retains personal data only for as long as useful and/or required according to the applicable regulatory and statutory obligations and/or professional standards and/or to fulfil the purpose for which the data are processed.
Confidentiality and security
HRM, its members and any entity that processes personal data on our behalf are committed to ensuring the confidentiality and security of data. To this end, all appropriate technical, organisational and information security policies and measures have been implemented.
Personal data are effectively protected against unauthorized access, modification, improper use, loss and destruction.
We use Matomo Analytics (https://matomo.org/), an open-source project of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, to analyze traffic on our website and optimize our content for best user experience. You can learn more about Matomo’s data protection and privacy policies at https://matomo.org/privacy-policy/.
All analytics data is stored in our own database on premise and not transferred to third parties. We use Matomo without cookies and do not track users across websites.
Visitors’ IP addresses are anonymized by masking the last two bytes of the respective IP address (e.g. 192.168.xxx.xxx) before being processed for analytics; we do not process full IP addresses for analytics.
We track geolocations, but due to the anonymization of IP addresses, geolocations may not be accurate but only approximations.
- Date and time of the request
- Title of the page being viewed (Page Title)
- URL of the page being viewed (Page URL)
- Duration of visit on page (Time on page)
- URL of the page that was viewed prior to the current page (Referrer URL)
- Screen resolution being used
- Time in local user’s timezone
- Files that were clicked and downloaded
- Links to an outside domain that were clicked
- Pages generation time (the time it takes for webpages to be generated by the webserver and then downloaded by the user: Page speed)
- Location of the user: country, region, city, approximate latitude and longitude (Geolocation; see the limitations described above)
- Main Language of the browser being used (Accept-Language header)
- User Agent of the browser being used (User-Agent header)
The legal basis for the processing described above is Art. 6 para. 1 lit. f GDPR. We process the aforementioned data for the purpose of improving our content and adapting it to our visitors’ interests and needs. The statistical analysis of visits and visitors’ behavior on our site enables us to better match visitors’ interests and preferences and thereby create a better user experience and make our website more attractive. This purpose also forms our legitimate interest in this type of data processing in terms of Art. 6 para. 1 lit. f GDPR.
All data processed for the aforementioned analytics is deleted after 90 days.
Job vacancies are announced on the HRM website. In addition, unsolicited applications can be made. Job applications can be sent by post or by e-mail.
The HRM member to whom you have applied receives your personal data included in your application materials. If a job application is submitted to HRM, the respective HRM member processes your application data (salutation, name, email, address, job position) and all further files (e.g. CV, letter of recommendation, diploma, cover letter), which you have sent to us, solely for the purpose of the application process. The member contacts you to inform you about the progress of your application and of possible next steps in the application process.
The legal basis for the processing described above is Art. 6 para. 1 lit. b GDPR (steps prior to entering into a contract).
The member deletes your personal data 4 weeks (HRM Germany: 6 months) after we have communicated you our decision on your application unless you have granted us your consent to retain your data for a longer period. If we enter into a collaboration agreement with you, the provided data will become part of your personal file.
The legal basis for storing your personal data for 4 weeks (HRM Germany: 6 months) is Art. 6 para. 1 lit. f GDPR (legitimate interests pursued by the HRM member). The HRM member stores your personal data for the aforementioned time to be able to justify non-hiring decisions in potential labor law disputes. The time frames for storing this personal information is based on national deadlines for filing respective labor law complaints.
Questions or complaints
Data subjects can exercise the rights provided for by the GDPR and this Privacy Statement (including the right to access, request the correction of and erasure of personal data, object to/limit a particular use of personal data and transfer data to another party). Any questions or complaints should be addressed to firstname.lastname@example.org .
If you have any questions or want to complain about our use of Personal Information made by or exercise any rights with respect to the German HRM member “Hoyng Reimann Osterrieth Köhler Haft Monégier du Sorbier Partnerschaftsgesellschaft von Rechtsanwälten mbB (Düsseldorf, Mannheim and Munich)”, please contact the German Data Privacy Officer: Ivan Dimitrov, Steinstraße 20, D-40215 Düsseldorf; Germany, email: email@example.com , phone: + 49 211 550 220.
You can of course also contact your local data protection authority for further guidance and information on the GDPR.
Should any changes occur to the personal data requested, the manner in which HRM processes and uses personal data or the applicable rules, this Privacy Statement will be amended accordingly. Please check the latest version and HRM’s website regularly to stay informed.
25 May 2018 – Update 29 September 2020