PRIVACY
POLICY.
Privacy policy of Suter.Legal. AG
1. What is this privacy policy about?
Suter.Legal. AG, (the "law firm", hereinafter also "we", "us") is a law firm based in Küsnacht. As part of our business activities, we obtain and process personal data, in particular personal data about our clients, associated persons, opposing parties, courts and authorities, law firms, professional and other associations, visitors to our website, participants in events, recipients of newsletters and other bodies or their respective contact persons and employees (hereinafter also referred to as "you"). This privacy policy provides information about this data processing. In addition to this privacy policy, we may inform you separately about the processing of your data (e.g. in forms or contractual conditions).
If you provide us with data about other persons (e.g. family members, representatives, opposing parties or other associated persons), we assume that you are authorized to do so and that this data is correct and that you have ensured that these persons are informed about this disclosure, insofar as there is a legal obligation to provide information (e.g. by bringing this data protection declaration to their attention in advance).
2. Who is responsible for processing your data?
The data controller responsible for the processing described in this privacy policy is:
Suter.Legal. AG
Seestrasse 39, P.O. Box
8700 Küsnacht
office@suter.legal
3. Which elements of your data do we process and for what purpose?
When you use our services, we obtain and process various categories of your personal data. As a general principle, we may obtain and otherwise process this data for the following purposes in particular:
Communication: We process personal data so that we can communicate with you and with third parties, such as parties to proceedings, courts or authorities, by e-mail, telephone, letter or otherwise (e.g. to answer inquiries, in the context of legal advice and representation as well as the initiation or execution of contracts). This also means that we can provide our clients, contractual partners and other interested parties with information about events, changes in the law, news about our law firm and so on. This can take the form of newsletters and other regular contact (electronically, by post or by telephone). You can reject such communication at any time or refuse or revoke your consent to such communication. For this purpose, we process the content of the communication, your contact details and the marginal data of the communication in particular, as well as image and audio recordings of (video) telephone calls. For audio and video recordings, we will inform you separately and you are free to inform us if you do not wish to be recorded or to terminate the communication. If we need or want to establish your identity, we will collect additional data (e.g. a copy of an identity document).
Initiation and conclusion of contracts: With regard to the conclusion of a contract (such as in particular a contract to establish a client relationship) with you or your client or employer that also includes the clarification of any conflicts of interest, we may in particular obtain your name, contact details, powers of attorney, declarations of consent, information about third parties (e.g. contact persons, family details and opposing parties), contract contents, date of conclusion, creditworthiness data and all other data that you make available to us or that we collect from public sources or third parties (e.g. commercial register, credit agencies, sanction lists, media, legal expenses insurance companies or the Internet).
Administration and processing of contracts: We obtain and process personal data so that we can comply with our contractual obligations towards our clients and other contractual partners (e.g. suppliers, service providers, correspondence offices and project partners) and, in particular, call for and provide contractual services. This also includes data processing when executing mandates (e.g. legal advice, representing our clients before courts and authorities, and correspondence) as well as data processing for the enforcement of contracts (debt collection, legal proceedings, etc.), accounting and public communication (if permitted). For this purpose, we process in particular the data that we receive or have collected in the context of the initiation, conclusion and execution of the contract as well as data that we create in the context of our contractual services or that we collect from public sources or from other third parties (e.g. courts, authorities, opposing parties, information services, media, detective agencies or from the Internet). This data may include, in particular, minutes of meetings and consultations, notes, internal and external correspondence, contractual documents, documents that we prepare and receive in the context of proceedings before courts and authorities (e.g. statements of claim, appeals and complaints, judgments and decisions), background information about you, opposing parties or other persons as well as other mandate-related information, proof of performance, invoices and financial and payment information.
Operating our website: In order to operate our website securely and stably, we collect technical data such as IP addresses, information about the operating system and settings of your end device, the region, the time and type of use. We also use cookies and similar technologies. For further information, see section 7.
Compliance with laws, directives and recommendations from authorities and internal regulations: We obtain and process personal data to comply with applicable laws (e.g. anti-money laundering legislation, tax obligations or our professional obligations), self-regulation, certifications, industry standards, our corporate governance and for internal and external investigations in which we are a party (to proceedings) (e.g. by a law enforcement or supervisory authority or a commissioned private body).
Risk management and corporate governance: We obtain and process personal data as part of risk management (e.g. to protect against criminal activities) and corporate governance. This includes our business organization (e.g. resource planning) and corporate development (e.g. acquisition and sale of business units or companies).
Job applications: If you apply for a job with us, we will obtain and process the relevant data for the purpose of reviewing the application, carrying out the application process and, in the case of successful applications, for the preparation and conclusion of a corresponding contract. In addition to your contact details and the information from the corresponding communication, we also process the data contained in your application documents and the additional data we can obtain about you, e.g. from job-related social networks, the Internet, the media and from references, if you consent to us obtaining references.
4. Where does the data come from?
From you: You provide us with the majority of the data we process yourself (e.g. in connection with our services, the use of our website and apps, or communication with us).
From third parties: We may also obtain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, media or the Internet, including social media) or receive such data from (i) public authorities; (ii) your employer or client who either has a business relationship with us or is otherwise involved with us; and (iii) other third parties (e.g. clients, opposing parties, legal expenses insurers, credit reference agencies, address dealers, associations, contractual partners, or Internet analysis services). This includes in particular the data that we process in the context of the initiation, conclusion and execution of contracts as well as data from correspondence and discussions with third parties, but also all other categories of data in accordance with Section 3.
5. To whom do we disclose your data?
In connection with the purposes listed in Section 3, we transfer your personal data to the categories of recipients listed below in particular. If necessary, we will obtain your consent for this or have our supervisory authority release us from our professional duty of confidentiality.
Service provider: We work with service providers in Switzerland and abroad who process data, which they have received from us or collected for us, (i) on our behalf (e.g. IT providers); (ii) on our joint responsibility; or (iii) on their own responsibility. (These service providers include, for example, IT providers, banks, insurance companies, debt collection agencies, credit agencies, address verifiers, other law firms or consulting firms). As a rule, we conclude contracts with these third parties on the use and protection of personal data.
Clients and other contractual partners: This initially refers to clients and other contractual partners of ours for whom the transfer of your data arises from the contract (e.g. because you work for a contractual partner or they provide services for you). This category of recipients also includes entities with which we cooperate, such as other law firms in Switzerland and abroad or legal expenses insurers. Any such data recipients process the data under their own responsibility.
Authorities and courts: We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if this is necessary for the fulfillment of our contractual obligations and in particular for the performance of our mandate, or if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. These recipients process the data under their own responsibility.
Opposing parties and persons involved: Insofar as this is necessary for the fulfillment of our contractual obligations, in particular for the execution of mandates, we also pass on your personal data to opposing parties and other persons involved (e.g. guarantors, financiers, affiliated companies, other law firms, persons providing information, or experts).
Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in section 3. This applies, for example, to delivery addressees or payment recipients specified by you, third parties in the context of representative relationships (e.g. your attorney or your bank) or persons involved in official or court proceedings. We may also pass on your personal data to our supervisory authority, in particular if this is necessary in individual cases to release us from our professional duty of confidentiality. If we work with the media and send them material (e.g. photos), you may also be affected. As part of our corporate development, we may sell or acquire businesses, parts of businesses, assets or companies or enter into partnerships, and this may also result in the disclosure of data (including from you, e.g. as a client or supplier or as their representative) to the persons involved in these transactions. In the course of communication with our competitors, industry organizations, associations and other bodies, data relating to you may also be exchanged.
All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities and banks).
6. Is your personal data also sent abroad?
We process and store personal data almost exclusively in Switzerland. This will depend on the circumstances – for example via subcontractors of our service providers or in proceedings before foreign courts or authorities – but may potentially happen in every country in the world. Your personal data may also be transferred to any country in the world as part of our work for clients.
If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to comply with an adequate level of data protection (we use the revised standard contractual clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?, including the addenda required for Switzerland), unless the recipient is already subject to a legally recognized set of rules to ensure data protection. We may also disclose personal data to a country without adequate data protection without concluding a separate contract if we can rely on an exemption clause for this. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the execution of a contract that is in your interest requires such disclosure (e.g, if we disclose data to our correspondence offices), if you have given your consent, or if it is not possible to obtain your consent within a reasonable period of time and the disclosure is necessary to protect your life or physical integrity or that of a third party, or if the data in question has been made generally accessible by you and you have not objected to its processing. We may also rely on the exception for data from a register provided for by law (e.g. HR) and to which we have legitimately obtained access. We may also rely on the exception for data from a register provided for by law (e.g. HR) and to which we have legitimately obtained access.
7. How are cookies, similar technologies and social media plug-ins used on our website?
When you use our website (including the newsletter), data is collected that is stored in logs (particularly technical data). We may also use cookies and similar technologies (e.g. pixel tags or fingerprints) to recognize website visitors, evaluate their behavior and identify preferences. A cookie is a small file that is transmitted between the server and your system and makes it possible to recognize a specific device or browser.
You can set your browser so that it automatically rejects, accepts or deletes cookies. You can also deactivate or delete cookies in individual cases. You can find out how to manage cookies in your browser in the browser's help menu.
Neither the technical data we collect nor cookies generally contain any personal data.
We also use our own tools and third-party services (which may themselves use cookies) on our website, in particular to improve the functionality or content of our website (e.g. integration of videos or maps) and to compile statistics.
At present, we may use offers from the following service providers in particular, whereby their contact details and further information on the individual data processing can be found in the respective privacy policy:
Google Maps
Provider: Google Irland Limited
Data protection information: https://policies.google.com/privacy
Google Search Console
Provider: Google Irland Limited
Data protection information: https://policies.google.com/privacy
ZVV online timetable via URL
Provider: Zürcher Verkehrsverbund ZVV
Data protection information: https://www.zvv.ch/zvv/de/allgemeine-seiten/datenschutzerklaerung.html
Some of the third-party providers we use may be located outside Switzerland. Information on data disclosure abroad can be found in section 6. In terms of data protection law, some of them are "only" processors for us and some are controllers. Further information on this can be found in the data protection declarations.
8. What else needs to be considered?
Please note that we generally process your data for as long as required for our processing purposes (see section 3), the statutory retention periods and our legitimate interests, in particular for documentation and evidence purposes, or if storage is contingent on technical considerations (e.g. in the case of backups or document management systems). If there are no legal or contractual obligations or technical reasons to the contrary, we generally delete or anonymize your data after the storage or processing period has expired as part of our standard processes and in accordance with our retention policy.
If you do not provide certain personal data, this may mean that we will not be able to provide the associated services or conclude a contract. We always indicate where any personal data requested by us is mandatory.
If you do not agree with our handling of your rights or data protection, please let us know (see contact details in section 2).
9. Can this privacy policy be changed?
This privacy policy is not part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.