Privacy policy

LEXSOS Advokater is the data controller as regards the processing of your personal data. We are obliged to protect personal data which we process on your behalf. Information is given below on the privacy policy which applies whenever we process personal data as data controller.

Data controller

Our legal information is the following:

LEXSOS Advokater I/S
Danish Business Reg. No. 25836987
Jernbanegade 4, 1
5000 Odense C
Denmark
Telephone: +45 6612 7700
E-mail: lexsos@lexsos.dk

 

The purpose of processing personal data; categories of personal data

If you are a client or potential client with Lexsos Advokater, we process your personal data as a part of being able to provide legal assistance in accordance with the agreement made with you or the enterprise you represent.

We process a number of standard items of personal data about you as part of our legal assistance; basically, this is information we receive from you. However, we may also receive personal data from other sources, such as publicly available registers, publicly accessible social media, public authorities, hospitals and GPs, information from a counterpart, parties or secondary persons in regard to a given case, or from associates.

This personal data comprises your name, e-mail address, telephone number, occupation, educational background, professional information and other information required as part of our legal assignment or our business relations with you.

Depending on the specific circumstances of the case or cases with which we assist  you, we may also process sensitive personal data, cf. Article 9 (2), letter f, of the General Data Protection Regulation, and/or information about criminal matters, cf. Section 8 (3) and (4) of the Danish Data Protection Act.

Furthermore, we may process information about financial matters, including payment information and tax information. The legal basis for this processing is Article 6 (1), letter b, of the General Data Protection Regulation.

If we are to carry out registrations in the databases of public authorities via portals, such as www.virk.dk or www.tinglysningen.dk, it may be necessary to process your civil registration number (CPR number). The basis for this processing is Section 11 (2) of the Danish Data Protection Act.

As a law firm, we are subject to obligations related to the Danish Anti-Money Laundering Act; we must observe these obligations in connection with some of our legal services. That is why, in such connection, your personal data, such as identity information including name, civil registration number, passport number and driver’s licence number will be processed. We process identity information obtained on the basis of the Danish Anti-Money Laundering Act so as to be able to comply with our commitments under the said Act. The legal basis for this processing is the Danish Anti-Money Laundering Act.

In order to use some of the functions on our website, you need to provide various items of personal data. If you choose not to give this personal data, the functions concerned may not be used. For example, we need your contact information if we are to be able to receive and reply to an inquiry from you via our website.

We use cookies on our website.

Processing of personal data

As a law firm, we are only allowed to process your personal data if this is appropriately warranted. We are allowed to process personal data, provided one of the following warranted situations exists:

  • We have obtained your valid consent to the processing of personal data for one or more specific purposes.
  • Processing is necessary in order for us to be able to comply with a contract concluded with you.
  • Processing is necessary for the data controller or a third party to be able to pursue a legitimate interest.
  • Processing is required for us to comply with a legal obligation
  • Processing is required for a legal claim to be determined, upheld or defended.

In cases where our processing of your personal data is based on consent, you may withdraw this consent anytime. You may do so by writing to lexsos@lexsos.dk, stating “Privacy policy” in the subject field.

Passing on personal data

We may pass on your personal data to our associates and supplies, e.g. IT suppliers, suppliers of newsletter services, etc. These associates process personal data only on Lexsos Advokater’s behalf and only in accordance with Lexsos Advokater’s instructions.

Furthermore, we may pass on your information to external third parties, provided we are ordered to do so or this forms part of the service we deliver to you.

Cases in point could be the police, the tax authorities, the regional state administration offices, other public authorities, the courts, arbitration tribunals, other law firms, case counterparts, bankers, real estate brokers, and associates.

When we place client funds on a client account, we are obliged to pass on client identity information to the receiving bank, so that the bank is able to comply with its obligations specified in the Danish Anti-Money Laundering Act.

Basically, Lexsos Advokater does not transfer personal data to countries outside the EU/EEA. If, due to the circumstances of the case, this nevertheless becomes necessary, the transfer will be protected in the form of a lawful transfer basis. This may become necessary, e.g. in connection with company transfers where the buyer or seller is established outside the EU/EEA.

Security

Lexsos Advokater has taken technical and organisational measures to ensure a suitably high level of security. We have introduced a number of internal security procedures and policies.

If you need to send us sensitive information, we recommend that you use encryption, e.g. a secure e-mail or an encoded file (Word or PDF format).

Storage and deletion

We delete your personal data when we no longer need to process it so as to fulfil one or several of the objectives listed above. We may store the data for up to 25 years after a case has been closed. In special cases, the storage period may be shorter or longer, so as to comply with legal requirements concerning deletion or storage. Personal data obtained in accordance with the Danish Anti-Money Laundering Act is stored for five (5) years after our relations with the client have ended and is then deleted.

Your rights

As a registered person you have a number of rights:

  • You have the right to be informed as to which personal data about you, which we process.
  • You have the right to have incorrect personal data about you, which we process, deleted.
  • You have the right to have your personal data deleted, provided this personal data is no longer required in order to fulfil the objectives for which it was collected.
  • You have the right to have the processing of your data restricted.
  • You have the right to object to processing of your personal data.
  • You have the right to receive the data about you, which we process, as an output in a standard, machine-readable format.

You have the right to have insight into the personal data about you, which we process – although with certain exceptions specified in legislation. Furthermore, you may object to the collection and further processing of your personal data. You also have the right to rectify your personal data, and you may ask us to restrict the processing of your personal data.

If you ask us to delete the personal data about you which we have registered, we will delete such data without undue delay, unless we are able to continue our processing on another basis, e.g. if such processing is required in order to determine a legal claim, or if processing is necessary in order to respond to an inquiry from you, or if it is necessary to process such personal data in order to comply with legislation.

Under certain circumstances you may also ask us for a copy of your personal data in a structured, normally used, machine-readable format, and you may ask us to transmit this information to another data controller (data portability).

If we process your personal data on the basis of your consent, you may withdraw your consent at any time. You may do so by contacting us (see below).

If you withdraw your consent, we will stop processing your personal data, unless we are entitled or obliged to continue the processing or storage of your personal data on another basis, including legislation.

If you withdraw your consent, this does not affect the legality of the processing carried out before your withdrew your consent.

If you wish to invoke your rights as described above, you are welcome to contact us at any time. If you disagree with the way we process your personal data or with the purposes for which we carry out such processing, you are also welcome to contact us. You may contact us by writing to lexsos@lexsos.dk, stating “Privacy policy” in the subject field.

You may also file your complaint with:

Datatilsynet (the Danish Data Protection Agency)
Borgergade 28, 5. sal
1300 Copenhagen K

Denmark
Telephone +45 33 19 32 00
E-mail dt@datatilsynet.dk

Amendments to our privacy policy

We reserve the right to amend this privacy policy.

 

April 2019