Michael Chambers & Co LLC is dedicated to protecting the privacy of everyone we interact with. We are aware that we handle sensitive, non-public personal data (GDPR, 2016/679 European Parliament and Council of 27 April 2016). We recognise that our clients, employees, and those with whom we interact entrust us with this data.
Our longstanding procedures and policies regarding non-private personal data (also called personal information or personal data) are described in the following paragraphs.
1. Who are We?
Michael Chambers & Co LLC is a Cyprus-based law firm offering legal, tax, personal, and business services. Our firm adheres to EU data protection regulations to protect our client’s personal data privacy.
2. What Data We Collect and How do we Use it
We collect and process non-public personal data based on the purpose and scope of the particular use or engagement.
2.1 Visitors to our Websites
We collect standard internet log information and visitor behaviour pattern information when someone visits our website/s. This information is collected with cookies.
We collect this information to improve the website experience and for internal purposes such as website administration, market research, data analytics, and fulfilling our legal, policy, and procedure obligations.
2.2 People who Request to Receive Updates and Information from us
Through a variety of channels, including mail, email, and social media, Michael Chambers & Co LLC frequently publishes updates on legal developments and solutions that may affect you or your business. By submitting your name, contact information, and records of any interactions related to the information we have sent you, we will keep track of the information we have sent you and the interactions related to it. If you do not provide this information, we will be unable to provide you with updates.
The information collected is used and processed to:
- Enter into, or perform, a contract with you.
- Remember your preferences or specific interests; and
- For our internal purposes, including the administration of the flow of such information, market research and data analytics, internal record keeping and/or to improve our services.
2.3 People who Send us a Request for Information
Our website enables users to request information about our services. The data collected through the request for information function is as follows:
- Information you provide in the fields of the online form.
- IP address.
- Date, time, and data of our website/s access; and
- Identification data of the used browser.
You can also contact us through email, phone, or social media to request information. Therefore, we will be collecting any information you provide or available on the relative media used. We will also collect any correspondence in furtherance of the request. This information is necessary for us to be able to respond to your request. General and preliminary information will be provided to you without the requirement of any other additional personal information. An identification document and other personal data will be requested to comply with anti-money laundering rules and to be able to provide you with detailed and specific information on your request.
If you are not able or unwilling to provide us with such information, we will not be able to provide any additional information.
Any personal information that you provide to us through these processes will be used and processed to:
- Provide you with the information you requested.
- Follow up with you on such a request.
- Comply with any legal or regulatory requirement, including compliance with anti-money laundering rules; and
- For our internal purposes, including the administration of the flow of such information, market research and data analytics, internal record keeping and/or to improve our products.
2.4 People who Use our Services
We collect the required statutory information when providing services to clients, mainly information required for anti-money laundering compliance and information needed to deliver the services. If you are unable or unwilling to provide us with the necessary information, we may be unable to deliver the services.
We collect the required information for our services based on the client’s needs. For succession planning, for example, we collect data about the client’s personal assets, goals, and preferences.
Any personal information so collected will be used:
- To provide you with the relative service/s; and
- To comply with any legal duty, including compliance with anti-money laundering rules.
2.5 Collaborators and Suppliers
We take great satisfaction in selecting partners and suppliers that agree with our privacy standards and adhere to our privacy policies and practices.
We collect the information required by statutory obligations, particularly anti-money laundering rules and regulations and supplier services information, from collaborators and suppliers that we work with. If you are a collaborator or supplier that we work with and cannot or will not provide us with the information we require, we will not be able to work with you.
Any personal non-public information so collected will be used:
- To contact you further regarding the collaboration or supply of service.
- For our internal purposes, including the administration of the flow of such information, data analytics, internal record keeping, financial and market research, and to comply with any legal duty, including compliance with anti-money laundering rules.
3. Legal basis for Processing
In line with the principle of data minimisation and data economy, we only collect personal data and process personal data on the following legal bases:
When you request our services, or you are an employee, a collaborator or a supplier, our legal basis for collecting and processing information is based on the requirements for the performance of a contract or to take steps to enter into a contract and/or legal regulations, mainly anti-money laundering regulations.
We collect and process your personal data when you opt-in to receive information from us or to participate in a conference or workshop based on your consent. In addition, we may collect and process information for legitimate interests, mainly to protect ourselves from legal action or claims from third parties, including you and our employees, and to protect our legal rights and interests.
4. Recipients of Personal Data
We may legally disclose personal information in the following situations:
- For the performance of a contract or to take steps to enter a contract; and
- To collaborating entities/persons that are required to provide services to you or with your consent.
- Group entities, including non-EU entities part of the group based on contractual terms issued by the European Commission (refer to section 6).
- When there is a legal requirement to do so.
- If we are requested to do so by a governmental or regulatory authority or a court of competent jurisdiction.
- To enforce our contractual terms.
- In cases of merger or acquisition of our business or parts of it to the new owners.
- To protect our employees and us from legal action or claims from third parties, including you.
5. Intra-Group Transfers of Data Within the EU/EEA
The free exchange of personal data between the Member States is fundamental to the EU’s basic principles. This principle is also reflected in the GDPR, which excludes the restriction or prohibition of the free movement of personal data within the EU or EEA.
GDPR, therefore, allows for the transfer between EU/EEA companies subject to the legal basis as provided above in section 3 of this policy.
6. Transfers Outside the EU/EEA
The personal non-public data we collect from you may be collected, stored, processed, or transferred between group entities, including our entities established outside the EU/EEA. To date, the European Commission has not determined the non-EU countries we are established in to have an adequate level of personal data protection within the terms of article 45 of the GDPR.
In the absence of an Adequacy Decision, the GDPR provides that a transfer can take place through the provision of appropriate safeguards and on the condition that enforceable rights and effective legal remedies are available for individuals. Such appropriate safeguards include contractual arrangements with the recipient of the personal data, using the standard contractual clauses approved by the European Commission.
For this purpose, contractual arrangements based on contractual provisions as approved by the European Commission are in place to ensure effective legal remedies for you in relation to the processing of personal non-public data by our company outside the EU/EEA.
7. How Long do we Retain the Data
We keep your personal information for as long as we are legally required for business, tax purposes, or legitimate interests. Your information is stored in either electronic or paper format or both. It will be destroyed or deleted when it is no longer needed.
Should you want to learn about the particular retention period of any personal information we keep on you, please contact us at firstname.lastname@example.org.
8. Automated Individual Decision Making, Including Profiling
We do not make fully automated individual decision-making, including profiling, that has a legal or similarly significant effect.
9. Systems we Use
Personal non-public data is safeguarded using physical, electronic, and procedural safeguards. Personal data sent to us through websites’ contact forms are encrypted as they are transmitted. The risk of sending personal data over the internet is yours alone. We attempt to minimise your personal data by pseudonymising it, minimising it, and following deletion periods, among other methods, in order to protect it from being accessed by third parties. Despite these precautions, however, we cannot guarantee that third parties will not unlawfully process your information.
Additionally, we herein outline programmes and systems we use in our collection, processing and storing of data:
- We use an online portal managed and operated by us online to store and process information, data, and details.
- We use reCAPTCHA to detect improperly use of our websites by automated mechanical processing. Certain personal data, including IP address, is thus transmitted to “Google”;
We use third-party HR systems for collecting, processing and storing information on prospective employees and employees. All third-party systems we use are GDPR compliant.
- We use industry-standard tools to monitor and collect information on our website/s users’ needs and optimise the use of our websites. The data collected does not identify the individual users.
Please contact email@example.com should you require more information on the GDPR compliance of such systems.
10. Links to Other Websites
We may provide links to other websites on our sites for your convenience and enlightenment. This policy does not address the links on our websites that lead to other websites. We are not responsible for the content or services provided by such websites or other websites. It would be best to investigate how other websites handle your personal information, and we encourage you to look at their privacy statements.
11. Your Rights
Our Company would like to ensure you are fully aware of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Our Company for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete information you think is incomplete.
The right to erasure — You have the right to request that Our Company erase your personal data under certain conditions.
The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data under certain conditions.
The right to object to processing – You have the right to object to Our Company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organisation or directly to you under certain conditions.
For any requests in furtherance, please get in touch with us at firstname.lastname@example.org. We shall endeavour to reply at the very earliest and deal with your request no later than 30 days from receipt of your request.
12. What are Cookies?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
For further information, visit aIIaboutcookies.org.
- Keeping you signed in
- Understanding how you use our website
What types of cookies do we use?
There are several different types of cookies. However, our website uses:
- Functionality — Our Company uses these cookies so that we recognise you on our website and remember your previously selected preferences. These could include what language you prefer and the location you are in. A mix of first-party and third-party cookies is used.
- Advertising — Our Company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and IP address. Our Company sometimes shares limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you
Visit another website; you may be shown advertising based on your browsing patterns on our website.
How to manage cookies
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.