Privacy Policy
This Privacy Policy is effective as of 1 May 2024.
These Privacy Terms are also an integral part of our Engagement Letters and other contracts regarding the use of our Services.
PLEASE NOTE THAT UNLESS WE ARE NOT SPECIFICALLY BOUND TO APPLY THIS PRIVACY POLICY FOR PROCESISNG OF DATA OF NON-NATURAL PERSON UNDER LAW, THEN THIS PRIVACY POLICY APPLIES ONLY IN CASES WHERE WE ARE PROCESSING PERSONAL DATA OF NATURAL PERSON AS A CONTROLLER. IN CASE YOU ARE ACCEPTING THIS PRIVACY POILICY AS A REPRESENTATIVE OF NON-NATURAL-PERSON (BUSINESS, ETC) THE DATA OF THE PERSON YOU ARE ACCEPTING THIS PRIVACY POLICY FOR SHALL NOT BE CONSIDERED AS PERSONAL DATA AND YOU MAY NOT REFFER TO THIS DOCUMENT IN ORDER TO RAISE ANY CLAIMS TOWARDS CEEA.
We care about protecting your privacy. Therefore, please read these Privacy Policy carefully.
This Privacy Policy describes in detail how we collect, use, store and, where applicable, disclose your personal information in the course of the various activities carried out by our company while providing our Services.
If the term „CEEA”, „We”, „Us”, etc. is used in these Privacy Policy, it means one of the following entities:
- Czechia – CEE Attorneys International s. r. o., with its registered seat at Jankovcova 1569/2c, Holešovice, 170 00 Prague 7, Czech Republic, Business Identification No. 080 01 189, VAT No. CZ08001189, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File No. 311337;
- Czechia – CEE Attorneys s.r.o., advokátní kancelář, with its registered seat at Jankovcova 1569/2c, Holešovice, 170 00 Prague 7, Czech Republic, Business Identification No. 02564742, VAT No. CZ02564742, registered in the Commercial Register maintained by the Municipal Court in Prague, Section C, File No. 220889;
- Slovakia – CEE Attorneys Lišiak Martinák s.r.o., with its registered seat at Štefánikova 41, Bratislava – mestská čásť Staré Mesto 811 04, Slovakia, Business Identification No. 50 989 014, VAT No. SK2120555206, registered in the Commercial Register of the District Court in Bratislava I, Section Sro, File No. 120786/B;
- Lithuania – Partnership of Professional Attorneys “CEE Attorneys”, with its registered seat at Vilniaus m. sav. Vilniaus m. Lvovo g. 25-701, Vilnius, Republic of Lithuania, Business Identification No. 302818593;
- Romania – BOANTA, GIDEI SI ASOCIATII SCA, with its registered seat at 24 Sevastopol str., 6th Floor, Office 601, Sector 1, Bucharest, Romania, Fiscal Registration No. RO29175558;
- Hungary – Dessewffy,Dávid, Felsmann valamint Társaik CEE Attorneys Ügyvédi Iroda, with its registered seat at Lóránt út 1/B, 1125 Budapest, Hungary, Reg. No. at Budapest bar 1287, Tax ID 18178924-2-43;
- Bulgaria – Sazdov&Petrov Law Firm, with its registered seat at 1421 Sofia, 2 Bisser Str., app. 5, Bulgaria, BULSTAT register under No: 131551579, VAT No. BG131551579, registered in the company files in the Sofia City Court under case No 11731/2005;
- Croatia – Marhonić, Tomek & Gjoíć, Odvjetničko društvo, with its registered office at Ulica Ante Kovačica 3, 10000 Zagreb, Croatia, MBS: 081063300, OIB: 71892092408.
For the purposes of this Privacy Policy, the following terms shall have the following meanings:
„Personal Data” means any personal data relating to a specific living natural person who is identifiable or could be identified through such data and which we process for any of the purposes set out in these Privacy Policy.
„Data Controller” means the specific person who determines the purpose for which Personal Data is processed and is one of the entities listed above in accordance with this Privacy Policy, specifically (i) for anything connected to Website and email address info@ceeatt.com or info@ceeattorneys.com, the Data Controller is CEE Attorneys International s. r. o., (ii) for anything connected to provision of Services the Data Controller is one of the respective law office specified above who provides you the Services based on, but not limited to, the Engagement Letter or any other contract.
“Data Subject” means any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person’s physical, physiological, genetic, mental, economic, cultural or social identity.
„Privacy Policy” means this Privacy Policy.
„Pseudonymised Data” means information and data about all Data Subjects or individual categories and groups of Data Subjects that are anonymised and processed into a form that no longer permits the identification of a specific natural person without the use of additional data.
„Processor” means a person other than the Data Controller in a particular case who processes Personal Data on behalf of the Data Controller in a particular case.
„GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
„Services” means services (including legal services) provided by any of the CEEA entities listed above.
„Personal Data Protection Act” means Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts.
„Website” means our website at www.ceeatt.com and/or www.ceeattorneys.com.
We process your Personal Data in accordance with the GDPR and the Personal Data Protection Act. In case GDPR and Personal Data Protection Act are not applicable in your case, please read the final provisions regarding interpretation and applicability of this Privacy Policy.
As a Data Controller, we will process the following Personal Data about you | ||||
Data collected: | When we collect the data from you: | |||
First and last name: | We collect your first and last name as part of contact information necessary for your identification as person with right to our Services. | |||
Mailing address: | We collect your mailing address as part of contact information necessary for your identification as person with right to our Services. Your mailing address is also collected whenever you contact us by post office. | |||
E-mail address | We collect your e-mail address as part of contact information necessary for your identification as person with right to our Services. E-mail address is also collected in case you contact us through e-mail and if you fill in the e-mail address into contact forms we made available, unless you contacted us without providing a return address. | |||
Telephone number | We collect your telephone number as part of contact information necessary for your identification as person with right to our Services. Your telephone number is also collected whenever you contact us by phone, unless you block visibility of your telephone number. | |||
Business Identification Number | We collect your Business Identification Number as part of information necessary for your identification as person with right to our Services. If Business Identification Number is not provided specifically to you as a natural person, then it shall not be considered a Personal Data. | |||
Tax Identification Number | We collect your Tax Identification Number as part of information necessary for your identification as person with right to our Services. If Tax Identification Number is not provided specifically to you as a natural person, then it shall not be considered a Personal Data. | |||
VAT number | We collect your VAT number as part of information necessary for your identification as person with right to our Services. If VAT number is not provided specifically to you as a natural person, then it shall not be considered a Personal Data. | |||
IP address, MAC data, OS system information, browser data: | We collect IP Address, MAC data, operating system, browser information, user activity data of all computers and devices which access our Website. | |||
Personal Data that you provide to us in the event that you contact us | In the event that you choose to contact us, in which case we will process Personal Data about you that is necessary for us to communicate with you and deal with your request, if any. | |||
Method of processing your Personal Data and legal basis for processing | ||||
As a Data Controller, we process your Personal Data to the extent and in accordance with this Privacy Policy and for the purposes set out below in this Privacy Policy. | ||||
Sale of Services and performance of obligations under a contract for the sale of Services | ||||
Purpose of Processing | We process the Personal Data provided by you when ordering Services in accordance with the relevant contract for Services for the purpose of identifying you as a party to the contract and for the purpose of providing the Services ordered by you and fulfilling any subsequent obligations under the contract for the sale of the Services (e.g. handling a complaint, handling a withdrawal, etc.). | |||
Processing method | We process your Personal Data in the scope of name and surname, business ID, Tax ID, VAT ID, residence address, e-mail address and telephone number in such a way that we store them in our information system so that we can identify you as the person entitled to delivery of the Services. | |||
Legal basis | The legal basis for the processing of Personal Data is the performance of a contract to which you, as the data subject (legal basis according to Article 6 (1) (b) GDPR) ordering a paid service, are a party. | |||
Retention period | Processing period Your Personal Data provided in connection with ordering goods will be processed and stored for 4 years from end of contract period.
We will process the data in the range of first and last name, billing address, VAT number, VAT number and VAT number on invoices issued for up to 10 years. |
|||
Operation of the Website and access to its functions | ||||
Purpose of Processing | Some of your Personal Data collected from your use of the Website (as described above) is necessary for our Website to properly operate, we process this to the extent necessary to enable you to access the Website and use its features. The data include IP Address, MAC data, operating system, browser information, user activity data. | |||
Processing method | This Personal Data is processed automatically in our information system, which is used to operate the Website. | |||
Legal basis | The legal basis for the processing of Personal Data is the necessity of this processing for the purposes of making the Services you requested accessible (legal basis pursuant to Article 6 (1) (b) of the GDPR Regulation). | |||
Retention period | Your Personal Data provided in connection with the operation of the Website and its functions will be processed for the duration of your access to the Website and subsequently as pseudonymised/anonymised data after you end the use of Website. | |||
Providing, improving and optimising the operation of the Website | ||||
Purpose of Processing | We also use your Personal Data collected from the use of the Website (as described above), for the purpose of improving and optimizing the operation of the Website, to increase the convenience of its use, to provide technical support for the Website, analytical and statistical evaluation of the use of the Website, to detect and prevent misuse of the Website, risk assessment and to comply with legal obligations. The data include IP Address, MAC data, operating system, browser information, user activity data. | |||
Processing method | This Personal Data is processed automatically in our information system, which is used to operate the Website. In most cases, the data is only stored in the form of statistics that do not allow your specific identification.
You can prevent such processing by not consenting to their use, objecting to their use. However, some features of the Website may then not function properly. It is not possible to refuse the storage of all data, as some of them are necessary to make the Website accessible. |
|||
Legal basis | The legal basis for the processing of Personal Data in this case is our legitimate interest in ensuring the proper operation of the Website and the optimization of its functionalities (legal basis pursuant to Article 6(1)(f) of the GDPR Regulation) and fulfilment of the obligations arising from the contract between you and our company (legal basis pursuant to Article 6(1)(b) of the GDPR Regulation). | |||
Retention period | Your Personal Data collected for this purpose will be processed for the duration of your use of the Website and for a period of 3 years from the termination of their use. | |||
Answering questions, requests, queries | ||||
Purpose of Processing | We process your Personal Data in the scope of first name, last name, email address and, where applicable, any other data that you choose to provide to us by email or otherwise for the purpose of contacting you as well as for the purpose of dealing with your question, request or enquiry or to carry out other activities in connection with your question, request or enquiry. | |||
Processing method | Your Personal Data will be processed in such a way that the content of your message containing the question, request or enquiry is stored in our information system and is subsequently made available to the person within our organisational structure who is responsible for dealing with the question, request or enquiry. | |||
Legal basis | The legal basis for the processing of Personal Data in this case is our legitimate interest in ensuring the provision of proper services to our company (legal basis pursuant to Article 6 (1) (f) of the GDPR). | |||
Retention period | Your Personal Data will be processed for as long as is necessary to respond to your question, request or enquiry or until other measures are taken in relation to your question, request or enquiry, but for no longer than 1 year. | |||
Handling requests in relation to the exercise of data subjects’ rights under the GDPR | ||||
Purpose of Processing | We process your Personal Data in the scope of first name, last name, email address and, where applicable, any other data that you choose to communicate to us by email or otherwise for the purposes of examining, assessing, taking action, handling and informing you about the processing of your request regarding the exercise of any of the rights under Articles 16 to 22 of the GDPR. | |||
Processing method | Processing method Your Personal Data will be processed in such a way that the content of your message containing the request is stored in our information system and subsequently the content is made available to the person who is in charge of processing the request within our organisational structure. | |||
Legal basis | Legal basis The legal basis for the processing of Personal Data in this case is the fulfilment of our legal obligation (legal basis according to Article 6 (1) (c) GDPR). | |||
Retention period | In this case, your Personal Data will be processed and stored for the period of processing your request and subsequently for a period of 10 years from the date of processing. |
Who we disclose your Personal Data to
We will disclose your Personal Data to third parties in the following cases:
- where we are under an obligation to do so under applicable law, in particular at the request of law enforcement authorities, courts, other public authorities or other authorised persons;
- if it is necessary for the performance of our duties and to safeguard our legitimate interests, in particular to our, consultants, auditors, IT service providers, etc..
We enter into Personal Data processing agreements with persons who have the status of Processors in accordance with the GDPR and Processors always process Personal Data on CEEAs instructions and on CEEA behalf. All of our Processors process Personal Data in accordance with this Processing Policy.
Transfer of Personal Data outside the EU
We do not transfer your Personal Data outside of the European Economic Area, should this occur in the future, we will ensure that this transfer takes place under the terms and to the standard set out in the GDPR and the Data Protection Act.
Your rights in relation to the protection of Personal Data | |
Right to withdraw consent | Where we process your Personal Data on the basis of your consent, you have the right to withdraw that consent at any time. You can withdraw your consent electronically by contacting us at info@ceeatt.com. Withdrawal of consent does not affect the lawfulness of the processing of Personal Data that we have processed about you on the basis of that consent. |
Right of access | You have the right to be provided with a copy of the Personal Data we hold about you, as well as information about how we use your Personal Data. In most cases, your Personal Data will be provided to you in written paper form, unless you request a different method of disclosure. If you have requested this information by electronic means, it will be provided to you electronically where technically feasible. |
Right to rectification | We take reasonable steps to ensure that the information we hold about you is accurate, complete and up to date. If you believe that the information we hold is inaccurate, incomplete or out of date, please do not hesitate to ask us to correct, update or complete the information. |
Right to erasure (to be forgotten) | You have the right to ask us to erase your Personal Data if, for example, the Personal Data we have collected about you is no longer necessary to fulfil the original purpose of the processing. However, your right must be considered in light of all the relevant circumstances. For example, we may have certain legal and regulatory obligations which mean that we may not be able to comply with your request. |
Right to Restrict Processing | In certain circumstances, you are entitled to ask us to stop using your Personal Data. These include, for example, where you believe that the Personal Data we hold about you may be inaccurate or where you believe that we no longer need to use your Personal Data. |
Right to data portability | In certain circumstances, you have the right to ask us to transfer the Personal Data you have provided to us to another third party of your choice. However, the right of portability only applies to Personal Data that we have obtained from you by consent or under a contract to which you are a party. |
Right to object | You have the right to object to the processing of Personal Data that is based on our legitimate interests. If we do not have a compelling legitimate ground for processing and you object, we will not process your Personal Data further. |
Right to file a claim for the initiation of proceedings for the protection of Personal Data | If you believe that your Personal Data is being processed unfairly or unlawfully, you may file a complaint with the national supervisory authority which is depending on the country of specific Data Controller:
The Office for Personal Data Protection of Czech Republic, Hraničná 12, 820 07 Bratislava 27, Slovakia; telephone number: +421 /2/ 3231 3214; e-mail: statny.dozor@pdp.gov.sk, https://dataprotection.gov.sk. Office for the Protection of Personal Data of the Slovak Republic, Pplk. Sochora 27, 170 00 Praha 7, Czech Republic; telephone number: +420 234 665 800; e-mail: posta@uoou.gov.cz, https://uoou.gov.cz/en. The Data Protection Office of Lithuania, A. Juozapaviciaus str. 6, LT-09310 Vilnius, Lithuania; telephone number: +370-5-2791445; e-mail: ada@ada.lt, https://vdai.lrv.lt/lt/. Hungarian National Authority for Data Protection and Freedom of Information, Falk Miksa utca 9-11, H-1055 Budapest, Hungary; telephone number: +36 1 3911 400; e-mail: privacy@naih.hu, https://www.naih.hu/about-the-authority. The National Supervisory Authority For Personal Data Processing of Romania, 28-30 G-ral Gheorghe Magheru Bld., District 1, post code 010336, Bucharest, Romania; telephone number: +40 318 059 211; e-mail: anspdcp@dataprotection.ro, http://www.dataprotection.ro/. Commission for Personal Data Protection of Bulgaria, 2, Prof. Tsvetan Lazarov blvd., Sofia 1592, Bulgaria; telephone number: +359 2 915 3519; e-mail: kzld@cpdp.bg, https://cpdp.bg/. Croatian Personal Data Protection Agency, Selska cesta 136, HR – 10 000 Zagreb, Bulgaria; telephone number: +385 1 4609 000; e-mail: azop@azop.hr, https://azop.hr/. If the application is submitted electronically, it must comply with the requirements of Section 19 (1) of Act No 71/1967 Coll. on Administrative Proceedings (Administrative Procedure Code). |
Final provisions
Security
All Personal Data that we collect, and process is protected by appropriate technical means and security measures to prevent unauthorized access to or misuse of such Personal Data. We continuously improve and implement new administrative, technical and organizational measures to ensure adequate security of Personal Data.
Notwithstanding all of our measures, it is important to keep in mind that data transmission over the public network of the Internet or any storage of electronic data cannot be 100% secure..
Changes to the Terms
We are entitled to change or modify this Privacy Policy at any time.
If we make any changes to these Privacy Terms, we will post the new Privacy Terms.
Such changed Privacy Terms will be effective as of the time we designate as the effective date, and by using the Website and Services, you signify your agreement to these new Privacy Terms.
Applicability
Provisions of this Privacy Policy shall apply in all cases where GDPR is applicable. In cases where GDPR is not applicable We reserve to apply provisions of this Privacy Policy selectively or not in its entirety. In case other laws than GDPR apply in your particular case, We shall follow then in a appropriate manner.
Contact Us
If you have any questions, queries or requests about this Processing Policy, wish to withdraw your consent or exercise your rights, please contact us by email at info@ceeatt.com.