Hoesseinzada Legal Services respects your personal data and ensures that the personal information provided to it or otherwise obtained by it is treated confidential. Personal data includes all (indirect) information about a person or “data subject”. Hoesseinzada Legal Services processes personal data in order to provide services, to improve services and to communicate personally with you as a data subject. The following implements Hoessenzada Legal Services’ obligations pursuant to the GDPR in relation to the data subject(s) whose personal data Hoesseinzada Legal Services processes. This privacy statement is based on the model provided by the Dutch Bar Association.

Purposes of processing personal data

Hoesseinzada Legal Services processes the personal data mentioned below for the following purposes:

• Entering into contracts for the provision of legal services and the performance thereof;
• invoicing, debtor and creditor administration, including, where necessary, taking collection measures;
• the provision of advice or making referrals;
• complying with our legal and statutory obligations, including complying with (identification) obligations pursuant to the Dutch Attorneys Act (Advocatenwet) and the Dutch Anti-Money Laundering and Anti-Terrorist Financing Act (Wet ter voorkoming van witwassen en financiering terrorisme);
• communication with clients, counterparties and all other parties involved in a case; and
• relationship management.

What personal data is processed?

Hoesseinzada Legal Services processes the following (types or categories of) personal data for the purpose of providing its services:

• Personal data such as names, functions, titles, addresses, dates of birth, gender, copies of identity documents, telephone numbers and e-mail addresses;
• Documents, such as correspondence, procedural documents, recommendations, reports and various documents related to the provision of legal services. Where appropriate, this may include the processing of special personal data or personal data relating to criminal law; and
• Financial data, such as bank account numbers and payment details for the purposes of invoicing.

Hoesseinzada Legal Services may obtain these data from the data subject himself or from third parties, such as other clients, judicial authorities and counterparties or their lawyers/authorized representatives.

Legal basis for processing personal data

Hoesseinzada Legal Services processes the personal data mentioned above exclusively on the basis of the following grounds as referred to in Article 6 of the GDPR:

• legal obligation (for example the obligation to verify a client’s identity);
• necessity for the performance of a contract with regard to legal services (for example including personal data in an engagement letter);
• obtained consent from data subject(s); and
• legitimate interests of Hoesseinzada Legal Services or third parties, including its clients.

Sharing personal data with third parties

Hoesseinzada Legal Services will only share your personal data with third parties to the extent necessary to provide its services in compliance with the purposes mentioned above. Hoesseinzada Legal Services may also share personal data in connection with (legal) proceedings or correspondence with counterparties and their attorneys/authorized representatives. In addition, Hoesseinzada Legal Services may provide personal data to a third party, such as a supervisory authority or any public authority, insofar its legally obliged to do so.

Where required, a processing agreement shall be concluded with a party that processes your personal data on behalf of Hoesseinzada Legal Services, which party shall also be obliged to treat the personal data to be processed with due care. Third parties engaged by Hoesseinzada Legal Services, who offer services as independent data processors, are themselves responsible for the (further) processing of your personal data in compliance with the GDPR.

Security of personal data

Hoesseinzada Legal Services attaches great importance to the security and protection of your personal data and, taking into account the state of the art, implements appropriate technical and organizational measures to ensure a risk appropriate security level. In case Hoesseinzada Legal Services makes use of services of third parties, such as an IT supplier, Hoesseinzada Legal Services will include adequate security measures in a processor’s agreement for the protection of personal data.

Data retention

Hoesseinzada Legal Services does not keep personal data that is processed by it any longer than necessary for the aforementioned purposes of data processing or as required by law and regulations.

Statistics and cookies

Hoesseinzada Legal Services does not keep track of usage data of its website for statistical purposes and will therefore not collect personal data in this way.

Privacy rights of data subjects

A request for inspection, rectification, restriction, opposition, data portability, deletion of your personal data or withdrawal of previously given consent can be send via the contact details below. You will receive further notice within 3 weeks of receipt of your request.

There may be circumstances under which Hoesseinzada Legal Services cannot or cannot fully implement your request as a data subject. These include the duty of confidentiality of lawyers, prevailing rights of third parties and statutory retention periods.

Your requests as referred to above can be addressed to abas@hoesseinzada.com.

A request must be clear and reasoned. To ensure that we provide the personal data in question to the correct person on the basis of your request, we will ask you to provide sufficient identification. Hoesseinzada Legal Services will only handle requests that relate to your own personal data.

Changes to this privacy statement

Hoesseinzada Legal Services has the right to change the content of this privacy statement at any time without prior notice. Any changes to the privacy statement will be published on www.hoesseinzada.com/privacy-statement.