top of page

Our Privacy Policy

1. What is the purpose of this personal data protection declaration?

​HdB Law or Hugues du Bois de Dunilac, lawyer (hereinafter “HdB” or “we”) is a law firm headquartered in Lausanne. In the course of our professional activities, we collect and process personal data, in particular those relating to our clients, persons connected to them, opposing parties, courts and authorities, affiliated law firms, associations professionals and other organizations, people who visit our website, participants in events, recipients of newsletters, as well as other organizations or their respective contact persons and employees (hereinafter also "you"). By means of this declaration, we inform you of the processing of this data. In addition to this document, we may inform you in other ways (e.g. with forms or specific contractual clauses). If you provide us with data relating to other persons (e.g. members of your family , representatives, opposing parties or other related persons), we assume that you are authorized to do so, that these data are correct and that you have ensured that these persons are informed of this communication, to the extent that a legal obligation to inform is applicable (e.g. by bringing this declaration to their attention in advance).

2. Who is responsible for processing your personal data?

 

​The person responsible for the protection of personal data is responsible for the processing described in this confidentiality policy: Hugues du Bois de Dunilac.

You can contact us by mail (Case Postale 111, 1052 le Mont-sur-Lausanne), by email:hdubois@hdb-law.com or by telephone +41 79 417 93 26 for any request relating to the use of your personal data by us as data controller.

We generally act as data controller. However, in certain circumstances we may also act as a processor for a client in the provision of our legal services, in which case our client will be the data controller. This Privacy Policy does not address how our customers use your personal data. Please contact them directly with any questions relating to their use of your personal data.

​3.   Where does personal data come from?

 

​We process personal data which is necessary for the purposes specified in this privacy policy. Subject to compliance with legal requirements and to the extent necessary for the performance of our legal services, we may process so-called sensitive data, such as data relating to health or data relating to administrative or criminal procedures and sanctions. We will only do this to the extent strictly necessary for the relevant purposes listed in the description of our processing activities (see section 4).

We may obtain your personal data:

  • On your part: you (or your terminal) communicate to us yourself the majority of the data that we process (e.g. in relation to our services, the use of our site and our applications or the communication which established with our study). You are not obliged to provide your data, except in special cases (e.g. for legal obligations). However, if you wish to e.g. ex. conclude contracts with our study or use our services, you must communicate certain data to us. The use of our site is also not possible without processing them.

  • From third parties: we may also collect data from publicly accessible sources (e.g. debt collection register, land register, commercial register, media or the Internet, including social media) or obtain it from (i) authorities, (ii) your employer or principal who is either in a business relationship with our firm or otherwise in a relationship, as well as (iii) other third parties. This includes, in particular, data that we process in the context of the preparation, conclusion and execution of contracts as well as data resulting from correspondence and interviews with third parties, but also all other categories of data in accordance with in ch. 4.

 

4. For what purpose do we process some of your personal data?

 

​When you use our services, when you browsewww.hdb-law.com (hereinafter “site”) or you contact us in another way, we collect and process different categories of your personal data. We do this, as a general rule, for the following purposes:

  • We process personal data in order to be able to communicate with third parties or yourself, such as parties to proceedings, courts or authorities, by email, telephone, letter or in any other way (e.g. to respond to requests in the context of legal advice and representation as well as the preparation or execution of contracts). To do this, we process in particular the content of the communication, your contact data as well as the related metadata.

  • Preparation and conclusion of contracts: with a view to concluding a contract, in particular one which aims to establish the mandate, with yourself or your principal or employer, which also includes the clarification of possible conflicts of interest, In particular, we may collect your name, contact details, powers of attorney, declarations of consent, information about third parties (e.g. contact persons, information about family and opposing parties), the content of the contract, the date conclusion, creditworthiness information as well as all other data that you make available to us or that we collect from public sources or third parties (e.g. commercial register, financial information companies, criminal records, media, insurance legal protection or on the Internet).

  • Management and execution of contracts: we collect and process personal data in order to fulfill our contractual obligations towards our clients and other co-contractors (e.g. suppliers, service providers, affiliated law firms, partners project) and, in particular, to provide and require contractual services. This also includes data processing for the management of mandates (e.g. legal advice and representation of our clients before courts and authorities) as well as data processing for the execution of contracts (collection, legal proceedings, etc. .), accounting and public communication (if authorized). To do this, we process in particular the data that we receive or have collected as part of the pre-contractual procedures, the conclusion and execution of the contract, as well as the data that we establish during our contractual services or that we collect from public sources or other third parties (e.g. courts, authorities, opposing parties, information companies, media, detective agencies or on the Internet). This data may in particular include reports of interviews and consultations, notes, internal and external correspondence, contractual documents, documents that we prepare and receive in the context of proceedings before courts and authorities (e.g. e.g. acts concerning complaints, requests, appeals or appeals, judgments and decisions), general information concerning you, opposing parties and other persons, as well as other information related to the mandate , proof of services, invoices as well as financial and payment information.

  • Operation of our site: In order to be able to operate our site securely and stably, we collect technical data, such as IP address, information about the operating system and settings of your device, region, duration and type of use.

  • Improving our digital offerings: In order to continuously improve our site, we collect data about your habits and preferences, e.g. ex. by analyzing the way you browse our site.

  • Security and access controls: we collect and process personal data in order to ensure and continuously improve the appropriate security of our IT system and other infrastructure. This includes e.g. ex. monitoring and controlling electronic access to our IT systems as well as physical access to our premises, analysis and testing of our IT infrastructure, system and error checks, and the creation of security backups. For documentation and security purposes (preventively and to investigate incidents), we also keep access logs or visitor lists for our premises and use surveillance systems (e.g. security cameras). security). We inform you of the presence of these systems on the sites concerned by corresponding signs.

  • Compliance with laws, instructions and recommendations from authorities and internal regulations (“compliance”): we collect and process personal data in order to comply with applicable laws (e.g. for the fight against money laundering, tax obligations or our professional obligations), self-regulations, certifications, sector standards, our “corporate governance” as well as for internal and external investigations in which we are a party (to the procedure), e.g. by a criminal prosecution or supervisory authority, or a mandated private body.

  • Risk and business management: We collect and process personal data in the context of risk management (e.g. to protect against criminal activities) and business management. This includes, among other things, our corporate organization (e.g. resource planning) and its development (e.g. purchase and sale of company shares).

  • Job application: If you apply for a job at our office, we collect and process the corresponding data for the purpose of examining your application, carrying out the selection procedure and, if necessary, preparing and concluding the contract therein. relative. To do this, we process not only your contact data and information from the corresponding communication, but also and above all the data contained in your application file, as well as any additional data that we may obtain about you, e.g. ex. from professional social networks, the Internet, media and referrals, if you consent to such access.

 

​5.   Where do personal data come from?​

  • On your part: you (or your terminal) communicate to us yourself the majority of the data that we process (e.g. in relation to our services, the use of our site and our applications or the communication which established with our study). You are not obliged to provide your data, except in special cases (e.g. for legal obligations). However, if you wish to e.g. ex. conclude contracts with our study or use our services, you must communicate certain data to us. The use of our site is also not possible without processing them.

  • From third parties: we may also collect data from publicly accessible sources (e.g. debt collection register, land register, commercial register, media or the Internet, including social media) or obtain it from (i) authorities, (ii) your employer or principal who is either in a business relationship with our firm or otherwise in a relationship, as well as (iii) other third parties. This includes, in particular, data that we process in the context of the preparation, conclusion and execution of contracts as well as data resulting from correspondence and interviews with third parties, but also all other categories of data in accordance with in ch. 4.

 

​6.   Who do we communicate your personal data to?

 

​Regarding the objectives of ch. 4, we transmit your personal data in particular to the categories of recipients mentioned below.

  • Customers and other contractual partners: We share with our customers information, including personal data, which is necessary for the performance of our contractual obligations towards them.

  • Service providers: we collaborate with service providers in Switzerland and abroad who (i) process – on our behalf (e.g. IT service providers), (ii) in joint responsibility with our study or (iii) under their own responsibility – data they have received from us or collected for us. (These service providers include e.g. IT service providers, banks, insurance companies, debt collection companies, financial intelligence companies, address checkers, other law firms or consulting companies). We enter into contracts with these third parties relating to the use and protection of personal data.

  • With third parties where we have a legal obligation to do so or a legitimate interest to do so: We may disclose your personal data where we have a legal obligation or legitimate interest to do so, for example:  to respond to a request of a judicial or administrative authority or in accordance with a legal obligation, in the context of disputes or legal proceedings which involve us or to provide services to our clients, in accordance with our conditions of engagement.

  • Other people: these are other cases, where the involvement of third parties arises from the purposes mentioned in ch. 4. This concerns p. ex. delivery recipients or payment recipients indicated by you, third parties in agency relationships (e.g. your lawyer or bank) or persons involved in administrative or legal proceedings.

 

All these categories of recipients may in turn use third parties, so that your data may also be accessible to them. We may restrict processing by certain third parties (e.g. IT service providers), but not by other third parties (authorities, banks, etc.).

 

​7.   Are your personal data also transmitted abroad?

 

​We host your personal data on servers located in Switzerland or the European Union (EU).

Given the communication of your personal data in accordance with what is provided for in this privacy policy, we draw your attention to the fact that this data may nevertheless be accessible elsewhere. In particular, several of our service providers are located in the United States from where some of your personal data may be accessible.

If your personal data is transferred or becomes accessible outside of Switzerland or the EU, we will ensure that such access complies with Swiss data protection laws and we will put in place appropriate safeguards (for example by relying on standard clauses adopted by the European Commission) or we will rely on legal exceptions such as consent, execution of contracts, establishment, exercise or enforcement of legal rights, overriding public interests or published personal data.

 

​8.  What are your rights ?

​You have certain rights in relation to our data processing. In accordance with applicable legislation, you may in particular request information on the processing of your personal data, have those that are inaccurate corrected, request their deletion, object to data processing, request the delivery of certain personal data in a digital format. current or their transfer to other responsible parties.

If you wish to exercise your rights with regard to us, please contact us using the contact details given in ch. 2. So that we can exclude any misuse, we must identify you (e.g. with a copy of your identity card, if necessary).

Please note that conditions, exceptions or restrictions apply to these rights (e.g. to protect third parties or trade secrets or due to our obligation of professional secrecy). We reserve the right to redact documents or only deliver extracts for reasons of data protection or confidentiality.​

 

9. Can this data protection declaration be changed?

 

​This protection declaration can be adapted at any time. The version published on our site is the one in force. Copyright Hugues du Bois, November 2023.

.

bottom of page