Privacy Policy
1. General information
1.1. The controller of your Personal Data is Law Firm LEADLEX OÜ, registry code 14928289, legal address Liikuri 41/3-15, Tallinn, Estonia
1.2. We operate the Website and Social Network Accounts, and we act as your controller of your Personal Data by offering and providing the Services, performing our day-to-day operations or complying with legal requirements.
1.3. We care about your privacy and the security of your personal data, therefore we have created the present Privacy Policy (hereinafter referred to as the “Privacy Policy”), which explains how we process and protect your personal data, what your rights are secured, and provides other information about the processing of your personal data.
1.4. As used in this Privacy Policy, the term “personal data” (hereinafter referred to as the “Personal Data”) means any information or set of information by which we may directly or indirectly establish your identity, such as your name, surname, e-mail address, telephone number, etc.
1.5. When processing your Personal Data, we comply with the provisions of the General Data Protection Regulation No. 2016/679 (ES) (hereinafter referred to as the GDPR) and the requirements of the legal acts of the Republic of Lithuania, as well as the instructions of the controlling authorities.
1.6. The Privacy Policy applies when you visit our website, available at leadlex.eu (and leadlex.ee) (hereinafter referred to as the “Website”), our social network accounts on Instagram, Facebook and LinkedIn (hereinafter referred to as the “Social Network Accounts”), review the information we provide, enter into a legal services agreement with us, and we provide you with legal services (hereinafter referred to collectively as the Services), supply or provide us with your goods or services, register and participate in events organised by us, subscribe to our newsletter, contact us by phone, e-mail communication channels, asking other questions, applying for a job we offer, etc.
1.7. The Website may contain links to external websites, such as the websites of our business partners or websites promoting us and our Services. By following such links to any of these websites, please note that these websites have their own separate privacy policies and that this Privacy Policy does not apply to them. Please review their privacy policies before submitting your Personal Data to these websites or using their offers.
1.8. Please be advised that this Privacy Policy is subject to change, therefore please visit the Website from time to time to read the latest version of the Privacy Policy published.
2. What user personal data do we collect and process
2.1. We are processing your Personal Data obtained in the following ways:
2.1.1. When you provide us with Personal Data, for example, you enter into an agreement with us, receive our Services, participate in events organised by us, contact us by e-mail or phone, subscribe to our newsletter, etc.;
2.1.2. When we collect your Personal Data during your use of the Website, Social Network Accounts, such as your IP address, history of visits to the Website, choices, URL links opened, etc. automatically.
2.1.3. When we receive the Personal Data from other persons, such as when we receive information about payments made, etc. from public registers, state or local government institutions or bodies, our partners, for example, other third parties, such as payment institutions.
2.1.4. When your Personal Data is provided to us by your relatives or acquaintances with your consent, as well as when your data is provided by companies (your employers), for example, specifying your contact information referring to you as an authorised person, etc.
2.2. We process your Personal Data in order to offer and provide you with the Services, to fulfil our contractual obligations, as well as to pursue our or third parties’ legitimate interest in carrying out instructions or obligations prescribed by the legal acts.
2.3. By providing Personal Data to us, you are responsible for the accuracy, completeness and relevance of such Personal Data. When providing us with their personal data, a person must provide complete and correct information about themselves. If we are provided with inaccurate, false or misleading Personal Data, we have the right to delete such data or restrict access to the Website, the Services and so on.
2.4. When providing the Personal Data about other persons (e.g. your relatives, employees, other authorised persons), you shall be responsible for the accuracy, completeness and relevance of such Personal Data, as well as for such person’s consent to the disclosure of his or her Personal Data to us. When you provide such data, we may ask you to confirm that you have the right to provide it. If necessary (for example, such a person inquires us about the receipt of his or her Personal Data), we will identify you as the provider of such data.
You have the right to refuse or withdraw your consent to the processing of your data at any time when the data is processed on the basis of your consent.
2.5. In some cases, we may send you messages related to the provision of the Services or call you, for example, we may inform you about the performance of the Services, etc. Such messages are necessary for the proper provision of the Services and shall not be considered promotional messages.
2.6. We publish information about ourselves and our activities in Social Network Accounts. In addition to this Privacy Policy, the users of Social Network Accounts are also subject to the privacy policies and policies of the managers of social networks that contain Social Network Accounts. When you contact us on Social Network Accounts, we may see certain information about your account, depending on the social network privacy settings you choose. If you post information by communicating with us on Social Network Accounts, depending on the privacy settings you choose, the information you post may be made public (for example, displayed on our specific Social Network Account).
2.7. You have the right to change and update your information provided to us. In some cases, we need to have accurate, up-to-date information about you, so we may ask you to periodically confirm that the information we have about you is correct.
3. How do we use your personal data and what principles fo we apply
3.1. We collect and process only such Personal Data which is necessary to achieve the purposes of the Personal Data processing we have specified.
3.2. When processing your Personal Data, we:
3.2.1. Comply with the requirements of effective and applicable legislation, including the GDPR;
3.2.2. Process your Personal Data in a lawful, fair and transparent manner;
3.2.3. Collect your Personal Data for specified, clearly defined and legitimate purposes and do not process it in a way incompatible with those purposes, except to the extent permitted by law;
3.2.4. Take all reasonable steps to ensure that Personal Data that is inaccurate or incomplete, in accordance with the purposes for which it is processed, would be rectified, supplemented, suspended or deleted without delay;
3.2.5. Keep it in such a form that your identity can be established for no longer than it is necessary for the purposes for which the Personal Data is processed;
3.2.6. Do not provide the Personal Data to third parties or disclose it, in other ways than as set forth in the Privacy Policy or applicable law;
3.2.7. Ensure that your Personal Data is processed securely.
3.3. Statistical data about LEADLEX visitors may be accessed by employees in our marketing and IT departments who are responsible for analysing that data and for improving our website.
4. How do we protect your personal data
4.1. Your Personal Data shall be handled responsibly, securely and is protected from loss, unauthorised use and alteration. We have put in place physical and technical measures to protect the information we collect from accidental or unlawful deletion, damage, alteration, loss, disclosure, as well as from any other unlawful processing. Security measures for the Personal Data shall be determined taking into account the risks arising from the processing of the Personal Data.
4.2. Our employees have signed a written undertaking not to disclose or distribute your Personal Data to third parties, unauthorised persons.
4.3. The Personal Data being processed by us shall be processed by our employees as well as by advocates and assistant advocates who provide services to us under a service agreement.
5. Your rights and how you may exercise them
5.1. By contacting LEADLEX via e-mail at info@leadlex.eu, you may exercise your right:
- to require access to your personal data;
- to require rectification of your personal data;
- to require erasure of your personal data;
- to withdraw consent to processing of your personal data, where applicable.
In some cases you may have a right to request a restriction on processing your personal data or to object to processing of your personal data.
You may exercise your rights in line with the requirements of applicable EU and local laws.
If personal data is erased at your request, LEADLEX will only retain such copies of the information as are necessary to protect our or third party legitimate interests, comply with governmental orders, resolve disputes, troubleshoot problems, or enforce any agreement you have entered into with LEADLEX.
You may disable cookies by your browser settings, or by visiting here:
6. To whom do we transfer your personal data
6.1. We will only transfer your Personal Data as described in this Privacy Policy.
6.2. We may transfer your Personal Data to:
6.2.1. Our partners or consultants, such as auditors, other attorneys, tax consultants, etc., as well as Personal Data processors invoked by us, such as ancillary service providers, IT companies, advertising and marketing service companies, archive service providers, accounting services companies, companies providing insurance services or collecting payments, etc. We require the data processors to retain, process and handle the Personal Data as responsibly as we do and only in accordance with our instructions.
6.3. We normally process Personal Data in the EEA, but in some cases your Personal Data may be transferred outside the EEA. Your Personal Data will only be transferred outside the EEA under the following conditions:
6.3.1. The data is transferred only to our trusted partners, with whom we have signed standard contractual clauses approved by the European Commission, which ensure the security of your Personal Data;
6.3.2. A special permit has been obtained from the State Data Protection Inspectorate of the Republic of Lithuania to carry out such a transfer;
6.3.3. The European Commission has taken a decision on the suitability of the country in which our partner is established, i.e. an adequate level of security is ensured; or
6.3.4. You have given consent to the transfer of your Personal Data outside the EEA.
6.4. The Google Analytics tool provided by Google Inc. (a US company) has access to statistical data collected by that tool. Google Inc has subscribed to the EU-US Privacy Shield principles EU – US Privacy Shield list, which confirms that what we have provided complies with mandatory EU privacy standards. Contractual obligations to ensure privacy are also applied to this provider, which you may read here: https://www.google.com/analytics/terms/dpa/dataprocessingamendment_20160909.html.
7. How long do we store data?
LEADLEX uses collected statistical data for analysis for up to three years.
Cookies are usually valid for a short term (a day, a week or a month), though in some cases they may remain valid for up to a year.
You can control and/or delete cookies as you wish – for details, see http://www.youronlinechoices.com/. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. But if you do this you may have to manually adjust some preferences every time you visit a site, while some services and functionalities may not work.
8. Marketing
If you subscribe to the LEADLEX newsletter via the LEADLEX website or otherwise provide LEADLEX with your business contact details, LEADLEX may send you updates, newsletters or legal alerts which may be of interest to you.
8. Cookies
What are cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. A cookie enables the website to remember your actions and preferences ‒ such as login, language, font size and other display preferences ‒ over a period, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
How does LEADLEX use cookies?
The LEADLEX website uses cookies to collect your IP address and browsing information, such as the websites you have visited or the time you have spent on each page, and allows the Website to remember your system and preferences.
Other cookies allow LEADLEX to track website traffic and users’ interaction with the website – LEADLEX uses this data to analyse visitors’ behaviour and to improve visitors’ experience. These cookies are placed and used by the Google Analytics tool.
Cookies are placed on your device only if you consent, unless cookies are required for strictly technical functioning of the website. However, note that if you do not consent to the use of cookies, certain functions of the website may not function properly or may not function at all.
The legal basis for the use of cookies is Sorainen’s legitimate interest in ensuring the technical functionality of the website. When cookies are used to remember your choices or for statistical purposes, the legal basis is your consent.
9. Logs
The server that hosts the LEADLEX website may also record requests you make to the server, such as the web address you open, the device and browser you use, your IP address, date and time of access. This data is used only for technical purposes – that is, to ensure the proper functioning and security of the website and to investigate possible security incidents. The basis for collecting and using such data is LEADLEX legitimate interest in ensuring the technical availability and security of the LEADLEX website.
9. Website browsing statistics
LEADLEX is constantly improving its website and aims to make using it as easy as possible. For this purpose, LEADLEX needs to know what information is most relevant to website visitors, how often they connect, what browser and device they use, what content is mostly read, what region visitors come from, and similar demographics and statistics.
LEADLEX collects this information by using an automated tool called Google Analytics. This allows LEADLEX to record and analyse how visitors use the website.
You can learn more about how Google Analytics works and the information it allows us to collect and analyse here – https://support.google.com/analytics/answer/1012034?hl=lten&ref_topic=6157800
Sorainen uses this data on the basis of our legitimate interest as a business in improving our understanding of client needs and preferences in order to constantly enhance our services and improve client access to information that LEADLEX publishes.
You may at any time disable collection of your data by Google Analytics, as described here – https://tools.google.com/dlpage/gaoptout/.
10. Contact us
10.1. If you have any questions about the information provided in this Privacy Policy, please contact:
By e-mail to: info@leadlex.e8;
By phone: +37258172138;
10.2. If you wish to make a complaint about our processing of the Personal Data, please bring it to us in writing, providing as much information as possible. We will work with you and try to resolve any issues immediately.
10.3. If you think that your rights have been violated in accordance with the GDPR, you may submit a complaint to our supervisory authority – the State Data Protection Inspectorate, more information and contact details can be found on the Inspectorate’s website (https://vdai.lrv.lt/). We strive to resolve all disputes promptly and amicably, so we invite you to contact us first.