Kyriakides Georgopoulos Law Firm is a law firm incorporated in Greece as a partnership pursuant to Greek legislation, registered under the Athens Bar Association number 080009 and with head offices at 28 Dimitriou Soutsou Str., GR-11521 Athens, Greece (hereinafter referred to as “KG Law Firm”, or “we” or “us” or “our”).
Purpose of this Policy
KG Law Firm reserves the right to amend and update this Policy from time to time; please check regularly this page to be informed about changes, if and when they occur.
Description of our data processing practices
In order for us to provide the services you request, we need your personal data. This Policy describes how we process personal data we collect when you engage with us in order to receive our services and more precisely in connection with:
- engaging our legal and/or other services;
- as a result of your involvement with one of our clients
- abiding by our statutory duty on anti-money laundering and knowing our clients policy and in general complying with our legal obligations;
- managing subscriptions, marketing and other marketing material requests;
- accepting our invitations to and participation in our events;
- evaluating and recruiting personnel;
- cookies used on our website;
What personal data we collect?
We collect and process information provided to us by or on behalf of our clients and their respective executives, agents, consultants and staff for the purpose of rendering legal services. This collection and processing of personal data is justified by the scope of our function and is based on our legitimate interest as a law firm providing professional legal services, in accordance always with our commitment to inviolable trust towards our clients. .
KG Law Firm is primarily engaged by corporate entities and as such those legal entities are not data subjects. However, even within that context, personal data may be provided to us (e.g. personal information relating to any of our corporate clients’ or prospective clients’ officers or personnel, opponent or vendor or purchaser or personal information relating to their legal or other advisors or personnel, as the case may be). The personal data collected is not limited only to the kind of information that can be found on a business card, such as names, titles/position, company name, work addresses, e-mail addresses and phone numbers, but may include other identifiable information.
We further collect background information and personal data necessary not only to fulfil our statutory obligations in relation to conflict checks, anti-money laundering, knowing our clients procedures but also to prepare for legal proceedings or defend a claim or render the required legal services to our clients. To such effect we may collect and process personal data of third parties (court officers, witnesses, and other individuals involved in the legal proceedings we handle.
If you are a potential applicant to join KG Law Firm, the personal data collected is limited to:
- Your name and job title;
- Contact information including email address;
- Curriculum vitae, including your age and/or gender if you provide it to us, your education, employment history and any other information relevant to the potential recruitment that you agree to provide to us;
What is the legal basis and our legitimate interests for the processing of personal data?
We process personal data i) on the basis of our legitimate interests to provide legal services and advice to our clients (such processing is required in the aim of our clients’ legitimate interests to obtain legal advice and representation), ii) on the basis of a legitimate interest in order to comply with obligations related to the operation of our business such as maintaining our accounts, record keeping, billing and tax compliance purposes and finally, and iii) in order to meet our legal and regulatory obligations
We process special categories of personal data only if required i) for the exercise or defence of legal claims, ii) based on your consent, iii) for employment and social security law related purposes and iv) for reasons connected with a statutory provision for reasons of public interest.
How and when do we share the personal data we collect?
We may share personal information with a variety of third parties as necessary. We sub-contract third parties, after careful selection and following an appropriate due diligence conduct, as well as execution of contractual documentation to ensure that these third parties process personal information appropriately, offering the required level of protection and according to our legal and regulatory obligations.
By way of indication, we share personal information with:
- Professional advisers such as lawyers, accountants and insurers.
- Government and regulatory/supervising authorities and agencies, courts and tribunals.
- Tax authorities and Corporate Registries.
- Banking Institutions.
- Third parties which carry out outsourcing services such as, by way of indication, translation services, confidential waste disposal, IT systems or software providers, IT Support service providers, document and information storage providers, postal or courier providers who assist us in delivering documents related to a matter or postal marketing campaigns.
- Third parties engaged in the course of the services we provide to clients, such as opposing party and their lawyers, court bailiffs, witnesses, notaries, interpreters, experts, technical advisors, arbitrators, mediators, accountants and tax advisors.
- Associated law firms around the world, or law firms belonging in the same legal network as us.
- Web analysis service providers who assist us with client insight analytics, such as Google Analytics.
Confidentiality & Security
We are committed to keeping the personal information provided to us secure. To this effect we have implemented appropriate information security policies, rules, technical and organizational measures to protect the integrity, confidentiality, transparency and accessibility of the personal information we have in our possession against unauthorized access, misuse, disclosure, unauthorized modification, unlawful destruction or accidental loss.
No information system can however be 100% secure, therefore we cannot guarantee the total security of your information. In addition we cannot guarantee or be held liable for the security of the information transmitted to us by other networks (internet, wireless networks etc.).
All our professional advisers, employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of such personal information.
We shall retain your personal information for as long as necessary to fulfill the purpose for which we collect it and in particular to comply with legal, accounting or reporting regulations. The appropriate retention period will vary and will depend primarily on the purpose for which we collect and process your personal information, its nature, the potential risk of harm from unauthorized use or disclosure of same and finally the applicable legal requirements including the statute of limitations periods according to its personal data category.
You have the following rights in relation to the personal information we hold about you. You may exercise any of your rights by contacting us at the e-mail address firstname.lastname@example.org
· Right of access and rectification
The right to be informed about your personal data collected and how it is being processed and the right to request the correction of inaccurate or incomplete personal data.
· Right to erasure and to withdraw your consent
The right to request that your personal data be erased and, in cases where the processing is based on your consent, the right to withdraw your consent at any time.
· Right to restriction of processing
The right to limit processing of your personal data.
· Right to object
The right to object to certain processing of your personal data such as processing for direct marketing purposes or when we otherwise rely on our own or someone else’s legitimate interest to process your personal information.
· Right to opt-out
The right to opt out of future marketing activities at any time, by clicking the “unsubscribe” button on any of our send outs or by e-mailing email@example.com
· Right to data portability
The right to request that any transfer of personal data is made in a structured, commonly used and machine-readable format.
· Right to lodge a complaint with the supervisory authority
You also have the right to lodge a complaint with the Greek Data Protection Authority or any other Data Protection Authority of the Member State you choose.
If you wish to exercise any of your rights above or you have any questions or concerns in relation to
this policy, please use our contact details which may be found under firstname.lastname@example.org