Privacy Policy on the Processing of Personal Data

Updated on August 31, 2023

 

HDC is a law firm organized as a simple partnership consisting of five partner attorneys (Me Fabien Hohenauer, Me Étienne Campiche, Me Sylvain Métille, Me David Raedler, and Me Valérie George), with offices at Avenue de Sévelin 15 in Lausanne (hereinafter: “we”).

This Privacy Policy informs you about how we process your personal data. In the course of our activities, primarily in the conclusion and execution of our mandates, we jointly process personal data.

For any questions regarding the processing of your personal data, you can directly contact the partner responsible for your case by email or by postal mail at the following address: HDC, Case postale 851, 1001 Lausanne.

 

Personal Data We Process

Conclusion and Execution of Mandates

 

In the context of our mandates, we may process personal data that may be provided either by you, by third parties, or collected directly by us (including from public registers or the internet). This may include data related to your identity (first name, last name, etc.), contact details (postal address, email address, phone number, etc.), personal status (marital status, nationality, etc.), your roles (company, position, etc.), or payment information.

We may also process data related to all individuals connected to the mandate (our clients, opposing parties, their representatives, government personnel, other individuals involved in the mandate, etc.). Depending on the mandate, this personal data may vary and relate, for example, to individuals’ identities, contact details, roles, correspondence, financial situations, health, family, administrative or legal status, employment relationships, etc.

This personal data is processed as part of the conclusion and execution of our mandates to provide our legal services, document them, invoice them, and fulfill our legal obligations.

 

Website and Cookies

 

To operate our website (www.hdclegal.ch), we may process technical data, such as your IP address, browser information, and some limited settings of your device. We do not request your consent for cookies, as they are necessary, and we have opted out of using any other types of trackers (such as performance or targeted advertising cookies).

When you interact with us via social media (LinkedIn, X), you accept the terms of those social media platforms and the disclosure of data that you make accessible to us.

 

Information on Our Activities and Publications

 

If you are already a client of the firm or if you give us your consent, we may process your identity and contact data to provide you with information on publications, events, news, new services, or products related to the firm’s activities that may be of interest to you.

 

Retention Period

 

We process and retain your personal data for as long as necessary to fulfill our mandates. As a principle, we archive your files for 10 years from the conclusion of the mandate. However, your personal data may be retained for a longer or shorter period, particularly when a legal retention or documentation period is required, when there is an overriding private or public interest, or when you request its return or deletion, where possible.

 

Security and Confidentiality

 

We take appropriate organizational and technical measures to ensure the security of your personal data and prevent any security breaches. It is noted that the personal data and information you provide to us within the framework of a mandate are protected by attorney-client privilege.

 

Communication

 

To properly execute the mandates you entrust to us, we may internally share personal data between the different attorneys of the firm, all of whom are also bound by professional secrecy.

Likewise, we rely on subcontractors, particularly IT service providers. They only process personal data according to our instructions and are also bound by professional secrecy as auxiliaries.

Due to the nature of legal mandates, personal data is often communicated to third parties (opposing parties and their representatives, authorities, courts, etc.). This data is communicated when necessary for the proper execution of the mandate or at your request.

We may also disclose your data to third parties if required by law or an authority or to protect our rights or those of third parties.

 

Location of Processing

 

Your personal data is primarily processed in Switzerland. In certain cases, it may be transferred abroad, particularly when clients, opposing parties, or authorities are located outside Switzerland or when we need to access data from abroad.

If the concerned countries are not recognized by the Swiss Federal Council as offering an adequate level of protection, an appropriate level of protection will be ensured through contractual clauses, or the transfer will be justified by an exception (direct connection with the conclusion or execution of the mandate, consent, protection of life or physical integrity, etc.).

 

Applicable Law

 

We are subject to the provisions of the Swiss Federal Act on Data Protection (FADP). The competent supervisory authority for personal data protection is the Swiss Federal Data Protection and Information Commissioner (FDPIC).