Privacy Policy

1. Introduction

EPARTNERS AG (the “Law Firm,” hereinafter also referred to as “we,” “us”) is a law firm based in Zurich.

In the course of our business activities, we collect and process personal data, in particular personal data about our clients, related parties, counterparties, courts and authorities, correspondent law firms, professional and other associations, visitors to our website, participants in events, recipients of newsletters and other entities or their contact persons and employees (hereinafter also referred to as “you”). This Privacy Policy provides information about this data processing.

If you disclose data about other persons to us (e.g., family members, representatives, counterparties, or other related persons), we assume that you are authorized to do so and that this data is correct and that you have ensured that these persons are informed of this disclosure, insofar as a legal obligation to provide information applies (e.g., by bringing this Privacy Policy to their attention in advance).

This Privacy Policy is not part of any contract with you. We may amend this Privacy Policy at any time. The version published on this website is the current version.

2. Information about the Controller

The controller responsible for the processing described in this Privacy Policy is:

EPARTNERS AG
Hardturmstrasse 11
8005 Zürich
info@epartners.ch

3. Purposes of Processing

When you use our services, visit www.epartners.ch (hereinafter referred to as the “website”), or otherwise interact with us, we collect and process various categories of your personal data. In principle, we may collect and otherwise process this data for the following purposes in particular:

• Communication: We process personal data so that we can communicate with you and with third parties, such as parties to proceedings, courts, or authorities, by email, telephone, letter, or other means (e.g., to respond to inquiries, in the context of legal advice and representation, and in the context of contract initiation or execution). This also includes sending our clients, contractual partners, and other interested parties information about events, changes in the law, news about our law firm, or similar matters. This may take the form of newsletters and other regular communications (electronically or by mail). You can opt out of such communication at any time or refuse or revoke your consent to such communication. For this purpose, we process in particular the content of the communication, your contact details, and the peripheral data of the communication.
• Initiation and conclusion of contracts: With regard to the conclusion of a contract, such as in particular a contract establishing a client relationship, with you or your client or employer, which also includes the clarification of any conflicts of interest, we may in particular process your name, contact details, powers of attorney, declarations of consent, information about third parties (e.g., contact persons, information about your family and counterparties), contract content, date of conclusion, creditworthiness data, and any other data that you provide to us or that we collect from public sources or third parties (e.g., commercial registers, credit agencies, sanctions lists, media, legal protection insurance companies, or the internet).
• Administration and execution of contracts: We collect and process personal data so that we can fulfill our contractual obligations towards our clients and other contractual partners (e.g., suppliers, service providers, correspondent law firms, project partners) and, in particular, so that we can provide and demand the contractual services. This also includes data processing for client management (e.g., legal advice and representation of our clients before courts and authorities and correspondence) as well as data processing for the enforcement of contracts (debt collection, legal proceedings, etc.), accounting, and public communication (to the extent permitted). For this purpose, we process in particular the data that we have received or collected in the course of initiating, concluding, and executing the contract, as well as data that we create in the course of our contractual services or that we collect from public sources or other third parties (e.g., courts, authorities, counterparties, information services, media, detective agencies, or from the Internet). This data may include, in particular, minutes of meetings and consultations, notes, internal and external correspondence, contract documents, documents that we create and receive in the course of proceedings before courts and authorities (e.g., statements of claim, appeals, and complaints, judgments, and decisions), background information about you, counterparties or other persons, as well as other mandate-related information, performance records, invoices, and financial and payment information.
• Operation of our website: In order to operate our website securely and stably, we collect technical data such as your IP address, information about the operating system and settings of your device, the region, the time and the type of use. We also use cookies and similar technologies. For further information, see section 8.
• Improvement of our electronic offerings: In order to continuously improve our website, we collect data about your behavior and preferences, for example by analyzing how you navigate through our website.
• Security purposes and access controls: We collect and process personal data to ensure and continuously improve the appropriate security of our IT and other infrastructure. This includes, for example, monitoring and controlling electronic access to our IT systems and physical access to our premises, analyzing and testing our IT infrastructure, performing system and error checks, and creating backup copies.
• Compliance with laws, directives, and recommendations from authorities and internal regulations (“compliance”): We collect and process personal data to comply with applicable laws (e.g., to combat money laundering, tax obligations, or our professional duties), self-regulation, certifications, industry standards, our corporate governance, and for internal and external investigations in which we are a party (e.g., by a law enforcement or supervisory authority or a private agency commissioned to do so).
• Risk management and corporate governance: We collect and process personal data for risk management (e.g., to protect against criminal activities) and corporate governance. This includes, among other things, our business organization (e.g., resource planning) and corporate development.
• Job applications: If you apply for a job with us, we collect and process the relevant data for the purpose of reviewing your application, conducting the application process, and, if your application is successful, preparing and concluding a corresponding contract. In addition to your contact details and the information provided in the relevant communication, we also process the data contained in your application documents and any additional data we may obtain about you, e.g. from professional social networks, the Internet, the media, and references, if you consent to us obtaining references.

4. Obtaining Data

• From you: You provide us with most of the data we process (e.g., in connection with our services, the use of our website, or communication with us). You are not obliged to disclose your data, with exceptions in individual cases (e.g., legal obligations). However, if you wish to conclude contracts with us or use our services, for example, you must provide us with certain data. It is also not possible to use our website without data processing.
• From third parties: We may also collect data from publicly available sources (e.g., debt collection registers, land registers, commercial registers, media, or the Internet, including social media) or obtain it from (i) authorities, (ii) your employer or client who has a business relationship with us or is otherwise involved with us, as well as from (iii) other third parties (e.g., clients, counterparties, legal protection insurers, credit agencies, address brokers, associations, contractual partners, Internet analysis services). This includes, in particular, data that we process in the course of initiating, concluding, and executing contracts, as well as data from correspondence and meetings with third parties, but also all other categories of data in accordance with Section 3.

5. Disclosure of Personal Data

In connection with the purposes listed in section 3, we transfer your personal data in particular to the categories of recipients listed below. If necessary, we will obtain your consent for this or obtain an exemption from our professional confidentiality obligation from our supervisory authority.

• Service providers: We work with service providers in the US and abroad who (i) process data on our behalf (e.g., IT providers), (ii) process data jointly with us, or (iii) process data on their own responsibility that they have received from us or collected for us.
• Clients and other contractual partners: This primarily refers to clients and other contractual partners of ours to whom your data is transferred on the basis of the contract (e.g., because you work for a contractual partner or because they provide services for you). This category of recipients also includes entities with whom we cooperate, such as other law firms in the US and abroad or legal expenses insurers. The recipients process the data on their own responsibility.
• Authorities and courts: We may disclose personal data to government agencies, courts, and other authorities in the US and abroad if this is necessary for the fulfillment of our contractual obligations and, in particular, for the management of our client relationship, or if we are legally obliged or entitled to do so, or if this appears necessary to protect our interests. These recipients process the data on their own responsibility.
• Counterparties and persons involved: If necessary for the fulfillment of our contractual obligations, in particular for the management of mandates, we also pass on your personal data to counterparties and other persons involved (e.g., guarantors, financiers, affiliated companies, other law firms, informants, or experts, etc.).
• Other persons: This refers to other cases where the involvement of third parties arises from the purposes set out in section 3. This includes, for example, delivery addresses or payment recipients specified by you, third parties acting as representatives (e.g., your lawyer or bank) or persons involved in official or court proceedings. We may also pass on your personal data to our supervisory authority, in particular if this is necessary in individual cases to release us from our professional confidentiality obligations. If we work with the media and provide them with material (e.g., photos), you may also be affected. In the course of business development, we may sell or acquire businesses, parts of businesses, assets, or companies, or enter into partnerships, which may also result in the disclosure of data (including data relating to you, e.g., as a client or supplier or as their representative) to the persons involved in these transactions. When communicating with our competitors, industry organizations, associations, and other bodies, data relating to you may also be exchanged.

All of these categories of recipients may in turn involve third parties, meaning that your data may also become accessible to them. We can restrict processing by certain third parties (e.g., IT providers), but not by other third parties (e.g., authorities, banks, etc.).

6. Location of Data Processing

We process and store personal data mainly in Switzerland and in the European Economic Area (EEA), but depending on the case – for example, via subcontractors of our service providers or in proceedings before foreign courts or authorities – potentially in any country in the world. Your personal data may also be transferred to any country in the world in the course of our work for clients.

If a recipient is located in a country without adequate data protection, we contractually oblige the recipient to maintain an adequate level of data protection (we use the revised standard contractual clauses of the European Commission, which are available here, including the additions required for Switzerland), unless it is already subject to a legally recognized set of rules for ensuring data protection. We may also disclose personal data to a country without adequate data protection without entering into a separate agreement if we can rely on an exception to this rule. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract that is in your interest requires such disclosure (e.g., if we disclose data to our correspondent law firms), if you have given your consent or it is not possible to obtain your consent within a reasonable period of time and the disclosure is necessary to protect your life or physical integrity or that of a third party, or if the data is data that you have made generally accessible and you have not objected to its processing. We may also rely on the exception for data from a register provided for by law (e.g., HR) to which we have been granted legitimate access.

7. Your Rights

You have certain rights in connection with our data processing. In particular, under applicable law, you may request information about the processing of your personal data, have inaccurate personal data corrected, request the deletion of personal data, object to data processing, request the disclosure of certain personal data in a commonly used electronic format, or request its transfer to other controllers.

If you wish to exercise your rights against us, please contact us; our contact details can be found in section 2. In order to prevent misuse, we must identify you (e.g., with a copy of your ID, if necessary).

Please note that these rights are subject to conditions, exceptions, or restrictions (e.g., to protect third parties or trade secrets, or due to our professional confidentiality obligations). We reserve the right to redact copies or provide only excerpts for data protection or confidentiality reasons.

8. Cookies

When you use our website (including newsletters), data is collected and stored in logs (in particular technical data). We may also use cookies and similar technologies (e.g., pixel tags or fingerprints) to recognize website visitors, evaluate their behavior, and identify preferences.

A cookie is a small file that is transmitted between the server and your system and enables a specific device or browser to be recognized.

You can set your browser to automatically reject, accept, or delete cookies. You can also deactivate or delete cookies on a case-by-case basis. You can find out how to manage cookies in your browser in the help menu of your browser.

Both the technical data we collect and cookies do not usually contain any personal data.

In addition, we use third-party tools (which may themselves use cookies) on our website, in particular to improve the functionality or content of our website (e.g., integration of maps) and to compile statistics.

Currently, we may use offers from the following service provider in particular, whose contact details and further information on the individual data processing operations can be found in the respective privacy policy:

• Google Analytics
  Provider: Google Irland
  Privacy policy: https://support.google.com/analytics/answer/6004245
  Information for Google accounts: https://policies.google.com/technologies/partner-sites?hl=de

The third-party provider is located outside Switzerland. Information on the disclosure of data abroad can be found in section 6. In terms of data protection law, they are partly “only” processors for us and partly responsible bodies. Further information on this can be found in the privacy policy.