Privacy and cookie- statement Legal Future
Legal Future is a company based in the Netherlands that mainly focuses on providing legal services to both SMEs and the government.
Legal Future processes personal- and other data in various ways. The GDPR requires this data to be adequately protected and that privacy is safeguarded, protected and maintained.
Legislation and definitions
On 25 May 2018, the General Data Protection Regulation (GDPR) came into force, along with its implementation into national law. The GDPR strengthens and expands privacy rights with more responsibilities for companies and other organizations. This also applies to Legal Future.
The AVG uses the following terms which have the same meaning as in the Regulation:
- Data subject: The (potential) customer whose personal data is processed by Legal Future;
- Processor: The person or company that processes and manages customers’ personal data, in this case Legal Future;
- Personal Data: Any data that is traceable to a specific natural person. On the one hand, there are general personal data, such as a person’s name, age, gender, e-mail address and address details. When special personal data is mentioned, it refers to sensitive subjects such as someone’s ethnic background, political or sexual preferences. These data deserve extra protection under the law.
- Processing: Processing refers to everything the processor does with personal data, such as recording, storing, merging, providing to a third party or destroying.
The AVG applies the following principles in the careful and responsible processing of personal data, and Legal Future conforms to them:
- Lawfulness, propriety and transparency: Legal Future processes personal data only in accordance with the law and does so with care;
- Basis and purpose limitation: Legal Future ensures that personal data is only processed with a just basis, i.e. only for sufficiently defined and determined (business) purposes;
- Data minimization: Legal Future only retains personal data that is absolutely necessary for its business operations. As little personal data as possible is collected;
- Retention period: Legal Future retains personal data only for as long as necessary and deletes them afterwards, unless they need to be retained for longer based on a legal obligation;
- Integrity and confidentiality: Legal Future handles this personal data with care and treats it confidentially;
- Subsidiarity: when processing personal data, Legal Future strives to limit the infringement on the privacy of the data subject as much as possible.
- Proportionality: the purpose of processing personal data must not be disproportionate to the infringement of the data subject’s interests.
Legal Future collects personal data primarily for the provision of its services to clients. These (potential) clients must be able to trust that Legal Future will handle their personal data carefully and securely.
Purpose of collecting
Personal data may only be collected if a clear purpose is set for it. The purpose must be explicitly defined and justified. Personal data may not be processed for other purposes.
The main purposes of processing personal data by Legal Future are:
- Contacting the customer, for the purpose of performing its services as efficiently as possible;
- For marketing purposes, in particular for sending the newsletter.
The law states that there must be a lawful basis for any processing of personal data. This may be based on the AVG or other specific laws and regulations. The lawful bases on which Legal Future relies are:
- To fulfil a legal obligation;
- When the data subject has given consent for the specific processing.
Processing of personal data
Legal Future processes personal data in various ways. For example, when potential customers leave contact details on the website through the contact form. This includes the customer’s name, e-mail address and telephone number. This enables Legal Future to contact that customer and address the person by their name.
It may also be the case that customers voluntarily sign up for the newsletter, leaving their e-mail address on the website.
In case a potential client chooses to purchase services from Legal Future, additional personal data is required for billing purposes, such as:
- Home or business address;
- Financial information such as an bank account number;
- In the case of a company: contact details of a director or manager;
- Any medical conditions that may be relevant to the service provided will be handled with extra discretion.
Within any company or organization, a data breach may occur. Naturally, Legal Future does its utmost to prevent this and takes the necessary ICT and security measures to minimize the chances of this happening. What is meant by a data leak is the case when personal data falls into the hands of a third party who is not authorized to have access to the data. In case a data breach does occur, Legal Future reports it to the Personal Data Authority (AP) within 72 hours. If the breach poses a high risk to the rights and freedoms of data subjects, Legal Future notifies its customers in simple and clear language.
Communication with data subjects
The GDPR requires businesses to communicate transparently to data subjects. When a client provides personal data to Legal Future, he or she is informed by the company of how this data is handled, namely in the following ways:
The GDPR requires organizations to communicate that they are acting in accordance with the law. Legal Future ensures this by:
- Placing a privacy- and cookie statement on its website where it can be easily and freely accessed by all visitors;
- Attaching this privacy and cookie statement to its general terms and conditions or sending it as an attachment to the order confirmation. In some cases, a link in the order confirmation to this privacy and cookie statement on the website will suffice.
The removal of personal data
Legal Future retains personal data no longer than necessary for the performance of its services, or for however long the legal retention period for specific personal data requires. Personal data retained after the customer has ceased to purchase services from Legal Future will be destroyed as soon as possible.
Rights of data subjects
The GDPR stipulates not only the duties of the processor of personal data, in this case, Legal Future but also the rights of data subjects. These rights are listed in the GDPR as follows:
Right to information: the data subject has the right to know whether personal data Legal Future processes from him/her;
Right of inspection: data subject has the right to inspect and control what personal data is processed by Legal Future;
Right of rectification: personal data that is incorrect will be corrected at the request of the data subject;
Right to object: data subject has the right to request Legal Future to stop using their personal data;
Right to be forgotten: The data Subject has the right to have their personal data deleted after they stop receiving services from Legal Future, excluding the legal retention period for certain data (mainly for tax purposes).
The Data Subject may submit a request to make use of the above requests to Legal Future in writing, by telephone or electronically, after which it will contact the Data Subject as soon as possible.
Cookies are mini files that can be placed on a device connected that is connected to the internet, such as a computer, phone or tablet. Cookies can be used to collect or store information about how a person behaves on a website.
How long do cookies last?
Some cookies are deleted automatically at the end of a session, i.e. when you close the browser. Other cookies are stored for longer periods of time, ranging from one day to an indefinite period (persistent cookies).
The purpose of cookies
Cookies mainly make websites easier to use. For example, cookies remember language settings, what was in your shopping basket and login details.
- To ensure that the website functions properly;
- For website statistics: to gain insight into the number of visitors to the website and which parts are visited;
- For possibly placing advertisements relevant to you.
When first visiting Legal Future’s website, you can set your cookie preferences. When accepting all cookies, including permanent cookies, one’s preferences will be saved. Think of language settings, login details and so on. These cookies aim to make the user experience as pleasant as possible for you. You can delete permanent cookies via your browser settings.
When you accept all cookies, tracking cookies may also be placed on your device. Tracking cookies track individual browsing behaviour and create profiles to send advertisements. This profile cannot be traced back to a specific person. Using tracking cookies, it is possible for us to show you a suitable advertisement.
Session cookies track the visitor’s behaviour while visiting the website. We can then see which parts of the website have been visited. This cannot be linked to any specific individual. When you close your browser, session cookies are deleted.
When visiting our website for the first time, you can indicate whether you want only functional or optional cookies. You are not obliged to accept all types of cookies.
Google Analytics is a software program from Google that provides insight into visitor behaviour on our website. Among other things, it gives insight into the number of visitors, where they come from and where they navigate to. On behalf of Legal Future, a cookie is set by Google as part of its Analytics service. This data is anonymized as much as possible by Google and cannot be linked to an IP address.
Version: August 2023