Privacy Statement Mynta Law B.V.
1. Purpose of this privacy statement
1.1. The purpose of this privacy statement is to provide information regarding the way in which we handle personal data and the way in which we implement the rights of the owners of that personal data.
1.2. If you have specific questions about how Mynta Law B.V. handles personal data, or if this privacy statement is unclear, you can contact Arend van Rosmalen. He is the author of this document and has been designated as the contact person for privacy questions within our office.
1.3. For the sake of clarity: Mynta Law B.V. is located at Lange Voorhout 86 in The Hague, and registered in the Trade Register under number 61369667. You can reach us by telephone on working days between 09:00-12:00 and 14:00-17:00 on +31702051160, or send an e-mail to info@mynta.nl.
2. Types of personal data
The personal data that we process may be the following:
2.1. Data from internet visitors, such as IP addresses of computers and mobile devices that visit our websites, social media pages, online advertisements, banners, articles and the like, as well as data that we derive from these IP addresses, such as location data, behavioral data (how long does one visit a certain page and the like), interaction data including company names and the like;
2.2. Data from potential clients, such as the names and contact details of persons with whom we maintain general contact or who generally email, call, contact us via social media, fill in a contact form on our website, register for events, meetings, webinars and the like, as well as the personal data that is provided to us in the context of such contacts;
2.3. Data of those who seek advice from us on a one-off basis, for example the names and contact details of persons who have an (online) consultation with us and the names and contact details of persons who accompany them, of family members, (ex-)partners, relatives, or other persons involved;
2.4. Data of clients, for example the names, contact details and biometric data of those who assign a case for the provision of legal services to Mynta Law;
2.5. Data of third parties involved in cases whose identity we do not establish, for example the names and contact details of persons who are directly or indirectly involved in the execution of our legal assignment, such as decision-makers, accountants, clerks, lawyers, notaries, interpreters and translators, friends and acquaintances, referrers, intermediaries and the like;
2.6. Data of third parties involved in cases whose identity we do establish, for example the names, contact details and biometric data (including photos, copies of identity documents and the like) of persons who are not clients themselves, but whose identification contributes substantially to the adequate execution of our legal assignment, such as certain employees, family members or other natural persons directly involved in a case;
2.7. Data that serves as evidence, for example personal data that clients or others provide to us for the purpose of providing evidence, such as birth certificates, marriage certificates, death certificates, declarations of unmarried status, employment contracts, salary details, financial data (such as bank statements), correspondence, photos, videos, CVs, diplomas, references, location data and the like;
2.8. Our own data, for example the names, contact and identity details of (former) employees, interns, volunteers and the like who work or have worked for Mynta Law itself;
2.9. Applicant data, such as the names and contact details of applicants, as well as personal data such as CVs, application letters, references, and the like, which are provided to us in the context of the application process;
2.10. Other data, such as personal data that reaches us, such as names and contact details of persons who contact us for whatever reason, or whom we wish to contact.
3. Purposes of use
We use the personal data indicated above under section 2 for the following purposes:
3.1. We use data from internet visitors (2.1) to improve our marketing and services;
3.2. We use data from potential clients (2.2) to provide advice, maintain lists of participants for courses or events, maintain contact, provide or offer additional services and improve our marketing and services;
3.3. We use data from those who seek advice from us on a one-off basis (2.3) to provide advice, invoice, provide and offer additional services, provide evidence, request and publish online client reviews and maintain contact;
3.4. We use data from clients (2.4) to carry out the assignments given to us, provide and offer additional services, provide advice, invoice, provide evidence, request and publish online client reviews and maintain contact;
3.5. We use data from third parties involved in cases whose identity we do not establish (2.5) to carry out the assignments given to us, to offer additional services, to provide advice, to provide evidence, to request and publish online client reviews and to maintain contact;
3.6. We use data from third parties involved in cases whose identity we establish (2.6) to carry out the assignments given to us, to offer additional services, to provide advice, to provide evidence, to request and publish online client reviews and to maintain contact;
3.7. We use data that serves as evidence (2.7) to carry out the assignments given to us, to provide advice and to provide and offer additional services, and to provide evidence;
3.8. We use our own data (2.8) to identify employees, to keep adequate records, to provide evidence and to maintain contact;
3.9. We use applicant data (2.9) for recruitment and selection, to identify potential employees, interns, volunteers and the like, verify adequate access to the labor market in the Netherlands, provide evidence and maintain contact;
3.10. We use other data (2.10) to maintain contact.
4. Legal grounds for use
We base the use of personal data on the following legal grounds:
4.1. We use the data of internet visitors (2.1) on the basis of their consent;
4.2. We use the data of potential clients (2.2) on the basis of their consent;
4.3. We use the data of recipients of one-off advice (2.3) on the basis of their consent, in order to provide advice, to comply with legal obligations or on the basis of our legitimate interest;
4.4. We use the data of clients (2.4) on the basis of their consent, in order to be able to carry out the assignment for legal services or to already take measures at their request before the acceptance of that assignment, to protect the vital interests of our clients, to be able to comply with legal obligations or on the basis of our legitimate interest;
4.5. We use the data of third parties involved in cases whose identity we do not establish (2.5) on the basis of their consent, in order to protect the vital interests of our clients, on the basis of our legitimate interest or that of our clients, or to comply with legal obligations;
4.6. We use the data of third parties involved in cases whose identity we establish (2.6) on the basis of their consent, in order to protect the vital interests of our clients, on the basis of our legitimate interest or that of our clients, in order to comply with legal obligations or so that our clients comply with their legal obligations;
4.7. We use data that serves as evidence (2.7) based on the consent of the owners of that data, in order to protect the vital interests of our clients, based on our legitimate interest or that of our clients, in order to comply with legal obligations or so that our clients comply with their legal obligations;
4.8. We use our own data (2.8) to protect the vital interests of our employees, based on our legitimate interest or that of our employees, and/or in order to comply with legal obligations;
4.9. We use applicant data (2.9) on the basis of their consent, based on our legitimate interest and/or in order to comply with legal obligations;
4.10. We use other data (2.10) on the basis of the consent of the owners of that data, based on our legitimate interest and/or in order to comply with legal obligations.
5. Security of personal data
5.1. We communicate general information through our social media channels. If we are approached with questions as a result via the relevant channel, we provide general answers via the same social media channel. In doing so, it is possible that we also process personal data, for example names, ages, nationality(ies). Mynta Law has no influence on the security of such information, does not know where this data is hosted (and has no influence on this). All this is solely the responsibility of the respective social media company. We therefore advise against the use of social media when seeking substantive advice on a specific situation that requires the transfer of sensitive personal data.
5.2. Information that visitors enter on our website is encrypted. This data is hosted on server space in the European Union. Mynta Law has made appropriate agreements with the owner of this server about its security, which meets all current standards.
5.3. Our e-mail traffic is hosted on server space in the European Union. Mynta Law has made appropriate arrangements with the operator of this server about the security thereof, which meets all current standards.
5.4. Mynta Law works with electronic records. This data is hosted on server space in the European Union. Mynta Law has made agreements with the administrator of this server regarding its security. The file system is only accessible to employees of Mynta Law, and provides for the possibility of specific authorization profiles. As a result, only employees of Mynta Law have access to file data if those employees actually perform work on that file. The client themselves, and possibly other persons, has/have access to (parts of) their own file.
5.5. Mynta Law's own IT system is hosted on server space in the European Union. Mynta Law has made agreements with the administrator of this server about its security. Access to this system is reserved exclusively for employees of Mynta Law, and only via devices owned by Mynta Law.
6. Identification of clients and others
6.1. We do not need to identify the person who wishes to receive one-time advice from Mynta Law. A one-time consultation is only about determining a person's legal position, and which service is most appropriate for that purpose. We still ask one-time visitors to bring proof of identity; there are two reasons for this. First, residence documents contain information (date of entry, alien number) that allows us to provide more effective advice. Secondly, it often happens that during the interview people decide to assign a case immediately. The one-time visitor then becomes our client, whom we are obliged to identify.
6.2. We will ask the person who (after an interview) wants to give an assignment to Mynta Law for proof of identity. We will make a copy of this and keep it in a digital file.
6.3. The nature of our services usually requires us to have copies of identity documents such as passports and residence permits. After all, these must often be attached in migration procedures. This may involve data from a client, but it may also involve data from a family member, an employee, or anyone else whose identity must be established due to the nature of the assignment we are performing.
7. Retention of personal data
7.1. Files are archived after the completion of the case, which means that these files are included as such in the Mynta Law file system. The same employees who had access to the file will still have access to the archived file. After five years from the date of archiving, the data in the file will be permanently deleted, except in cases in which Mynta Law is held liable or in which liability can reasonably be expected, in which cases we will only proceed to delete the file data after the claim for liability has been settled or the claim for liability has expired.
7.2. E-mail messages sent to us will be automatically deleted from the mail server after seven years from the date of receipt.
7.3. The personal data of (former) employees of Mynta Law will be destroyed after seven years from the date of termination of employment.
7.4. The personal data of applicants will be retained for as long as the application procedure is ongoing and will then be deleted unless Mynta Law and the applicant agree otherwise.
8. Transfer of personal data to third parties
Mynta Law provides personal data to third parties because this is sometimes necessary.
8.1. When it is necessary for the performance of our legal services, we provide client data to third parties, such as government agencies. This may also involve personal data of others, such as clients' employees, relations, family members or other parties involved.
8.2. When we transfer a file to a lawyer or legal expert because a client wants to be assisted by another firm, this naturally also involves the transfer of personal data.
8.3. It is possible that we transfer personal data to a party outside the European Union, but this is exceptional. This may involve employers outside the European Union, embassies of third countries and the like. The owners of the personal data concerned will be notified of this.
9. Owner’s rights
9.1. The person whose personal data we process has the right to inspect and receive a copy of that personal data, to rectify and to delete this data. For this purpose, the person concerned can contact us via e-mail.
9.2. To the extent that the processing of personal data is based on consent, the owner of that data has the right to withdraw the consent granted.
9.3. The owner of personal data that we process has the right to object to the provision of unsolicited advice, which can be seen as a form of direct marketing. This can be reported directly to the lawyer concerned. Mynta Law will note in the file system that the person concerned does not wish to receive unsolicited advice.
9.4. In exceptional situations, an objection can be made to further processing of personal data, for example if, after an assignment has been issued, it becomes apparent that there is a close, personal relationship with an employee of Mynta Law. The decision to object means the end of our services, as we cannot assist clients if we are not allowed to process their data.
9.5. The owner of the personal data that we process can request the removal of all their personal data from the Mynta Law system. We will assess whether we (still) bear interest in the storing of the said personal data. If this is not the case, we will delete the personal data from the Mynta Law system.
9.6. Before we respond to a request to exercise one of the preceding rights, we will establish the identity of the requester. We do this to prevent data from falling into the wrong hands, and we guarantee that these rights are indeed exercised by the rightful owner.
10. Data protection officer
As a small firm, Mynta Law is not required to appoint a Data Protection Officer, and has chosen not to do so. This does not mean that we do not adequately guarantee the security of your data. We handle individual requests and procedures, and the processing of personal data is in the vast majority of situations not a core activity, but ancillary to our services.
If you have specific questions about how Mynta Law B.V. handles personal data, if you have a complaint, or if this privacy statement is unclear, you can contact Arend van Rosmalen. He is the author of this document and has been designated as the contact person for privacy questions within our firm.