Data Protection | Gaggini & Partners – Law and Notary Firm in Lugano, Switzerland

Introduction

Gaggini & Partners SA (hereinafter also referred to as “we” or “us”) is a law firm based in Lugano. Within the context of our professional activities, we collect and process personal data (hereinafter also referred to as “data”), in particular the personal data of clients, associated persons, counterparties, courts and authorities, relevant law firms, professional associations and the like, as well as visitors to our website. As far as the collection and processing of personal data, is concerned we are in compliance with the requirements of the Swiss Data Protection Act.

This declaration of data protection describes how we collect and process personal data and what your rights are under the Swiss Law on data Protection.

If you provide us with data relating to other persons, such as family members, representatives, counterparties or other associated persons, we assume that you are authorized to do so, that such data is correct and that you have ensured that the persons concerned have been informed to the extent that a legal obligation to inform applies for example, by bringing this data protection declaration to their attention prior to communicating the information to us.

Responsibility for the Processing of Data

According to the law on data protection, the persons responsible for the processing of any data regulated by this declaration are:

Gaggini & Partners SA
Via S. Balestra 2
PO Box 1472
6900 Lugano
info@gaggini-partners.ch

Purpose of the Processing of Data

In the course of our activities, we may process different categories of personal data for different purposes. In particular, we process the following personal data about you for the following reasons:
‍

Communication: We process personal data in order to be able to communicate with you and third parties such as those involving legal proceedings, the courts or other competent authorities. This includes, but is not limited to, commincation by email, telephone and letters in the post. The information that we process concerns not only the contents but also peripheral data such a contact details, images and audio recordings of both video and telephone calls. In addition, we reserve the right to send our clients, contractual partners and other interested persons information about events, legislative changes, news about our law firm, etc. The form of such information may be for example in the form of a newsletter or other type of format for regular contact, particularly email, telephone and letters in the post. Such communications may be opted out of at any time as well as the consent to receive them be refused or withdrawn. We will notify you separately in the case of audio or video recording of the communication whereby you are free to let us know if you do not want such a recording to be made or if you want to stop the communication. If we need or want to determine your identity, we may collect additional data such as a copy of an identity document;
‍
Initiation and Conclusion of Contracts: As regards the conclusion of a contract, in particular a contract to establish a mandate relationship with you, the person representing you or an employer, which has also included the clarification of any conflicts of interest; we may process your name, contact details, powers of attorney, declarations of consent, information on third parties (e.g. contact persons, family and counterparty information), contract contents, conclusion date, solvency data and all other data that you provide to us or that we collect from public sources or third parties (e.g. the commercial register, credit agencies, sanctions lists, media, legal protection insurance or the internet);
‍
Administration and Execution of Contracts: We process personal data in order to be able to fulfill our contractual obligations towards our clients and other contractual partners and, in particular, in order to be able to perform and request contractual services. This also includes data processing for mandate management, as well as data processing for contract execution, accounting and public communication. For these purposes, we process in particular data that we receive or have collected in the course of initiating and concluding the contract, as well as data that we generate within the scope of our contractual services or that we obtain from public sources or other third parties (e.g. courts, authorities, counterparties, information services, media, investigative agencies or the internet). This data may include, in particular, meeting and consultancy minutes, notes, internal and external correspondence, contractual documents as well as documents that we generate and receive in the course of proceedings before authorities and courts (e.g. legal documents, judgments and decisions), supporting information about you, your counterparties or other persons, image and sound recordings, as well as other mandate-related information, documents, certificates, invoices, financial and payment information. In this context, we may also process personal data that requires particular protection;
‍
Management of our Websites: In order to operate our website securely, we collect technical data, such as the IP address, information on the operating system and settings of your device, region, time zone and mode of use. We also use cookies and similar technologies as indicated in the specific paragraph below;
‍
Improving our Electronic Presence: To continue to improve our website and other electronic offerings, we collect data about your online behavior and preferences;
‍
Security and Access Control: We process personal data to continue to ensure and improve the level of security of our IT systems and other infrastructure (e.g. buildings). This includes, for example, the monitoring and control of electronic access to our IT systems and the physical access to our spaces, the analysis and testing of our IT infrastructure, system checks and error verifications as well as the creation of copies for security. For documentation and security purposes (for the prevention of and investigation into accidents), in relation to our spaces, we also keep access logs and visitor lists. We may process extracts from the register of criminal convictions and use surveillance systems such as security cameras. We signal the presence of surveillance systems in the places concerned with appropriate signs;
‍
Compliance with Laws, Directives and Recommendations from the Authorities, as well as Internal Regulations (Compliance): We process personal data to comply with applicable national and foreign laws (for example anti-money laundering regulations, tax regulations or professional obligations), self-regulation, certifications, industry standards and our own corporate governance, as well as for internal and external investigations in which we are a party to the procedure (for example through an investigating authority, supervisory authority or a commissioned private body);
‍
Risk Management and Business Management: We process personal data in the context of risk management (for example to protect us from unlawful activities) and business management. This includes, among other things, our business organization (such as resource planning) and business development (such as the acquisition and sale of business units or enterprises);
‍
Job Applications: If you apply for a job with us, we process the relevant data for the purpose of examining and evaluating your application, conducting the recruitment procedure and, if the application is successful, preparing and concluding the relevant contract. For this purpose, in addition to your contact details and the information contained in the corresponding communication, we process in particular the data contained in your application documents, which also includes an extract from the register of criminal convictions as well as any data that we may additionally obtain about you, e.g. from professional social networks, the internet, the media and the references provided by you;
‍
Other Purposes: Other purposes include, for example, training and education purposes as well as administrative purposes (e.g. bookkeeping). Furthermore, we may process personal data for the organisation, implementation and follow-up of events, such as lists of participants and the content of presentations and discussions as well as images and audio recordings made during these events.
‍

Source of Data

Most of the data we process is provided to us by you (for example in connection with our services, the use of our websites or from communication with us). In some cases, this data is also transmitted to us automatically from your device. Unless there are exceptions (e.g. legal obligations), you are not obliged to disclose your data. However, if you wish to enter into contracts with us or benefit from our services you must provide us with certain data. The use of our website is also not possible without the processing of data. We may also collect data from publicly accessible sources (e.g. debt collection and bankruptcy registers, land registers, commercial registers, media or the internet, including social media) or receive it from authorities, your employer or the person you are representing if they have a business relationship with us or otherwise deals with us, as well as from other third parties (e.g. customers, counterparties, legal protection insurance companies, credit agencies, address resellers, associations, contractual partners, internet analysis services). This also includes data that we process in the context of the initiation, conclusion and execution of contracts, as well as data from correspondence and further communications with third parties including all other categories of data that fall within the purposes above.

‍

Recipients of Transmissions of Data

In connection with the purposes described above, we may pass on your personal data with regard to the categories of recipients listed below. Where necessary, we will obtain your prior consent or, a release from professional secrecy by the relevant supervisory authorities:
‍

Service Providers: We work together with service providers in Switzerland and abroad, who process data on our behalf, process data together with us or process data they have received from us or collected on our behalf according to their own responsibility to do so (e.g. IT service providers, banks, insurance companies, debt collection companies, credit agencies, address verification services, other law firms or consultancies);
‍
Clients and Other Contractual Partners: This refers primarily to our clients and our other contractual partners for whom the transfer of your data arises on a contractual basis (for example, because you work for a contractual partner or because the latter provides services to you). The entities with which we collaborate also fall into this category of recipients, such as other law firms in Switzerland or abroad or even legal protection insurance companies. These recipients are responsible for the data processing that they carry out;
‍
Authorities and Courts: We may disclose personal data to offices, courts and other authorities in Switzerland and abroad if this is necessary for the fulfillment of our contractual obligations and in particular for the execution of our mandate, or if we are legally obliged or authorized to do so, or if this seems necessary to protect our interests. These recipients are then responsible for the data processing carried out by them;
‍
Counterparties and Persons involved: Insofar as this is necessary for the fulfillment of our contractual obligations, in particular for the execution of the mandate, we also disclose your personal data to the counterparties and other persons involved (e.g. guarantors, financiers, affiliated companies, other law firms, persons informed of the facts or experts);
‍
Other people: These are cases in which the involvement of third parties derives from the purposes indicated above. These are, for example, recipients of deliveries or payments indicated by you, third parties in the context of representation relationships (for example your lawyer or your bank) or people involved in legal proceedings before the authorities or courts. We may also pass on your personal data to our supervisory authority, in particular if this is necessary in a specific case to release us from our professional obligation to secrecy. In the course of business development, we may sell or acquire businesses, parts of businesses, assets or companies, or develop partnerships, which may involve the transmission of data (including that about you, for example as customers, suppliers, or as their representatives) to the people involved in these transactions. Communications with our competitors, industry organizations, associations and other entities may also involve the exchange of data about you.
‍

All these categories of recipients may in turn involve third parties, so your data may become accessible to them too. We may restrict processing by certain third parties (e.g. IT service providers), but not by other third parties (e.g. authorities, banks, etc.).

We process and store personal data mainly in Switzerland and the European Economic Area, but if appropriate, for example through sub-processors of our service providers or in the context of legal proceedings before foreign courts or authorities, potentially in any Country of the world. Even within the scope of our providing services to clients, your personal data may be transmitted to any country in the world.

‍

User Rights

In accordance with applicable law, you can specifically request information about the processing of your personal data, have incorrect personal data rectified, request the deletion of personal data, object to data processing, request the delivery of certain personal data in a user-friendly electronic format for public use or its transfer to other data controllers.

If you wish to exercise your rights, please contact us using the information indicated in the paragraph titled "Responsibility for the Processing of Data". Upon receipt of your communiction, in order to exclude any and all forms of abuse, we are required to identify you, requesting, if necessary, a copy of an identity document.

Please note that exercising these rights may be subject to conditions, exceptions or restrictions, for example for the protection of third parties, company secrets or our duty to professional confidentiality.

‍

Website, cookies and similar technologies

When using our website, data is generated and stored in logs. In addition, we may use cookies and similar techniques to recognize website visitors, evaluate your behavior and recognize your preferences. You can set your browser to automatically reject, accept or delete cookies. It is also possible, in individual cases, to deactivate or delete cookies. To find out how to manage cookies in your browser, consult your browser's help menu.

Both the technical data and cookies collected by us do not generally contain personal data. However, any of your personal data that is held by us, may be linked to technical data or information stored and obtained from cookies. Therefore, it may possibly be traced back to you personally.

Furthermore, we may also use third-party services on our website, which may in turn use cookies, in particular to improve the functionality or content of the website itself. We currently use the following service providers and advertising partners, whose contact details and further information on individual data processing can be found in the respective data protection declaration:

Google Analytics
Supplier: Google Ireland
Information on the protection of data: https://support.google.com/analytics
Information for Google accounts: https://support.google.com/accounts

‍

Implementation and Modifications

This data protection declaration comes into effect from 1 September 2023. This declaration is not an integral part of a contract and can therefore be modified unilaterally at any time. The version in force is the one published on this website.