1. Processing of personal data
We process personal data in the context of our legal services. AMS Advocaten N.V. is the controller as referred to in the GDPR and has the following contact details:
AMS Advocaten N.V.
1059 VM Amsterdam
1060 CD AMSTERDAM
AMS processes personal data in accordance with the privacy regulations and in the manner described in this privacy statement.
A. Clients and data subjects
In the context of our legal services, we may process the following personal data of our clients or data subjects: name and address details, gender and title, contact details (such as e-mail address and telephone number), business details (such as company name, trade register extract and VAT number), passport photo/copy and bank details.
In principle, the processing of your personal data by us is based on Article 6(b) of the GDPR, namely to be able to perform the contract for services concluded with you, for example giving advice, conducting legal proceedings for clients, settling bankruptcies or other legal work. In addition, we process personal data in order to comply with legal obligations, such as the administrative or identification obligations (Counsel Act, or the Money Laundering and Terrorist Financing Prevention Act) or tax obligations. We may also process personal data to protect our legitimate interests, such as improving our services. If your personal data is processed on the basis of consent, you will be explicitly asked for consent.
B. Website visitors
As part of our online services, every website visitor can leave his or her contact details on the AMS website. We will use this information to contact you and store it as necessary to answer your question.
Use of Social media plugins
Pages on our website can be shared on LinkedIn, Twitter and Facebook. AMS does not monitor and is not responsible for the processing of your personal data by and through these third parties. The use of these media is therefore at your own risk. Before using these services of third parties, it is advisable to read the privacy statement of these third parties first.
C. Newsletter subscribers or participants workshops etc.
AMS periodically sends out a newsletter. With regard to the newsletter, we collect personal data such as your (company) name and e-mail address. You will only receive the newsletter if you have given your consent and/or if you are an existing client and we want to inform you about the legal services and developments relevant to you. For the newsletter, we use the services of MailChimp, which stores the data in the United States. MailChimp is a member of the EU-U.S. Privacy Shield Framework. If you no longer wish to receive the AMS newsletter, you can unsubscribe via the link in the newsletter at any time.
For registrations in the context of workshops, seminars or similar events, AMS processes personal data, including name and address, telephone number, e-mail address, company name and job title and, where applicable your gender and other data requested in the context of the registration (such as training, position and work experience). We process this data in our administration on the basis of your consent.
Vacancies at AMS are regularly published on the websites of AMS or via social networks. Applications can be submitted in writing or sent by e-mail, or where appropriate by using a form on the website. In the context of applications, we process name and address data, e-mail address, telephone number, date of birth, gender, application data (CV, motivation letter, marks lists, internship reports) and any other data (whether or not requested in the context of the application). We process this data in our records on the grounds of the legitimate interest of AMS, which consists of finding suitable personnel. The data will not be provided for any other purposes and only to those who are in charge of the recruitment and selection activities at AMS, or to those who have been engaged for these activities by AMS. Unsolicited applications are processed in the same manner.
E. Other relations
Where suppliers or other service providers are concerned, AMS may process personal data such as name and address, telephone number, e-mail address and bank account number, necessary for deliveries or the purchasing of services. We process this data to be able to perform the agreement or to comply with legal obligations, such as keeping records or for auditing purposes.
2. Your personal data and third parties
AMS only shares your personal data with third parties to the extent necessary for the provision of the services with due observance of the purposes set out above. This could include the engagement of another third party on behalf of and at the request of AMS, such as an IT supplier, bailiff or courier or judicial authorities. In addition, AMS may provide personal data to a third party, such as a supervisory authority or another body invested with public authority, to the extent AMS is legally required to do so.
A processing agreement will be concluded with the third party that processes your personal data on behalf of and at the request of AMS, under which such third party is also required to comply with the GDPR. Third parties engaged by AMS who offer services as controllers, are themselves responsible for compliance with the GDPR in regard to the further processing of your data. Examples of this are an accountant, a civil-law notary, another third party engaged for a second opinion or expert report.
AMS places great value on the security and protection of your personal data and, taking into account the state of the art, ensures that suitable technical and organisational measures are in place to guarantee a security level appropriate to the risk involved. If AMS makes use of services of third parties, such as an IT supplier, AMS will, in the context of the protection of personal data, record agreements regarding adequate security measures in a processing agreement. If AMS transfers data outside the EEA, this will only be done to countries to which an adequacy decision applies, if the recipient is certified for the EU-US Privacy Shield (such as Google and MailChimp), if we have concluded an agreement with a recipient, which includes model provisions as established by the European Commission, or if this is necessary for the performance of our agreement with you.
4. Retention period
AMS does not retain processed personal data any longer than necessary for the purposes of data processing set out above, or as long as is required under the legislation and regulations. In principle, client files are retained for 5 years.
5. Privacy rights
A request in connection with the exercise of privacy rights (such as access, correction, restriction, objection, transferability of data, removal of your personal data or withdrawal of consent given previously) can be sent to firstname.lastname@example.org stating ‘Exercise of privacy rights’ or by post to AMS Advocaten N.V., stating ‘Exercise of privacy rights’. For verification purposes, we may ask you to provide proof of your identity. We aim to respond to your request within one month.
Circumstances may arise in which AMS is unable to honour your request or part of your request as a data subject. Examples of such circumstances are the client confidentiality of lawyers and statutory retention periods. If you are of the opinion that our processing of your personal data violates the privacy regulations and that your complaint has not been resolved after you submitted it, you can file a complaint with the privacy supervisor, the Dutch Data Protection Authority.
6. Changes and questions
We may change this privacy statement at any time and will always publish the latest version on our website. We therefore recommend that you consult our website regularly.
If you have any questions about this privacy statement or about your privacy, please contact us by e-mail (email@example.com) stating ‘AMS Privacy Statement’ or by post at the address below.
AMS Advocaten N.V.
1060 CD Amsterdam