Last update 1 January 2023
PRIVACY POLICY – LEGAL GAMING ATTORNEYS
Legal Gaming Attorneys collects and processes personal data that is necessary in order to open and perform a client assignment. Legal Gaming Attorneys complies with and acts in accordance with the applicable data protection legislation, including amongst other the General Data Protection Regulation (EU 2016/679 “GDPR”) every time it processes personal data. The purpose of this privacy policy is to describe how and for what purpose the personal data is processed by Legal Gaming Attorneys and what rights the data subjects have with respect their personal data.
Legal Gaming Attorneys (Legal Gaming)
Pajukuja 6, 19600 Hartola
+358 40 843 5510
Business ID: 3131447-5
DPO: Minna Ripatti, [email protected]
Legal Gaming processes personal data for the following purposes:
Client assignments. Legal Gaming processes personal data in order to open and perform client assignments. Such processing includes correspondence and other communication with the client, performance of conflict of interest checkups and invoicing. When Legal Gaming represents a client, it may be necessary to process sensitive personal data (such as information related to criminal sanctions) in connection with the assignment in situations where it is necessary in order to draft, present or defend a legal claim.
Identification clients. Personal data will be used in order to identify the clients of Legal Gaming as required in the applicable anti-money laundering legislation.
Maintenance and development of client relationships. Legal Gaming processed personal data in order to send, for example, newsletters, event invitations and other marketing materials.
Website development. Legal Gaming processes personal data related to website traffic, such as cookies.
The legal basis with respect to all processing of personal data related to client assignments is the legal obligation of the data controller as defined in Article 6 of the GDPR. The processing is based on the legislation and guidelines defining the obligations of attorneys and pursuant to the mentioned, Legal Gaming is obliged to supervise the interests and rights of its clients. Further, pursuant to the applicable legislation and guidelines, Legal Gaming is obliged to keep confidential all personal data which Legal Gaming acquires in connection with a client assignment.
With respect to processing of personal data for marketing and website development purposes, the legal basis for processing is the legitimate interest of the data controller to develop the existing client relationships as well as to acquire new clients. In the event that the data subject has provided their personal data via a separate signup link located on the Legal Gaming website or at the bottom of an event invitation in order to receive newsletters and event invitations and we do not rely on any other legal basis in order to process the personal data of the data subject, the legal basis for processing is consent and the data subject may withdraw their consent any time pursuant to the instructions described below in section 7.
Legal Gaming processes the information of its clients and business partners to the extent that such information is reasonably necessary to effectively perform the client assignment and to manage the client relationship. The personal data processed by Legal Gaming for each purpose is as follows:
Client assignment: name, position, phone number and email address of the client’s or business partner’s representative. If the data subject is a natural person, the register includes also his/her home address and social security number.
Customer identification: personal data required by the anti-money laundering legislation, such as passport copy and social security number.
Marketing: name, position, phone number and email address of the client’s or business partner’s representative.
Legal Gaming will only store personal data for as long as it relevant and will remove the collected personal data when it is no longer needed for the abovementioned purposes. The Finnish Bar Association has given non-binding instructions concerning retention of data related to client assignments and pursuant to the instructions data shall be stored for at least 10 years from the closing of the assignment. The aforementioned instructions shall be noted when determining the time period for data retention but due to the nature of certain information, client or business partner relationships or assignments some data may be stored for a longer or a shorter period of time.
Personal data is usually collected directly from the data subjects – usually from the client’s or business partner’s representative him/herself, who will be the client’s or business partner’s primary contact person or from another representative of the client or business partner. Personal data is also received from other parties than the data subject him/herself in cases where there are opposite parties to a client assignment. Moreover, data subjects may give their contact information via a signup link located on the Legal Gaming website or at the bottom of an event invitation, in Legal Gaming events or direct sales contacts and information can be received from other business partners.
As a general principle, Legal Gaming does not disclose personal data to third parties, unless required by applicable legislation, authorities or the performance of the client assignment. However, personal data may be disclosed to third parties in the event that Legal Gaming wishes to appoint external processors or sub-processors. In that case, Legal Gaming will enter into a data protection agreement with the service provider in order to secure a safe and appropriate processing of personal data.
In case Legal Gaming enters into a joint venture with or is sold to or merged with another business entity, personal data may be disclosed to the new business partner or owner.
Personal data will not be transferred outside the EU/EEA region.
With respect to electronic data:
Most data are stored electronically on servers provided by third parties. Legal Gaming has appropriate data security measures in place in order to protect all electronic personal data. Legal Gaming will ensure that the registers will not be subject to access by unauthorized persons or unlawful processing or other damage.
With respect to personal data on paper:
Legal Gaming ensures that all papers containing personal data are protected in an appropriate manner and Legal Gaming has sufficient measures in place to monitor any unauthorized access.
In case Legal Gaming is subject to damage, destruction or other similar event that Legal Gaming could not possibly have prevented, Legal Gaming will notify the data subject immediately in accordance with the obligations of the applicable laws. Legal Gaming is not, however, liable for such unpredictable events.
According to the GDPR, data subjects have the following rights regarding their personal data:
Right of access to their personal data;
Right to request the controller to rectify incomplete or incorrect personal data;
Right to object to or restrict the processing of personal data and to object to automated decision-making, when the processing is based on the legitimate interest of the data controller or consent;
Right to request the controller to erase personal data, when the processing is based on the legitimate interest of the data controller or consent; and
Right to transfer personal data to another controller when the personal data is based on consent or agreement and the processing is automated.
In addition, according to article 77 of the GDPR, the data subject is entitled to lodge a complaint with the supervisory authority concerning the processing activities carried out by Legal Gaming. Such complaint may be lodged in particular, in the member state of his or her habitual residence or place of work or the alleged infringement took place.
If the data subject wishes to exercise his or her rights, he or she should contact Legal Gaming via email to [email protected]. Legal Gaming will use all reasonably available resources to respond to any such request without undue delay.