Our priority is to protect the data of our clients and other individuals.
1. Who is responsible for performing this obligation?
These terms and conditions explain how we process personal data of those who use the services of our law firm, Stentors advokátska kancelária s.r.o., registered office: Hodžovo nám. 2A, 811 06 Bratislava - Staré Mesto, Business Identification Number (IČO): 51 757 184 (“we” or “Stentors”). Should you have any questions, do not hesitate to contact us by phone: +421 908 745 471, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it., or mail using the address above. We also wish to inform you that our legal team includes associates who are independent contractors and help Stentors provide its legal services. During provision of our services, your personal data are being processed by our lawyers and by these contractors, who are considered joint controllers for the purpose of data privacy. All data privacy obligations are performed by us, Stentors, based on an agreement with these independent contractors. In addition, when processing data in labour and administrative areas, the processing purposes and tools are determined jointly with Stentors project advisory and consulting s.r.o., registered office: Hodžovo námestie 2A, 811 06 Bratislava - Staré Mesto, Business Identification Number (IČO): 51 469 341 (“Stentors project advisory and consulting s.r.o.”); We, Stentors, perform all data privacy obligations in this area based on an agreement with Stentors project advisory and consulting s.r.o.
We have not appointed any data protection officer, as we are not obliged to do so by law, and we perform any obligations and commitments in this area with utmost professional care, so that you can rely on us.
2. What are the applicable regulations governing data processing?
When processing your data, we proceed primarily in compliance with EU’s General Data Protection Regulation (“GDPR”), which also lays down the rights you have as the data subject,[1] provisions of the Data Protection Act that apply to us (in particular Section 78), Legal Profession Act (Section 18) and other regulations. We strictly follow the Code of Conduct of the Slovak Bar Association (“SBA”), which further details the data privacy procedures to be followed by all attorneys. The Code of Conduct is available at www.sak.sk/gdpr.
3. Why do we process your personal data?
We need to process your personal data mainly for us to be able to:
- provide legal services to our clients and practice law;
- perform miscellaneous legal, professional and contractual obligations; and
- protect legitimate interests of our law office, our clients and other parties.
4. For what purposes and on what legal basis do we process personal data?
Purpose |
Legal Basis |
Related Legislation |
Exercise of profession – providing legal services to clients. |
Performing a legal obligation under Art. 6 (1) (c) GDPR, contract performance as per Art. 6 (1) (b) GDPR (with respect to special categories of data, special conditions as per Art. 9 (2) (f) GDPR may apply). |
Legal Profession Act, Legal Profession Code, Civil Code and Commercial Code and other related legislation. |
Provision of other than legal services to clients – such as services of the entitled person of a public sector partner. |
Performing a legal obligation under Art. 6 (1) (c) GDPR, contract performance as per Art. 6 (1) (b) GDPR. |
Act on Public Sector Partners, E-Government Act, Civil Code and Commercial Code, Act on Lease of Non-Residential Premises.
|
Execution and performance of contracts including processing and creating orders, contracts, invoices, delivery notes, bank operations, etc.
|
Contract performance as per Art. 6 (1) (b) GDPR. |
Civil Code and Commercial Code. |
Bookkeeping including cash register, assets and liabilities, etc.
|
Performing a legal obligation under Art. 6 (1) (c) GDPR. |
Accountancy Act, Income Tax Act, VAT Act. |
Ensuring compliance with legal regulations and Slovak Bar Association regulations. |
Performing a legal obligation under Art. 6 (1) (c) GDPR, legitimate interest of attorneys or third parties as per Art. 6 (1) (f) GDPR, public interest as per Art. 6 (1) (e) GDPR, defence of legal claims as per Art. 9 (2) (f) GDPR.
|
Legal Profession Act, Legal Profession Code, Money Laundering Act, Act on Notifying Criminal Conduct, GDPR. |
Sending newsletters, legal notifications, results of monitoring legal regulations, etc. to controller’s clients or persons authorised to represent controller’s clients. |
Legitimate interest of attorneys or third parties as per Art. 6 (1) (f) GDPR. Legitimate interest of the controller is to inform its clients on new developments or changes in legal area, as these may affect their rights and obligations. With reference to the proportionality principle, the controller is of the opinion that legitimate interest of the controller is to inform its clients on such developments overrides the data subject’s protection of privacy.
|
Legal Profession Act, Electronic Communications Act, Advertising Act, Consumer Protection Act, Civil Code.
|
Sending newsletters, legal notifications, results of monitoring legal regulations, etc. to data subjects who are not controller’s clients.
|
Consent given by data subject as per Art. 6 (1) (a) GDPR.
|
Legal Profession Act, Electronic Communications Act, Advertising Act, Consumer Protection Act, Civil Code.
|
Finding employees through the contact form at www.stentors.eu, keeping a database of possible candidates after the hiring process ends, and if needed, to contact candidates at a later time
|
Consent given by data subject as per Art. 6 (1) (a) GDPR.
|
Legal Profession Act, Labour Code, Civil Code. |
Responding to other enquiries or questions sent in through the contact form at www.stentors.eu, which do not relate to the data subject’s interest to find work, maintaining a database of such enquiries or questions and contacting the data subject.
|
Consent given by data subject as per Art. 6 (1) (a) GDPR.
|
Legal Profession Act, Civil Code, Commercial Code. |
Keeping records of incoming and outgoing mail, maintaining registries and directories, statistical reporting, archiving in public interest and historical and scientific research.
|
Art. 89 GDPR. |
Act on Archive and Registries. |
5. Who has access to your personal data?
Personal data of our clients and other individuals are only accessible to the extent necessary and we always make sure the data recipient keeps the data confidential. The entities that may receive such data include our employees, persons tasked with performing certain legal services, substitute attorneys or associates, Stentors project advisory and consulting s.r.o., which provides administrative and accounting services to the controller, our accounting and professional consultants (such as auditors), Slovak Bar Association (in the event of a disciplinary action) or software providers or companies providing support to our law office, including employees of such companies.
Even though, for confidentiality reasons, our obligation to disclose your personal data to public authorities is limited[2], we are still required to do everything to prevent the commission of crimes and to notify any information related to money laundering and terrorism financing.
6. To which countries are your data transferred?
We do not intent to transfer your personal data to third countries outside the European Economic Community (EU, Iceland, Norway, and Lichtenstein). We use safe cloud services of a trusted provider with servers located in the EU.
7. How long do we store your personal data?
We store personal data only for the period necessary for processing. When storing personal data, we follow the recommended periods as per the Resolution of the Slovak Bar Association No. 29/11/2011, for instance:
- once the book used to log incoming and outgoing mail is full, it should be stored for ten years of the date of the last entry of mail sent or received;
- an inventory list should be archived by attorney for ten years of the date it was made;
- if an attorney keeps a name directory of its clients and client files protocols in electronic form, the attorney shoul print the list for the respective calendar year at the end of the calendar year and shall keep it in his office at all times;
- client files may be shredded after 10 years of the date when all conditions for archiving the file have been fulfilled.
Attorneys are subject to professional regulations detailing their obligations under the Legal Profession Act; under the regulations, there are certain circumstances that may extend the limits applicable to storing personal data or prohibit shredding some documents for understandable reasons, such as:
- it is prohibited to shred any client case files containing originals of any instruments that the client provided to the attorney;
- it is prohibited to shred any protocols of client case files and name lists of client case files;
- it is prohibited to shred any client case files or any part thereof that the attorney is obliged to hand over to the state archive;
- it is prohibited to shred any client files if any litigation or action is pending before court, state agency, law enforcement authorities, or the Slovak Bar Association, provided the action has bearing on the client case file or the subject of which was an action or omission committed by an attorney in the provision of legal assistance to his client in the matter.
8. How do we obtain your personal data?
If you are our client, we have most likely obtained your personal data directly from you. If this is the case, you have provided the data on voluntary basis. Depending on the specific case, the failure to provide personal data by the client may affect our ability to provide excellent legal advice, or, we may even decline to provide legal advice in certain cases. We may also obtain our clients’ personal data from public sources, public authorities or third parties.
If you are not our client, we usually obtain your personal data from our clients or other public sources and in other lawful ways, for instance by way of an enquiry filed with public authorities, from extracts obtained from public registers, through obtaining evidence in favour of our client, etc. In such case, we can obtain your personal data without being obliged to inform you and also against your will, and that based on our legal entitlement and our obligation to practice law in compliance with the Legal Profession Act.
9. What are your rights as the data subject?
If we process any of your personal data based on your express consent, you are entitled to revoke it anytime. Notwithstanding that, you have the right to object to the processing of your personal data in legitimate or public interest or for direct marketing purposes including profiling.
As a client, you are entitled to gain access to your personal data and require rectification of the data. If we process your personal data during the provision of legal services, as a client, you or any other individual (such as the counterparty), are not entitled to object to the data processing as per Art. 22 GDPR. Where the personal data relate to our client (whether legal entity or individual), third parties do not have the right to access the data or the right to portability and that by reason of our statutory obligation to keep such data confidential and referring to Art. 15 (4) GDPR, Art. 20 (4) GDPR and Section 18 (8) of the Legal Profession Act “Attorneys are not obliged to disclose any information on personal data processing, enable access or portability of such data under a special regulation, if this could result in infringement of the attorney’s confidentiality obligation as per this Act.” Also, you have the right to lodge a complaint with the Slovak Office for Data Protection or the Slovak Bar Association.
10. Cookies Policy
To improve our services and functionality of our website, we use cookies. Cookies are small text files that are placed on your computer and contain information on what parts of our website you use; the information is then used in your next session. Cookies can be distinguished according to several criteria, and in the following paragraphs we will explain what types of cookies we use and what their purpose is.
For the functionality of our website, we use essential cookies enabling the realization of the basic functionality of the website. These cookies can be disabled by changing your browser settings but may affect the operational functions of the website. We would also like to use voluntary cookies (non-essential cookies) to help us improve the functioning of our website. To enable them, it is necessary to click the consent button. Cookies used:
ESSENTIAL COOKIES
- Basic cookies: the essential cookies enabling the realization of the basic functionality of the website, such as its security, network management and accessibility.
- Functional cookies: these cookies can increase the speed at which we can process your request by allowing us to remember the preferences of the site you have selected.
NON-ESSENTIAL COOKIES
- Analytical cookies: these cookies allow us to improve site functionality through Google Analytics by tracking your use of our website.
- Social media cookies: social media cookies offer the ability to connect to your social networks and share content from our website via social media (Facebook, Twitter, Pinterest, LinkedIn).
- Advertising cookies: advertising cookies collect information to help better customize the advertisement to your interests, both inside and outside our website.
Our website uses both our own and third-party cookies. We use our own cookies for recording for a limited time the data you entered when completing the forms located on our website www.stentors.eu/index.php/contact-us/napiste-nam. Our website also uses third-party services, such as tools for monitoring site traffic like Google Analytics or buttons to ‘share’ or ‘like’ content on social media such as LinkedIn, Facebook, or Twitter. To use these services, our website reads third-party code and this may require your acceptance of such third-party cookies to safeguard full functionality. The third-parties are fully responsible for such cookies; if you are interested in learning more about third-party cookies, please refer to their privacy policy or service terms.
We use both session and persistent cookies; session cookies are erased once you quit your browser session. On the other hand, persistent cookies remain on your device until they expire (could be weeks or months, depending on settings) or until you manually erase them.
You can prevent cookies from being stored on your device by setting up your web browser accordingly; however, this may mean that the functionality of the website or third-party services may be restricted. You can find instructions on changing your cookie settings in the help section of your web browser. If you use several devices to browse the Internet (computer, smartphone, tablet), we recommend setting up your browser to reflect your cookie preferences on each device separately.
11. Changes to Privacy Terms
Protection of your personal data is a continuous effort. The information we are legally required to provide to you is scope of data processing may be subject to changes or may become obsolete. We therefore reserve the right to amend or change the terms to the extent necessary and we may do so anytime. In case the terms undergo a substantial change, we will inform you accordingly – either by posting a notice on our website or by sending you an e-mail.
[1] See Art. 12 to 22 GDPR: http://eur-lex.europa.eu/legal-content/SK/TXT/HTML/?uri=CELEX:32016R0679&from=EN
[2] Who are not considered recipients as per Art. 4 (9) GDPR.