Privacy Policy

1. Introduction

Themis Lawyers ("we," "our," or "us") is committed to protecting your privacy and personal data in accordance with the General Data Protection Regulation (GDPR) and Dutch data protection laws.

This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website or engage our legal services.

As a law firm, we are bound by strict professional confidentiality obligations that exceed standard privacy requirements.

2. Data Controller Information

3. Information We Collect

3.1 Information You Provide

• Contact information (name, email, company details)
• Legal matter details and communications
• Business information relevant to legal services
• Payment and billing information
• Any other information you choose to provide

3.2 Information Automatically Collected

• Website usage data and analytics
• IP addresses and browser information
• Cookies and similar tracking technologies
• Access logs and security monitoring data

4. Legal Basis for Processing

We process your personal data based on:

• Contract Performance: To provide legal services and fulfill our obligations
• Legitimate Interests: For business operations, security, and service improvement
• Legal Obligations: To comply with professional and regulatory requirements
• Consent: Where explicitly provided for specific purposes

5. How We Use Your Information

• Providing legal services and advice
• Client communication and case management
• Billing and payment processing
• Legal compliance and professional obligations
• Website functionality and security
• Business development and marketing (with consent)

6. Attorney-Client Privilege

All communications between you and our firm are protected by attorney-client privilege under Dutch and applicable international law. This privilege is absolute and continues indefinitely.

We will never disclose privileged information except as required by law or with your explicit written consent.

Our professional confidentiality obligations exceed standard data protection requirements and provide additional protection for your information.

7. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Trusted third parties who assist in our operations
• Legal Authorities: When required by law or court order
• Professional Advisors: Other lawyers, accountants, or consultants as needed
• Business Transfers: In case of merger, acquisition, or sale of assets

All third parties are bound by strict confidentiality agreements and data protection requirements.

8. International Data Transfers

As we operate internationally, your data may be transferred to countries outside the EU/EEA. We ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules where applicable
• Other appropriate safeguards as required by GDPR

9. Data Retention

We retain your personal data for as long as necessary to:

• Provide legal services and maintain client relationships
• Comply with professional and legal obligations
• Resolve disputes and enforce agreements
• Meet regulatory requirements (typically 7-10 years)

Attorney-client privileged communications are retained indefinitely as required by professional rules.

10. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent

Note: Some rights may be limited by attorney-client privilege and professional obligations.

11. Cookies and Tracking

Our website uses cookies and similar technologies for:

• Essential website functionality
• Security and fraud prevention
• Analytics and performance monitoring
• User experience improvement

You can control cookie settings through your browser preferences.

12. Security Measures

We implement comprehensive security measures including:

• Encryption of data in transit and at rest
• Access controls and authentication systems
• Regular security audits and monitoring
• Staff training on data protection
• Incident response procedures

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on our website with an updated effective date.

Significant changes will be communicated directly to clients and may require renewed consent where applicable.

14. Contact Information

For privacy-related questions or to exercise your rights, contact us at: