Logo
Contact
Logo

Privacy Policy

Home / Privacy Policy
Introduction 
Stan Legal (hereinafter referred to as the “Law Office“) is a personal data operator. Proper protection of personal data is an important aspect for us. This policy aims to summarize the Law Office‘s approach as a controller of personal data (the “Policy“) and is addressed to natural persons outside the organization with whom the Law Office comes into contact, including clients and website visitors, partners or prospects contractual partners or contractual / legal representatives, employees of partners or potential contractual partners or other entities or persons with whom we interact in the context of our activity, such as experts, mediators, other consultants or persons concerned by the cases in which we are involved (referred to as “you“). This document aims, more specifically, to provide the following information:
  1. a) the identity and contact details of the operator – please see Section 1;
  2. b) the contact details of the data protection officer within Stan Legal – please see Section 2;
  3. c) categories of personal data processed – please see Section 3;
  4. d) the purposes for which personal data is processed by Stan Legal, as well as the legal basis of the processing – please see Section 4. It is very possible that not all purposes mentioned in this Policy are relevant to you.
  5. e) if the processing is done for the purposes of the legitimate interests of the Law Office, the indication of those interests – please see Section 5;
  6. f) recipients or categories of recipients of personal data – please see Section 6;
  7. g) if applicable, the operator’s intention to transfer personal data to a third country or an international organization – please see Section 7;
  8. h) the period for which the personal data will be stored or the criteria used to establish that period – please see Section 8;
  9. i) the existence of the right to request from the operator, regarding the personal data relating to the data subject, access to them, their rectification or deletion or restriction of processing or the right to oppose the processing, as well as the right to data portability and exceptions and limitations to these rights – please see Section 9;
  10. j) the existence of the right to withdraw consent at any time, without affecting the legality of the processing carried out on the basis of consent before its withdrawal, as well as the exceptions and limits of this right – please see Section 9;
  11. k) the right to lodge a complaint with a supervisory authority – please see Section 9;
  12. l) if the provision of personal data represents a legal or contractual obligation or an obligation necessary for the conclusion of a contract, as well as if the data subject is obliged to provide this personal data and what are the possible consequences of non-compliance with this obligation – please see Section 10;
  13. m) the existence of an automated decision-making process including the creation of profiles – please see Section 11.
  14. n) terminological issues and a number of other information – please see Section 12.
  Stan Legal‘s policy is based on the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. It may be updated from time to time to reflect changes in Stan Legal‘s personal data processing practice or changes of the applicable law. This Policy has been written with the intention of being easy to read and understand. For further information, please use the contact details set out in Section 2 below.
  1. Identity and contact details of the operator
The operator of personal data is Stan Valentina Maria – Law Office, with the registered office in Bucharest. General contact details include E-mail: contact@stanlegal.ro and telephone: (+4)0724.973.061.
  1. Contact details of the Data Protection Officer
In order to facilitate the interaction between Stan Legal and you regarding the field of personal data protection, Stan Legal ensures the possibility of contacting the person responsible for the protection of personal data, at the email address: dpo@stanlegal .ro or by phone: (+4)0724.973.061.
  1. Categories of personal data that can be processed by Stan Legal
Stan Legal can process, depending on the situation, (a) both personal data obtained from you, (b) and personal data that were not obtained from you (but from public or other third-party sources ). The vast majority of situations are inherent in the activity of a law office, some being completely beyond any possibility of prevention, such as the unsolicited receipt of an email from a third party. The personal information that Stan Legal can process can thus include, depending on the situation:
  1. a) Contact information, such as your postal address, email address and telephone number(s), your name, the company you work for, your function or position;
  2. b) Identity information, such as, for example, marital status, full name (including patronymic or form of address), date and year of birth, gender, photo, other data from identity documents or related to forms of professional practice;
  3. c) Technical information, such as information generated as a result of our IT security policy, your access to the Internet from our premises or the materials and communications we send you electronically;
  4. d) Financial information, such as payment information, such as bank account;
  5. e) Information relevant to the procedures for accepting projects, collaborations or new partners, including financial solidity and reputational aspects;
  6. f) Professional information;
  7. g) Information about a person’s history (for example, from CVs);
  8. h) Other personal information provided to us by or on behalf of our contractual partners or obtained by us from public sources;
  9. i) Information generated by us as part of the legal assistance provided to a client or other activities of the Law Office, which may also include special categories of data, on the occasion, for example, of reputational checks;
  10. j) Any other information regarding your person that you may provide us or reach us indirectly, even completely independently of Stan Legal‘s approach, and which may also include special categories of data.
 
  1. The purposes of personal data processing by Stan Legal and the grounds for processing.
No. Purposes Grounds
1. The processing of personal data for the  purpose of potential collaborations with  clients or potential clients (including assessment in relation to money laundering  legislation, conflicts of interest, reputation  checks and conclusion of contracts) · Legitimate interest · Legal obligations, especially in the matter of the  implementation of government sanctions, combating money laundering and terrorism
2. Processing of personal data for the purpose of evaluating other collaborations or  potential contractual partners · Legitimate interest · Subsidiarily, legal obligations, especially in the matter of the implementation of government sanctions and combating terrorism
3. Providing legal assistance and/or representation to our clients, including in cooperation with third parties, such as consultants, financiers or insurers · Performance of the contract · Legitimate interest ·Subsidiarily, consent
4. Logistics management and development of support activities that of legal assistance, including discussing and the implementation of contracts, including in relation to office management, office supplies and equipment, IT service providers, telephony, cloud, archiving, accounting, etc · Performance of the contract ·Legitimate interest ·Subsidiarily, consent
5. Administrative management of contracts, including financial and accounting aspects,  invoicing and debt collection · Performance of the contract · Legitimate interest · Subsidiarily, legal obligations
6. Promoting our knowledge and the firm to the extent permitted by applicable rules, including through newsalerts, seminars, conferences and meetings, interactions with directories and other platforms · Legitimate interest · Performance of the contract · Consent for electronic communications
7. Legislation compliance ·Legitimate interest ·Performance of the contract ·Legal obligations
8. Legal protection of Stan Legal · Legitimate interest · Legal obligations · Subsidiarily, consent
9. Management and development of know-how · Legitimate interest · Subsidiarily, consent
10. Recruitment · Legitimate interest · Subsidiarily, consent
11. Provision of professional practice and various other internships. · Legitimate interest · Subsidiarily, consent
12. Management of public relations and representation of interests Stan Legal, including in the relationship with statutory bodies, chambers of commerce, other law companies, NGOs, media platforms, various public authorities, other entities. · Legitimate interest · Subsidiarily, consent
13. Monitoring / ensuring the security of people / premises / assets through CCTV video cameras, in the context of Stan Legal’s activities. · Legitimate interest · Performance of the contract · Subsidiarily, consent
14. Operations of development, reorganization, association or change of the form of exercising the profession. · Legitimate interest · Subsidiarily, consent
 
  1. Legitimate interests of Stan Legal
As detailed below, the vast majority of personal data processing carried out by Stan Legal in relation to persons outside the company concerns purposes based on legitimate interests. These, as appropriate, include:
  1. The legitimate interest in minimizing the relationship with natural or legal persons that may present increased legal, financial or reputational risks.
  2. the legitimate interest in the proper execution of contracts with our clients or other contractual partners;
  3. the legitimate interest in promoting the Stan Legal brand, expertise and reputation within the limits allowed by legislation and the rules of the profession, including in the context of organizing or participating in various conferences, seminars or other events or scientific or informative contributions to clients, potential clients or other persons/ entities;
  4. the legitimate interest to develop and implement effective relationships with suppliers and other contractual partners;
  5. the legitimate interest in developing and maintaining an adequate infrastructure, including at the IT and communication level, correlated with the evolution of activities;
  6. the legitimate interest in developing and maintaining an adequate know-how base related to Stan Legal’s activities;
  7. the legitimate interest in good script organization of the activity, including efficient management of correspondence and archives;
  8. the legitimate interest in maintaining the safety and security of personnel, premises, assets and operations
  9. the legitimate interest in the exercise of legal and contractual rights and their defense before the competent courts and authorities, including, if necessary, actions to recover debts or preserve potential means of evidence;
  10. the legitimate interest in promoting Stan Legal‘s objectives within the legal sector and in the relationship with professional bodies, chambers of commerce, public authorities and other relevant actors, including other law firms in Romania and abroad;
  11. of a more general nature, the legitimate interest in the smooth running, development, protection and promotion of its activities according to the object of activity
  12. the legitimate interest to collaborate or interact with specialized third-party entities for any aspect relevant to the above, including related to IT infrastructure, accounting, legislation in other jurisdictions to the extent relevant or requested by customers, developing partnerships.
  Also, based on your consent and within the limits of the law, we may send you various communications through the electronic channels that you have approved to keep you informed about some legal developments, announcements and other information regarding the analyzes and our events.
  1. Categories of recipients of personal data
The categories of data recipients may be, as appropriate: (i) external providers in the field of IT, accounting, fiscal, technical, insurance, cloud services, telephony, e-mail, archiving; (ii) courts or arbitral tribunals, as well as other public authorities and institutions (e.g. the Commercial Register, the Land Registry, the Electronic Archive, the National Authority for the Protection of Personal Data, the National Agency for Fiscal Administration, criminal investigation bodies, public order and national security, Competition Council); (iii) other persons within the entity you represent/within which you work/are registered; (iv) other lawyers (including other forms of practicing the profession with whom we collaborate in the provision of services), specialists (including mediators, industrial property advisers), consultants or experts involved in the services we provide or in other projects in which we are involved; (v) persons relevant to the correspondence received by Stan Legal or other persons involved in the projects in connection with which the correspondence took place or their consultants; (vi) other contractual partners and their contractors, such as catering companies or involved in organizing events or sending invitations or other communications.
  1. The possibility of transferring personal data to a third country
Stan Legal does not anticipate any transfer to countries outside the European Union in connection with the vast majority of the purposes mentioned above. Stan Legal does not transfer personal data for promotional purposes, but may be involved in data transfers in the context of providing professional assistance depending on the jurisdictions involved. Occasionally, transfers may also take place in connection with the administrative-financial management of concluded contracts or for relations with other law firms, other types of consultants, insurers or entities for the evaluation of the legal profession, including the development of rankings (for example, contact persons). Any transfer of personal data to countries outside the European Union will be done only to the extent necessary for the processing purposes mentioned in Section 3 above and in compliance with the legislation in force.
  1. Storage period
With regard to data processing for monitoring / ensuring the security of persons / premises / assets through CCTV video cameras, in the context of the activities of Stan Legal, as a rule, your personal data can be stored for periods of up to 30 days , as the case. In the event of the identification in the meantime of cases that require more storage time (for example, the identification of a reprehensible act or the request for cooperation from an authority), the following will be taken into account: (i) the durations provided by other specific legislation; (ii) the maximum durations in which aspects of legal liability could be attracted by Stan Legal or towards Stan Legal; and (iii) the duration required from a practical point of view upon the expiration of the legal or legal prescription periods for anonymization or effective removal. Regarding the other processing purposes, your personal data may be stored for periods determined according to the following criteria: (i) the periods stipulated by specific legislation (such as accounting legislation or the National Archives law); (ii) the durations during which aspects of legal liability could be attracted to Stan Legal or by Stan Legal; (iii) if applicable, the duration of the collaboration; and (iv) the duration required from a practical point of view upon the expiration of the legal or legal prescription periods for anonymization or effective elimination, considering the difficulties of identifying the moment of collection of some data. Stan Legal pursues a minimalist approach to the processing, including storage, of personal data, with the aim of evaluating from time to time the practical possibilities and risks of deletion, anonymization or similar measures regarding the processed personal data.
  1. The rights and limits of the rights that the data subjects have
Any person whose personal data is processed by Stan Legal has the rights provided by the applicable legislation, within the limits described there and mentioned below. If requests from a data subject are manifestly unfounded or excessive, Stan Legal may either charge a reasonable fee or refuse to comply with the request. Also, if Stan Legal has reasonable doubts about the identity of the natural person submitting a request to exercise rights, it may request the provision of additional information necessary to confirm the identity of the person concerned. Of a general nature, the rights may know limits based on European Union law or domestic law; such limitations may aim to ensure: a) national security; b) defense; c) public security; d) prevention, investigation, detection or prosecution of crimes or the execution of criminal sanctions, including protection against threats to public security and their prevention; e) other important objectives of general public interest of the European Union or a member state, in particular an important economic or financial interest of the European Union or a member state, including in the monetary, budgetary and fiscal fields and in the field of public health and social security; f) protecting judicial independence and judicial proceedings; g) prevention, investigation, detection and prosecution of ethical violations in the case of regulated professions; h) the function of monitoring, inspection or regulation related, even occasionally, to the exercise of official authority; (i) protection of the data subject or the rights and freedoms of others; (j) enforcement of civil law claims. 9.1 The data subject’s right of access The right to obtain a copy of the personal data that is the subject of processing does not affect the rights and freedoms of others. 9.2 The right to rectify personal data 9.3 Right to data deletion (“right to be forgotten”) The right to delete data has the following limits: a) the existence of another legal basis for the processing of personal data other than consent; b) the existence of legitimate Stan Legal reasons that prevail with regard to the processing of personal data; c) if the processing of personal data involves the exercise of the right to free expression and information; d) if the processing of personal data involves compliance with a legal obligation or the fulfillment of a task performed in the public interest or in the exercise of an official authority; e) for reasons of public interest in the field of public health; f) for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes; g) if the processing of personal data involves the establishment, exercise or defense of a right in court. 9.4 The right to restrict processing, only in the following cases:
  1. a) the data subject contests the accuracy of the data, for a period that allows the operator to verify the accuracy of the data; (b) the processing is unlawful and the data subject opposes the deletion of personal data, requesting instead the restriction of their use; (c) the operator no longer needs the personal data for the purpose of processing, but the data subject requests them for establishing, exercising or defending a right in court; or (d) the data subject has objected to the processing in accordance with Article 21 paragraph 1, for the period of time in which it is verified whether the legitimate rights of the controller prevail over those of the data subject.
9.5 The right to data portability The right to data portability does not apply if: a) the processing is not based on consent or a contract; or (b) the processing is not carried out by automated means. 9.6 Right to Object The right to object does not apply if the processing is based on the basis of the legitimate interest, or on the basis represented by the necessity of the processing for the performance of a task that serves a public interest. The right to opposition does not apply even if Stan Legal demonstrates that it has legitimate and compelling reasons that justify the processing and that prevail over the interests, rights and freedoms of the data subject or that the purpose concerns the establishment, exercise or defense of a right in court. 9.7 Right to lodge a complaint with a supervisory authority 9.8 Right to Withdraw Consent The withdrawal of consent does not affect the legality of the processing carried out on the basis of consent before its withdrawal or the processing takes place on another basis (i.e. legitimate interest).
  1. If the provision of personal data represents a legal or contractual obligation or an obligation necessary for the conclusion of a contract, as well as if the data subject is obliged to provide this personal data and what are the possible consequences of non-compliance with this obligation
In general, the provision of personal data does not correspond to a legal obligation for you. It may correspond to a contractual obligation that you have assumed (for example, to appear on a certain date to sign a document certifying the identity of the parties as a lawyer) . Failure to obtain personal data may lead, as the case may be, to the impossibility of involving Stan Legal in a contractual relationship (for example, if we cannot comply with our own legal obligations to know the clientele), or to the limitation of what we can do together or the possibilities Stan Legal to pursue its legitimate interests.
  1. The existence of an automated decision-making process including the creation of profiles
Stan Legal does not currently use such processes. Should this aspect change, this policy will be updated in due course, with Stan Legal pursuing compliance with the legislation accordingly.
  1. Terminological specifications. Other information.
12.1 Terminological specifications In this policy the terms outlined below have the meanings detailed in this section. “operator” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data; when the purposes and means of processing are established by Union law or domestic law, the operator or the specific criteria for its designation may be provided for in Union law or domestic law; “person authorized by the operator” means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the operator; “supervisory authority” means an independent public authority established by a Member State to regulate and supervise the field and legislation for the protection of personal data. In Romania, the supervisory authority is the National Supervisory Authority for the Processing of Personal Data (website address http://www.dataprotection.ro/). “personal data” means any information relating to an identified or identifiable natural person; “processing” “processed” means any operation or set of operations performed on personal data or sets of personal data, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modify, extract, consult, use, disclose by transmission, disseminate or otherwise make available, align or combine, restrict, delete or destroy; “special personal data” means personal data revealing racial or ethnic origin, political opinions, religious confession or philosophical beliefs or trade union membership and the processing of genetic data, biometric data for the unique identification of a natural person, data regarding the health or data regarding the sex life or sexual orientation of a natural person. 12.2 Other Information This Policy is applicable as of May 25, 2018.
Contact Us
All Services
MS logo
STAN | Consultancy & Litigation
MS logo

STAN | Consultancy & Litigation

Services
Quick Links
Contact
Facebook-f Instagram
© 2022 Stan Legal. All Rights Reserved