(valid as of November 7, 2023)
1 Subject and scope of application
With this data protection notice, the sole proprietorship BYLAND.LAW ¦ Christoph Byland, Attorney at Law (hereinafter “BYLAND.LAW” or “we”) informs you about the nature, scope and purpose of the processing of personal data within the scope of our professional activities and operations, including the operation of the websites www.byland.law, www.bylandlaw.com, www.bylandlaw.ch , www.byland.eu and www.christophbyland.com (hereinafter the “websites”), as well as about the rights of the persons whose data we process as data controller.
Other or further data protection notices and/or individual agreements with the persons concerned, namely mandate agreements with our clients, may apply to individual activities and/or purposes.
Personal data is processed carefully, responsibly and in accordance with the relevant data protection provisions, in particular the provisions of the Swiss Federal Act on Data Protection (FADP) and – if and to the extent applicable – the EU General Data Protection Regulation (GDPR), as well as the principles described in this data protection notice.
2 Data controller, contact details and data protection representative in the EU
The controller of the data processing (within the meaning of art. 5 lit. j and art. 19 para. 2 lit. a FADP or art. 4 para. 7 GDPR) is BYLAND.LAW ¦ Christoph Byland, Attorney at Law.
Requests under data protection law from data subjects and supervisory authorities as well as declarations on the exercise of rights pursuant to section 10 below can by notified as follows:
Postal: BYLAND.LAW, Technoparkstrasse 1, CH-8005 Zurich, Switzerland
To the data protection representative in the EU pursuant to Art. 27 GDPR:
Postal: Fairstand GmbH, Fössestrasse 97a, D-30453 Hannover, Germany
3 Processing of personal data
We process the personal data that we receive in the context of the client relationship with our clients and other contractual relationships with business partners from these and other persons involved in this or that we receive in the operation of our websites in accordance with section 5 below. We also obtain personal data from reliable publicly accessible sources, such as the online databases of national and international trademark offices and the Central Company Register of the Swiss Federal Commercial Register Office.
4 Purpose and legal bases
We use the personal data in accordance with section 3 above primarily to conclude and perform contracts with our clients and business partners, in particular in connection with the provision of legal services to our clients and the purchase of products and services from our suppliers and auxiliary persons (such as, in particular, lawyers and law firms or experts consulted in Switzerland and abroad), as well as to fulfill our legal obligations in this regard in Switzerland and abroad.
In addition, we process personal data of you and other persons, to the extent permitted and necessary in our professional judgment, also for the following purposes, if this is necessary to protect the legitimate interests of us or of third parties or to protect legitimate public interests:
- Ensuring compliance with legal and regulatory obligations, primarily due to legal professional rules as well as rules of professional conduct for lawyers.
- Communicate with our clients, primarily in the context of preparing and conducting audio and video conferences.
- Assertion of legal claims and defense in connection with legal disputes and official proceedings.
- Prevention and investigation of crime and other misconduct (e.g., conducting internal investigations, data analysis to combat fraud).
5 Use of the websites
The websites are based on the latest available productive version of the free content management system “WordPress”, which is constantly enhanced as an open source project. Only cookies that are indispensable for the operation of the websites (so-called technically necessary cookies) are used.
When accessing the websites, the user’s browser automatically transmits the following log data to the web server for technical reasons:
- Date of access
- Time of access
- URL of the referring website (referrer URL)
- retrieved file
- Data volume transferred
- Message whether the retrieval was successful
- Browser type and version
- Operating system and version
- Host name of the accessing computer (IP address)
This log data is stored by BYLAND.LAW in a log file to ensure data security. The stored data is used for the purpose of tracking unauthorized access attempts and accesses to the web server. Any further use of the log data is exclusively for statistical purposes in anonymous form.
Search terms entered in the search mask on the websites are used exclusively by BYLAND.LAW to carry out the search query and are stored together with the log data and subsequently deleted.
We do not use Google Analytics or similar tracking technologies or social media plugins from social networks on our websites.
6 Cookies, tracking and other technologies in connection with the use of the websites
We may store cookies on your device if this is absolutely necessary for the operation of the websites. For the storage of all other cookie types, we require your consent if you access our website from a country in which this is required by local law.
Please provide your consent ID and date when you contact us regarding your consent to cookies.
Your consent applies to the following domains: byland.law, bylandlaw.com, bylandlaw.ch, byland.eu and christophbyland.com
The cookie statement was last updated on October 15, 2023 by Cookiebot.
7 Order data processing
BYLAND.LAW is entitled to commission data processors based in Switzerland or the EU with the processing of personal data and to disclose to them the personal data procured by BYLAND.LAW for this purpose, provided that such data processors offer sufficient warranties that all requirements of applicable law, in particular the law governing lawyers and data protection, are met and contractually undertake to process the personal data only on behalf of and for the purposes determined by BYLAND.LAW and in compliance with any other necessary regulations and requirements.
8 Data security and confidentiality
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access by third parties and misuse, such as the encryption of data carriers and of connections for the transmission of confidential content, the anonymization and pseudonymization of data.
We recommend transmitting sensitive and confidential messages and documents as encrypted e-mails to BYLAND.LAW via a reliable secure messaging platform (e.g. the IncaMail platform from Swiss Post or PrivaSphere Secure Messaging). The easiest way to transmit sensitive and confidential messages and documents via the IncaMail platform to BYLAND.LAW is to use our virtual IncaMail mailbox.
BYLAND.LAW assumes that persons who nevertheless send unencrypted e-mails to us agree to this – from a confidentiality point of view – insecure form of communication.
9 Duration of the retention of personal data
We process and store personal data for as long as is necessary for the processing purpose for which we obtained it. As a rule, this is for the duration of our business relationship and thereafter for as long as we have a legitimate interest in retaining the data (e.g. due to applicable statutes of limitation, for the retention of documents and the generation of know-how). In addition, there may be a contractual or legal obligation to retain or document data, e.g. according to the Swiss Code of Obligations (OR/CO) or the Swiss Value Added Tax Act (MWSTG/VAT Act). It is possible that personal data will be retained for the time during which claims can be asserted against us or insofar as we are otherwise legally obligated to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). If the personal data is no longer required, it will be deleted or anonymized as far as possible. Subject to an express written agreement with you, we are under no obligation to you to retain personal data for any specific period of time.
10 Rights of the data subject
In accordance with the applicable data protection law and to the extent provided therein, you have the right to information, correction and deletion of your personal data, the right to restrict processing or to object to our data processing, as well as the right to receive certain personal data for transfer to another data controller (so-called data portability). Please note, however, that we reserve the right to assert the restrictions provided for by law on our part, e.g. if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we can invoke such interests), are obliged to maintain confidentiality or require the data to assert claims. If the exercise of certain rights is associated with costs for you, we will inform you in advance.
Your consent to the acquisition and processing of personal data can be revoked at any time with effect for the future.
Requests for information, correction and deletion as well as a revocation of consent to data processing and a request for data transfer must be sent by mail or e-mail to the respective contact address according to section 2 above.
The exercise of the rights pursuant to this section 10 generally requires that you clearly prove your identity (e.g. by means of a copy of your ID card, where your identity is otherwise not clear or cannot be verified). Please also note that the exercise of these rights may be in conflict with contractual agreements and may result in legal consequences, such as premature termination of the contract or cost consequences. We will inform you in advance in such a case, unless the corresponding legal consequences are already contractually and/or legally regulated.
As a data subject, you also have the right to enforce your claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch ).
11 Effective date and amendments
This data protection notice is effective as of November 7, 2023 and replaces the data protection policy of BYLAND.LAW dated September 1, 2023.
Your continued use of a website after November 7, 2023 constitutes your acceptance of this data protection notice.
We may amend, supplement or update this data protection notice at any time at our own discretion and without prior notice. The current version published on the website www.byland.law shall apply.