1. What personal data do we collect?
The personal data that we collect includes:
- Basic data, including your name, birth date, your company name, your title or position.
- Contact data, including your (email) address(es) and phone or fax number(s).
- Financial data, such as payment-related data.
- Technical data, such as data from your visits to our website or in relation to materials or communications we send to you electronically.
- Data you provide to us for the purposes of obtaining legal advice or services, or for scheduling or attending meetings and events, including access requirements.
- Identification and background data provided by you or collected as part of our business acceptance processes.
- Personal data provided to us by or on behalf of our clients or generated by us in the course of providing services to our clients, which may include special categories of personal data.
- Any other data relating to you which you may provide to us, including when you contact us by email, telephone or letter.
2. How do we obtain your personal data?
We collect personal data from or about you and others (hereinafter ‘your personal data’) as part of our business, our business acceptance processes, as necessary in the course of providing legal services, when you provide it to us, when you interact with us directly, for instance when engaging with our staff or using the contact form on our website. We may also collect or receive data about you from other sources, including publically available sources for keeping the contact details we already hold accurate and up to date. When you provide your personal data to us, you are expected to have ensured you are authorized to do so in full compliance with applicable data protection laws.
We also obtain personal data from your IP address, operating system and web browser that you use to access our website. Please see section 9 (Cookies) and section 10 (IP Addresses) below for more details about this.
3. For what purposes do we use your personal data?
Tilia Law collects and processes personal data for the following purposes:
- to provide and improve our services to you and to our clients, including handling the personal data of others on behalf of our clients;
- to conduct administrative or operational processes and manage our relationship with you and our clients;
- to provide information requested by you; to process and respond to requests, enquiries or complaints received by or from you;
- to identify services you may be interested in and to promote our services, including sending legal updates, publications, newsletters and details of events;
- to fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims;
- for the purposes of recruitment;
- to provide and improve this website, including auditing and monitoring its use;
- to monitor and analyze our business;
- to send you marketing materials.
For more details on our use of your data for marketing purposes, please see section 4 below (Using your data for Marketing Purposes).
4. Using your data for Marketing Purposes
We may ask whether you wish to receive marketing materials from us. We will not send you marketing materials if you ask us not to. If you have agreed to receive marketing materials, but subsequently change your mind and no longer wish to receive marketing materials, please let us know so we can remove you from our distribution lists. You can contact us on firstname.lastname@example.org or the contact details below in section 14.
If you no longer wish to receive direct marketing or promotional e-mails (newsletters, publications, invitations to our seminars, etc.) from Tilia Law, you can unsubscribe at any moment, free of charge, by sending an e-mail to email@example.com
5. How and why do we share your personal data?
We may on occasion be required to share your personal data with law firms and other third parties who provide services to us or on our behalf in accordance with contractual arrangements in place with them, including our professional advisers and auditors, suppliers to whom we outsource certain support services such as word processing, translation, photocopying and document review, IT service providers, third parties engaged in the course of the services we provide to clients and with their prior consent, such as barristers, local counsel and technology service providers like data room and case management services, third parties involved in hosting or organizing events or seminars. We have taken steps to ensure that all such entities keep your personal data confidential and secure and only use it for the purposes that we have specified and have informed you of. In relation to any other third parties we will only disclose your data where you have given your consent or where we are required to do so by law, or where it is necessary for the purpose of, or in connection with our business, legal proceedings or in order to exercise or defend legal rights. Where necessary, or for the reasons set out in this policy, your personal data may also be shared with regulatory authorities, courts, tribunals, arbitrators, bailiffs, government agencies, law enforcement agencies or our client’s contracting parties. We may be required to disclose your data to comply with legal, regulatory or ethical code requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.
6. Legal and other services
We collect, create, hold and use personal data in the course of and in connection with the services we provide to our clients. We will process identification and background data as part of our business acceptance, finance, administration and marketing processes, including anti-money laundering, conflict, reputational and financial checks. We will also process personal data provided to us by or on behalf of our clients for the purposes of the services we provide to them. The data may be disclosed to third parties as set out in section 5.
7. On what basis do we use your personal data?
We use your personal data on the following bases:
- to perform a contract, such as engaging with an individual to provide legal or other services
- for the establishment, exercise or defense of legal claims or proceedings
- to comply with legal and regulatory obligations
- for legitimate business purposes and interests.
8. How long do we keep your personal data?
Your personal data will be retained in accordance with our data retention policy which categorizes all of the data held by Tilia Law and specifies the appropriate retention period for each category of data. Those periods are based on the requirements of applicable laws and the purpose for which the data is collected and used, taking into account legal and regulatory requirements to retain the data for a minimum period, limitation periods for taking legal action, good practice and Tilia Law’s business purposes.
Cookies are small text files placed on the hard disk of website visitors' computers and/or devices. They retain certain information, such as visitors’ language preference. Other cookies collect statistics about our website’s users or make sure that the graphics on the website appear correctly and that the website applications work properly.
Our website server’s access to the information stored on your computer or device is limited to that contained in the cookie text file only.
Cookies do not contain any personal data. All cookies contain a unique code (“name of the server that placed the cookie + expiration data + unique number/value”) that allows us to recognize your browser, either during the visit to our website (‘session cookies’), or when there are repeat visits to our website (‘permanent cookies’). A permanent cookie remains on your system, although you can always delete or disable it through your browser preferences.
10. IP addresses
When you visit our website our server will record your IP address together with the date, time and duration of your visit. An IP address is an assigned number, similar to a telephone number, which allows your computer to communicate over the internet. It enables us to identify which organizations have visited this website. We use this data to compile statistical data on the use of our website and to track how users navigate through our site in order to enable us to evaluate and improve our site.
11. How do we protect your personal data?
We use various technical and organizational measures to help protect your personal data from unauthorized access, use, disclosure, alteration or destruction.
All our staff and any third parties we engage to process your personal data are obliged to respect the confidentiality of your data. However, the transmission of data via the internet is not completely secure. Although we will do our best to try and protect your data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.
12. Which countries do we transfer your personal data to?
The level of data protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we will implement appropriate measures to ensure that your personal data remains protected and secure. Where our third party service providers process personal data outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures, usually EU standard contractual clauses.
13. Your rights regarding your personal data
You are entitled to request details of the personal data we hold about you and how we process it. If you want to update or adapt your personal information (e.g. if it is no longer accurate, is incomplete or is no longer relevant), please contact us by sending an e-mail to firstname.lastname@example.org. Please also attach a copy of your identity card or passport, so we can check that requested changes are properly authorized. Upon submitting proof of your identity, you can also obtain, at no cost (provided the volume is reasonable), a copy of your personal data record.
You may also have a right to restrict our processing of your personal data, to stop unauthorized transfers of your personal data to a third party and, in some circumstances, to have personal data relating to you transferred to another organization. You may also have the right to lodge a complaint in relation to Tilia Law’s processing of your personal data with a local supervisory authority. In Belgium, you can lodge your complaint with
Gegevensbeschermingsautoriteit/Autorité de protection des données
Drukpersstraat/Rue de la Presse, 35, 1000 Brussel/Bruxelles
T: +32 (0)2 274 48 00
F: +32 (0)2 274 48 35
If you object to the processing of your personal data, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see ‘For what purposes do we use your personal data’) or that you may not be able to make use of the services offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal data to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
We must ensure that your personal data is accurate and up to date. Therefore, please advise us of any changes to your data by emailing us.
14. How to contact us?
If you have any questions or comments about our policy or the way in which we treat your personal information, please contact:
Leuvensesteenweg 369, bus 1
T: + 32 2 725 60 63
F: + 32 2 725 70 38