PRIVACY POLICY

PRIVACY POLICY FOR CLIENT RELATIONSHIPS

1 We process personal data (data that directly or indirectly identifies natural persons) that we receive from you or third parties within the scope of the client relationship or that we collect ourselves. BERETTA KUONI LLC (hereinafter BERETTA KUONI) is responsible for the processing of personal data described in this privacy policy.

2 Some of the personal data we process were provided by you or the data subjects when you or they contact us via email or by telephone and request our services. This includes, for example, name and contact details as well as information about the role of the data subject at the company or organization for which you or the respective contact works or on whose behalf you or they contact us. We also process personal data that we receive in our correspondence with third parties (namely clients, opposing parties, authorities and courts and their employees or other persons acting on their behalf) (e.g. name, contact data, date of birth, information on employment, income situation or health data). In addition, we collect some personal data ourselves, e.g. from public registers or websites.

3 We process the aforementioned types of personal data primarily to provide, document and invoice our legal services.

4 In addition, we process the contact information of clients, their employees and other contacts for marketing purposes (using any means of communication such as email, social media, mail or telephone) to provide information about publications, events, news, services or products that may be of interest.

5 In order to achieve the purposes described in this privacy policy, it may be necessary for us to disclose personal data to the following categories of recipients: external service providers, clients, counterparties and their legal representatives, business partners with whom we may need to coordinate our legal services, as well as public authorities, courts and tribunals.

6 We process personal data in Switzerland and in the EU/EEA. We may transfer personal data to recipients (namely clients, counterparties or public authorities) who in turn process the personal data in other countries, including those that do not ensure a level of data protection comparable to Swiss law. We will do the latter based on consent or standard contractual clauses, or if it is necessary for the performance of a contract or the enforcement of legal claims.

7 We store personal data only for as long as is necessary for the processing of our mandate, for as long as there is a legal obligation to retain and document the data, or for as long as there is an overriding private or public interest in doing so. We take reasonable and appropriate precautions to protect personal data from loss, unauthorised modification or unauthorised access by third parties. If you provide us with personal data concerning a third person (e.g. your employees or opposing parties), we assume that you are authorised to do so and that the data is correct and that you have ensured that these persons are informed about this disclosure, insofar as a legal duty to inform applies (e.g. by bringing this privacy policy to their attention in advance)

8 We use external IT service providers and cloud providers with servers in Switzerland to provide our services. We use certain IT services as well as means of communication which may be associated with data security risks (e.g. e-mail, video conferencing). Please inform us should you require special security measures.

9 We have a legitimate interest in the processing of personal data for the aforementioned purposes. Some processing is also necessary so that we can fulfil our contractual obligations to you or our legal obligations (e.g. retention obligations).

10 Within the scope of application of the Federal Act on Data Protection (Data Protection Act, FADP) of 25 September 2020, data subjects have the right to obtain information about the personal data stored about them and the purpose of the data processing, the right to rectification as well as to erasure or restriction of the processing of their personal data, the right to object to the processing, the right to seek redress from a competent supervisory authority and to data transmission/transferability. However, please note that conditions and exceptions apply to these rights. To the extent permitted or required by law, we may refuse requests to exercise these rights. For example, we are bound by professional secrecy and/or may or must retain or otherwise continue to process personal data despite a request to delete the personal data or restrict processing for legal reasons.

The rights pursuant to the Federal Data Protection Act (FADP) of 25 September 2020 do, in particular, not apply if we process personal and other data during court proceedings and proceedings under federal procedural acts (including proceedings before cantonal and federal criminal, civil and administrative courts and arbitral tribunal with their seat in Switzerland). In court proceedings and proceedings under federal procedural acts, we process personal and other data during the pending proceedings and after the conclusion of the proceedings in accordance with the applicable procedural law.

11 This privacy policy requires no consent from the client, their employees or other contacts. This privacy policy merely contains information about the nature, scope and purpose of the use of personal data by BERETTA KUONI. BERETTA KUONI reserves the right to unilaterally change the content of this privacy policy at any time and without notice.

12 If you have any questions or if you or your employees or other contacts wish to exercise your or their data protection rights, please contact us at admin@berettakuoni.com (subject: data protection) or write to BERETTA KUONI LLC, Data Protection, Hirschgässlein 44, P.O. Box 150, CH-4010 Basel.