×

Privacy policy

In this Privacy Policy (the "Policy"), the following terms: "we", "us", "our", "HILLBRIDGES", and "firm" mean (unless the context requires otherwise) Hillbridges, s.r.o., with its registered seat at Gorkého 4, 811 01 Bratislava, Slovak Republic, registered with the Commercial Register maintained by Municipal Court Bratislava III, Section Sro, Insert no. 46755/B, company identification no.: 36 799 327.

We at HILLBRIDGES value privacy and the data we come into contact with and we adequately protect it, be it data about our existing or potential clients and suppliers, their representatives and employees, or our existing or prospective employees and associates. For the purposes of this Policy, personal data means data that we come into contact with and that identifies or enables the identification of a particular individual as per Regulation (EU) 2016/679 on the protection of natural persons with regard to personal data processing and on the free movement of such data ("GDPR").

In this Policy, we describe how we process your personal data and explain your rights in relation to personal data processing. To ensure you are adequately informed, we may also provide information about personal data processing by our firm in other appropriate ways, e.g. in a specific written correspondence or by email. Please note that HILLBRIDGES is a law firm and, therefore, we may not provide information about personal data processing when providing legal services if this would lead to a violation of the attorney professional secrecy and confidentiality obligation.

If you wish to contact us in relation to personal data processing by our firm, please email us at dataprotection@hillbridges.com. If you prefer other means of communication, you can also contact us at our firm’s address stated above, or contact our partner, Mr Andrej Adamčík using the contact details here.

1. Which personal data do we process?

When conducting our business, we may process various personal data. Mainly, we may process your following personal data in specific situations:

  • personal data, including special categories of personal data, provided to us by or on behalf of our client, and data created by us when providing our services to clients,
  • personal data enabling the client identification and the data we need to assess potential conflicts of interest, perform KYC procedures and procedures required to prevent the legalization of proceeds of crime,
  • personal data that allows us to identify our contractual partners and the personal data we need for our pre-contractual relationships with our contractual partners, including personal data of our business partners, i.e. the persons we deal with as part of our business or in relation to it, 
  • contact details for communication with the client, client's partners, our contractors and partners or other persons (e.g. employees and other client representatives), together with other basic information relevant for contact list purposes (name and surname, telephone number, physical address, e-mail address, other contact details, company, position or other relationship within a company),
  • data needed to make payments, e.g. billing information of the client and our suppliers,
  • personal data needed to organize meetings with clients, counterparties, suppliers and other persons (e.g. employees and other client representatives), such as availability times, dates and times of meetings, etc.,
  • personal data provided during recruitment by our firm, in particular, first name, surname, address and contact details, and other candidate details, such as education, abilities, and experience stated in a CV,
  • personal data (visual recordings) of persons captured by video surveillance system in our firm’s premises (e.g. our employees, clients, suppliers as well as any other persons present in the field of view of the video surveillance system),
  • any other information that you provide to us, or provided to us by third parties.
2. Why and on what legal basis do we process personal data?

We collect and process personal data for the following reasons:

  • to provide legal services in accordance with applicable law and perform our business activities, including establishing, enforcing, or defending the claims of our clients,
  • to conclude and perform contracts between us and our clients, suppliers, and other contractual partners (e.g. landlords and property managers, cleaning services, telecommunication operators, accountants and tax advisors, IT service providers, translation services providers),
  • to comply with obligations arising from specific regulations (e.g. tax and accounting rules, rules on preventing the legalization of proceeds of crime, archival rules, personal data protection rules),
  • due to our legitimate interests and the legitimate interests of third parties (mainly our clients), including our legitimate interest in communicating with clients, suppliers, contractual partners, and other persons, and due to other legitimate interests stated in this Policy,
  • to market our firm (for more information on marketing, please refer to section 3.2 of this Policy),
  • to prove, enforce, or defend our claims,
  • to find and evaluate the suitability of candidates for a particular position at our firm and the related pre-contractual relationships,
  • for the purposes of protection and monitoring of property and persons in our firm’s premises and reliable and due clarification of potential related risk events or suspicions,
  • for purposes for which you have given us special consent.
3. How do we use personal data?

At HILLBRIDGES, we process personal data in various ways to achieve respective purposes. In particular, personal data may be:

  • obtained, used, stored, and created to provide legal services to our clients to conduct our business, or to represent our clients according to their instructions, whereas information may also be provided to third parties to the extent required by client’s interests,
  • obtained, used, and stored to communicate with our clients, suppliers, contractual partners, and other persons (e.g. employees and other client representatives),
  • used in ways required by special regulations,
  • used to provide you with requested information,
  • used to perform contracts with our contractual partners, or to conclude such contracts,
  • used to evaluate a candidate during recruitment (please refer to section 3.1 below for more information on recruitment),
  • obtained and stored by our video surveillance system and its memory unit, and in case of identification of a risk event (or a suspicion thereof) relating to the protection and safety of property and/or persons in our firm’s premises such visual records may be examined by us or if need be provided to third parties for examination (e.g. police, insurance company, persons affected by the relevant risk event).

We do not sell, lease, or otherwise dispose of personal data for consideration.

We protect personal data at HILLBRIDGES by using appropriate organizational and technical measures in accordance with applicable laws to prevent its misuse, accidental or unlawful destruction, loss, alteration, or unauthorized access or transfer.

3.1 Career at Hillbridges

In the Career section of this website, you can email us if you are interested in a career at our firm. No candidate has any legal or contractual duty to provide HILLBRIDGES with their personal data during the admission proceedings and sending a CV and application request to our firm is voluntary. However, if a candidate refuses to provide any information, we may not be able to process a candidate’s request properly or at all.

We only use the personal data of each candidate to assess their suitability for a position at our firm. CVs and application requests to our firm may be included in our firm’s database with the consent of the candidate and may be used for a future admission process. Candidates may withdraw their consent at any time by sending a notice to dataprotection@hillbridges.com.

The firm may retain the following data on candidates: first name, surname and at least one other appropriate item of personal identification data for the list of unsuccessful candidates. We need to maintain such a list to effectively administer admission proceedings and avoid duplication of costs and time to evaluate candidates. A candidate has the right to object to such data processing. 

3.2 Marketing

Similar to other law firms, our firm also uses personal data for direct marketing. Our marketing mainly entails informing on the provision of legal services via advertising, newsletters, legal news, and seasonal greetings. Upon consent, we may publish information about legal advice (including references) and provide personal data to participate in ratings, rankings, and lists of recommended law firms.

If you receive marketing information from us which you are not interested in, do not hesitate to let us know at dataprotection@hillbridges.com and we will exclude you from further marketing correspondence.

4. Who may be provided with personal data?

Your personal data will primarily be used internally by the firm's managers, and other authorized employees and individuals at the firm. Data may also be provided to lawyers (and/or their companies) who, either alone or through their companies, have a long-term working relationship with HILLBRIDGES. A list of these lawyers is available at the HILLBRIDGES website under the Lawyers' tab.

We may provide your personal information to some other persons if required for some of the above purposes. These persons are mainly:

  • our IT service providers,
  • our accountants,
  • our external advisers, in particular tax advisors, technical advisers, and auditors,
  • suppliers to whom we have contracted ancillary services (e.g. translators),
  • other third parties who, with the client’s consent, also participate in the provision of services to the client (e.g. other legal advisors, operators of various technical services),
  • third parties with legitimate authorisation for obtaining and/or examining of the relevant personal data (e.g. examination of recordings from our video surveillance system by the police, insurance company and/or a person affected by a relevant risk event, etc.).

It cannot be ruled out that in certain circumstances, we may need to provide your data to courts, arbitration tribunals, administrative bodies or other public authorities, or other entities pursuant to the relevant legislation, or this Policy. It is possible that in some cases, the applicable law does not permit us to inform you that we have provided such data.

We do not transfer your personal data to third countries or international organizations, unless such transfer is permitted under the GDPR.

5. How long do we keep personal data?

Your personal data will be stored in accordance with our internal archiving and storage policies. Specific periods for keeping personal data are based on the requirements of the GDPR and the time required to fulfil the purpose of data processing, taking into account the archival periods required by the relevant legislation, the recommendations of the relevant public authorities and the Slovak Bar Association, and limitation periods for bringing claims and the legitimate interests of our firm.

Recordings from our video surveillance system are being stored for a period of 14 days from the date of recording and automatically continuously erased afterwards.

6. How do we obtain personal data?

We may obtain your personal data in a number of ways, including:

  • directly from you when concluding a contract with you as our client, or in our pre-contractual processes with clients and in assessments of potential conflicts of interest, KYC procedures and procedures to prevent the legalization of proceeds of crime,
  • from our clients, our contractual partners, or other persons during the provision of legal services by our firm and when conducting our business, or when creating personal data on our own,
  • directly from you if you voluntarily provide the data to us, or if you directly communicate with us (or with our employees, lawyers, or other associates),
  • from your employer or from your contractual partners,
  • from publicly available sources and registers for our legitimate interests and for the purpose of provision of legal services by our firm and for conducting our business, including the updating of your data we already have from other sources,
  • by visually recording your movement within our firm’s premises.
7. What are your rights as regards personal data processing?

At HILLBRIDGES, we respect the rights of individuals, including those granted by the GDPR. Your rights pursuant to the GDPR in particular include the right to:

  • request a confirmation as to whether and why our firm processes your personal data, and to obtain a copy of this data,
  • request the firm to correct inaccurate or incomplete data,
  • request the deletion of personal data, restriction of processing of personal data or that such processing be stopped, for example, if personal data is no longer necessary for the specified processing purposes,
  • object to the processing if the firm relies on legitimate interests as a legal basis for processing,
  • request the transfer of personal data (i.e. receipt of such data in a portable format or transmission of such data directly to another party designated by the individual),
  • where processing of personal data is based on consent, right to withdraw such consent at any time.

Should you wish to exercise any of your privacy rights, please email us at dataprotection@hillbridges.com and we will address your request in accordance with our mandatory obligations. That may also include our continuous processing of certain personal data of yours despite your request to delete your personal data or withdrawal of your previous consent, however only in the extent required or permitted by applicable laws (e.g. in connection with proving, enforcing or defending our claims, or to maintain compliance with our legal and regulatory obligations).

If you believe the firm has not observed your privacy rights, you may file a complaint with the Office for Personal Data Protection of the Slovak Republic.

Information on personal data processing will typically be provided free of charge. However, please note that in certain circumstances, especially if there are obviously unjustified or vexatious requests, we may reject your request or ask for a reasonable fee.

Please also note that we do not have a duty to provide information on personal data processing, to allow access to, or to allow data portability of, personal data under the GDPR if this could lead to a violation of the attorney professional secrecy and confidentiality obligation under the applicable law on advocacy or violation of other applicable law.