Privacy and Data Protection Policy
Last updated 25'th April 2022
1. Purpose
This Privacy and Data Protection Policy (“Policy”) provides how WhistLaw (“we”) treat personal data when our website Visitors, Clients and prospective Clients (“you”) visit our website, contact us, and use our services. This Policy does not lay down rules on the privacy and data protection practices that we implement on our WhistLaw Platform, which are subject to the WhistLaw Platform – Data Protection Policy.
2. Law Enforcement
We are committed to respecting your privacy and safeguarding your personal data in accordance with the applicable laws, in particular Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (“e-Privacy Directive”).
3. Personal Data
Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by their name, an identification number, location data, or an online identifier. Such a person is also one who can be identified based on physical, physiological, genetic, mental, economic, cultural, or social identity.
The table below exemplifies our practices of processing your personal data when you visit our website, contact us, and use our services.
Visiting the website
Internet Protocol (IP) number, browser type, browser version, operating system, geographical location, time and date of the visit, information on navigation through the website and the time spent on individual pages.
Legitimate interest of WhistLaw, as laid down under Art. 6(1)(f) GDPR, and – subject to your prior agreement – your consent, as laid down under Art. 6(1)(a) GDPR.
Navigate through the website to learn about WhistLaw and the services it provides. Subject to your consent, data obtained by means of non-essential cookies may be stored and used internally for website traffic analysis, with the purpose of facilitating the use of this website and ensuring system security and the contact opportunities chosen by you.
Personal data may be shared with our third-party service providers who assist us with hosting or provide us with
technical support, and who are located within EU/EEA or in countries that are considered to provide an adequate level of protection of personal data.
Personal data that are subject to session cookies will be deleted after your session on this website ends (that is to say,
when you leave the website or close your browser window).
Personal data that are subject to non-essential cookies will be stored for the period indicated in the Cookie Declaration.
Contact
Internet Protocol (IP) number, browser type, browser version, operating system, geographical location, time and date of the message, e-mail address, name, and other data you choose to disclose.
The legitimate interest of WhistLaw, as laid down under Art. 6(1)(f) GDPR, and the necessity to take steps prior to entering into a contract, as laid down under Art. 6(1)(b) GDPR.
Managing the queries efficiently, providing information on our services and engaging in a pre-contractual relationship.
WhistLaw staff is responsible for handling the requests and data processors we engage and who are located within EU/EEA or in countries that are considered to provide an adequate level of protection of personal data.
Personal data that we receive in the context of a (prospect) contractual relationship or queries that you may submit will be retained for the duration that is necessary for the performance of an agreement or subject matter of the request, unless we are required to keep such data for a longer period in accordance with the law that applies to us.
Using services
E-mail address, name, position, (electronic) signature, phone number, affiliation to an organization, and information about that organization, bank account number, bank address.
The necessity to perform a contract, as laid down under Art. 6(1)(b) GDPR and necessary to comply with a legal obligation to which WhistLaw is a subject, as laid down under Art. 6(1)(c) GDPR.
Delivery of services, the performance of a contract, and compliance with legal obligations.
WhistLaw staff is responsible for delivering services and engaged – directly or indirectly – in the performance of a contract, and data processors we engage and who are located within EU/EEA or in countries that are considered to provide an adequate level of protection of personal data.
Duration of the contractual relationship and for the period necessary to comply with the applicable legal obligations.
4. Cookies
Cookies are small data files that contain a sequence of characters. They are sent by our server and stored on the hard disk of your device. They help us improve our site and deliver better and more customized service, for instance by storing information about your preferences and allowing us to recognize you when you return to our website.
The rules on the use of cookies, instructions on how to deactivate them, and information on the cookies used on this website are subject to our Cookie Declaration.
5. Data Protection Rights
In order to ensure the full protection of your personal data and to enable you to oversee the processing thereof, you are entitled to exercise specific rights, as laid down in this part of the Policy. To claim any of these rights, contact us at whistlaw@whistlaw.eu.
You have the right to obtain from us the confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information such as the purpose of the processing, categories of the processed data, and the recipients of such data.
You have the right to request us to erase personal data concerning you in the circumstances where the personal data are no longer necessary in relation to the purposes for which they were collected.
You have the right to receive from us the personal data concerning you in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
You have the right to obtain from us the rectification of inaccurate personal data concerning you. This includes but is not limited to the right to have incomplete personal data completed, for example by means of providing a supplementary statement.
6. Policy Update
We reserve the right to update this Policy if that would be required under the laws that apply to us. Consequently, you are advised to consult this page occasionally to ensure you are familiar with the possible amendments.
7. Contact WhistLaw
If you have any questions about this Policy or our treatment of your personal data, contact us at whistlaw@whistlaw.eu.