Privacy Policy

Collection and Processing of Personal Data

Hove Law Firm, CVR no. 45042308, (“the Law Firm”) operates a law practice from the address Faaborgvej 3 – 5, 5250 Odense SV, and as part of this, receives personal data about clients and other individuals.

The Law Firm is responsible (data controller) for the processing of this personal data, and the Law Firm’s processing of personal data is subject to the terms of this Privacy Policy.

What personal data is stored and used?

The law firm processes the following categories of personal data about clients, clients’ family members, opponents, and other individuals:

  • General contact information, including name, address, phone number, and email address
  • IP addresses
  • CPR number (Danish personal identification number)
  • Identification documents, possibly a copy of a passport or driver’s license
  • Financial and legal information
  • Insurance information
  • Social and personal information
  • Health information
  • Criminal information
  • Employment information, including possible information about union affiliation

The personal data is processed in digital and, in some cases, physical form.

Purposes of Processing

The law firm processes personal data for the following purposes:

  • To provide legal assistance in disputes before ordinary courts, professional and non-professional arbitration, boards, etc.
  • To provide assistance in the execution of business transactions concerning the law firm’s clients, such as company transfers
  • To provide legal and related advice to clients within various legal areas that fall within the law firm’s business areas
  • To assist in the rectification of clients’ legal relationships, such as the execution of real estate purchases

The processing of personal data will be limited to what is necessary to fulfill the respective purpose(s).

Collection of Personal Data

Personal data processed by the law firm will be i) provided by the data subject themselves, ii) received from third parties, such as courts, public authorities, opponents and their lawyers, witnesses, or other persons involved in cases handled by the law firm, or iii) collected by the law firm from public registers, particularly the Land Register, the Personal Register, the CVR Register, and the CPR Register, or iv) collected by the law firm from other public sources, including the internet.

Basis for Processing Personal Data

The legal basis for the law firm’s processing of personal data is one or more of the following:

  • For the purpose of fulfilling an agreement with the client, including an agreement on legal representation in a lawsuit or an agreement on providing legal advice
  • To establish, exercise, or defend legal claims, for example, when the law firm is involved in a lawsuit
  • In certain cases where it is necessary for the law firm to pursue a legitimate interest, where the interests of the data subject do not override this
  • To comply with anti-money laundering regulations applicable to lawyers

Sharing of Personal Data

The following physical and legal persons may, to the relevant extent, have access to personal data as part of the law firm’s case processing:

  • Courts, arbitration courts, complaint boards, and public authorities that can make decisions in ongoing cases
  • Opponents and their lawyers involved in legal cases or legal relationships in which the data subject is a party
  • Other parties and their lawyers in case complexes handled by the law firm
  • Banks, real estate agents, and other companies/businesses that have a relevant role in the processing of the law firm’s cases
  • Insurance companies that provide legal aid coverage or otherwise represent a party’s interest in a case in which the law firm is involved
  • Experts and other persons, including witnesses, involved in a case
  • Employees of the law firm
  • Public authorities that are entitled by law to request personal data or to whom the law firm has a reporting obligation, for example, in connection with anti-money laundering regulations
  • Representatives of the Bar Association in connection with supervision according to applicable regulations for lawyers
  • Public authorities, if required by law, including in specific cases for the purpose of combating online fraud and other criminal activities or attempts thereof

Sharing/disclosure only occurs where necessary for the law firm’s handling of a case and related administrative and economically justified tasks, such as billing.

Personal data may, when relevant to case processing, be transferred to other countries both within and outside the EU. The law firm carefully selects its partners and places great emphasis on ensuring that information about cases is always treated confidentially

Duration of Storage

The law firm retains personal data for as long as it (i) is relevant to the law firm’s performance of its duties, (ii) is necessary to address any claims that may be made against the client or the law firm, and additionally (iii) as long as it is necessary to protect the client’s interests and meet the client’s needs.

As a general rule, personal data is deleted 5 years after the conclusion of the case, but this is based on a specific assessment in each individual case. This assessment takes into account the nature of the assistance provided, documentation requirements, and relevant legislation, including in particular accounting rules, conflict of interest rules, and general rules on the limitation of legal claims, as well as the client’s need to access the information in the future.

A client can terminate the law firm’s engagement at any time, and an appointment can also be terminated by the appointing authority. However, even in this situation, the law firm is subject to a number of rules and obligations that make it necessary to retain personal data for a longer period.

Security Measures

The law firm ensures personal data through both technical and organizational security measures to protect the registered person’s information against unauthorized access, manipulation, destruction/deletion, or loss of information.

The law firm uses Legis 365 as a system provider for processing, and storage of personal data takes place on servers operated and hosted by Microsoft. Data processing agreements have been made that guarantee the relevant, recommended, and legally prescribed security measures and the resulting protection of the personal data processed by the law firm.

The law firm has established that other lawyers and employees of the law firm may only access personal data to the extent that it is relevant to case processing. The individuals in the law firm who gain access to personal data are subject to confidentiality.

Rights of the Data Subject

The individual whose information is stored by the law firm, typically the client, has the following rights in relation to the law firm:

  • The right to be informed about which personal data concerning them is registered by the law firm.
  • The right to have incorrect information about them corrected by the law firm.
  • The right to have information about them deleted when the registration is no longer necessary for the purposes outlined in points 3 and 7 and is not prevented by a task/obligation imposed on the law firm under Danish or EU law.
  • The right to restrict the processing of personal data about them when the accuracy or inaccuracy of the personal data cannot be determined, or the personal data is needed as evidence.
  • The right to receive in a structured, commonly used, and machine-readable format, possibly by email, the information they have provided to the law firm, either to themselves or to a newly appointed lawyer or other third party.

The law firm does not inform a person who is not a client about this privacy policy, including the person’s rights under this section 9, if the law firm’s processing of personal data is covered by the law firm’s duty of confidentiality, and this would be compromised by the information.

Changes to the Privacy Policy

This privacy policy may be adjusted by the law firm on an ongoing basis to comply with the applicable data protection regulations at any given time.

Contact

If the data subject has objections to the law firm’s processing of their personal data, they are encouraged to contact the law firm via attorney Kim Hove Thomsen at: kht@hovelaw.dk.

The data subject also has the right to complain to the Danish Data Protection Agency regarding their rights and the law firm’s processing of their personal data. For more information, please refer to the Danish Data Protection Agency’s website www.datatilsynet.dk.

Also read