Alexander Zalivako
  • CONTACT US
  • SUBSCRIBE
ABOUT US
THE FIRM
PRACTICE AREAS
CREDENTIALS
SANCTIONS 360°
UPDATES
SANCTIONS MAP
VIDEOS
DOCUMENTS
Menu

Privacy Policy

This Privacy Policy is issued by Alexander Zalivako, acting through From A to Z Law Firm, with registered office at 10 Boulevard Kaltreis, L-1881 Luxembourg City, Grand Duchy of Luxembourg, telephone +352 661 71 71 11, email alexander.zalivako@azlaw.lu (hereinafter referred to as the “Firm” or “we”), in its capacity as the data controller pursuant to Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable Luxembourg data protection laws.

The Firm is committed to protecting the privacy and personal data of its clients and any other data subject whose personal data may be processed in the course of its professional activities. This document describes the categories of personal data collected, the purposes and legal bases for processing, the data retention policy, and the rights of data subjects.

 1. PURPOSE OF THE POLICY

1.1 The purpose of this privacy policy is to set out in a simple and transparent way what personal data From A to Z Law Firm (the “Firm”) processes about each of its clients and/or any other data subject who may be related to a client (the “Client”) and how the Firm processes it. It applies to the following persons: (i) our current and former clients; (ii) any agents, representatives, service providers or individuals who may be engaged by the clients; and (iii) any other individual whose personal data may be processed by the Firm when providing its services (a “Data Subject”).

1.2 Personal data includes any information relating to an identified or identifiable natural person that is processed by the Firm. Processing includes any activity with your personal data which you provide to the Firm when you become the Client or engage the Firm in connection with providing legal advice. The law requires that the Firm shall verify the information provided by the Client. Further, such verification may also be required to ensure security of the Firm and/or develop its business. Accordingly, the Firm also processes your data available from various public sources (e.g., Internet, world press, news, and other publicly available media), specialised AML/CTF and security service providers (e.g., WorldCheck) and/or legitimately provided by other counsels (mainly other legal service providers) which may be engaged in connection with the provision of the services.

1.3 By entering into the relationship with the Firm or approaching the Firm for the purpose of providing legal services, each Client acknowledges and agrees (on behalf of the Client and any of the Data Subjects which may be related to the Client) that her(his) personal data will be processed by the Firm for the purposes set out in this privacy policy.

1.4 In addition to the matters set out in this privacy policy and which are provided in accordance with the Firm’s obligations under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, the Firm as a regulated legal practice is subject to, and complies with all requirements, arising out of the regulation of legal services, including all matters arising out of the Firms duty of confidentiality owed to the Clients

 2. CATEGORIES OF PERSONAL DATA

The personal data which the Firm processes may include the following information and documents with respect to the Client and, where applicable, the Data Subjects related to the Client (e.g., representatives, agents, officers, service providers, related parties, transaction counterparties and beneficial owners):

2.1 personal identification data or contact information, including surname, name, etc.;

2.2 domicile, address, gender, marital status, or relationship with other persons;

2.3 nationality, the date and place of birth, profession-related information (including, job title, cadre level, fiscal (tax) status), identification number (if any), origin of funds);

2.4 information on identification documents: issuance numbers, date and place of issuance, duration of validity and copies of such documents;

2.5 images of ID cards and images of other KYC identifiers;

2.6 electronic identification data (e.g., email, addresses and other similar identifiers, electronic signature, etc.);

2.7 the data with respect to the Client’s financial status (e.g., salary-slips, resumes, tax declarations);

2.8 the data with respect to the Client’s place of residence (e.g., utility invoices);

2.9 information about any counter-parties, delegates, service providers or agents of the Client and/or any other third parties involved into the transactions of the Client; and

2.10 any other information that may be required for the provision of legal services requested by the Client, the proper identification of the Client and her(his) sources of wealth or compliance with any legal obligations of the Firm

 3. PURPOSES OF THE PROCESSING

The Firm processes personal data of the Data Subjects to ensure the continuing provision of the services to the Client and/or on-going compliance with the Firm’s obligations under laws and regulations applicable to the Firm and/or the legitimate interests of the Firm, including for the purpose of:

3.1 completing pre-contractual KYC-checks with respect to the Client (legal obligation);

3.2 providing legal services to the Client, receiving consideration for such services (performance of a contract);

3.3 marketing, research (including, any statistical and scientific analyses of the Firm’s client base and preferences) and any other similar matters (legitimate interests);

3.4 management of the Firm’s IT infrastructure (including, any encryption or decryption of any Client-related information) (legitimate interests);

3.5 compliance with laws and regulations, acts, decisions, recommendations or inquiries of the courts, regulators, authorities or any other officials or agencies, compliance with specific rules of New York, English or Luxembourg bars (including, any non-binding guidelines, best practices or similar standards). These inquiries may arise in various sectors, including: tax, anti-money laundering, anti-terrorist, crime, detection or prevention of fraud, market abuse or any other similar matters (legal obligation);

3.6 any dispute resolution and litigation matters (performance of a contract);

3.7 operation of the Firm’s website and the distribution of the Firm’s information materials (legitimate interests and consent); and/or

3.8 any other matters where the processing of such personal data is necessary or desirable to ensure the on-going provision of legal services to the Client or maintaining the status of the Firm as a regulated legal services provider.

 4. LAWFUL BASIS FOR THE PROCESSING

4.1 The Firm processes the personal data in connection with the provision of legal services to the Client and/or the compliance with the legal obligations of the Firm and/or the legitimate interests of the Firm. The legitimate interests of the Firm are those interests which are inherently linked to the functioning and development of the Firm as a legal practice and include, for example: (i) security matters, fraud and other crime prevention; (ii) security of the Firm’s IT systems and clients’ information; (iii) business development or marketing activities; and (vi) development of the Firm’s products and/or services. More specifically the legal basis for each purpose of personal data processing is set out in section above.

4.2 In limited circumstances mainly related to the operation of its website and distribution of information materials, the Firm relies on consent. Where the Firm relies on consent to process personal data, each relevant Data Subject can withdraw her(his) consent at any time by unsubscribing from the relevant distribution list

 5. THIRD-PARTIES’ PERSONAL DATA

The Client shall inform all of its agents, delegates, managers, employees, attorneys, service providers or other agents, shareholders or beneficial owners and other natural persons related to the Client of the contents of this privacy policy and by providing the relevant information to the Firm the Client confirms that the relevant persons have been informed of this privacy policy.

6. OTHER PROCESSORS

With respect to its Clients and counterparties, the Firm is required to conduct regular KYC, KYT and other similar back-ground checks by reference to specialised service providers (such as, e.g., World-Check database or any other similar services or databases), publicly available information as set out in various registers, press and Internet. The Client acknowledges and agrees that the Firm will obtain information in accordance with the procedures set out in this paragraph without any further notice to, or consent of, the Client.

7. PROFILING

The Firm is not engaging in profiling of the personal data of any Data Subject

8. RECIPIENTS OF PERSONAL DATA AND CROSS-BORDER TRANSFERS

8.1 The Data Subjects’ personal data may be disclosed or transferred by the Firm without any further notification to, or consent of, any Data Subject to: (i) any person to whom disclosure is required to be made (1) by applicable law or court order, (2) pursuant to the rules or regulations of any government, supervisory, taxation or regulatory body, (3) in connection with any legal or arbitration proceedings or investigations; (iii) to the account banks, insurance providers, any professional service providers as may be engaged by the Firm, IT and telecommunication companies and other service providers, outsourcing companies or data processors of: (A) the Firm or (B) any sub-contractors or (C) affiliates of such entities; (4) to any third parties to the extent that the Firm or any of its service providers deem such disclosure or transfer to be necessary or desirable for the carrying out of its duties, obligations, commitments and activities whether arising under any contract or by operation of law or the legitimate interest of the Firm. The Firm retains its right to change such service provider at any time without further notice to, or consent of, the Client.

8.2 Any transfer of personal data outside of the EEA/US is not practiced. If it is necessary for the provision of services, it is subject to appropriate safeguards as required under Luxembourg law.

9. SECURITY

9.1 The Firm has implemented (or ensured that the processors of personal data of the Firm’s clients have implemented) appropriate, and commercially reasonable, technical, physical and organisational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access and all other unlawful forms of processing.

9.2 Generally, to the extent the Firm relies on third-party service providers (e.g., in IT) such service providers are located in the EU.

10. RETENTION PERIOD

Most of the personal data will be subject to the retention period of 5 years, being the applicable time-period to ensure compliance with AML laws. Following the expiration of this period of retention, the personal data is automatically deleted without any additional notice to the Client and/or any Data Subject. Accordingly, each such person shall retain each relevant copy of her(his) personal data.

11. COOKIES ON THE FIRM’S WEBSITE

11.1 Cookies are files placed on your device when you access the Firm’s website with the relevant information related to your visit. We use only the following cookies: (i) necessary cookies which purpose is to make possible the operation of our websites and identify your hardware and software. Without necessary cookies the website cannot be operational and, accordingly, you cannot opt-out of using such cookies when visiting our web-site; and (ii) limited analytics cookies which help us understand better the geographical origin of the persons using our website and the products which such persons are interested in. This allows us to better structure our offering of products and develop business. The cookies collect information in a way that does not directly identify anyone. We cannot track any individual features of the visitors of our website as a result of the use of such cookies. 

11.2 For more detailed information about the cookies used on our website, including their purposes, duration, and how to manage your consent preferences, please refer to our Cookie Policy.

12. DATA SUBJECT’S RIGHTS

12.1 Each Data Subject has the following rights with respect to her(his) personal data:
          (a) a right to be informed as to the rules and procedures of the Firm related to the processing of the personal data;
          (b) a right of access to the personal data;
          (c) a right to rectify the personal data or object to, or restrict, the processing of personal data in the circumstances when such personal data is incorrect or is not processed in accordance with Luxembourg data protection laws;
          (d) a right to object to any direct marketing communication or any automated decision or profiling (if any);
          (e) a right of portability of your data; and
          (f) a right to erase your personal data (so-called right to be forgotten)

12.2 The exercise of the above rights may be subject to legal restrictions and, accordingly, should you wish to exercise any of such rights we will always assess your situation and provide you with a reasoned response. In exceptional circumstances set out in law, we may charge you a fee in respect of your request.

12.3 To exercise any of the above rights, please send your up-to-date valid ID to the following email: alexander.zalivako@azlaw.lu with the relevant request. We will attempt to respond within 30 days or explain why an additional period of time is required to ensure that you can exercise your rights.

12.4 In case any Data Subject is not satisfied with the Firm’s feedback with respect to her(his) inquiry, the Data Subject may refer her(his) matter to the Luxembourg National Commission for Data Protection (https://cnpd.public.lu)

Scroll to Top