Politică de confidenţialitate (în limba engleză)

1. Terms used in the Privacy Policy

1.1. FastLaw - Fast Law Europe SIA, Reg. No. 40203224787, address: Blaumaņa iela 3, Madona, Madonas nov., LV-4801, Latvia.

1.2. GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

1.3. Personal Data - any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as the person’s name, surname, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

1.4. Personal Data Processing - any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.5. Services - any services listed or provided by FastLaw through the FastLaw law practice management platform or through the website www.fastlaw.eu.

1.6. Controller - a natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

1.7. Processor - a natural or legal person, public institution, agency or any other structure which processes Personal Data on behalf of the Controller.

1.8. End-User - a natural or legal person which uses FastLaw provided Services, namely, the FastLaw law practice management platform.

1.9. Employees of the End-User - a person who is associated with, working, or operating on behalf of the End-User and is an authorised user of FastLaw law practice management platform.

1.10. Cooperation Partner - a natural or legal person which provides services to FastLaw and do not process Personal Data in the possession of FastLaw and on behalf of FastLaw.

1.11. Client - a natural or legal person who requests End-User’s provided services and is represented by an End-User’s employee or End-User itself.

1.12. Data Subject - directly or indirectly identified or identifiable natural person, including all FastLaw End-Users, Employees of the End-Users, Clients, Cooperation Partners and their indicated contact persons, guarantors or trustees.

1.13. Data subject consent - any freely given, specific, informed and unambiguous indication of the Data subject's wishes by which the Data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of its Personal data.

2. General provisions

2.1. This Privacy Policy (henceforth – Privacy Policy) are FastLaw’s, namely, Fast Law Europe SIA, Reg. No. 40203224787, address: Blaumaņa iela 3, Madona, Madonas nov., LV-4801, Latvia (hereinafter – FastLaw) internal rules, which are designed to provide information on FastLaw Personal Data Processing purposes, legal basis, scope, protection, processing and storage periods, Personal Data recipients, and Data Subject’s rights during data acquisition and processing.

2.2. Privacy Policy is applied to the protection of privacy and Personal Data regarding:

2.2.1. natural persons, namely, FastLaw End-Users, customers of the End-Users, and Cooperation Partners, as well as third parties, who, in the context of information provided by Data Subjects during the provision of FastLaw Services or cooperation have been identified as contact persons or trustees;

2.2.2. legal persons, if their name consists of natural person’s Personal Data or if by the legal person’s provided information it is possible to directly or indirectly identify a natural person.

2.3. Privacy Policy applies to Personal Data Processing, regardless of the form and/or context in which the Data Subject provides Personal Data (in writing, orally, by telephone, through website, in paper or by email), and in which FastLaw systems or forms they are processed

3. Information about the Controller

3.1. The Controller is FastLaw: Fast Law Europe SIA, Reg. No. 40203224787, address: Blaumaņa iela 3, Madona, Madonas nov., LV-4801, Latvia, e-mail: support@fastlaw.eu

3.2. For questions related to the FastLaw processing of Personal Data, contact the FastLaw designated person for the processing of Personal Data or send a message to the electronic mail address: support@fastlaw.eu. By using this contact information, the Data Subject may request information about the processing of their Personal Data in accordance with Article 12.2. of this Privacy Policy.

4. Legal basis for Personal Data Processing

4.1. FastLaw processes Personal Data on the basis of the following legal grounds contained in Article 6 of GDPR:

4.1.1. the conclusion and performance of a contract, in order for FastLaw to be able to provide requested Services to its End-Users, when selling its Services, to comprise and conclude a contract, including service provision or sales contract with End-Users, contract with Cooperation Partners for received services, and to ensure proper performance of the contractual obligations or their modification after the conclusion of the contract, as well as an appropriate termination of the contractual obligations;

4.1.2. to fulfil legal obligations set out in external laws, in order for FastLaw to fulfil its legal obligations to itself, the Data Subject, state and local governmental institutions, as well as third parties, for example, to comprise appropriate invoices for the provision of Services, develop necessary documentation for the provision of Services, in accordance with the binding and effective regulatory acts of the EU and the Republic of Latvia;

4.1.3. in accordance with the Data subject’s consent to perform marketing activities, such as, sending newsletters to Data subject’s who have subscribed or to acquire information obtained by cookies for analytics and targeted marketing. Data subject is entitled to withdraw the given consent at any time and request the suspension of the processing of Personal data provided on the basis of consent in accordance with Article 12.2. of the Privacy Policy;

4.1.4. for the implementation of FastLaw legitimate interests, to realize the legitimate interests of the FastLaw arising from obligations existing between the FastLaw and Data Subject, a contract or law, including:

A) to ensure and improve the quality of Services requested by the End-User;

B) to ensure effective financial and business record keeping and analytics, as well as effective FastLaw management processes;

C) to prevent unreasonable physical and IT security risks, as well as to implement preventive measures;

D) to prevent unjustified financial risks;

E) to prevent fraud and theft;

F) to ensure the fulfilment of the concluded contract;

G) to turn to the public administration, operational and judicial authorities in order to protect FastLaw legal interests.

4.2. When implementing FastLaw legitimate interests, FastLaw interests in relation to the Data Subject's rights shall be assessed prior to the processing of Personal Data so that the legitimate commercial interests of the FastLaw do not conflict with Data Subject's interests and freedoms. Data Subject shall be entitled at any time to request the suspension of such data processing in accordance with Article 12.2. of the Privacy Policy.

5. Purposes of Personal Data Processing and categories of Personal Data

5.1. The following Data Subject’s Personal Data and other information provided by the Data Subject may be stored and processed by FastLaw, which may be considered as Personal Data in cases where it is possible to directly or indirectly identify the Data Subject and are used for the following purposes:

5.1.1. For providing Services to End-Users, or the purposes of comprising and concluding a contract with the End-User and for performance and modification of the contractual obligations after the conclusion of the contract, to ensure the core functionality of the FastLaw law practice management platform, comprising and sending out invoices, as well as for communication purposes with the Data Subject before and during the provision of Services:

1. Name and surname of the End-User, the Employees of the End-User, or the Clients;
2. Birth date of the End-User and the Empoloyees of the End-User;
3. Employment start date of the Employees of the End-User;
4. Employment end-date of the Employees of the End-User;
5. Duration of Employment of the Employees of the End-User;
6. End-User Employee and End-User set targets and data available on the FastLaw law practice management platform, such as, billable time, daily target, billed amount per month, monthly targets, non-billable hours spent on a Client case, billed time;
7. Cases managed by the Employees of the End-User;
8. Schedule of the End-User and Employees of the End-User;
9. The position and place of employment of the End-User, the Employees of the End-User, or the Clients;
10. Client case related information entered through the use of FastLaw law practice management platform by the Employee of the End-User or End-User itself, such as, case name, matter codes, case description and information provided therein, Client of the case, practice area and the responsible Employee of the End-User for the case;
11. Personal identification number of the Employees of the End-User, or the Clients (VAT number or other relevant identification number if the Data Subject is a legal person);
12. Phone number of the End-User, the Employees of the End-User, or the Clients;
13. Electronic mail address of the End-User, the Employees of the End-User, or the Clients;
14. Address of the End-User, the Employees of the End-User, or the Clients;
15. System related activity log of the End-User or the Employees of the End-User (such as changes made by the user on records, etc.);
16. Any additional Personal Data found on the End-User’s own account which the End-User has entered through the use of the FastLaw management platform;
17. Background-check information related to the Clients and/or their representatives;
18. Authentication information of the the End-User or the Employees of the End-User;
19. Device related information of the Data Subjects (e.g. IP, MAC, IMEI, operation system, version of the operation system etc.);
20. Name and surname of the Data Subject’s, which is a legal person, trustee;
21. Position of the Data Subject’s, which is a legal person, trustee;
22. Phone number of the Data Subject’s, which is a legal person, trustee;
23. Electronic mail address of the Data Subject’s, which is a legal person, trustee;
24. Bank account number of the Data Subject’s, which is a legal person, trustee;
25. Written signature of the Data Subject’s, which is a legal person, trustee;
26. Banking and payment information of the Client and/or their representatives (including but not limited to: card number, expiry date, security code, and other related information).

​5.2. For the creation of End-User’s personalised user account, necessary information for account registration purposes, sending verification emails, ensuring free-trial options, communication with FastLaw:

5.2.1. Name and surname of the Data subject;

5.2.2. Electronic mail of the Data subject;

5.2.3. Telephone number of the Data subject;

5.2.4. Organisation which is represented by the Data subject;

5.2.5. Address of the Organisation which is represented by the Data subject;

5.2.6. Registration and VAT registration number of the Organisation;

5.2.7. Size of the organisation represented by the Data subject (number of employees);

5.2.8. Position in the organisation of the Data subject;

5.2.9. Main practice area of the Data subject;

5.2.10. Preferred Time Zone for the FastLaw System;

5.2.11. Choose preferred FastLaw system language.

5.3. For maintaining, receiving, distributing and providing the quality of Services offered by FastLaw to customers through the Cooperation Partners, including the conclusion, execution, modification of the Service, cooperation or business agreement after the conclusion of the contract, the provision of contacts with the Cooperation Partner or the person authorised by it during the commencement and execution of the cooperation:

5.3.1. Name and surname of the Cooperation Partner;

5.3.2. Phone number of the Cooperation Partner;

5.3.3. Electronic mail address of the Cooperation Partner.

5.4. For receiving, maintaining and replying to inquiries received from Data subject’s through the website’s www.fastlaw.eu contact form:

5.4.1. Name and surnameof the Data subject;

5.4.2. Electronic mail of the Data subject;

5.4.3. Telephone number of the Data subject;

5.4.4. Organisation which is represented by the Data subject;

5.4.5. Size of the organisation represented by the Data subject (number of employees);

5.4.6. Position in the organisation of the Data subject;

5.4.7. Information on the request submitted by the Data subject.

5.5. For performing marketing activities – targeted social media advertising, distribution of newsletters to subscriber lists, sending marketing emails, notifying clients of FastLaw new offers or new products, perform website analytics:

5.5.1. Electronic mail address of the End-User;

5.5.2. Name and surname of the End-User;

5.5.3. Electronic mail address of Data Subject, which is not a user of the FastLaw law practice management platform, but who is a subscriber to FastLaw newsletter;

5.5.4. Any information obtained from cookies deployed by FastLaw or third parties on Data subject’s devices during the visit of www.fastlaw.eu. For more information on cookies deployed by FastLaw, FastLaw advises to be acquainted with FastLaw’s Cookie Policy available at www.fastlaw.eu.

6. The source for acquisition of Personal Data

6.1. Data Subject’s Personal Data which are processed by FastLaw have been obtained from the following sources, in accordance with respective legal basis for processing Personal Data as provided in Article 4 of the Privacy Policy:

6.1.1. Personal Data which are submitted by the Data Subject in person or remotely, namely, by using FastLaw Services or Service interface, electronic mail, phone or any other remote communication channel;

6.1.2. public registers, databases and publicly available information systems, for instance, public databases of the Register of Enterprises of the Republic of Latvia and Lursoft database;

6.1.3. information provided by a third party, if receiving of such information has been established by effective regulatory acts.

7. Personal Data Processing at FastLaw

7.1. Personal Data shall be processed in good faith, lawfully and in a transparent manner for the Data Subject, using the organizational, financial and technical resources reasonably available to FastLaw;

7.2. Personal Data are obtained for specific, explicit and legitimate purposes and their further processing is not for unintended purposes or in a manner incompatible with provided purposes;

7.3. Personal Data shall be stored in such a way that one may identify the Data Subject for no longer than is necessary for the purposes for which the data were collected or processed. Storage periods of FastLaw Personal Data are set forth in Article 11 of the Privacy Policy;

7.4. Personal Data is acquired by adhering to the principle of minimization of data processing, which means that the data is adequate, relevant and contains only that which is necessary for the purposes of processing;

7.5. FastLaw ensures the accuracy of Personal Data and, if necessary, Personal Data is updated according to current information or deleted;

7.6. Personal Data is processed in such a way as to ensure adequate security of Personal Data, i.e., protection against unauthorized or unlawful processing, accidental loss, destruction or accidental damage.

8. Processors of Personal Data at the disposal of FastLaw

8.1. To ensure the fulfilment of obligations with respect to the Data Subject, FastLaw is entitled to attract and authorize authorized Processors to perform separate activities on behalf of FastLaw. If, in the course of these tasks, FastLaw Processors process the Data Subject's data at the disposal of FastLaw, the relevant partners or service providers shall be considered as Processors of Personal Data at the disposal of FastLaw, and FastLaw shall have the right to transfer the Personal Data of the Data Subject to the Processors to the extent necessary for the performance of delegated activities. FastLaw shall keep a record of all Processors and their provided services in a separate register.

In cases where FastLaw authorizes the Processors to perform a specific task, both FastLaw and the Processors shall ensure the protection of the processing of Personal Data in accordance with the GDPR, and shall not use the Personal Data for any other purpose than the fulfilment of contractual obligations in respect to the Data Subject on behalf of FastLaw.

8.2. Information on the Personal Data of the Data Subject, Processors and the sub-processors shall be provided by FastLaw upon receipt of the Data Subject's request in accordance with Article 12.2 of the Privacy Policy.

9. Protection of Personal Data

9.1. FastLaw protects Data Subject’s Personal Data with the use of modern technology, taking into account the existing privacy risks and organizational, financial and technical resources reasonably available to FastLaw, including by the use of the following security measures:

9.1.1. FastLaw uses an SSL-security certificate in operation of the www.fastlaw.eu Website, providing encrypted data transmission between the Data Subject and the server on which the FastLaw internal IT systems are stored and Data Subject's Data, which has been received through the website www.fastlaw.eu voluntarily by the Data Subject;

9.1.2. grants rights of access to the internal IT systems and databases of FastLaw only a limited number of persons authorized by FastLaw which have been attracted to upkeep and develop the FastLaw law practice management platform;

9.1.3. uses firewalls and antivirus programs;

9.1.4. carries out regular and appropriate security checks against the occurrence of intentional attacks on information systems, databases, electronic mails and servers maintained by FastLaw, and checks whether any leakage of data has occurred;

9.1.5. ensures that persons who work with Personal Data in the possession of FastLaw are properly trained, as well as have received appropriate and clear instructions regarding the processing of Personal Data, including security instructions included in the Privacy Policy;

9.1.6. ensure that no unauthorized or unlawful deletion, damage, loss, correction, processing, public disclosure or disclosure to third parties of Personal Data is permitted.

10. Transfer of Personal Data to third parties

10.1. Personal Data held by FastLaw is not transferred to third parties, except in the cases when:

10.1.1. the data transfer to the third party concerned is required within the framework of a contract to perform a contractual obligation or legal obligation delegated by law;

10.1.2. Data Subject has given explicit, unambiguous consent to the transfer of its Personal Data;

10.1.3. to disclose Personal Data is the obligation of FastLaw to persons specified in regulatory enactments at their reasoned request, in accordance with the procedures and in the amount prescribed by regulatory enactments;

10.1.4. for the protection of FastLaw legitimate interests, for example, by applying to a court or other state institutions against a person who has infringed the FastLaw legitimate interests.

10.2. When transferring Personal Data to third parties, FastLaw shall assess the security level of protection and processing of Personal Data by the third party, to ensure the highest possible protection of the Data Subject’s information.

11. Personal Data storage periods

11.1. FastLaw processes Personal Data at its disposal for as long as the following conditions are met:

11.1.1. during the execution of FastLaw provided Services;

11.1.2. while the contractual relationship with the Data Subject is in effect;

11.1.3. for as long as Personal Data is required for the purpose for which they were received;

11.1.4. or as long as necessary to ensure the fulfilment of legitimate interests of FastLaw or the Data Subject, such as the ability of FastLaw or the Data Subject to file an objection or to bring an action in court, as a defendant – to defend their rights;

11.1.5. while one of the parties has a legal obligation to store the data, for example in accordance with the Labour Law, Civil Law or the law “On Accounting”.

11.2. When none of the conditions mentioned in Article 11.1. can no longer be applicable, Personal Data is erased.

11.3. Paper-based documents (such as invoices, agreements, records etc.) are stored in a restricted access location, but not longer than 10 years, as well as to ensure the legitimate interests of FastLaw, such as performance of contractual obligations, debt collection, or in case of potential litigation.

12. Rights of the Data Subject to access their Personal Data

12.1. The Data Subject has the right to be informed about what Personal Data is at FastLaw’s disposal in relation to the processing of Data Subject’s Personal Data, and to request access to, correction, replenishment or deletion of their Personal Data, to limit the processing, and to object to the processing of Personal Data based on the legitimate interests of FastLaw, as well as to exercise the right to data portability, to the extent that FastLaw is able to provide it technically.

12.2. The Data Subject may submit a request for the exercise of his rights, by submitting a request for exercising Data Subject’s rights to the following e-mail address: support@fastlaw.eu.

12.3. Upon the receipt of the Data Subject's request, FastLaw verifies the identity of the Data Subject, evaluates the request and executes it in accordance with regulatory enactments.

12.4. FastLaw shall send a reply to the Data Subject's e-mail address within 30 days of receipt of the Data Subject's request by the person responsible for the processing of Personal Data, or through postal services by signed-for mail. If there is a need to clarify the information or carry out a more detailed investigation before answering, the response may take longer than 30 days, depending on the content of the request, but not more than 60 days.

12.5. In cases where Personal Data is processed on the basis of regulatory acts, on a contractual basis, or in order to implement the legitimate interests of FastLaw, a request for deletion of Personal Data may not be implemented, which shall be communicated to the Data Subject within 30 days after FastLaw responsible person for processing Personal Data has received a request to delete the respective data. The answer is provided with a clear, unequivocal justification for why it is not possible to carry out the deletion of Personal Data. Conversely, upon receipt of a reasonable request for the deletion of Personal Data, an appropriate deletion of Personal Data within 30 days of receipt of the Data Subject's request shall be ensured.

12.6. Disputes related to the processing of Personal Data shall be resolved through negotiations between the Data Subject and FastLaw. If the Data Subject considers that the processing of Personal Data violates the person's rights and interests in accordance with the applicable laws and regulations, the Data Subject has the right to file a complaint to FastLaw responsible person for processing Personal Data by submitting a filled-in complaint form, or straight to the Data State Inspectorate of the Republic of Latvia, address: 17 Elijas Street, LV-1050, Riga, Latvia - phone number: +371 67 223 131 and e-mail address: info@dvi.gov.lv.

13. Other provisions

13.1. FastLaw constantly develops and improves its operations, rules on internal order and security, thus, the Privacy Policy may be changed or supplemented at any time. Where it is necessary, FastLaw notifies Data subjects on the respective changes made.

‍