We, Halsten, ensure the proper and careful processing of personal data, in accordance with applicable laws and regulations, including the General Data Protection Regulation (GDPR).
We process personal data primarily to provide legal services, based on the contract of assignment with our clients. In doing so, we use personal data to contact (representatives of) our clients, manage business relationships, and invite (current, former, or prospective) clients to events such as seminars. The legal bases for these processing activities include consent, performance of a contract, legal obligation, or legitimate interest. Depending on the assignment, we may process data such as name, date of birth, gender, address, email address, phone number, payment information, and (legal) case file details.
We do not share personal data received through our clients with other clients or third parties, unless prior consent has been given by the disclosing party or there is a legal obligation to do so. Furthermore, we do not transfer personal data to countries outside the European Economic Area (EEA), unless necessary and only if appropriate safeguards are in place that meet the requirements of the GDPR.
We protect personal data using appropriate technical and organizational measures. When we engage third parties to process personal data, we enter into data processing agreements (if required) to ensure the protection of personal data. Personal data will not be retained longer than necessary for the purposes for which they were collected and in accordance with applicable legal retention periods.
Under the GDPR, you have the right to access, rectify, delete, object, restrict processing and data portability. You can send such requests to info@halsten.nl. We will respond to your request within four weeks. For complaints regarding our handling of personal data, you may also contact us or submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
Our website may contain links to other websites, such as social media platforms (including Instagram and LinkedIn) and websites of our clients and partners. We are not responsible for the content of these websites or how they handle personal data. Our website also uses functional and analytical cookies. For more information, please refer to our cookie policy.
If a data breach occurs that accidentally or unlawfully results in the destruction, loss, alteration, or unauthorized access to your personal data, we will report it to the Dutch Data Protection Authority within 72 hours, if legally required. If the data breach poses a high risk to your rights and freedoms, we will also inform you directly.
This privacy statement may be updated from time to time as new developments arise. The most current version can always be found on our website.