Client relationship administration
Purpose
The purpose is to manage the client relationship, including the prevention of conflicts of interests, establish the client and new cases, provide advice, invoice as well as administer, manage and develop our business and services, operate and maintain our systems.
Data Subject
The client, including employees of the client.
Category of Personal Data
Personal data such as name, title, address, telephone number and e-mail address, in some cases employee number, our advice and assistance as well as invoice information.
Legal Basis
The processing is necessary for the performance of the contract with our client or in order to take steps at the request of the client prior to entering into the contract, cf. General Data Protection Regulation article 6, paragraph 1, point b.
Further, the processing is necessary for compliance with legal obligations to which CURIA is subject, including section 10 of the Accounting Act, cf. General Data Protection Regulation article 6, paragraph 1, point c. Moreover, such processing is also necessary in order for us to pursue our legitimate interests in managing the client relationship, fulfilling the contract with our client, administering and developing our business and services, and handle the operation and maintenance of IT systems that are used as a part of our management of the client relationship, cf. General Data Protection Regulation article 6, paragraph 1, point f. Note, that the data subject has the right to object against the processing, cf. General Data Protection Regulation article 21, paragraph 4.
Source
The client, including employees of the client.
Retention Period
The personal data is deleted after 11 years, calculated from the end of the calendar year in which the client relationship is terminated, unless specific circumstances require a shorter or longer storage period. Certain client information is deleted after 30 years, calculated from the end of the calendar year in which the client relationship is terminated, to protect against conflicts of interest.
Categories of recipients
CURIA is bound by a statutory obligation to maintain confidentiality and will not generally transfer your personal data to third parties.
We only transfer personal data to our client, counterparties, or courts as well as other public authorities in cases where it is necessary to do so in order for a legal claim to be established, exercised or defended.
In addition, we also transfer personal data to our auditor and to other professional advisors in certain cases, e.g. so that auditors can perform audits or so that we can receive professional advice from other consultants and advisors.
We also use external suppliers, such as IT suppliers, accountants, etc. which may receive personal data in connection with the assistance they provide to us. CURIA enters into data processing agreements with external suppliers which process personal data on behalf of CURIA to ensure that all necessary security measures are adopted. We do not transfer personal data to countries outside of the EU/EEA unless such a transfer is being made to our client, counterparties or courts. In these situations, we will ensure appropriate or suitable safeguards in the absence of an adequacy decision by the Commission.