Privacy Policy
Mihaela Maravela Law and IP Office is a personal data controller in relation to your personal data. Mihaela Maravela Law and IP Office is aware of the importance of your personal data and undertakes to protect its security and confidentiality in accordance with the Regulation no. 679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).
This Privacy Policy explains how we collect and use your personal data and which rights and options you have in this matter. Mihaela Maravela Law and IP Office will only process your personal data to the extent that it is necessary for the purposes set out below, with due observance of the legal safeguards and confidentiality of the data. This policy was last updated on the date below and may vary from time to time so please check it regularly. The changes will take effect as soon as they are posted on this Website.
Responsibility for your personal data
Mihaela Maravela Law and IP Office, registered with the Bucharest Bar Association under Decision no. 336 of 6 February 2020 and with the Romanian Chamber of Patent Attorneys of Romania under Decision no. 349 of 18 August 2021 (Mihaela Maravela Law Office is also part of Maravela Codescu Buliga Attorneys at Law: M. Maravela, A. Codescu, M.V. Buliga Joint Lawyer Offices – Cabinete Grupate de Avocati, registered with the Bucharest Bar Association under Decision no. 611 of 23 March 2021, found at www.mcblaw.ro) is responsible for and controls your personal data, as data controller.
Types of personal data we collect
The personal data we collect may include both general data (e.g. name and surname, function, the name of the employer) and special identification data number and series of your identity card, personal ID code:
- contact information, such as your name, job title, phone number, fax number, email address, business address, including your home address (where you have provided this to us);
- financial data such as IBAN number of the bank account and bank details where you have your bank account open;
- technical information such as IP address, log-in details and other technical information collected by visiting our Website;
- information collected following any meeting with us;
- further business information necessarily processed in a project or client contractual relationship with the Office or voluntarily provided by you, such as instructions given, payments made, requests and projects;
- information collected from publicly available resources;
- information about your membership of a professional or trade association or union;
- other personal information submitted for the provision of legal services. Some of these information falls under the category of special data, such as health related data, political opinion, data regarding criminal convictions and offences etc.
- when visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Ways in which your personal data is collected and used
We may collect personal data about you in a number of ways, including:
- when you or your organisation browse, make an enquiry or otherwise interact on our Website;
- when you or your organisation seek legal advice from us or when we do;
- when you or your organisation attend a meeting with us;
- when you or your organisation are in touch with us or via e-mail or otherwise;
- when you attend a seminar or another event of the Office or sign up to receive personal data from us, including training;
- when you or your organisation offer to, or request us to, provide services;
- through recruitment procedure: we may collect your personal data included in your CV and cover letter when you apply for a job / internship opportunity directly on our Website. All personal data processed by us is necessary to fulfil the purposes for which they are collected. When you provide us information about third parties, please make sure you have provided the data subjects with information about such disclosure and established a legal basis for sharing the personal data with us, to the extent required by the applicable law;
- through cookies: our Website uses cookies to permit the proper functionality of the Website and to benefit of the safe areas of the Website – our Cookies Policy may be accessed here.
If you request a password reset, your IP address will be included in the reset email.
In some circumstances, we may collect personal data about you from a third-party source, such as from a publicly available record or from your organisation or other organisations with whom you have dealings, including upon receipt of your personal data from procedural documents filed in court or arbitration files or other documents communicated or obtained for the purpose of providing legal services.
Purposes for using your personal data
We may use your personal data for the following purposes only (“Permitted Purposes”):
- to provide legal advice or other services or things you or your organisation may have requested;
- to monitor and assess compliance with our policies and standards;
- to manage and administer our relationship with you and our clients, including processing payments, accounting, auditing, billing and collection, support services;
- to comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies;
- to analyse and improve our services and communications to you;
- to protect the security of and managing access to our premises, IT and communication systems, online platforms, websites and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
- for insurance purposes;
- to identify persons authorised to trade on behalf of our clients, customers, suppliers and/or service providers;
- to comply with court orders, court or arbitral decisions/awards and exercises and/or defend our legal rights;
- to manage the collaboration and employment contracts;
- for the purposes of recruitment;
- for any other purpose for which you provide your personal data to the Office.
Following your express and unequivocal consent, we may process your personal data also for marketing purposes, by sending newsletters, legal updates, invitations to events or publications of interest to you and to promote our services. We do not use the personal data for automated processing nor for creating profiles.
Legal grounds for processing your personal data
Depending for which of the above Permitted Purposes we use your personal data, we may process your personal data on one or more of the following legal grounds:
- to perform a client instruction or other contract with you or your organisation;
- based on our legitimate interest or those of any third party recipients that receive your personal data, provided that such interests are not overridden by your interests or fundamental rights and freedoms;
- to comply with our legal and regulatory obligations;
- for the establishment, exercise or defence of legal claims or proceedings; and/or
- we may process a personal data for a specific purpose where we have obtained your express consent (as a consequence of you actively sending your data).
Sharing your personal data
We may share your personal information with certain third parties in accordance with contractual arrangements in place with them, including:
- lawyers, experts, auditors, accountants, notaries, bailiffs, subcontractors, consultants, mediators, IP counselors, public authorities, service providers, etc;
- suppliers to whom we outsource certain support services such as word processing, translation, photocopying and document review;
- IT service providers;
- third parties involved in hosting or organising events or seminars.
Where necessary, or for the reasons set out in this policy, personal information may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.
We may also transmit your data abroad, including outside the European Union, in accordance with the legal provisions. During the process of disclosure and transfer of your data, we will take any measure to guarantee the security of your data.
Visitor comments may be checked through an automated spam detection service.
Storage of your personal data
We will take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. Personal data may be kept on our personal data technology systems, those of our contractors or in paper files.
Your personal data will be deleted when it is no longer reasonably required for the Permitted Purposes or you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data. However, we will retain your personal data where required for Mihaela Maravela Law and IP Office to assert or defend against legal claims until the end of the relevant retention period or until the claims in question have been settled.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your rights
The European Union’s General Data Protection Regulation and other applicable data protection laws provide certain rights for data subjects. By reading this document, the persons concerned have been informed about their rights under the applicable legal provisions, as detailed below:
Right of access: you are entitled to request access to your personal data, and we will confirm to you whether we are processing your personal data and for what purposes, as well as provide details of the categories of personal data concerned, the recipients of the personal data, the retention periods (where possible) and your rights.
Right of rectification: in case the personal data that we retain appears to be inaccurate or incomplete, you may ask us to correct or complete it at any time.
Right of erasure: you may ask us to have your personal data erased if it is no longer necessary for us to keep it in connection with the purposes for which it was collected (however, we must keep track of certain information necessary in order to comply with legal obligations and/or to handle any claims or litigation).
Right to restrict the processing: you may ask us to limit the way in which we process your personal data, for example where you think the personal data we hold is inaccurate, for a period enabling us to verify the accuracy of personal data or where you have objected to our processing.
Right to opposition: you may object to our processing of your personal data on grounds relating to your specific situation, where we are processing your personal data to pursue our legitimate interests.
Right to data portability: you may ask us to send you your personal data in an electronic, structured, commonly-used and machine-readable format and have your personal data transmitted directly from us to another data controller, where technically feasible without hindrance where the processing is carried out by automated means and is based on your consent or is necessary for the performance of a contract to which you are party.
Right to withdraw your consent: when the processing is done based on consent, the data subjects have the right to withdraw their consent at any time in writing to us, without affecting the lawfulness of the processing carried out based on consent before its withdrawal. Also, data subjects are entitled to object at any time, free of charge and without any justification, to processing the personal data for direct marketing purposes, using, where appropriate, the unsubscribe feature included in marketing materials.
Right to file a complaint: you also have the right to contact us at any time if you wish to complain about our processing of your personal data and you may lodge a complaint at any time with a supervisory authority.
Right to not be subject of an automated individual decision-making, including profiling: your personal data are not subject to any decisional process based solely on automated processing, including profiling.
In general, it is entirely your free will if you provide us with your personal data – there are generally no detrimental effects for you if you choose not to consent or to provide personal data. If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above or that you may not be able to make use of the services and products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
We must ensure that your personal information is accurate and up to date. If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to your regular contacts. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Personal data about other people which you provide to us
If you provide personal data to us about someone else you must ensure that you are entitled to disclose that personal data to us and that, without our taking any further steps, we may collect, use and disclose that personal data as described in this Privacy Policy. These personal data may refer for example to that of your directors or employees, or someone with whom you have business dealings.
In particular, you must ensure the individual concerned is aware of the various matters detailed in this Privacy Policy, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our personal data disclosure practices (including disclosure to overseas recipients), the individual’s right to obtain access to the personal data and make complaints about the handling of the personal data, and the consequences if the personal data is not provided (such as our inability to provide services).
Cookies
We use cookies to enhance your experience on our website. For more information, please see our Cookie Policy.