As a law firm, Arioli Law necessarily processes personal data. Thereby, we strictly adhere to professional secrecy obligations and data protection laws in Switzerland. The partners of Arioli Law act as controllers regarding the personal data they process.
Personal Data and Purposes of Processing
The term "data processing" includes all steps in the handling of personal data from the collection, storage and use to deletion.
Data we process includes contact details such as first name, surname, e-mail address, postal address, phone numbers, profession, position and function and further personal data that our clients disclose to us, or that are provided to us by third parties in the context of the client-attorney-relationship or in the context of our speaking, lecturing and publishing activities. As a business law firm, we advise companies and authorities, not private individuals, which is why we generally do not receive any sensitive personal data from our clients that would require special measures to be taken. Further, we process data of applicants for the purpose of the application process and potentially the conclusion of an employment agreement.
We process personal data in connection with the mandates of our clients and the purpose of performing our duties under such mandates. Should the GDPR apply, the legal basis for such processing is Art. 6. para. 1. lit. b GDPR. Furthermore, we process personal data that we receive from correspondence with third parties such as counterparties, authorities, courts and their employees and other authorized individuals. Should the GDPR apply to such processing, the legal basis is Art. 6 para. 1 lit. b, c and f GDPR. Further, we process personal data in connection with our lecturing, speaking and publishing activities. Should the GDPR apply, the legal basis for such processing is Art. 6. para. 1. lit. f GDPR.
Further, we process technical usage data, including information about the date and time of your visit of our website visit, the pages visited, IP address, device ID and type, language settings, information on data usage and storage, information of the operating system and browser used by your device. We process technical usage data to analyze the technical usage data on an anonymous and aggregated basis for the ongoing optimization of our website.
Third-Party Infrastructure Services, Data Sharing and Data Transfer
We do not share any personal data with third parties unless you have instructed us to do so, given your consent or this is necessary to provide our services as a law firm. This means we may share your personal data with counterparties, our business partners, their legal representatives, business partners with whom we may need to coordinate the provision of legal services, as well as authorities and courts.
Our website may contain links to third party websites, products, and services. Data collected by third parties, which may include location data or contact details, is governed by their privacy policies. We encourage you to review the privacy notices of such third parties. This Privacy Notice does not apply to websites of third-party providers which can be accessed through our website. We have no influence on how these companies comply with data protection requirements.
Cookies and Third-Party Tools
On our website we do not deploy functional, performance or analytics cookies and do not analyze the traffic on our website. Accordingly, we have not implemented a cookie banner. In general, we recommend that you verify your personal browser settings to accept or disable cookies or other tracking technologies and to set an alert function before using these technologies. We recommend that you disable third-party cookies, enable tracking protection and use "do not track". For more information, please refer to your browser's help function. Our website is hosted by webflow, a provider in the United States. According to their Cookie-Policy, webflow does not add any cookies to customer sites like ours.
We deploy Google Fonts, a web font service provided by Google Inc that provides an application programming interface (API) to deliver font files. Our website provider webflow assures that they host Google Font locally on their webserver in order to avoid any transfer of IP addresses to Google. According to Google Inc, Google Fonts do not set any cookies.
We experiment with large language models (LLM, a subset of what is currently referred to as “artificial intelligence”). We occasionally deploy automatic translation services and we have concluded the requisite data processing agreements with providers of such services. When deploying these services, we ensure that any and all documents contain no sensitive information and no personally identifiable information.
Arioli Law deploys technical and organizational security measures to protect personal data adequately against unauthorized access, manipulation, loss and destruction and review these measures on a regular basis. However, despite such measures, the processing of personal data on the Internet can always have security gaps. We can therefore not guarantee absolute data security.
We cannot guarantee confidentiality for transmissions by electronic means, in particular by email or videoconferencing. The internet, websites and the electronic transmission of data are considered fundamentally insecure with regard to confidentiality and data security: Unauthorised third parties may be able to access information that is exchanged through the above channels, and data can be damaged or changed in content. We assume no liability for the security of data transmitted electronically.
We use the communication tools our clients prefer and assume they agree to the terms of the third-party providers of such tools. We do advise that our clients encrypt e-mails. However, if our clients decide not use encryption, we adapt accordingly. Further, whilst using a videoconferencing tool, we do advise our clients not to share documents containing sensitive data and sensitive information and recommend not to make recordings.
Access to our website is via transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS).
Data Retention Period
We process and store data in accordance with our statutory and professional retention obligations. For client business data, this is 10 years after the end of the mandate. After the end of the respective retention period, we delete personal data pursuant to our deletion policy.
We delete the data of job applicants after 3 months of the completion of the application process, unless the applicant consents to a longer period or an employment contract is concluded.
Rights of the Data Subjects
As a data subject, you have the right to access the data processed by us as well as the right to request rectification of outdated or incorrect data and the deletion of your data. To claim these rights, please contact us at the below stated address and provide us with appropriate identification. Please note that, in order to comply with our statutory and professional obligations, we may have an overriding interest and may object to your request.
We reserve the right to amend this Privacy Notice at any time. The published version applies.