General information

The following definitions explain key terms used in this policy. They are provided to help readers understand the types of data processed and the legal or operational concepts applied in this document.

BizLabJura collects various categories of personal data depending on the nature of the interaction. The following sections list the main types of data collected directly from users, data collected automatically, and data received from external sources when relevant to the provision of legal advisory services.

Data provided directly by users is collected when individuals request services, communicate with BizLabJura, register for newsletters, or complete forms on the website. This input is used to manage client relationships and respond to inquiries.

• Contact details: name, company name, email address, postal address and telephone number.
• Company and role information: legal entity name, registration numbers, position and relation to the matter.
• Case-related documents: copies of contracts, governance documents, identification documents and factual materials necessary to provide advice.
• Communications: messages sent via email, contact forms or other direct correspondence and any attachments provided.
• Billing information: invoicing details required to process transactions, subject to applicable limitations on business data processing.
• Consent and preferences: explicit consent choices and communication preferences where provided by the user.

When users visit BizLabJura.pro or interact with certain online features, some information is gathered automatically to support site operation, improve performance and understand general usage patterns.

• Log data: IP address, time stamp, pages visited and basic request information recorded by the web server.
• Device and browser data: browser type and version, operating system, device model and screen resolution.
• Usage metrics: page views, click-throughs and navigation paths that indicate how the website is used.
• Cookies and similar identifiers used to remember site preferences and session state.
• Referral data: the URL of the site that directed a visitor to BizLabJura.pro and any campaign tags included in links.
• Performance and error reports that help identify and resolve technical issues affecting the site.

BizLabJura may receive or verify personal data from third-party providers when needed to deliver services, for identity verification, or when clients have authorized such sharing.

• Professional advisors and service providers: accountants, auditors, notaries and other advisors engaged to support client matters.
• Public registries and official sources: commercial registers and other public records relevant to corporate matters.
• Technology and hosting providers that process data on behalf of BizLabJura to support the website and case management functions.

Personal data is processed only for specific, explicit and legitimate purposes related to BizLabJura's advisory activities and website operations. The following list describes the primary purposes and corresponding processing activities.

• Provision of legal advisory services, including review and preparation of documents, legal research and client communications necessary to handle matters.
• Client onboarding and identity verification to confirm the identity of clients and assess conflicts of interest in line with professional standards.
• Communication and case management, including scheduling, exchanging documents and responding to inquiries about services.
• Billing, accounting and tax record keeping related to the fees and expenses for services provided to clients.
• Website operation and improvement, including analytics, security monitoring and troubleshooting technical issues.
• Compliance with legal obligations, professional rules and regulatory requests that require retention or disclosure of certain information.
• Risk management and quality control to ensure that services meet applicable professional and ethical standards.
• Providing informational materials and updates to individuals who have opted in to receive such communications, in accordance with their stated preferences.

Where applicable law requires a legal basis for processing personal data, BizLabJura relies on appropriate legal grounds depending on the activity. The most common bases used are listed below, with a brief explanation for each type of processing.

• Performance of a contract: processing necessary to provide legal advisory services and fulfill contractual obligations to a client.
• Legal obligation: processing required to comply with statutory or regulatory duties, such as record-keeping or responding to lawful requests from authorities.
• Legitimate interests: processing for purposes such as fraud prevention, security, management of client relationships and the ordinary operation of the business, balanced against the rights of the data subject.
• Consent: where specific processing activities (for example marketing communications) rely on explicit consent provided by the individual; consent may be withdrawn at any time for future processing.

BizLabJura only shares personal data with third parties when necessary to perform services, comply with legal obligations, or where the user has provided consent. Third parties are selected for their ability to meet confidentiality and security expectations.

• Service providers engaged to support business operations, such as IT hosting, document management and secure communication services.
• Professional advisors and external counsel where collaboration is necessary to address a client matter.
• Court, administrative or regulatory bodies when disclosure is required by law or by a valid legal process.
• Entities involved in a business transfer, merger or sale where data is part of the transferred assets and subject to standard confidentiality protections.
• Payment processors and banks to enable billing and business transactions related to services provided.
• Any other recipient where the data subject has provided explicit consent to such sharing.

BizLabJura implements reasonable organizational, technical and administrative measures to protect personal data against unauthorized access, disclosure, alteration and destruction. Security practices include access controls, encryption for data in transit where appropriate, policy controls governing staff access and incident response procedures designed to address data security events promptly and effectively.

• Access control and role-based permissions to limit data access to authorized personnel only.
• Secure hosting and encryption for services that transmit or store sensitive client information, combined with routine security reviews.
• Regular staff training on data handling, confidentiality and professional obligations applicable to legal advisory services.

Individuals have certain rights in relation to their personal data. Requests to exercise rights will be handled in accordance with applicable law and subject to identification and any legal exceptions that apply to legal practice records.

• Right to access: request confirmation of whether personal data is being processed and a copy of that data.
• Right to rectification: request correction of inaccurate or incomplete personal data.
• Right to erasure: request deletion of personal data where retention is not required by law and processing is not otherwise justified.
• Right to restriction of processing: request limitation of processing in certain circumstances.
• Right to data portability: where applicable, request a copy of personal data in a structured, commonly used and machine-readable format.
• Right to object: object to processing based on legitimate interests or direct marketing where applicable.
• Right to withdraw consent: where processing is based on consent, withdraw consent for future processing at any time.
• Right to lodge a complaint with a supervisory authority if an individual considers their data protection rights have been infringed.

• We collect personal data necessary to provide legal advisory services, manage client relationships and comply with regulatory obligations. Typical categories include contact details, corporate information, case documents and billing records. Processing bases include contract performance, legal compliance and legitimate interests such as maintaining service quality and preventing fraud.
• Personal data is retained only for as long as required to fulfil the purposes described, to meet legal and regulatory retention requirements in Switzerland, and to resolve disputes. Retention periods vary by data category; when retention is no longer necessary, personal data is securely deleted or anonymised.
• Access to personal data is limited to authorised personnel within BizLabJura and to external processors who perform administration, IT hosting, payment processing or compliance services under written agreements. We require processors to meet appropriate confidentiality and security standards and to act only on our instructions.
• Where transfers of personal data outside of Switzerland are required, we apply contractual safeguards and select recipients that provide adequate protection for personal data. International transfers are assessed on a case-by-case basis and documented in accordance with applicable data protection law.

If you consider that processing of your personal data by BizLabJura infringes applicable data protection law, you may lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or with another competent supervisory authority. We request that you also contact us first to allow us to address the matter directly.

BizLabJura's services are aimed at businesses and adults. We do not knowingly collect personal data of children under the age of 16. If we become aware that we have collected personal data of a child without appropriate consent, we will take steps to delete the information in accordance with applicable law.

Our website may contain links to third party websites, publications or services. BizLabJura is not responsible for the privacy practices, content or reliability of those external sites. We recommend reviewing the privacy policies of any third party before providing personal data.

We may update this privacy information to reflect changes in legal requirements, business practices or service offerings. Material changes will be communicated by posting a revised version on the BizLabJura website with an updated effective date.