LAST UPDATED: JUNE 2016
A. WHO ARE WE?
This website at CMS.law (the “Website”) is owned and operated by CMS Legal Services EEIG, for the benefit of all CMS Member Firms and their connected businesses (the “CMS Offices”).
Please see the Legal Information page for information about the CMS Offices that operate in each country.
CMS Legal Services EEIG, and where permitted by applicable law the CMS Offices, are data controllers of the personal information collected on this Website.
CMS Legal Services EEIG is a European Economic Interest Grouping that coordinates CMS Member Firms. It has its head office at: Neue Mainzer Straße 2–4, 60311 Frankfurt, Germany. The contact email address for CMS EEIG is: [email protected]. Its contact telephone number is: +49 69 717 010, its Ust-ID is: DE 257 695 176 and it is registered on Handelsregister A in Frankfurt am Main with the registration number: HRA 44853.
CMS Legal Services EEIG provides no client services. Such services are solely provided by CMS Offices in their respective jurisdictions.
“Personal Information” is information about you which can be used alone, or combined with other information, to identify you personally.
C. HOW, WHEN AND WHY DO WE COLLECT AND USE PERSONAL INFORMATION?
We will only collect, use and otherwise handle your Personal Information on the Website when:
• it is necessary for our legitimate interests in connection with operating the Website, in particular:
- responding to your queries;
- carrying out direct marketing;
- providing services and/or information to you;
- transmitting Personal Information between CMS Offices for internal administrative purposes;
- hosting and maintaining our Website;
- providing technical support to you;
- preventing and detecting fraud and other criminal offences; and/or
- ensuring network and information security,
as long as, in each case, these interests are in line with applicable law and your legal rights and freedoms;
• where you have agreed to this for specified, explicit and legitimate purposes; and/or
• where this is necessary for legal obligations which apply to us.
2. How we use Personal Information that you provide to us
• Contact Forms - we may collect your Personal Information which you choose to provide when you fill in forms on our Website. This may include, for example, your name, position, company, contact details (such as business email, telephone number and business address) and your personal preferences, choices and requirements specific to particular requests or services. We may use this Personal Information to respond to your queries, and/or provide the services and/or information that you have requested.
• Marketing – where you have provided us with your contact details, we may contact you by telephone or by post for marketing purposes relating to our services, our Website, and/or to research opinion on proposed legal or business developments where legally permitted to do so, unless you let us know that you do not want to receive this type of marketing. We will only contact you for these marketing purposes by electronic means (email or SMS) where you have agreed to this. Your agreement to the use of your Personal Information for these purposes is optional and if you fail to provide your agreement, your visit to and use of the Website will not be affected.
We may also use any Personal Information that you provide to us:
• where legally permitted for specific purposes made clear at the point of collection on particular pages of our Website; and/or
• where we otherwise have legal grounds for collection and use of your Personal Information as explained in more detail above.
If you choose not to provide Personal Information requested by us, we may not be able to provide you with the information and/or services you have requested or otherwise fulfil the purpose(s) for which we have asked for the Personal Information. Aside from this, your visit to the Website will remain unaffected.
4. Information from other sources
Where permissible under applicable local laws, we may combine information that you have provided to us with other information that we already hold about you and which we have collected for a compatible purpose.
D. HOW AND WHEN DO WE SHARE INFORMATION WITH THIRD PARTIES?
Some services that we provide require the involvement of third parties. We have carefully selected these third parties and taken steps to ensure that your Personal Information is adequately protected.
1. Google Analytics
This Website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics works using cookies.
Google Analytics cookies collect your IP address, however because IP anonymisation is used on this Website, your IP address will be shortened (and therefore anonymised) as soon as technically possible and before it is stored or otherwise used in connection with Google Analytics.
The anonymisation process takes place within the European Union or the European Economic Area, except in exceptional cases, where your full IP address may be sent to a Google server in the U.S.A. and shortened there.
We use the information collected by Google Analytics cookies to find out about how visitors use our Website.
The IP address sent by your browser in connection with Google Analytics will not be combined by Google, with other data.
You can also opt-out of Google Analytics by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
2. Sharing within CMS and to Service Providers
When a CMS Office intends to use your Personal Information for a new purpose, they will let you know about this.
We will let you know if we need to transfer your Personal Information to any third party service providers located outside of the EEA.
3. Sharing with other third parties
We may also provide your information to other third parties such as regulators and law enforcement agencies, where we are required by law to do so, where necessary for the purposes of preventing and detecting fraud, other criminal offences and/or to ensure network and information security.
E. INTERNATIONAL TRANSFERS
The transfer of your Personal Information to and between CMS Firms may involve your Personal Information being sent outside of the EEA, to locations that may not provide the same level of protection as those where you first provided the information.
However, we will only transfer your Personal Information outside of the EEA:
• where the transfer is to a place that is regarded by the European Commission as providing adequate protection for your Personal Information; or
• where we have put in place appropriate safeguards, for example by using a contract for the transfer which contains specific data protection provisions that have been adopted by the European Commission or a relevant data protection authority. You can request a copy of these contracts by contacting us at: [email protected]; or
• where you have consented to this, or there is another legal basis on which we are entitled to make the transfer. Full details of the locations of the CMS Offices are listed here.
F. HOW LONG DO WE STORE PERSONAL INFORMATION?
Our Website is hosted on servers in the EEA. We employ appropriate security measures to help protect your Personal Information and guard against access by unauthorised persons. Information storage is on secure computers in a locked and certified information centre and information is encrypted wherever possible. We undergo periodic reviews of our security policies and procedures to ensure that our systems are secure and protected. However, as the transmission of information via the Internet is not completely secure we cannot guarantee the security of your information transmitted to our Website.
I. YOUR RIGHTS
If you wish to:
• access, confirm, correct, rectify, update, supplement, anonymise, block, restrict or delete your Personal Information;
• object to our use of your Personal Information;
• if you have any questions about our processing of your Personal Information; or
• if you would like to transfer your Personal Information from us to another person or business,
please contact us.
We will provide you with all rights in relation to your Personal Information to which you are entitled under applicable law. If you are unhappy with the way that we have handled your Personal Information, you can make a complaint to the authority responsible for data protection in the country that you are based. Contact details are typically available online, or alternatively your may ask us for assistance.
L. COUNTRY SPECIFIC PROVISIONS
CMS provides client services in Mexico through the law firm Woodhouse Lorente Ludlow, S.C., with its address at Paseo de la Reforma 115, Piso 15, Colonia Lomas de Chapultepec, C.P. 11000, Mexico, Distrito Federal, acting in cooperation with CMS Cameron McKenna LLP. Full contact details for this office can be found here.
If the processing of your personal information falls under Act CXII of 2011 of Hungary on the Right of Self-Determination in Respect of Information and the Freedom of Information (“Info Act”), you may request from CMS as data controller (i) access, (ii) correction or amendment of your personal information or (iii) the blocking or erasure of your personal information save for personal information subject to mandatory data processing. In cases defined in Section 21 of the Info Act, you may object to the processing of your personal information. When the rights related to your personal information are breached, you may turn to the Hungarian Data Protection Supervisory Authority (Nemzeti Adatvédelmi és Információszabadság Hatóság, H-1125 Budapest, 22/C Szilágyi Erzsébet fasor; telephone: +36-1+391-1400; telefax: +36-1-391-1410; e-mail: [email protected]) applying for an investigation, or to the competent court. The detailed rights and remedies are set out in the sub-chapters 13-17 and sub-chapter 30 of the Info Act. The legal basis of the processing of your personal data is your voluntary consent. Pursuant to Section 6 (5) of the Info Act, in certain cases, the personal information may be processed for the legitimate interest(s) of CMS, even without specific consent to the processing; in addition, in such case, the personal information may be processed even after the withdrawal of the affected person’s approval. Upon request, CMS can provide further information on such data processing purposes. CMS will retain the personal information until the end of the period of limitation pertaining to any possible claims in connection with the data processing under the relevant laws and agreements. Persons being in charge of the relevant legal and administrative tasks may have access to the personal information.
CMS provides client services in Italy through offices in Rome (Via Agostino Depretis, 86 - 00184 Rome; T: +39 06 47 81-51; F: +39 06 48 37-55; and Milan (Galleria Passarella - 120122 Milan; T: +39 02 89 283-800; F: +39 02 48 01-2914) both operated by the CMS Member Firm, CMS Adonnino Ascoli & Cavasola Scamoni (“CMS AACS”), VAT/P.IVA n. 01088071004. Further information about CMS’s presence in Italy can be found here.
CMS AACS will process your Personal Information, acting as data controller, for the purposes specified in paragraph C(1) above. Your Personal Information will be processed both manually and by electronic means, by implementing adequate security measures.
Where you have provided CMS AACS with your contact details, we may contact you by telephone, by post or by electronic means (email or SMS) for marketing purposes relating to our services, our Website, and/or to research opinion on proposed legal or business developments, provided that you have given your consent. Your agreement to the use of your Personal Information for these marketing purposes is optional and if you fail to provide your agreement, your visit to and use of the Website will not be affected. You are entitled to opt-out from receipt of marketing communication at any time and free of charge, with the modalities specified in paragraph C(2) above or by sending an email to address [email protected], also in a selective manner (e.g. by opting out only from receipt of SMS).
Your Personal Information may be accessed by CMS AACS’s employees working in the administrative or marketing departments, as well as by CMS AACS’s partners, associates and trainees. Your Personal Information may be shared with external services providers (e.g. marketing companies), acting as data processors on behalf of CMS AACS, as specified in paragraph D(2) above. Without prejudice to paragraph D(3) above, your Personal Information will not be communicated to other third parties nor disseminated.
You may exercise the rights mentioned in paragraph I above or obtain a list of our data processors, by registered letter to the address “CMS Adonnino Ascoli & Cavasola Scamoni - Via Agostino Depretis 86 – 00184, Roma, Italy” or by email to the address [email protected].