Politique vie privée

PRIVACY NOTICE

Data Controller

Name: Vermeille & Co and Vermeille Legal Tech
Address: 11 bis rue Ballu 75009 Paris
Please address questions, comments and requests regarding this Privacy Notice to sophie@vermeille-avocats.com


 Types of personal data collected

Personal data collected through the website includes.

  • Contact details: first name, last name, email, address, contact number, profession, date of birth, place of birth, nationality
  • Technical data: usage data of the website account; logs, IP address
  • Financial data: transaction data, VAT number if applicable
  • Identifiers: ID copy
  • Contractual data: language; interest in a case; registration to a case, any other information needed for contractual purposes.


Legal basis

The following legal grounds are relied on to process personal data:

  • when specific consent has been given for one or more specific purposes
  • in relation to a contract of services or to fulfil any pre-contractual obligations.
  • to comply with legal obligations of the data controller
  • necessary for the legitimate interest of the data controller or third parties
Any use of Cookies (see Cookies statement) or other tracking tools by this website is for the purpose of providing the service requested by the user, in addition to the purpose described herein.


Details on personal data processing

Personal data is collected for contacting the user – by clicking on the registration button, you can fill out your data and consent to their use to enable a response to requests for information, quotes or any other information.


Special category of Personal Data

We will not collect or process any special category of personal data unless you have explicitly provided us with such data. The special categories of personal data concern information relating to race or ethnical origin, political opinions, religious or philosophical beliefs or other beliefs of a similar nature, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, health, sex life or sexual orientation.


Direct marketing

We will not use your Personal Data for direct marketing purposes without your explicit prior consent.

If at any time you decide not to receive any commercial or promotional information from Us, you may, free of charge and without having to provide any justification, opt-out of any direct marketing campaigns and object to the future processing of your Personal Data for such purposes by sending an email to Us at dpo@deminor.com and mention “opt-out” in the subject of your email. Alternatively, you may use the opt-out procedure provided in any promotional message you receive from Us.

Please note that opting out from receiving promotional messages from Us will not exclude you from receiving information that relates to any Contract you may have entered into with Us.


Third parties and processors

Personal data may be processed by:

  • AWS – web server, cloud storage for MyDeminor application
  • Microsoft Sharepoint – storing data downloaded from MyDeminor
  • Google – protection by reCAPTCHA
  • Google Analytics with anonymized IP (Google Ireland Limited) – tracking and examining use of websitewith anonymized IP address, compiling reports and sharing them with other services developed by Google
  • DocuSign – allowing electronic signature of contracts
  • Hubspot – allowing connection with respect to marketing, sales, content management and customer service
  • Mailchimp - sending of information on an ongoing matter to registered users
  • DRS Belgium – analyzing and validating the data, assistance in claims completion


International transfers

Your personal data is not made available to any third party unless such transfer is based on your specific consent, necessary for the performance of the contract (such as the transfer of personal data to a court, to a regulatory authority or to the adversary parties), or when such transfer of personal data is compulsory by law or by order of an administration.

European regulations are applied to any possible international transfer of personal data by implementing one of the following safeguards:

  • the country to which personal data is transferred is considered by the European Commission to provide an adequate level of protection.
  • use of standard contractual clauses approved by the European Commission.


Data security

Appropriate technical and organisational measures are put in place to prevent personal data from being accidently lost, used or accessed without authority or altered or disclosed.


Retention Period

Personal data is only kept for as long as required, under applicable legal retention rules, and/or in order to fulfil our legal and contractual obligations pursuant to a contract, and/or as long as necessary in the event of a complaint or prospect of litigation.


Users of website

This website is not intended for or directed to vulnerable persons, including but not limited to patients, children below the legal age etc. We do not knowingly collect any information from such individuals. 


Automated Decision Making

We will not make use of automated decision-making processes, except specific AI tools that donot involve the use of data in training such AI tools and do not fall under prohibited AI practices under Regulation (EU) 2024/1689. The purpose is to create output data for greater efficiency, within the basis of pre-contractual/contractual situations. Any ultimate decision-making and analysis are not automated.


Your rights

At any time, you have the right to:

  • request access to your personal data
  • rectify personal data that is inaccurate or incomplete
  • request erasure of personal data where there is no good reason to continue processing this. Please note that this may be limited by any contractual or legal obligations to which we are subject
  • object to processing for legitimate purposes if this impacts your fundamental rights and freedoms
  • request restriction of personal data if you want us to establish the data accuracy, or if our use of data is unlawful but you do not want it erased, or if you require us to hold data in order to establish, exercise or defend legal claims, or if you object to the data use, but we need to clarify whether there are overriding legitimate grounds
  • request transfer to you or a third party, only applicable to automated information
  • withdraw consent where this is the legal basis for processing, without affecting the lawfulness of such processing before the withdrawal of consent
  • make a complaint to the relevant regulator in the EU Member State of your habitual residence, your place of work, or the place of the alleged infringement


The French data protection authority (Commission nationale de l’informatique et des libertés) is located at 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 or can be contacted through https://www.cnil.fr/fr.

No fee is payable to access or exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to confirm your identity, as a security measure to ensure personal data is not disclosed to any other person mistakenly. We try to respond to all legitimate requests within one month.