RS Privacy Statement

Table of Contents

1. Why do I need to acknowledge this Privacy Statement? 

The law firm RS Law (Tech) (hereinafter also referred to as "we", "us") obtains and processes personal data concerning you or other persons (so-called "third parties"). We use the term "data" here synonymously with "personal data" or "personal information". 

In this Statement, we describe what we do with your data when you visit www.radwan-law.com, e.g. via contact form, via booking consultations and meetings, or when you engage us under a contract, or communicate with us otherwise. 

If you transmit or disclose data about other persons, such as family members, work colleagues, etc., we assume that you are authorized to do so and that this data is correct. Transmitting data about third parties is deemed authorized by the data subject in question, unless otherwise stated. Please also ensure that the third parties have been informed of this Privacy Statement. 

2. Who is responsible for processing your data? 

RS Law (Tech) with registered offices at Sckellstrasse 6, 81667, Germany and Badenerstrasse 549, 8048 Zurich, Switzerland (the "Law Firm"), is responsible for the data processing of client, partner and defendant personal data described in this Statement, unless otherwise communicated in individual cases, e.g. in further notices, on commercial or official forms or in individual agreements. 

RS Law (Tech) solely operates as an independent data controller as defined in applicable laws, regulations and court rulings. As such it is responsible for responding to requests for access, deletion, or information, and ensuring that personal data is secured as well as not used in an unauthorized manner. 

All service providers receiving and processing personal data are carefully selected and required to comply with applicable laws and regulations. Service providers are deemed so-called data processors, if not otherwise indicated. They embody a delegated responsibility not only to comply with laws and regulations applicable to data processors; they are also bound to instructions by the Law Firm and may never process personal data beyond the service relationship. Data processing agreements with each provider, including the highest standards of security measures, are entered into by the Law Firm. Each service provider is subject to routine privacy and security checks, including routine data deletion and access requests to safeguard client data. 

3. What data do we process and how long will we keep it?

Data type Description Retention period
Communication data Data exchanged with us via email, phone, chat, letter, or other channels, including your contact details and technical metadata. Usually 12 months after last contact; emails/letters kept at least 6 years; longer if required legally/contractually.
Master data Basic details needed for contracts, business, marketing, or advertising (e.g. name, contact info, role, date of birth, mandate history, powers of attorney, signature rights, consent declarations).
Sources: you, your employer, third parties, public registers, websites, social media. 		6 years from last contact or contract end; for marketing contacts typically ≤ 2 years; longer if legally required.
Contract data Contract-related information (e.g. contract terms, services, pre-contract exchanges, complaints, satisfaction feedback), including sensitive data (health data, family medical history).
Sources: you, partners, third parties, rating agencies, public sources. 		10 years from last contract activity or contract end; longer if legally required.

4. Why do we process your data? 

We use your data for the following purposes: 

I. Communication and contracts 

  • To respond to inquiries, assert your rights, and manage follow-up questions. 

  • To establish, administer, and process contractual relationships. 

  • We mainly use communication, master, and contract data (sometimes registration data). 

  • Data is also retained for documentation, quality assurance, training, and follow-ups. 

II. Legal compliance 

  • To meet legal, regulatory, and internal obligations (e.g. health and safety, anti–money laundering, tax reporting, “Know Your Customer” checks). 

  • May include archiving, monitoring communications, investigating violations, handling complaints, or cooperating with authorities. 

  • Relevant data: master, contract, communication, behavioral, and other necessary data. 

  • Obligations may arise under Swiss, European, and US laws and regulations, as well as under industry standards, corporate governance, or regulatory requirements. 

III. Internal processes and protection of rights 

  • For training, administration (e.g. accounting, IT management, data archiving), and continuous improvement. 

  • To enforce or defend legal claims in Switzerland, Europe, and the US, preserve evidence, or support investigations. 

  • May include use of recordings (e.g. video conferences) for training or quality assurance. 

  • Also for safeguarding other legitimate interests that cannot be exhaustively listed. 

5. On what basis do we process your data? 

We share personal data with service providers in Switzerland and abroad who process data on our behalf or under joint responsibility, or who receive data under their own responsibility. These include IT providers, shipping companies, advertising providers, login services, banks, insurers, debt collectors, credit agencies, and address verification services. 

We may also disclose personal data to courts, regulators, and other authorities in Switzerland, Europe, and the United States when we are legally required or entitled to do so, or when it is necessary to protect our interests. This may include sensitive data. 

6. Is your data transferred abroad? 

Yes. Your data may be processed not only in Switzerland but also in Europe and the United States - applicable safeguards for any cross-border data transfers are implemented. 

7. How long do we process your data? 

We process your data for as long as it is needed to fulfill the purposes described, to meet statutory retention obligations, or to safeguard our legitimate interests, such as documentation and evidence. Once these reasons no longer apply, your data will be deleted or anonymized, unless legal or contractual obligations require longer storage. 

9. What rights do you have? 

Depending on the applicable law, you may have the following rights: 

  • to request information about whether and which of your data we process, 

  • to correct inaccurate data, 

  • to request the deletion of your data, 

  • to receive your data in a commonly used electronic format or have it transferred to another controller, 

  • to withdraw consent where processing is based on consent, 

  • to request further information necessary to exercise your rights, 

  • to object to processing, especially for direct marketing or profiling, 

  • to request human review of automated decisions. 

To exercise your rights, please contact us by email. 

8. How do we protect your data? 

We apply appropriate technical and organizational measures to protect confidentiality, integrity, and availability of your data. These measures include encryption, pseudonymization, backups, access restrictions, logging, employee training, confidentiality agreements, and security monitoring. Data transmitted via our online contact form and booking page is encrypted in transit. We also require our service providers to apply adequate protections. 

11. We do not sell your data. 

We do not sell your personal information as defined under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This means we do not exchange your personal data for money or other valuable consideration. 

We also do not share your personal information for cross-context behavioral advertising. If in the future we were to engage in such activities, we would inform you in advance and give you the right to opt out. 

California residents continue to have the right to know what categories of personal information we collect, use, and disclose, as well as the right to request access, correction, deletion, and limitation of the use of sensitive personal information, in accordance with the CCPA/CPRA. 

10. Do we use tracking and online advertising? 

We use technologies on our website that help us and selected third parties recognize and distinguish users. This allows us to ensure website functionality, carry out evaluations, and personalize services. 

Cookies are small codes stored on your device to recognize you when you return. In some cases, we also use “fingerprinting,” which combines details such as your IP address, browser type, and device settings to create a unique identifier. Third-party providers, such as advertising or analytics partners, may also use these technologies. 

Where required, we will ask for your consent before using such tools. 

12. Can this privacy policy change? 

es. This notice may be updated at any time. The latest version is always available on our website. Where necessary, we will inform you of significant changes or new processing purposes in advance. We may also provide additional information in contracts, consent forms, or separate notices. 

For privacy-related concerns, you can contact us at info@radwan-law.com

13. Complaints and supervisory authorities 

If you believe that the processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with your local data protection authority. 

In particular, you may contact the following supervisory authorities depending on your location: 

You may also request more information directly from these authorities. 

Last update: Sept. 15, 2025