Privacy Policy

1. Data Protection at LegalForITUp

At LegalForITUp, protecting your personal data is fundamental to our business ethics and professional obligations as legal service providers. This Privacy Policy outlines our comprehensive approach to data protection, detailing what information we collect, how we process it, and your rights under applicable data protection laws. As IT legal specialists, we understand the critical importance of data protection and implement the highest standards of data security and privacy.

Our privacy practices comply with the General Data Protection Regulation (GDPR), the Swiss Federal Data Protection Act (FADP), and other relevant data protection regulations applicable to legal service providers.

2. Controller Information and Contact Details

The controller responsible for processing personal data in connection with our IT legal services is:

LegalForITUp
Hardstrasse 235
8005 Zürich
Switzerland

Email: privacy@LegalForITUp.com
Phone: +41 44 587 69 32
UID: CHE-873.069.645

3. Categories of Personal Data We Process

  • Client identification and contact information (name, address, email, phone number)
  • Professional and business information (company details, role, industry sector)
  • Legal matter details and case-specific information
  • Technical and IT infrastructure information for legal assessments
  • Contract and agreement details
  • Payment and billing information
  • Communication records and legal correspondence

4. Purposes of Data Processing

  • Provision of IT legal services and consultations
  • Contract preparation and execution
  • Legal compliance assessments and documentation
  • Client communication and case management
  • Billing and accounting purposes
  • Legal updates and service information (with consent)
  • Quality assurance and service improvement

5. Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Performance of legal service contracts (Art. 6(1)(b) GDPR)
  • Compliance with legal obligations (Art. 6(1)(c) GDPR)
  • Legitimate interests in providing legal services (Art. 6(1)(f) GDPR)
  • Your explicit consent where required (Art. 6(1)(a) GDPR)

Additional requirements under Swiss law, including the FADP, are also observed.

6. Professional Confidentiality and Data Protection

As legal professionals specializing in IT law, we maintain strict confidentiality standards:

  • Attorney-client privilege protection for all legal communications
  • Strict access controls and data segregation measures
  • Regular security audits and compliance assessments
  • Encrypted communication channels for sensitive information
  • Secure document management systems
  • Staff training on confidentiality and data protection

7. Technical and Organizational Security Measures

We implement state-of-the-art security measures to protect your data:

  • End-to-end encryption for data transmission
  • Multi-factor authentication systems
  • Regular security updates and penetration testing
  • Secure data centers in Switzerland
  • Comprehensive backup and disaster recovery plans
  • Physical security measures for office and IT infrastructure

8. Data Retention and Deletion

We retain personal data only as long as necessary for our services or as required by law:

  • Legal case files: 10 years after case completion
  • Contract documentation: Duration of contract plus 10 years
  • Communication records: 5 years after last contact
  • Billing information: 10 years (legal requirement)

9. Your Data Protection Rights

Under GDPR and Swiss law, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authorities

10. International Data Transfers

For international data transfers, we ensure appropriate safeguards:

  • EU Standard Contractual Clauses
  • Swiss-specific data transfer agreements
  • Data processing agreements with service providers
  • Regular assessment of transfer mechanisms

11. Updates to Privacy Policy

We regularly review and update this Privacy Policy to reflect changes in our practices and legal requirements. The current version is available on our website.

Material changes will be communicated directly to affected clients and through our website.

Last updated: January 2025