Privacy Notice

Last update: 25 July 2024

This privacy notice (Privacy Notice) describes how Kanto Representation Services Limited (Kanto or we) collects and processes your personal information through our website www.kantolaw.com (Website), services and any other activities that reference this Privacy Notice (together, Services). This Privacy Notice applies to Kanto as detailed in section 1 below, where we are acting as a data controller; in other words, where we determine the purposes and means of the processing of your personal data (excluding employees, non-employee workers, and job applicants).

If you are not willing for Kanto to use your personal information as set out in this Privacy Notice, please do not use any of our Services. You are not legally required to provide us with any personal information, but without it we will not be able to provide you with our Services.

We may modify this Privacy Notice from time to time; the date of the most recent version will appear on this page. We will notify you of any material changes to this Privacy Notice if required to do so. Please check back regularly to see any updates or changes to our Privacy Notice.

Our Services may contain links to websites or services not controlled by us (third-party services). Such third-party services are provided by other persons, and their data processing practices may differ from ours; we encourage you to read the privacy notices of such third parties to be aware of how they use personal information.

If you have any questions or concerns about our use of your personal information, feel free to contact us.

1. Who we are and how you can contact us

Who we are:

We are Kanto Representation Services Limited, with our principal place of business at Unit 4 First Floor, 84 Strand Street Skerries Co, Dublin, K34VW93, Ireland.

How to contact us:

Please contact us at info@kantolaw.com. 

2. Information we process and how we collect it

2.1 Information you give us

We receive and store any information you provide in relation to our Services. When you make inquiries about or purchase our services, contact us, register an account with us, subscribe to our newsletters, or otherwise consult with us, we may collect and process such information as name, surname, contact details, addresses, date of birth, identification documents, your job role, and job-related information, such as employer’s name, phone, email, compliance-related information, and all kinds of information from correspondence, contacts, and interactions with us in relation to our Services.

2.2 Information we receive from other sources

Generally, if we process your personal information, we collect it directly from you. In some cases, we may receive information about you from other sources, such as service providers, business partners, or publicly available sources (e.g. Internet). Typically, the information obtained from other sources is limited to your contact information, such as your name, email address, postal address, your job role, to the extent we have not received this information from you directly.

We process this information as required for our professional communication, performing our Services and auxiliary tasks associated with the Services you requested from us.

2.3 Automatic information

When you use our Website or contact us through electronic means, we may automatically collect such information as Website user or your electronic account information, including user journeys, IP address, browser type and version, time zone setting and cookie tracking.

Cookies and other similar technologies: We may use cookies and other similar technologies. A cookie is a small piece of data (text file) that a website when visited by a user asks your browser to store on your device to remember information about you, such as your language preference or login information. Web beacons are small graphic files linked to our servers that allow us to track your use of our Website and related functionalities. These technologies allow us to serve you better and more efficiently, and to personalise your experience on our Website.

Those cookies that are set by us are called first party cookies. We may also use third party cookies, which are cookies from a domain different than the domain of the website you are visiting. We use both session and persistent cookies and related technologies, of different types, including necessary, functionality, analytical/performance, and targeting/advertisement cookies.

You can find a list of our cookies and their details here: link to our cookie description OR insert cookie description.

If you would like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser. You can also use our Cookie Consent Management tool to change your settings in respect of cookies and related technologies.

2.4 Special categories of personal information

Such personal information as ethnicity, religious and political opinions, information relating to your health or sexual life has a higher degree of legal protection. Such information is broadly known as special categories of personal information or sensitive data. We do not knowingly collect special categories of personal information.

2.5 Children

None of our Services are intentionally directed to and intended for use by people under the legal age as defined by applicable laws and regulations. We do not knowingly collect personal information from any person below the legal age. If you have any reason to believe that a minor has shared any personal information with us, please contact us as set forth in section 1.

3. What we do with your personal information

We process your personal information for specific purposes. Also, we may need to have specific grounds – also known as legal bases – to process your personal information.

We will use your personal data in the following circumstances:

  • Contract and your requests: where we need to perform the contract, we are about to enter into or have entered into with you. For example, when we perform our representative services to you, or where we take steps as requested by you, including to respond to your questions, inquiries, or requests that you have for us.
  • Legitimate interest: where it is necessary for our legitimate interests or those of a third party and your interests and fundamental rights do not override those interests. Our legitimate interest will include for example, customer service purposes, market research purposes, marketing purposes and appropriate controls to ensure our Website, processes and procedures are running effectively.
  • Legal requirements: we may use your personal information when we are obliged to meet legal requirements – for example, we have to comply with our obligations as your representative. This will also include maintaining records, compliance checks or screening (e.g. anti-money laundering, fraud and crime prevention and detection, trade sanctions and embargo laws) for compliance purposes.
  • Consent: generally, we do not rely on consent as a legal basis for processing your personal information. With your consent, we may process personal information for specific purposes, explained at the time of consent. At any time, you have a right to withdraw your consent – the easiest way to do so is to email us at email.
  • Marketing: we may send you marketing communications in accordance with applicable data protection laws, if you have requested information from us or purchased our services and in that instance, you have not opted out of receiving that marketing. We will get your express opt-in consent before we share your personal information with any third-party company for marketing purposes. You can opt-out or withdraw your consent at any time.
  • Other reasons: we will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.  If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

4. Who we share your personal information with

Personal information processed by Kanto is held confidentially and is not shared with third parties, with exceptions outlined below.

Depending on the circumstances of the case, the third parties listed below may process personal data on behalf of Kanto (’data processors’) and are therefore under the legal obligation to ensure the same level of security and confidentiality in carrying out their processing operations as Kanto does.  Kanto has in place legally binding agreements with data processors that detail these obligations and respective responsibilities.

Depending on the circumstances of the case, the third parties listed below may be controllers of personal data, where they determine the purposes and means of processing. In that case they are legally responsible for the protection of your personal data in respect of the processing activities that they carry out with your data. Where the purposes and means of processing are jointly determined with Kanto, we have in place legally binding agreements which outline these obligations and respective responsibilities.

  • Concerned parties, including supervisory authorities: as required to our contract with you or fulfil our obligations under your mandate, we may share personal information with data subjects, with third-party companies that pertain to your group of companies, and with relevant supervisory authorities, where such sharing is necessary. Such information may be analysed by relevant parties and shared back to us.
  • Public authorities in general: we may disclose your personal information when we are legally required to do so. In such cases we may share your personal information with various public authorities in response to lawful subpoenas, court orders, or other legal processes, to establish, exercise, or protect our legal rights or prevent fraudulent activities, to defend legal claims, or as otherwise required by law.
  • Professional consultants: we may share your personal information with lawyers, auditors, or advisers in relation to our business processes.
  • Service providers: we use third parties such as service providers and suppliers in order to perform our functions as outlined above. These third parties in particular process personal information on our behalf and we have in place specific arrangements which are mandated by applicable data protection laws.
  • Kanto Group: we may share personal information with the companies that are affiliated with Kanto, primarily for business and operational purposes, such as where necessary to provide you with the services requested by you.
  • Business transactions: if we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of our assets, your personal information will likely be among the assets transferred.

5. Where, when, and how we store your personal information

5.1 Place. We are based in Ireland, and our Website is primarily operated and managed on servers located in Switzerland. Your personal information may be collected, transferred to, stored, and processed in the European Union, Switzerland, and the UK or other countries where we have facilities or engage service provider. This may involve countries outside of your own, including those that may not provide the same level of protection for personal information. If we transfer your personal information internationally, we do so in accordance with applicable data protection laws.

5.2 International Transfers. If you reside or are located within the European Economic Area, United Kingdom, Switzerland, or a similar region with comparable protections, and data transfers occur, we take appropriate measures to ensure your personal information receives an equivalent level of protection. This includes ensuring that the recipient is bound by Standard Contractual Clauses to safeguard your personal information.

5.3 Duration. We keep your personal information only for as long as necessary for the purposes outlined in this Privacy Notice. The duration of retention depends on the specific purposes for which we collect and use the information, as well as any legal requirements to establish, exercise, or defend our legal rights.

If you request deletion of your personal information, we may retain minimal necessary information about you for the period required to comply with our legal obligations, resolve disputes, or enforce our agreements.

5.4 Security. We use a variety of technical and organisational security measures to protect your personal information from unauthorised access, disclosure, destruction, or loss in accordance with applicable data protection laws. For example, we use data encryption, firewalls and virus protection programs. We also have roles and authorisation controls.

6. Your data protection choices and rights

Under data protection laws, you may have specific rights in relation to our processing of your information, such as the right to access, rectify, object to, or complain about the processing and request your data erasure or blockage. Data subject rights may be subject to exemptions under applicable data protection laws. If you make a request, generally, we have one month to respond to you. Please, contact us (see section 1 above) if you wish to make a request in relation to your rights and choices.

If you reside or are located in the European Economic Area, United Kingdom, Switzerland, or other region that offers similar protections, you have the right to:

  • request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of the specific pieces and categories of personal data.
  • request rectification of your personal data: this right entitles you to have your personal data corrected if it is inaccurate or incomplete.
  • object to the processing of your personal data: this right entitles you to request that we no longer process your personal data.
  • request erasure or deletion of your personal data: this right entitles you to request the erasure or deletion of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
  • request restriction of the processing of your personal data: this right entitles you to request that we process your personal data only in limited circumstances, including with your consent.
  • request portability of your personal data: this right entitles you to receive a copy (in a portable and, if technically feasible, readily usable format) of your personal data, or request us to transmit such personal data to another data controller.
  • be informed about automated decision-making: we do not undertake any automated decision making within the meaning of those activities under data protection laws.
  • withdraw at any time your consent if our processing of your personal data or part thereof is based on your consent: in this case we will cease any further processing activities of your personal data or the relevant part thereof (however such withdrawal will not affect the legality of the data processing activities prior to the withdrawal)

Also, you have the right to lodge a complaint regarding our use of your personal data. You can contact the Data Protection Commission of Ireland here at any time. Please tell us first, and we will address your concerns.