1. Professional Secrecy
Erya operates as a law firm (“cabinet d’avocat”) governed by French professional and ethical rules applicable to registered lawyers (“avocats”). All information entrusted to the Firm, including personal data, is protected by legal professional secrecy (secret professionnel de l’avocat) as defined under French law and the Règlement Intérieur National (RIN) of the legal profession. This protection and subsequent obligations apply to all matters handled by the Firm and extends to any data processed in the context of client representation, advisory work, or pre-contractual exchanges.
2. Scope and Purpose
This Privacy Policy describes how Erya (“the Firm”, “we”, “our”) processes data collected through its professional activities and through its website. The Firm only collects and processes limited personal data, necessary for the identification and contact information relating to representatives, beneficial owners, or other relevant persons acting on behalf of the Firm’s professional clients (legal entities). No sensitive or unnecessary personal data is collected. The Firm is committed to ensuring the highest level of protection for personal data in compliance with the EU General Data Protection Regulation (GDPR) and applicable French professional standards.
3. Overview of Processing Activities
| Purpose of Processing | Legal Basis | Data Collected | Retention Period |
|---|---|---|---|
| Client identification and verification (AML/CTF) | Legal obligation (Art. 6(1)(c) GDPR – Code monétaire et financier) | ● Legal entity identification data ● Directors and Beneficial owners identification data (personal data) | 5 years after end of relationship |
| Client contact and relationship management | Legitimate interest (Art. 6(1)(f) GDPR) | Client representatives contact details (potential personal data) | Duration of mandate + 10 years |
| Communication and professional updates | Legitimate interest (Art. 6(1)(f) GDPR) | Name, email, professional role | Until unsubscription or end of professional relationship |
| Website and cookies | Legitimate interest (Art. 6(1)(f) GDPR) | Only strictly necessary cookies (e.g. session test cookie) are used*. | Session cookies deleted when the browser is closed |
4. Data Hosting and Transfers
Client identification and verification data may be transferred to competent authorities as required by law; under the conditions and protections applicable to the activity of French registered lawyers (“avocats”).
Erya’s operations rely on third party providers to host and secure access to clients data, as described below.
| Hosting / Processor | Purpose | Location / Safeguards | Notes |
|---|---|---|---|
| Microsoft Cloud Services (EU region) | ● Storage of emails and documents received from and sent to Clients, ● Backups | EU datacentres with: ● GDPR DPA in place; ● Audited cybersecurity and data access protocols | Clients may request isolated alternative processing environment. |
| Accounting SaaS | Invoice and client accounting management information | EU-based service provider ● Contractual confidentiality; ● GDPR-compliant processor | Administrative data |
| OVH (website host) | Website hosting and maintenance | EU-based; contractual confidentiality; limited technical access | Technical data only (no client data) |
5. Data Subjects’ Rights
| Right | Description | How to Exercise |
|---|---|---|
| Access | Obtain a copy of personal data processed | Contact DPO |
| Rectification | Request correction of inaccurate or incomplete data | Contact DPO |
| Erasure | Request deletion where legally permissible | Contact DPO |
| Restriction / Objection | Limit or object to processing in specific circumstances | Contact DPO |
| Complaint | File data management related complaints | Contact DPO or CNIL – 3 place de Fontenoy – 75007 Paris |
6. Data Protection Officer
Erya Legal has appointed a Data Protection Officer (DPO) who can be contacted for any inquiry or request regarding data processing:
📧 dpo@erya-legal.com
7. Updates
This Privacy Policy may be updated periodically to reflect legal, technical, or organisational developments. The latest version is always available on our website.