top of page

Privacy Policy
 

  • Privacy Policy – EuroLegal Recovery Attorney OfficeLast updated: February 24, 2026

  • EuroLegal Recovery Attorney Office ("we", "us", "our", or the "Firm") is a law firm specializing in debt recovery, creditor rights enforcement, commercial collections, insolvency proceedings, cross-border EU recovery, and related litigation services.

  • We are committed to protecting personal data in accordance with the EU General Data Protection Regulation (GDPR – Regulation (EU) 2016/679), applicable national data protection laws, and our professional obligations as attorneys (including legal professional privilege and secrecy rules).

  • This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when:You are a client (creditor instructing us for recovery).You are a debtor or counterparty (individual or representative whose data we process in recovery matters).You visit our website, contact us, or interact with us in any other way.

  • 1. Who is the Data Controller?We act as the data controller for the personal data we process, except where we act solely as a processor on behalf of a client (e.g., in some outsourced collection activities).If you have questions or wish to exercise your rights, contact our Data Protection Officer (DPO).

  • 2. What Personal Data Do We Process?We process the following categories of personal data, depending on the context:From clients/creditors: Name, contact details, company details (if representing a business), payment information, contract/invoice details, mandate instructions, and any other data necessary to provide legal services.

  • From debtors/counterparties (often received from clients or public sources): Name, contact details, date of birth, identification numbers (where relevant), financial/debt information (amount owed, payment history), employment details, asset/location information, court/judgment records, and related correspondence.Website/contact visitors: IP address, browser/device information, cookies data (if applicable – see our Cookie Policy), name, email, phone, message content from inquiries/forms.Other: Sensitive data (e.g., health/financial details if relevant to insolvency), data from public sources (registers, courts, credit agencies), or third parties (e.g., bailiffs, correspondent firms).

  • We minimize data collection and only process what is necessary for our legal mandates.

  • 3. Sources of Personal DataWe obtain data from:You directly (e.g., inquiries, client intake).Our clients (creditors providing debtor files).Public sources (commercial registers, debt registers, court decisions, land registers, media/internet).

  • Third parties (credit agencies, bailiffs, courts, authorities, correspondent lawyers, service providers).

  • 4. Purposes and Legal Bases for ProcessingWe process personal data for the following purposes and on these GDPR legal bases:

  • Providing legal services (advice, negotiation, litigation, enforcement, debt recovery): Contractual necessity or legitimate interests – our clients' interests in recovering debts, balanced against your rights.

  • Compliance with legal/professional obligations (e.g., anti-money laundering/KYC, bar rules, court orders): Legal obligation.Managing our business (accounting, invoicing, conflict checks, file archiving): Legitimate interests or contractual necessity.Website operation and security: Legitimate interests.Marketing/communications (e.g., newsletters): Consent or legitimate interests (for existing clients/contacts).

  • Where we process special categories of data (e.g., health in insolvency cases), we rely on substantial public interest or legal claims.

  • 5. Sharing Personal DataWe may share data with:Courts, authorities, bailiffs, enforcement officers (as required for recovery/litigation).Our clients (creditors) and their representatives.Service providers (IT/cloud, accounting, translation, secure file sharing – under processor agreements).Correspondent law firms, debt collection agencies, credit agencies (in EEA or with safeguards).Insurers (professional liability).

  • We do not sell personal data.

  • 6. International TransfersData is primarily processed within the EEA. If transferred outside (e.g., to non-adequate countries), we use appropriate safeguards such as EU Standard Contractual Clauses or adequacy decisions.

  • 7. Data RetentionWe retain data only as long as necessary:Client files:

  • Typically 10 years after mandate ends (professional rules/statute of limitations).Debtor data in active cases: Until resolution + statutory periods.Website inquiries: Up to 1–2 years or as needed.We securely delete or anonymize data when no longer required.

  • 8. Your Rights Under GDPRYou have the right to:Access your data.

  • Rectify inaccurate data.Erase data (where applicable – limited in legal proceedings).Restrict processing.Object to processing (especially legitimate interests).Data portability (limited scope).Withdraw consent (where used).Lodge a complaint with your national Data Protection Authority.To exercise rights, contact our DPO. We may verify identity and respond within one month (extendable if complex).

  • 9. SecurityWe implement technical and organizational measures (encryption, access controls, secure servers, staff training) to protect data, in line with professional standards and GDPR requirements.

  • 10. Changes to This PolicyWe may update this policy. Changes will be posted here with the updated date. Significant changes may be notified directly where required.

  • 11. Contact UsFor any questions, contact our Data Protection Officer.This policy does not affect attorney-client privilege or professional secrecy obligations, which take precedence where applicable.Thank you for trusting EuroLegal Recovery Attorney Office.

bottom of page