Privacy Policy
Last updated: 31 January 2021


OVERVIEW

This Privacy Policy describes how Kesarev, all Kesarev entities, (all together the “Firm”) collects, uses, shares and otherwise processes Personal Data (defined below) about:

Contact persons for our clients and/or prospective clients

Contact persons for suppliers of goods and services to the Firm

Visitors to our websites, mobile apps and other online properties (each, a “Site”)

Any other individuals whose Personal Data the Firm obtains

In this Privacy Policy, “Personal Data” means information that (either in isolation or in combination with other information the Firm possesses) enables you to be identified as an individual or directly or indirectly recognized.

The words “Firm” or “we”, “us” and “our” used in this Privacy Policy refer to Kesarev acting as the controller of your Personal Data.

The contact details of the Firm, its entities and affiliates in different jurisdictions may be found here, or please contact our special designated officer:

Name: Evgeny Roshkov
Address: Flottwellstr. 28, Berlin 10785, Germany
Phone: + 49.30.92-03-62-04
Email: info@kesarev.com


CHANGES TO OUR PRIVACY POLICY

Any changes we might make to our Privacy Policy in the future will be posted on this page (see the “last updated” date displayed at the top). We will obtain your consent to any material changes if and when this is required by applicable data protection laws.

GENERAL

Unless we specifically state otherwise, the Firm is the data controller of the Personal Data we process, so is responsible for ensuring that the systems and processes we use are compliant with the data protection laws in as far as they apply to us.

The Firm's personnel are required to comply with this Privacy Policy and associated Firm policies when handling Personal Data and must also undergo data protection training appropriate to their role.

PERSONAL DATA COLLECTION

The Firm collects Personal Data from a number of sources, either directly from data subjects or from clients, colleagues and publicly available sources.

If the Firm receives data from its clients about employees, customers or other individuals, the client is responsible for ensuring that any such data are transferred to us in compliance with the applicable data protection laws.

The Firm collects the following categories of Personal Data about clients, prospective clients, suppliers, website visitors and other third parties:

  • Basic data: name, gender, title, organization, job responsibilities, telephone number, postal address, email address, contact details, social media links and interests.

  • Client service data: Personal Data received from clients regarding employees, customers or other individuals known to clients, invoicing details and payment history, and client feedback.

  • Marketing data: data about an individual’s participation in conferences and in-person seminars, credentials, associations, product interests and preferences.

  • Transaction data: Personal Data contained in documents, correspondence or other materials provided by or relating to transactions conducted by our clients.

  • Compliance data: state registration/tax identifiers, beneficial ownership and due diligence data. Registration and contact forms: event/seminar registrations, newsletter requests, subscriptions, downloads and username/passwords.

  • Job applicant data: data provided by job applicants or others on our Sites or by offline means in connection with job vacancies, which might also be subject to an additional relevant local recruitment privacy policy.

  • Device data: when applicable, internet protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our website (Usage Data).

PERSONAL DATA USE

The purposes for which we use Personal Data and the legal basis for doing so are as follows:

  • to perform our obligations under our contracts with our clients, particularly to provide advice and respond to enquiries;

  • to identify (potential) clients, their economic beneficiary, persons acting for them and their authorization before or upon establishment of the client relationship and carry out a comparison with sanctions lists;

  • to perform a conflict check in order to avoid conflicts of interest before establishing a client relationship;

  • to prepare for the client relationship, particularly for pre-contractual correspondence in preparation for offers and cost estimates;

  • to ensure proper internal administration, including maintaining reference files and operation of IT systems for administrative purposes;

  • to ensure documents are kept properly in order to meet statutory, professional, commercial and tax law retention obligations and for evidence purposes for any establishment, exercise or defense of legal claims;

  • to comply with other compliance requirements and to prevent money laundering and/or fraud

  • to conduct relevant marketing, such as providing clients and prospective clients with information about events or services that might be of interest to them;

  • to make our websites user friendly;

  • to protect the security and effective functioning of our website and information technology systems, in particular to detect and prevent fraud, other crimes and misuse of our websites;

  • to consider individuals and suppliers for employment and contract opportunities, and manage on-boarding procedures.

PERSONAL DATA SHARING

The Firm may share Personal Data with the following categories of recipient:

  • our entities and affiliates, each of which may share Personal Data with other affiliates in order to provide you with services and in order to administer our relationship with you (e.g., invoicing, marketing) or otherwise as required for the above purposes;

  • suppliers and service providers to enable them to perform functions on our behalf and on our instructions in order to fulfil the above purposes. These include but are not limited to infrastructure and IT service providers, third party consultants, and providers of external conference and event venues;

  • financial institutions in connection with invoicing and payments;

  • corporate purchasers to the extent permitted by law as part of any merger, acquisition, sale of the Firm’s assets, or service transition to another provider, as well as in the event of insolvency, bankruptcy etc.;

  • for the purposes of mandatory disclosures and legal claims in order to comply with the Firm's tax reporting obligations, comply with any subpoena, court order or other legal process, to comply with a request from our regulators, a government request or any other legally enforceable demand, to establish or protect our legal rights, property, safety, or the rights, property or safety of others, or to defend against legal claims.

Our service providers are bound by written contract to process Personal Data provided to them only for the purpose of providing a specific service to us and to maintain appropriate security measures to protect your Personal Data.

REGISTRATION AND CONTACT FORMS

To register for our events, to receive newsletters and to deal with your request, we process your personal data provided by you in our registration, subscription and contact forms. These forms are only meant for people aged 18 and over.

The legal basis for such processing is your consent is, when applicable, Art. 6 (1) (a) GDPR and/or other relevant regulation in other jurisdictions where we present. We are supported in the management of our contact form by our IT service providers who may, under circumstances, have access to this data. The duration of storage depends on the contents of your request, which basically means that the data can only be deleted once the respective purpose for which you contacted us has been fulfilled. To the extent that the data is subject to statutory retention requirements, it will be stored for the duration of the prescribed statutory retention period.

Please note that without providing the data that is necessary to allow us to get in touch with you and to understand and deal with your request, it will not be possible to deal with your request. The provision of further data is optional.

You can revoke your consent for the processing of the data provided at any time, with effect for the future.

PERSONAL DATA PROCESSING WHEN VISITING THE WEBSITE

When you visit our website, we collect the data technically required for displaying it to you. This involves personal data transmitted automatically by your browser to our server, including: the type and version of your browser, the operating system used, the referrer URL, the hostname of the accessing computer, the time of the server enquiry and the IP address (Art. 6 (1) (b) GDPR, if applicable).

In this process, we receive support from our technical service providers, who may, under certain circumstances, have access to these data.

The aforementioned data are recorded and used to protect against illegal use or attempts to attack our web server (Art. 6 (1) (f) GDPR, if applicable). We do not use these data to create user profiles. You may object, at any time, to your personal data being used for this purpose, with effect for the future.

RETENTION PERIOD

We retain Personal Data only for as long as there is a legitimate reason or other legal grounds to do so, and will keep these under review. If there is no longer а legitimate reason or legal grounds for the data to be retained, we will erase the Personal Data securely or, in some cases, anonymize them.

CROSS-BORDER DATA TRANSFERS

While sharing information, we transfer Personal Data to other jurisdictions as necessary for the above purposes, including to jurisdictions that might not provide the same level of data security as your home country.

With respect to transfers originating from the European Economic Area (“EEA”), we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required or permitted by Articles 46 and 49 of the GDPR. Where required by such laws, you may request a copy of the appropriate mechanisms we have in place by contacting us as detailed below.

YOUR RIGHTS

Subject to the applicable statutory requirements, fulfilment of which must be assessed on a case-by-case basis, you have the right to receive information about your Personal Data, to require rectification or erasure of your Personal Data or restriction of the processing and to receive your Personal Data in a structured, commonly used and machine-readable format (data portability).

You also have the right to object to your Personal Data being processed.

To the extent that we process your Personal Data in order to inform you about our advisory services and current developments in as far as this is relevant for your business activity, you may object to your Personal Data being processed at any time, without stating any reason.

Please note that the various rights are not absolute, each being subject to certain exceptions or qualifications.

We will grant your request only to the extent that it follows from our assessment thereof that we are allowed and required to do so the under data protection laws. Nothing in this Privacy Policy is intended to grant you any rights beyond or in addition to your rights as a data subject under data protection laws.

You also have the right to lodge complaints with a data protection supervisory authority.

CONTACT INFORMATION, REQUEST AND COMPLAINTS

If you wish to request further information or exercise any of the above rights, or if you are unhappy with how we have handled your Personal Data, contact us here:

Name: Evgeny Roshkov
Address: Flottwellstr. 28, Berlin 10785, Germany
Phone: + 49.30.92-03-62-04
Email: info@kesarev.com

Before assessing your request, we might request additional information in order to identify you. If you do not provide the requested information and, as a result, we are not in a position to identify you, we might refuse to action your request.

We will generally respond to your request within two weeks of receiving it. We might extend this period by an additional two weeks if this is necessary taking into account the complexity and number of requests you have submitted.

We will not charge you for the communications or actions we take unless:

you request additional copies of your Personal Data that are undergoing processing, in which case we might charge for our reasonable administrative costs, or

you submit unfounded or excessive requests, particularly if they are repetitive, in which case we may either: charge for our reasonable administrative costs or refuse to act on the request.

If you are not satisfied with our response to your complaint or believe our processing of your Personal Information does not comply with the data protection law, you may file a complaint with the relevant data protection authority at your location.

For the contact details of selected data protection authorities, go to:

Russia: https://rkn.gov.ru/personal-data/