Privacy Policy
Effective date: 01.07.2026
1. Introduction
Lenz & Staehelin values your privacy. This Privacy Policy demonstrates our commitment to ensuring your privacy and the confidentiality of your personal data (“Personal Data”) when you retain us for professional services (“Services”), use our website or communicate with us.
When engaging us for Services and/or communicating with us via the contact form on our website, email or other channels and/or accessing our website or other content we may make available, you acknowledge that your Personal Data may be processed in accordance with this Privacy Policy and applicable data protection laws.. Should you not agree to any part of this Privacy Policy, you must inform us and discontinue using our Services and/or website or other content. Upon doing so, we will be unable to provide any further Services to you.
Within the meaning of the applicable data protection laws, we act as controller.
2. Personal Data we Process
We process Personal Data you provide when using our Services or communicating with us. This includes, but is not limited to, your name, email, postal address, phone number, language preference, job title, business affiliations, professional field and other information contained in your communications with us, as well as information relating to legal matters or mandates for which we provide Services. Depending on the nature of our Services and your interactions with us, this may also include identification and due diligence information where required by law, as well as technical information relating to the use of our website.
Personal Data may relate to you as well as to other individuals connected with you or involved in a legal matter, such as your employees, representatives, counterparties or agents. You are responsible for ensuring that such Personal Data is accurate and that the relevant persons have been informed of the processing of their Personal Data and have consented to such processing whenever such consent is required.
In some instances, Personal Data will be supplemented by information received from third parties or retrieved from public sources (e.g. professional information on company websites) to enable us to effectively provide our Services and communicate with you effectively.
3. Purposes for Processing Personal Data
We use Personal Data for the purposes of providing our Services, managing our relationship with you, security and risk management, complying with applicable laws and regulations, as well as communicating with you, including to send you newsletters and invitations to events, training programs or lectures, to maintain our list of contacts and/or to provide you with other information you may request from us. In particular, Personal Data may be processed for the purposes of communicating with clients, counterparties, courts, authorities and other persons involved in legal matters, performing conflict checks prior to accepting a mandate, managing and administering legal mandates, including the provision of legal advice, representation and related correspondence, as well as managing the firm’s internal administration, accounting and compliance procedures.
If you apply for a position with us, we process Personal Data for the purposes of evaluating your application, conducting the application procedure and if applicable preparing and concluding an employment agreement.
We do not subject you to high-risk profiling or automated individual decision-making.
4. Retention of Personal Data
We generally retain Personal Data for as long as necessary for our processing purposes, any legal retention periods or our legitimate interests, in particular for documentation and evidence purposes, or if retention is technically required (e.g. in the course of backups). In the absence of the foregoing reasons for retention, we generally delete Personal Data in accordance with our ordinary processes. Personal Data relating to legal mandates may be retained for several years after completion of the mandate in order to comply with legal and professional obligations applicable to law firms.
5. Cookies
Cookies are small text files that are downloaded to your device by visiting the Lenz & Staehelin website or opening our marketing related emails (such as newsletters or invitations to events or webinars). We may also use similar technologies, such as pixel tags, to recognize website visitors, evaluate their behaviour and better understand user preferences. Cookies – including those from third-party providers such as Google Analytics, a web analytics service provided by Google Inc. – are used to improve our online offering and to analyze user behavior for statistical and marketing purposes.
In this context, information about the use of our website (e.g., session duration, content popularity, device and browser type, referring pages) as well as interactions with emails (e.g., open and click rates) may be collected. The information collected through cookies and similar technologies does not generally allow us to identify you directly. However, where you have provided Personal Data to us or to a third-party provider, such information may be linked to you.
To analyse website usage in a privacy-friendly manner, we use the Matomo analytics platform. Nevertheless, third-party service providers such as Google may track your use of our website, combine this information with information from other websites you have visited and use such combined information for their own purposes. If you have registered with the respective service providers, they may be able to identify you. In these instances, their processing of Personal Data will be governed by their privacy policies.
You may change your browser settings to delete and block cookies. You may also configure your browser to automatically reject, accept or delete cookies, either generally or on a case-by-case basis. Further information on managing cookies can usually be found in your browser settings or help menu. If you wish to prevent Google Analytics from collecting information about your use of the website, you may also download and install the browser add-on made available by Google.
6. Our basis for Processing your Personal Data
The processing of Personal Data for the purposes described herein is based – where and to the extent required – on one or more of the following legal bases: (a) your consent to this Privacy Policy, (b) our legitimate interests, in particular in communicating with you as a business contact, providing legal services, maintaining client relationships, organizing professional events and ensuring the security and proper functioning of our operations and information systems; (c) the performance of a contract or steps taken at your request prior to entering into a contract, or (d) another ground for lawful processing of Personal Data under applicable laws and regulations.
7. Protecting your Personal Data
We generally process Personal Data in Switzerland, including on cloud servers located in Switzerland. Depending on the nature of the matter and the Services provided, Personal Data may be disclosed to recipients in Switzerland and abroad, in particular in the EU/EEA, the UK, the USA or other jurisdictions where our clients, counterparties, authorities or service providers are located or operate. This may include jurisdictions in which our clients are present (such as EU/EEA member states, the UK, the USA, Singapore, China, Russia) or in which our technology suppliers and other service providers process Personal Data on our behalf (such as EU/EEA member states, the UK, the USA).
Where Personal Data is transferred to a country that does not provide an adequate level of data protection, we ensure that such transfer is carried out in compliance with applicable data protection laws and regulations. In particular, transfers may take place where necessary for the performance of a contract with you or in your interest, for compliance with legal or regulatory obligations, or for the establishment, exercise or defence of legal claims before foreign authorities or courts. Transfers may also take place on the basis of your consent where required or where other statutory exceptions apply, including where overriding public interests so require, where Personal Data has been made generally accessible by you and you have not objected to the processing, or where the Personal Data originates from a public register accessible in accordance with applicable law.
Where such transfers are not covered by a statutory derogation, we implement appropriate safeguards to ensure an adequate level of protection for Personal Data, typically by entering into standard contractual clauses recognized by the Federal Data Protection and Information Commissioner or by relying on another legally recognized transfer mechanism. Further information regarding such safeguards may be obtained by contacting us using the contact details set out below.
We do not sell or otherwise transfer Personal Data to third parties except with your prior consent, or as we are required under applicable law or regulation.
We maintain appropriate technical and organizational measures to preserve the confidentiality, availability and integrity of Personal Data. We regularly review our security policies and procedures to ensure our systems are secure and protected, and we ensure compliance with all applicable data protection and security laws.
8. Digital Tools and Artificial Intelligence
We may use digital tools and services, including third-party technologies and cloud-based solutions, in the course of providing our Services and operating our website. These tools may involve internet-based communications and may include machine learning or generative artificial intelligence.
The use of such technologies may involve risks such as data security incidents, unauthorized access, data loss or service disruptions. We implement appropriate technical and organizational measures to protect Personal Data, although no system can be entirely secure.
Where third-party providers are used, Personal Data may be processed outside Switzerland. In these cases, the processing of Personal Data, including any cross-border transfers, is carried out in accordance with Section 7 above.
Artificial intelligence technologies may also involve limitations, such as potential biases, inaccuracies or lack of transparency. We seek to use these technologies responsibly and remain mindful of their limitations.
Further information is available at: www.lenzstaehelin.com/ai/.
9. Your Rights
We afford you all rights that you are entitled to under applicable data protection law. Within the limits of the statutory provisions, you have the right to be informed by us on any processing of your Personal Data and to verify its accuracy. If you are affected by incorrect or incomplete Personal Data relating to you, you may request rectification or completion of any relevant data. To the extent allowed by applicable law, you may request the deletion of your Personal Data or a temporary restriction of processing in certain instances and you may also request the delivery or transfer of your Personal Data in a commonly used electronic format. You may also object to the processing of your Personal Data, in which cases we may however not be in a position to provide any related Services.
10. Contact
If you have any questions or want to exercise your rights with regard to your Personal Data, please feel free to contact us here:
Law Firm Zurich
Lenz & Staehelin
Brandschenkestrasse 24
CH-8027 Zurich
dataprotection@clutterlenzstaehelin.com
Law Firm Geneva
Lenz & Staehelin
Route de Chêne 30
CH-1211 Geneva 6
dataprotection@clutterlenzstaehelin.com
Law Firm Lausanne
Lenz & Staehelin
Avenue de Rhodanie 40C
CH-1007 Lausanne
dataprotection@clutterlenzstaehelin.com
You may also contact us through our contact form set out on our website.
This Privacy Policy may be amended from time to time. Any amendment will be included in a new version of this Policy, posted on our website and will be effective as of the date written in the heading of this Privacy Policy.