Privacy & Cookie Policy

Privacy & Cookies Policy

  1. Introduction and Summary

HERDEM recognizes the importance of, and are fully committed to protecting the privacy of, information related to all individuals with whom we interact.

This Privacy & Cookies Policy (“Privacy Policy”) explains our approach to any personal information (“Personal Data” defined below) that we may collect, use, share, and otherwise process about:

  • Visitors to our website, and other online properties (each, a "Site")
  • Contact persons for our clients and/or prospective clients
  • Contact persons for suppliers of goods and services to HERDEM
  • Any other individuals about whom HERDEM obtains Personal Data

In this Privacy Policy, "Personal Data" means information that (either in isolation or in combination with other information held by HERDEM) enables you to be identified as an individual or recognized directly or indirectly.

This Privacy Policy will inform you of the nature of your Personal Data that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it. It also sets out your rights in respect of our processing of your Personal Data.

This Privacy Policy is intended to assist you in making informed decisions when using the Site and our Services and/or to understand how your Personal Data may be processed by us as a result of providing the Services to third parties or when you apply to work at HERDEM.

Please take a moment to read and understand it. Please also note that this Privacy Policy only applies to the use of your Personal Data obtained by us.

  1. Who is responsible for your Personal Data?

Unless we specifically state otherwise, HERDEM is the data controller of the Personal Data we process, and is therefore responsible for ensuring that the systems and processes we use are compliant with data protection laws, to the extent applicable to us.

HERDEM personnel are required to comply with this Privacy Policy and associated policies when dealing with Personal Data and must also complete data protection training where appropriate to their role.

  1. What Personal Data we may collect?

Our primary goal in collecting Personal Data from you is to help us to; verify your identity, deliver our Services, subscribe you to our newsletters and e-bulletins, improve, develop new Services, carry out requests made by you on the Site or in relation to our Services, investigate or settle inquiries or disputes, comply with any applicable law, court order, other judicial process, or the requirements of a regulator, enforce our agreements with you, protect the rights, property or safety of us or third parties, including our other clients and users of the Site or our Services, with recruitment purposes, and use as otherwise required or permitted by law.

To undertake these goals we may collect and process the following categories of Personal Data about you:

  • Identity and Contact Data: name, gender, title, organization, address, telephone number, email address, marital status, employment history, educational or professional background, tax status, employee number, job title and function, and other Personal Data concerning your preferences relevant to our services.
  • Special Categories of Data: in limited circumstances, such as our firm representing you and/or your organization in legal matters, where you have provided us with such information as it is necessary for a specific service we are providing to you; information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life and sexual orientation or details of criminal offences, or genetic or biometric data.
  • Business Information: information provided in the course of the contractual or client relationship between you or your organization and HERDEM, or otherwise voluntarily provided by you or your organization.
  • Information Relevant to our Legal Advice: Personal Data relevant to any dispute, grievance, investigation, arbitration, or other legal advice we have been asked to provide to our client.
  • Client Service Data:  Personal Data received from clients in respect of employees, customers or other individuals known to clients, invoicing details and payment history, and client feedback.   
  • Participation Data: Data about individual participation in conferences and in-person seminars, credentials, associations, product interests, and preferences. 
  • Compliance Data: Government identifiers, passports or other identification documents, dates of birth, beneficial ownership data, and due diligence data.
  • Job Applicant Data:  Data provided by job applicants or others on our Site or offline means in connection with employment opportunities, which also may be subject to an additional relevant local recruitment privacy policy.  
  • Profile, Usage and Registration Data: usernames/passwords to our website or password protected platforms or services, newsletter requests, e-bulletin and legal update subscriptions, event/seminar registrations, subscriptions, downloads, your preferences in receiving information from us, your communication preferences and information about how you use our website, including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs).
  • Technical Data: information collected during your visits to our website, the Computer Internet Protocol (IP) address, login data, browser type and version, unique device identifier (UDID), cookies and other data linked to a device, time zone setting, browser plug-in types and versions, operating system and platform.
  • Physical Access Data: relating to details of your visits to our premises.

We may collect Personal Data from a number of sources, either directly from you, or from clients, colleagues and publically available sources.

If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

Unless specifically requested and you use the method that we identify for such purpose, we request that you not send us any confidential or sensitive information such as credit card numbers, national ID numbers, social security numbers, health insurance number, or license numbers.

  1. How do we collect and use your Personal Data?

The circumstances in which we can collect and use Personal Data about you include:

Fulfilment of Services: We collect and maintain Personal Data that you voluntarily submit to us during your use of the Site and/or engagement of our firm.

Our legal basis:
It is necessary for us to process your information to perform our obligations in accordance with any contract that we may have with you. It is in our legitimate interest or a third party's legitimate interest to use your Personal Data in such a way to ensure that we provide the very best client service we can to you or others.

Client Services: Our Site uses various user interfaces to allow you to request information about our Services including electronic enquiry forms and a telephone enquiry service. Contact information may be requested in each case, together with details of other personal information that is relevant to your Service enquiry. This information is used in order to enable us to respond to your requests.

Our legal basis:
It is in our legitimate interest or a third party's legitimate interest to use your Personal Data in such a way to ensure that we provide the very best client service we can to you or others.

Business Administration and Legal Compliance: We use your Personal Data for the following business administration and legal compliance purposes:

  • to comply with our legal obligations;
  • to enforce our legal rights;
  • to protect the rights of third parties; and
  • in connection with a business transaction such as a merger, or a restructuring, or sale.

Our legal basis:
Where we use your Personal Data in connection with a business transition, to enforce our legal rights, or to protect the rights of third parties it is in our or a third party's legitimate interest to do so. For all other purposes described in this section, it is our legal obligation to use your Personal Data to comply with any legal obligations imposed upon us.

Recruitment: We use your Personal Data for the following recruitment purposes:

  • To assess your suitability for any position for which you may apply at HERDEM for any position and placements and also any business support or services role whether such application has been received by us online, via email or by hard copy or an in-person application.
  • To review HERDEM's equal opportunity profile in accordance with applicable legislation to ensure that HERDEM does not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability or any other basis covered by local legislation. All employment related decisions are made entirely on merit.

Our legal basis:
Where we use your personal information in connection with recruitment it will be in connection with us taking steps at your request to enter a contract we may have with you or it is in our legitimate interest to use Personal Data in such a way to ensure that we can make the best recruitment decisions for HERDEM. We will not process any special category data except where we are able to do so under applicable legislation or with your explicit consent.

Client Insight and Analysis: We analyze your contact details with other Personal Data that we observe about you from your interactions with our Site, our email communications to you and/or with our Services such as the Services you have viewed.

Where you have given your consent (where lawfully required), we use cookies, log files and other technologies to collect personal information from the computer hardware and software you use to access the Site, or from your mobile. This includes the following:

  • an IP address to monitor Site traffic and volume;
  • a session ID to track usage statistics on our Site;
  • information regarding your personal or professional interests, demographics, experiences with our products and contact preferences.

Our web pages contain "cookies" "web beacons" or "pixel tags" ("Tags"). Tags allow us to track receipt of an email to you, to count users that have visited a web page or opened an email and collect other types of aggregate information. Once you click on an email that contains a Tag, your contact information may subsequently be cross-referenced to the source email and the relevant Tag.

In some of our email messages or online newsletters, legal updates, e-bulletins, we use a "click-through URL" linked to certain website administered by us or on our behalf.  

By using this information, we are able to measure the effectiveness of our content and how visitors use our Site and our Services. This allows us to learn what pages of our Site are most attractive to our visitors, which parts of our Site are the most interesting and what kind of services our registered users like to see.

Our legal basis:
Where your Personal Data is not in an anonymous form, it is in our legitimate interest to use your Personal Data in such a way to ensure that we provide the very best products and services to you and our other clients.

Any other purposes for which we wish to use your Personal that are not listed above, or any other changes we propose to make to the existing purposes will be notified to you using your contact details, where available.

You are not required to provide all Personal Data identified in this Privacy Policy to use our Site or to interact with us offline, but certain functionality will not be available if you do not provide Personal Data. If you do not provide Personal Data, we may not be able to respond to your request, provide legal services to you, or provide you with newsletters or e-bulletins that we believe you would find valuable. 

  1. What is our legal basis to use or process your Personal Data?

It is necessary for us to use your Personal Data;

  • To perform our obligations in accordance with any contract that we may have with you.
  • It is in our legitimate interest or a third party's legitimate interest to use Personal Data in such a way to ensure that we provide the Services in the best way that we can.
  • It is our legal obligation to use your Personal Data to comply with any legal obligations imposed upon us.
  1. Who do we share your Personal Data?

We may share Personal Data with the following categories of recipients, under the following circumstances:

  • We share Personal Data with suppliers and service providers we have retained in connection with the legal services we provide, such as attorneys, counsels, mediators, or experts and other legal specialists such as law firms for obtaining specialist or foreign legal advice, translators, education evaluation services, couriers, or other necessary entities; to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above. On a confidential basis with third parties for the purposes of collecting your feedback on HERDEM’s service provision, to help us measure our performance and to improve and promote our services.
  • We share Personal Data with companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such Personal Data is shared.
  • We may share Personal Data with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of HERDEM’s assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of HERDEM.
  • We share Personal Data in order to comply with any subpoena, court order or other legal process, to comply with a request from our regulators, governmental request or for the purposes of a confidential alternative dispute resolution process or any other legally enforceable demand. We also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.

If you have questions about the parties with which we share Personal Data, please contact us. 

  1. Our use of cookies and similar technologies

We use and allow certain third parties to use cookies, web beacons, and similar tracking technologies (collectively, "cookies") on our Site. 

  • What are cookies?
    Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a websites.
  • How do we use cookies?
    We use cookies to provide the Site and services, gather information about your usage patterns when you navigate this Site in order to enhance your personalized experience, and to understand usage patterns to improve our Site, products, and services. We also allow certain third parties to place cookies on our Site in order to collect information about your online activities on our Site over time and across different websites you visit. 

Cookies on our Site are generally divided into the following categories:

Strictly Necessary Cookies: These are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas. These cookies are session cookies that are erased when you close your browser.

Analytical/Performance Cookies: These allow us to recognize and count the number of users of our Site and understand how such users navigate through our Site. This helps to improve how our Site works, for example, by ensuring that users can find what they are looking for easily. These cookies are session cookies which are erased when you close your browser.  We use Google Analytics, and you can see below for how to control the use of cookies by Google Analytics.

Functional Cookies: These improve the functional performance of our Site and make it easier for you to use. For example, cookies are used to remember that you have previously visited the Site and asked to remain logged into it. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Site.  You can delete these cookies via your browser settings.

Targeting Cookies: These record your visit to our Site, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on the Site and other websites you visit. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our Site. You can delete these cookies via your browser settings. See below for further details on how you can control third party targeting cookies.

  • What are your options if you do not want cookies on your computer?
    You can review your Internet browser settings, typically under the sections "Help" or "Internet Options," to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details. 

To learn more about the use of cookies for Google analytics and to exercise choice regarding such cookies, please visit the Google Analytics Opt-out Browser Add-on

To learn more about certain cookies used for interest based advertising by third parties, including through cross-device tracking, and to exercise certain choices regarding such cookies, please visit the Digital Advertising AllianceNetwork Advertising InitiativeDigital Advertising Alliance-CanadaEuropean Interactive Digital Advertising Alliance or your device settings.

  1. Confidentiality and the security of your Personal Data

We are committed to keeping the Personal Data provided to us secure and we have implemented appropriate information security policies, rules and technical measures to protect the Personal Data that we have under our control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

While we aim to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.

All of our partners, employees, consultants, workers and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of Personal Data, are obliged to respect the confidentiality of such Personal Data.

  1. What are your rights?

You have the following rights in relation to the Personal Data we hold about you:

  • Right of Access: If you ask us, we'll confirm whether we're processing your Personal Data and, if necessary, provide you with a copy of that Personal Data (along with certain other details). If you require additional copies, we may need to charge a reasonable fee.
  • Right to Rectification: If the Personal Data we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified. If you are entitled to rectification and if we've shared your Personal Data with others, we'll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we'll also tell you who we've shared your Personal Data with so that you can contact them directly.
  • Right to Erasure: You can ask us to delete or remove your Personal Data in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to erasure and if we've shared your Personal Data with others, we'll let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we'll also tell you who we've shared your Personal Data with so that you can contact them directly.
  • Right to Restrict Processing: You can ask us to 'block' or suppress the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of that Personal Data or you object to us. If you are entitled to restriction and if we've shared your Personal Data with others, we'll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we'll also tell you who we've shared your Personal Data with so that you can contact them directly.
  • Right to Data Portability: You have the right, in certain circumstances, to obtain Personal Data you've provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
  • Right to Object: You can ask us to stop processing your Personal Data, and we will do so, if we are; relying on our own or someone else's legitimate interests to process your Personal Data, except if we can demonstrate compelling legal grounds for the processing.
  • Right to Withdraw Consent: If we rely on your consent (or explicit consent) as our legal basis for processing your Personal Data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose(s) to which you originally consented unless there is another legal ground for the processing.

To opt-out of receiving our newsletters or e-bulletins please follow the opt-out links on any message sent to you or contact us. Opting out of receiving newsletters or e-bulletins will not affect the processing of Personal Data for the provision of our legal services.

  • Right to Lodge a Complaint with the Supervisory Authority: If you have a concern about any aspect of our privacy practices, including the way we've handled your Personal Data, you can report it to the relevant Supervisory Authority.

You may, at any time, exercise any of the above rights, by contacting us together with a proof of your identity (i.e. a copy of your ID card, or passport, or any other valid identifying document)

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

  1. How long do we keep your Personal Data?

We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for HERDEM to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

Upon expiry of the applicable retention period or upon your request we will securely destroy your Personal Data in accordance with applicable laws and regulations.

  1. Are third party websites governed by this Privacy Policy? 

The Site may contain links and references to other websites administered by unaffiliated third parties whose information practices may be different than ours. This Privacy Policy does not apply to such third party sites. When you click a link to visit a third party website, you will be subject to that website's privacy practices. Visitors should consult the other sites' privacy notices as HERDEM has no control over information that is submitted to, or collected by, these third parties. Therefore, we encourage you to familiarize yourself with the privacy and security practices of any linked third party websites before providing any Personal Data on that website.

  1. How will we handle any changes to this Privacy Policy? 

We may update this Privacy Policy from time to time as our services and privacy practices change, or as required by law. The effective date of our Privacy Policy is posted below, and we encourage you to visit our Site periodically to stay informed about our privacy practices. We will post the updated version of the Privacy Policy on our Site, and ask for your consent to the changes if legally required.

  1. Our Contact Information

If you have any questions or comments about this Privacy Policy or want to exercise your rights set out in this Privacy Policy, please contact us by:

  • sending an email to: or,
  • calling us on: +90 212 2884959

Effective Date: 01.01.2019