Privacy and Data Protection

BuroMaxJura is committed to handling personal data responsibly in the provision of corporate law services. This policy explains what information we collect, how we use it, and the rights you can exercise. We apply administrative and technical measures to protect data and limit access to personnel and service providers who need it to perform our services.

20-01-2026 BuroMaxJura [email protected]

Definitions

This section explains key terms used throughout the privacy policy to ensure clarity about data types and processing activities relevant to our legal services.

Personal data means any information relating to an identified or identifiable natural person, such as names, contact details, identification numbers and professional information provided to BuroMaxJura in connection with corporate legal services.
Processing refers to any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, erasure or destruction.
User refers to any individual who interacts with BuroMaxJura in the context of our services, including company representatives, partner, directors and third parties involved in legal matters.
Service denotes the corporate law advisory and support services provided by BuroMaxJura to companies and their representatives, including consultation, document drafting, filings and compliance assistance.
Cookies are small text files stored on a user’s device to help the website recognize returning visitors, remember preferences and support analytics or security functions used by BuroMaxJura.

Data Collection

We collect and process personal data necessary to deliver legal services, comply with regulatory obligations and maintain client relationships. Data collection is limited to what is relevant and proportionate to the requested service.

Data You Provide

When engaging BuroMaxJura, you may provide information required for representation, filings and correspondence. Examples include:

  • Company and contact information (company name, address, role, phone and email).
  • Identification documents and registration numbers required for compliance and filings.
  • Contractual and transactional documents related to corporate matters.
  • Business or partner information relevant to due diligence and corporate governance.
  • Communications and correspondence platform for the purpose of legal advice.
  • Notes and records of meetings, calls and instructions provided by company representatives.

Automatically Collected Data

When you visit our website or use our online services, we may automatically collect certain information to operate and secure those services and to understand usage patterns.

  • IP address and approximate location
  • Device and browser information
  • Pages visited and time spent on the website
  • Referring website and click paths
  • Cookies and analytics identifiers
  • Security logs to detect abuse or unauthorized access

Third-Party Data Sources

We may receive data about you from third parties when relevant to the engagement or as required by law. Examples include:

  • Public registers and commercial databases for company verification
  • Third-party service providers such as payment processors and identity verification services
  • Professional advisors and counterparties involved in legal matters

Purposes of Processing

We process personal data for specific purposes tied to delivering our corporate law services and meeting legal obligations.

  • To provide legal advice and representation to companies and their representatives.
  • To prepare, file and manage corporate documents and registrations with Swiss authorities.
  • To perform due diligence, compliance checks and risk assessments.
  • To communicate with clients, counterparties and regulators regarding legal matters.
  • To process payments and maintain billing records.
  • To maintain records required by law, including anti-funds laundering checks where applicable.
  • To improve our services, including anonymized analytics and service quality reviews.
  • To protect our systems, contribute incidents and prevent fraud or misuse.

Legal Basis for Processing

We rely on lawful bases under applicable data protection law for processing personal data, depending on the purpose of processing.

  • Performance of a contract: processing necessary to provide legal services requested by a client.
  • Legal obligation: processing required to comply with statutory duties, such as filings and anti-funds laundering rules.
  • Legitimate interests: processing for fraud prevention, security and service improvement where such interests do not override individual rights.
  • Consent: for optional uses such as direct marketing or certain tracking technologies where consent is required.

Your Rights

Applicable data protection rights enable individuals to access, correct or object to certain processing of their personal data. BuroMaxJura supports the exercise of these rights in accordance with Swiss law.

  • Right to access: request confirmation of processing and a copy of data we hold about you.
  • Right to rectification: request correction of inaccurate personal data.
  • Right to erasure: request deletion of personal data where retention is no longer necessary and no legal obligation prevents deletion.
  • Right to restriction: request limitation of processing in certain circumstances.
  • Right to object: object to processing based on legitimate interests or for direct marketing.
  • Right to data portability: request a copy of certain personal data in a structured, commonly used format.

Cookies and Tracking

We use cookies and similar technologies on our website to provide essential functionality, analyze usage and support security. You can manage cookie preferences via your browser or our cookie settings where provided.

Types of cookies used include essential cookies for site operation, performance cookies for analytics, and functional cookies for preferences. We do not use cookies to collect sensitive personal data without explicit consent.

Cookies are grouped as strictly necessary, performance/analytics, and optional functional cookies. Performance cookies help us understand user interactions so we can improve navigation and content usefulness.

You may block or delete cookies through your browser settings. Please note that blocking certain cookies may affect website functionality and access to online tools offered by BuroMaxJura.

Cookie policy and preferences

Sharing and Disclosure

We share personal data only when necessary for service delivery or required by law. Third parties receiving data are bound to protect it and use it only for specified purposes.

  • Professional advisors and counterparties engaged to assist with legal matters.
  • Government agencies and registries for mandatory filings and regulatory compliance.
  • Authorized service providers such as cloud hosting, IT support and document storage vendors.
  • Payment processors and banks to handle billing and client funds.
  • Compliance screening and identity verification providers where required by law.
  • Other parties with your explicit consent to share information.

International Transfers

Personal data may be transferred outside Switzerland when necessary for service delivery or processing by third-party providers. We assess transfer destinations and apply appropriate safeguards to ensure adequate protection of personal data.

Safeguards include contractual clauses, approved transfer mechanisms and selecting providers that meet recognized data protection standards. We limit transfers to what is necessary and document transfer arrangements.

Data Retention

BuroMaxJura retains personal data only for the period necessary to fulfill the purposes described, to meet legal and regulatory obligations, and to resolve disputes. Retention periods depend on the nature of the engagement and applicable statutory recordkeeping requirements.

We retain account information necessary to provide corporate law support and manage your relationship with BuroMaxJura. Account data is kept while your account is active and for a reasonable period afterwards to meet contractual, tax and regulatory obligations. If you close your account, we remove or anonymize personal details unless retention is required by law or necessary to resolve disputes.

Communications and case-related messages platform with BuroMaxJura are kept for operational and compliance purposes. Where records are relevant to tax, bookkeeping or legal obligations, they may be retained for up to 10 years. Routine client messages and correspondence that are not required for compliance are typically archived for up to 24 months and then securely deleted or anonymized.

System logs, access records and audit trails are retained to detect abuse, maintain security and demonstrate regulatory compliance. Log retention periods vary by purpose; security logs are usually retained for up to 24 months, with summaries retained longer when needed for compliance or reporting.

When you request deletion of personal data, BuroMaxJura reviews the request and removes data that is no longer necessary for the purposes listed in this policy, subject to legal and contractual retention requirements. Deletions are completed once dependencies (active matters, billing records, legal holds) have been resolved. You will be informed of any data we cannot delete due to legal obligations.

Data security at BuroMaxJura

Protecting client data is a priority. BuroMaxJura implements technical and organizational measures designed to limit access to personal data, detect and respond to security incidents, and protect data integrity during storage and transmission. Security controls are reviewed regularly to align with current risks and regulatory expectations.

  • Encryption in transit and at rest for sensitive client information; secure channels for document platform.
  • Role-based access controls, logging and periodic access reviews to ensure only authorized personnel can view case data.
  • Regular staff training, incident response procedures and third-party security assessments to maintain operational resilience.

User Rights and Access

You have rights over your personal data processed by BuroMaxJura. We aim to make it straightforward to exercise these rights and will respond in accordance with applicable Swiss law and good practice.

  • Right to access: request a copy of personal data we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion of personal data where retention is not required by law.
  • Right to restriction: request limitation of processing in certain circumstances.
  • Right to data portability: request a machine-readable copy of data you provided to us, where applicable.
  • Right to object: object to processing for direct marketing or where we rely on legitimate interests and you have particular reasons to object.
  • Right to withdraw consent: where processing is based on consent, you may withdraw consent at any time for future processing.
  • Right to lodge a complaint: if you consider processing violates applicable law, you may contact the supervisory authority after contacting us.

How to make a rights request

To exercise your rights, contact our data protection contact point at BuroMaxJura. Provide your name, the nature of your request, and any supporting details to help us identify the data. Requests can be sent by mail to Münstergasse 68, 3011 Bern, Switzerland or by email to [email protected]. We may request additional information to verify your identity before fulfilling sensitive requests.

[email protected]

We aim to respond to straightforward requests within 30 days. If a request is complex or there are multiple requests, we may extend the response time and will inform you if additional time is needed.

Marketing communications

BuroMaxJura may send information about services, events and updates relevant to corporate law and compliance if you have opted in or if we have another lawful basis to contact you. Marketing communications will contain an easy way to opt out.

To stop receiving marketing messages, use the unsubscribe link included in any communication or contact [email protected]. We will respect your preference promptly and will only keep minimal data to record your marketing choices.

Children and personal data

Our services are aimed at businesses and adults. BuroMaxJura does not offer services intended for children under 16. If we become aware that we have collected personal data of a child without appropriate consent, we will take steps to delete that information where required by law.

Third-party links

BuroMaxJura websites and communications may include links to third-party websites or services. We do not control those third parties and are not responsible for their privacy practices. Please review third-party privacy policies before sharing personal data outside BuroMaxJura.

Changes to this policy

We may update this privacy information to reflect changes in our services or legal requirements. Material changes will be communicated via our website and, where appropriate, direct notification. The effective date below indicates when the most recent update was published.