Personal Data Protection and Privacy Policy
- General Provisions
1.1. „Mikaberidze & Partners“ LLC (hereinafter referred to as the "Company" and/or "We") processes your personal information only based on the applicable legislation;
1.2. We process your personal information only if you contact us for legal assistance and receive the appropriate service from us.
1.3. According to the above mentioned, in case of using our services, you automatically give your consent to the company to process your personal information in order to receive the legal service you need.
1.4. Your consent to the processing of personal data, if necessary, may additionally be expressed in writing, orally, by telecommunication or by other appropriate means, by which your consent to the processing the information can be clearly established;
1.5. This Policy applies to all persons who establish a business relationship with us.
- Personal Data Processed by the Company
2.1. Data processing means any operation or set of operations performed on data, including collection, retrieval, access, recording (including video and/or audio recording), organization, structuring, storage, adaptation or alteration, use, blocking, erasure or destruction, as well as disclosure of data by transmission, dissemination, or otherwise making the data available;
2.2. In order to receive the legal services you would like to get, we can process the following personal information:
2.2.1. Name, surname, gender, date of birth, type of identity document, series, number, personal number, citizenship, country, actual and registered address, telephone number, personal and work e-mail address, bank account number (these data and/or their part is processed in all cases);
2.2.2. Marital status, activity/profession, workplace, position, state of health (This information is processed if it is necessary to provide legal services related to medical care provided to you, family and/or labor law issues.);
2.2.3. Information related to a person’s racial or ethnic origin, political views, religious or philosophical beliefs, membership of professional organizations, sexual life, criminal history, administrative detention, putting a person under restraint, plea bargains, abatement, recognition as a victim of crime or as a person affected (this information is processed, if it is necessary to provide legal services related to the investigation of a criminal case, an administrative offense and/or a civil/administrative case directly related to this data, including discriminatory treatment on any of the above grounds);
Note: in cases related to discriminatory treatment, the data specified in this point are processed with the appropriate proportion, namely, in each specific case, your affiliation is processed only with the sign on which you experienced discrimination.
2.2.4. Information about the property you own, including, but not limited to, characteristics of real estate, characteristics of movable property, characteristics of shares, initial shares, securities and/or other data related to economic activity, as well as characteristics of intangible property (this information is processed in the case , if it is necessary to provide legal services related to property/financial issues, disputes, etc.);
2.2.5. Data concerning a minor shall be processed in accordance with the requirements of the Law of Georgia on Personal Data Protection, based on the consent of the minor and/or his or her legal representative, only if such processing is necessary to protect the legitimate interests of the minor and to provide relevant legal services.
2.2.6. Information concerning a deceased person shall be processed in accordance with the requirements of the Law of Georgia on Personal Data Protection, only if such processing is necessary to provide legal services related to the protection of the legitimate interests of the deceased person and/or his or her heirs.
2.2.7. Personnel information includes: name, surname, photograph, date of birth, age, gender, address, personal identification number, copy of identity document (including series, number, and date of issue), copy of driver’s license, autobiography, resume (CV), educational background, foreign language proficiency, copies of diplomas or certificates, knowledge of computer programs, work experience, building entry and exit times, telephone number, e-mail address, bank account number, position held, remuneration details, information on convictions, and health status (Form 100).
2.2.8. Information about a potential employee includes: name, surname, autobiography, resume (CV), copy of diploma or certificate of education, work experience, foreign language proficiency, knowledge of computer programs, building entry and exit times, telephone number, and e-mail address.
2.2.9. Other personal information if it is necessary to provide the legal services you would like to get.
- Personal Data Processing Principles
3.1. When processing your personal data, we adhere to the following principles:
3.1.1. The data is processed fairly and lawfully, without impinging your dignity and/or business reputation;
3.1.2. Data is processed only for specific, legitimate purposes, which are clearly defined based on your interests. We do not further process your data for any other purpose incompatible with the original purpose;
3.1.3. Data is processed only to the extent necessary to provide you with legal services and to achieve the respective legitimate purpose. Data is processed adequately and proportionally to the purpose for which legal services are provided;
3.1.4. We delete and/or destroy the personal data that have come to our attention and that are irrelevant to the purpose of the processing.
3.1.5. Your personal data is stored only for the period necessary to achieve the purpose of the data processing. After achieving this goal, unless otherwise required by law, your data is deleted or destroyed or stored in a form that excludes your identification (for example, documents created as a result of legal services and which are relevant to legal practice and/or legal doctrine).
3.1.6. To ensure data security, appropriate technical and organizational measures have been implemented during data processing to adequately protect personal data.
- Disclosure of Personal Data
4.1. Our company will take all such organizational and technical measures to ensure protection of data against accidental or unlawful destruction, alteration, disclosure, collection or any other form of unlawful use, and accidental or unlawful loss.
4.2. Your personal information will only be disclosed if:
4.2.1. We have obtained your prior consent to the disclosure;
4.2.2. Applicable law requires our company to disclose;
4.2.3. Disclosure, based on applicable law, is required by a court or other authorized institution.
4.2.4. In other cases provided for by law.
4.3. In any case, disclosure will be made in accordance with the law, only to the extent and only in proportion to the purpose for which the personal information is disclosed.
- Privacy
5.1. Any information you provide to us in the course of providing legal services and/or practicing law is confidential and subject to protection regardless of the time that has passed.
5.2. Confidential information will be disclosed by us when necessary and only in the following cases:
5.2.1. If we have your consent to disclose confidential information:
5.2.2. If the use/disclosure of confidential information in the process of your representation or defense is necessary based on your interests and if you do not prevent its disclosure to us in advance;
5.2.3. If it is necessary to defend against accusations or claims made against our company or our company's employees (attorneys) or in the event of a legal dispute regarding honorarium not received by us.
- Your Rights
6.1. You have the right to request and receive from us the following information: which of your data are being processed, what is the purpose of the data processing, what is the legal grounds for the data processing, the ways in which the data were collected, to whom the data about you was disclosed, the grounds and purpose of the data disclosure (if such disclosure took place ).
6.2. Upon your request, the Company will correct, update, add, block, delete or destroy your personal data if it is incomplete, inaccurate, not up-to-date or if it was collected and processed against the law.
6.3. You have the right, at any time, without explanation, to refuse your self-proclaimed consent and to request the termination of data processing and/or the destruction of processed data. In this case, please note that the restriction (termination) of access to personal data will also lead to the termination of legal services, since it is impossible to provide legal services tailored to your interests without processing and using your personal information.
6.3. You have the right to request the blocking of data (restriction of processing) if you dispute the accuracy of the personal data, or if the processing is unlawful, except in cases where the storage of data is necessary for the purpose of using it as evidence.
6.4. You have the right, at any time and without providing a reason, to withdraw your consent and request the termination, deletion, or destruction of your personal data.
6.5. Please note that in the above cases, the restriction or termination of access to personal data may also result in the termination of legal services, as providing legal services tailored to your interests is not possible without the processing and use of your personal information.
6.6. Rights related to automated individual decision-making: Legislation grants you the right not to be subject to decisions based solely on automated processing, including profiling, unless such decision-making:
(a) is based on your explicit consent;
(b) is necessary for entering into or performing a contract between the parties; or
(c) is required or authorized by law or by a subordinate legal act issued within the scope of powers delegated by law.
6.7. You have the right not to give consent to the disclosure of confidential information, including if it is necessary to protect your own interests.
- Obligations of the Person(s) Responsible for Data Processing, Authorized to Process Data, and Co-Processors:
7.1 To implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, alteration, disclosure, retrieval, damage, unauthorized or unlawful use, and accidental or unlawful loss.
7.2 To grant access to personal data only to employees who have rights and obligations under the relevant agreement between the parties and who are bound to maintain the confidentiality of the information, including after termination of their employment or official duties.
7.3 To process personal data solely within the scope of mutual cooperation and in compliance with the requirements of the relevant agreement and applicable law.
7.4 To record all activities related to the processing of personal data in electronic and/or physical form.
- Incident Response Procedure
8.1 The company’s authorized person is obliged, immediately upon discovering an incident, to record the incident, its consequences, and the measures taken. In addition, no later than 72 hours after discovering the incident, they must notify the Personal Data Protection Service in writing or electronically, except in cases where it is unlikely that the incident will cause significant harm and/or pose a substantial threat to the fundamental rights and freedoms of an individual.
- Personal Data Retention Period
9.1 Personal data shall be retained for the entire duration of the services provided. After the expiration or termination of the relevant contract:
- Information about the client shall be retained for a period of 3 years;
- In the context of labor relations, relevant documentation shall be retained by the Company for a period of 10 years after the termination of the employment contract;
- Personal data may also be retained for up to 10 years after termination for specific purposes, including but not limited to responding to inquiries and complaints.
9.2 The organization reserves the right to retain personal data for more than 10 years for legitimate business or legal purposes, such as ensuring security, preventing fraud, or avoiding misuse of data.
- Final Provisions
10.1 Any matters not regulated by this Policy shall be governed by the laws of Georgia.
- Contact Information
11.1 For any comments, claims, or complaints regarding the matters addressed in this Policy, you may contact us by e-mail at This email address is being protected from spambots. You need JavaScript enabled to view it. or by phone at +995 595 53 53 71.
