Privacy and Cookies Policy

This Privacy Policy describes how MdME (hereinafter “MdME” or the “Firm”) collects, uses, shares, and otherwise processes Personal Data (any information, of any type or medium involved, relating to an identified or identifiable natural person) of:

  • Visitors of our website;
  • Clients or prospective clients;
  • Suppliers of goods and services to the Firm;
  • Job applicants;
  • MdME alumni;
  • Any other individuals about whom the Firm obtains Personal Data.

The Privacy Policy may be updated from time to time, and we recommend that you check it regularly for any changes.

1. Collection of Personal Data

MdME may process the following categories of Personal Data of site visitors, clients or prospective clients, suppliers of goods and services to the Firm, job applicants, MdME alumni and other third parties:

a) Identification data (e.g. name, date of birth, gender, address, contact details, citizen’s card data, passport data, tax number, nationality);

b) Data relating to education and work experience (e.g. education, qualifications, certifications, curriculum vitae, information from previous employer);

c) Professional data (e.g. title, position, job description, company, office address);

d) Professional activity data (e.g., business activities, information about cases and briefs, experience);

e) Invoicing and expenses data (e.g. fees, client-related travelling, and communications expenses); and

f) Recorded image and sound data (e.g. photographic and video images);

g) Device Data (e.g. Computer Internet Protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our Sites);

h) Sensitive Data necessary for the provision of services (e.g. philosophical or political convictions, union or political membership, religious faith, private life, racial or ethnic origin, data related to health and sexual health, including genetic data).

MdME collects Personal Data from several sources, either directly from the data subjects (through an e-mail or reply to an invitation, business cards, sign up for the Firm’s information or events, application for a job position at the Firm, or engagement of services), or indirectly from third parties or public sources. Where MdME receives Personal Data indirectly, it will provide all the information about the processing of that data to the relevant data subject at the earliest opportunity.

2. Data Processing Purposes

MdME may process personal data for the following purposes and on the following lawful bases:

Purpose Legitimate Basis

Provision of legal services, which may include:

  • Opening a client case;
  • Keeping a record of services proposals received;
  • Communications with the client, other parties and/or public bodies, including courts and tribunals; and
  • Keeping documents on file in digital and physical formats.
  • Contractual performance (MdME’s interest in processing clients’ information in a sustained and efficient manner, which ensures its quality and integrity and enables the provision of excellent services)
  • Legitimate Interest (Interest of the clients represented and advised by MdME)
  • Whenever the collected data is of sensitive nature, the lawful basis is the declaration, exercise or defense of a right in judicial proceedings.

Communications, which may include:

  • General share of information;
  • Dissemination of legal information;
  • Sending Newsletters;
  • Sending Briefings;
  • Sending Knowledge updates.

Legitimate interest:

  • Reply to requests from persons that fill in MdME’s website forms with the relevant suitable correspondence;
  • Contribute to the development of legal science and play an important role in the community of legal professions; and
  • Bolster MdME’s culture and maintain a close relationship with its alumni.

Event management, which may include:

  • Sending invitations for events and registering event participants; and
  • Publicizing events within and outside the firm.

Legitimate interest and consent (in cases where sound or image recordings are made or if photographs are taken):

  • Reply to requests from persons that fill in MdME’s website forms with the relevant suitable correspondence;
  • Contribute to the development of legal science and play an important role in the community of legal professions; and
  • Publicise events arranged by MdME.

Protection of persons and goods, which includes collecting CCTV images.

Legitimate interest, to ensure the protection of MdME’s premises and the persons on those premises.

Complying with statutory compliance obligations

Compliance with statutory obligations.

Invoicing and accounts management, which may include:

  • Booking expenses, monitoring costs and refunds (e.g. travelling and mobile communications expenses to be paid by clients);
  • Invoicing and management of current accounts; and

Keeping accounting records and supporting documents on file.

  • Contractual performance (manage efficiency, invoice the services provided correctly and in a timely fashion);
  • Legitimate interest; and
  • Compliance with statutory obligation.

Submitting cases to legal directories

Legitimate interest (MdME’s interest in fostering the firm’s culture and the excellence of its lawyers)

Judicial and non-judicial claims, which includes the collection and recovery of amounts owed by clients.

Legitimate interest (MdME has a legal interest in satisfying its debt-claims and defending its rights)

Recruitment and selection, which includes:

  • Screening applications and CVs;
  • Internal recruitment selection process for lawyers and staff.
  • Pre-contractual audit at the request of the data subject; and
  • Legitimate interest (MdME’s interest in analysing applications and having applicants undergo an internal selection process, in accordance with pre-defined criteria).

3. Cookies

A cookie is a small computer file stored by a website on your computer or mobile device to allow your identification in future accesses, remember your actions and preferences, and improve your browsing experience.

The cookies themselves do not identify the individual user, but only the computer or mobile device used.

MdME uses the following types of cookies:

a) Session cookies - These are temporary cookies that remain in your internet browser until you leave the website. The information they maintain allows you to safely manage the various operations performed by you during a session in our website.

b) Permanent cookies - These are cookies that are stored in the internet browser of your computer or mobile device and are accessed and used whenever you re-visit the website.

The cookies used by MdME have different functions:

a) Essential cookies - Some cookies are essential to access specific areas of our website. They allow website navigation and usage of your applications, such as accessing secure areas of the website through login. Without these cookies, certain services cannot be provided. In general, you do not need the consent of the user to install essential cookies on your device when it accesses the website.

b) Analytical cookies - They are used anonymously for the purpose of creating and analyzing statistics, in order to improve the functioning of the website.

c) Functionality cookies – They save user preferences regarding website usage, so you do not need to reconfigure the website each time you visit.

The cookies used by MdME may have two types of origin:

a) First party cookies - These are cookies placed and managed by MdME.

b) Third party cookies - These are cookies placed and managed by third parties. By being controlled by third parties, it is not possible to guarantee that the list below is unchanged. You may, in any case, control or prevent access to these cookies in the terms indicated below.

In the table below, you can obtain information about the cookies MdME uses through its website:

  • PHPSESSID
    Purpose: Enable or optimize the features offered by the website and enhance the browsing experience of the user
    Duration: Session cookie
    Type of cookie: Essential
  • xms_user
    Purpose: Enable or optimize the features offered by the website and improve the browsing experience of the user
    Duration: Persistent cookie, deleted within 5 days
    Type of cookie: Essential
  • viewed_cookie_policy
    Purpose: Saves user preferences regarding the cookie bar display
    Duration: Persistent cookie, deleted within 1 year
    Type of cookie: Functionality
  • _ga
    Purpose: Used to distinguish users
    Duration: Persistent cookie, deleted within 2 years
    Type of cookie: Analytical
  • __utma
    Purpose: Used to distinguish users and sessions. The cookie is created when the JavaScript library is run and when there is no __utma cookie. The cookie is updated each time the data is sent to Google Analytics
    Duration: Persistent cookie, disposed of within 2 years from analytical definition / update
    Type of cookie: Analytical
  • __utmb
    Purpose: Used to determine new sessions / visits. The cookie is created when the JavaScript library is run and when there is no __utmb cookie. The cookie is updated each time the data is sent to Google Analytics
    Duration: Persistent cookie, disposed of within 30 minutes from analytical definition / update
    Type of cookie: Analytical
  • __utmc
    Purpose: Not used in ga.js. Defined for interoperability with urchin.js. Historically, this cookie operates in conjunction with the __utmb cookie to determine if the user is on a new session / visit
    Duration: Session cookie
    Type of cookie: Analytical
  • __utmt_myTracker
    Purpose: Used to control the request rate
    Duration: Persistent cookie, eliminated within 10 minutes
    Type of cookie: Analytical
  • __utmz
    Purpose: Stores traffic source or campaign that explains how the user came to your website. The cookie is created when the JavaScript library is run and refreshed each time the data is sent to Google Analytics
    Duration: Persistent cookie, deleted within 6 months from the setting / update
    Type of cookie: Analytical

Internet browsers allow you to exercise some control over the use of cookies through their settings.

Most browsers allow you to block all cookies or to block cookies from specific websites. Internet browsers can also help you clear cookies when you close them.

However, we caution that this may mean that any preferences set on the website may be lost.

To learn more about cookies, including what cookies are, how to manage them and how to delete them, visit www.allaboutcookies.org, which also includes information on how to manage your settings for various browser providers.

4. Data retention

MdME will only keep your data for as long as necessary to achieve the purposes established in this Policy. However, in certain cases, we may keep your data for longer periods, particularly when the law requires so.

If you would like to know more about our periods of data retention, please contact us in accordance with the “Contact Us” section below.

5. Transfer of Personal Data

MdME does not transfer your personal data to third parties, except in cases where this proves to be necessary for the provision of the services you have engaged or for compliance with the obligations to which MdME is subject.

MdME may share your personal data with the following entities:

  • Relevant parties for the legal advisory services we provide, for example, counterparties, courts and tribunals, regulatory authorities, government institutions or other lawyers;
  • Law firms that are members of the Lex Mundi network;
  • Public authorities and the Macau Lawyers Association, with regard to compliance with legal obligations;
  • Service providers that supply services to MdME for the purposes described above, such as IT service providers, communications services, accounting, payroll and auditing services, translation services, legal directories and memberships, and digital and physical archive services, social media platforms.

The above-mentioned entities may be located outside of your home country. By providing your Personal Data, you understand that your Personal Data may be transferred to the following jurisdictions: Hong Kong Special Administrative Region, Republic of Portugal, and to the jurisdictions where Lex Mundi has associated offices as part of its network (full list available for consultation here: https://www.lexmundi.com/ and https://www.lexmundi.com/lex-directory/#page=1).

6. Data security

MdME is committed to keeping your Personal Data secure. MdME uses appropriate security measures to prevent your Personal Data from unauthorized destruction, loss, alteration, disclosure or access and against any other form of unlawful or abusive treatment. We regularly analyze our systems and security policies to ensure that your data are secure and protected. MdME ensures all its service providers adopt adequate technical and organizational security measures, and only process Personal Data pursuant to MdME’s instructions, unless in pursuance of legal obligations.

If you would like more details about our data security measures, or if have reason to believe that your interaction with us is no longer secure, please contact us in accordance with the “Contact Us” section below.

7. Data Subject Rights

As a data subject, you have the following rights:

  • Access: Subject to certain exceptions, you may ask MdME at any time for confirmation as to whether it processes your data, for access to your personal data and for information about that processing. You may also obtain a copy of the personal data that is processed.
  • Rectification: you may ask to rectify any incorrect or incomplete Personal Data.
  • Erasure: in certain situations, you have the right to request the erasure of your personal data.
  • Restriction: In certain situations, you may ask MdME to limit access to personal data or suspend processing activities. This will happen, for example, in cases where you dispute the accuracy of your personal data, for a period of time which enables MdME to check its accuracy, or in cases where you have objected to the processing, until it is verified whether the legitimate interests of MdME or of a third party prevail over yours.
  • Portability: You have the right to request that we transmit the Personal Data we hold in respect of you to another controller.
  • Objection: When the data processing is based on MdME’s legitimate interest or when it is carried out for purposes other than those for which the data was gathered, but which are compatible with the same, you have the right to object to the processing of your data for reasons related to your own personal situation. MdME will cease to process your personal data in such cases unless it has legitimate reasons to carry out this processing and these reasons prevail over your interests.
  • Not to be subject to automated decision-making: MdME make no automated individual decisions, including profiling, which have an effect on your legal status or significantly affect it in a similar way.
  • Withdrawing consent: If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge.
  • Lodge complaint: You have the right to lodge a complaint with the relevant supervisory authority about matters related to the processing of your Personal Data.

To exercise your rights, please contact us in accordance with the “Contact Us” section below. There is no charge for exercising your rights.

8. Contact us

If you have any questions or need more information about our privacy policy and the processing of your personal data or your rights as a data subject, please contact us:

  • E-mail: to the e-mail address privacy@mdme.com; or
  • Letter: addressed to MdME Privacy team:
    Macau: Avenida da Praia Grande 409, China Law Building 21F, Macau SAR – China
    Hong Kong: Unit 2503B, 25F Golden Center, 188 Des Voeux Road Central, Hong Kong SAR - China
    Lisbon: Rua Barata Salgueiro 37, 2º direito, 1250-042 Lisboa – Portugal