Skip to content

Privacy Policy

This Privacy Statement applies to the processing of personal data in the context of our services and (the use of) our website 
BRIGHT ip lawyers B.V. (hereinafter: “BRIGHT”) is the data controller within the meaning of the General Data Protection Regulation (“GDPR”).

Our contact details are:

BRIGHT ip lawyers B.V.
Sophiastraat 34
4811 EM Breda
The Netherlands
Tel: 076 53 000 50
Chamber of Commerce number: 52305015


We may process personal data in the course of our services and your use of our website, and may also share them with our IT (Cloud Software) supplier and/or delivery services, among others. We respect your personal data, and ensure that personal data provided to us or otherwise obtained by us are treated confidentially. Personal data are any data relating to an (identifiable) person. Data that indirectly say something about someone are also personal data. The following implements the obligation set out in the GDPR to inform the data subject(s) whose personal data we process.

Purpose of processing personal data

We process personal data in order to be able to offer you services, improve our services and communicate with you personally as a data subject. You can also sign up to receive our newsletter or other forms of communication. The personal data we collect are only used for the purposes for which they are provided.

We process the personal data listed below exclusively for the purposes listed below:

  • Provision of legal services, including performance of an agreement and conducting (legal) proceedings;
  • Collection of claims;
  • Advice, mediation and referral;
  • Meeting our legal and regulatory obligations;
  • Marketing and communication activities, such as including you in our newsletter database and sending periodic newsletters to you;
  • Answering questions submitted via the contact form on our website, and contacting you in connection therewith;
  • Conducting job application procedures;
  • For technical and analytical reasons, such as website optimisation.

Which personal data are processed?

We process the following categories of personal data provided by data subjects on their own initiative:

  • Name and address details;
  • Gender;
  • Date of birth;
  • Email address(es);
  • Phone number(s);
  • Company name;
  • Any financial or tax-relevant data, and related correspondence;
  • Curriculum Vitae;
  • Browser data;
  • Device data;
  • Duration of your visit;
  • Pages you visit and their order.

We process the aforementioned personal data only when you provide them to us on your own initiative. You always have the right to withdraw your given consent, or to not provide certain data. However, without your contact details, we cannot answer your questions or send you our newsletter.

Legal grounds for processing personal data

We process the aforementioned personal data only on the basis of the legal grounds set out below as referred to in Article 6 of the GDPR:

  • The processing is necessary to comply with legal obligation(s);
  • The processing is necessary for the performance of the agreement (to carry out our work);
  • Your obtained consent to process your personal data;
  • The processing is necessary for the protection of our legitimate interests (e.g., for the placement of functional and analytical cookies).

Sharing personal data with third parties

We only share your personal data with third parties to the extent necessary to provide services in accordance with the aforementioned purposes. This includes, for example, the substitution of the practice by another lawyer, the performance of an expert investigation or the engagement of another third party on our behalf and on our instructions, such as our IT (Cloud Software) supplier, but also the provision of your personal data in connection with (legal) proceedings or correspondence with the other or opposite party. Other third parties include in particular the mail services through which we send the newsletter (such as MailChimp), Google Analytics and our software supplier.

In addition, we may provide personal data to a third party, such as a regulatory body or another body vested with public authority, to the extent that there is a legal obligation to do so.

Third parties processing your personal data on our behalf and on our instructions are also obliged to comply with the GDPR. Processing agreements are concluded with the relevant parties, with appropriate technical and organisational measures in place to secure the data.

Personal data security

We attach great importance to the security and protection of your personal data and, taking into account the state of the art, ensure that appropriate technical and organisational measures are taken to guarantee a risk-appropriate security level. If we use the services of third parties, such as an IT supplier, we will agree on adequate security measures in a processor agreement within the framework of personal data security.

Retention period personal data

We do not retain processed personal data for longer than is necessary for the aforementioned purposes of data processing or as required by laws and regulations.

If you have provided your personal data to receive the newsletter, your personal data will be retained for as long as you wish to receive our newsletter. When you unsubscribe from the newsletter, we will delete your personal data immediately.

If you have applied for a position at BRIGHT, we will delete your personal data after you have asked us to do so, or four weeks after the application procedure has ended. It is also possible to give BRIGHT permission to retain your personal data for a period of one year after the application procedure ends, in case a similar position becomes available.

Rights of data subjects

As a data subject, you have the right to access, correct, restrict, oppose/object, transfer data, delete your personal data or withdraw a previously given consent. You can send such a request to You will receive further notice from us within four weeks of receiving your request. We will only process requests that relate to your own personal data.

There may be circumstances that prevent us from fulfilling or not fully fulfilling your request as a data subject. These include lawyers’ duty of confidentiality and legal retention periods.

You also have the right to lodge a complaint about the processing of your personal data with the Dutch Data Protection Authority. More information on your rights can be found at

Statistics and cookies

We keep track of website usage data for statistical purposes. The personal data collected this way are in principle anonymous and are not sold by us to third parties.

To increase the ease of use of our website and remember your settings and preferences, we use so-called ‘cookies’. These are small text files that are sent along with pages from our website and stored on your device. These cookies can also be used to gain insight into your surfing behaviour. The data collected using cookies are subject to the Cookie Statement.

Changing this Privacy Statement

We have the right to change the content of this Privacy Statement at any time without prior notice. The amended version of the Privacy Statement will be published on our website.

Questions and contact

If you have any questions, comments and/or complaints regarding this Privacy Statement or the processing of your personal data, please feel free to contact us.

Last updated in: May 2023