GDPR Compliance

GDPR Compliance Notice

1. Our Commitment to Data Privacy

Trust Law Top is a Switzerland-based firm that processes personal data fully in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) for users in the European Economic Area (EEA).

Although headquartered outside the EU, we process data lawfully, transparently, and with respect for your rights.

2. Scope

This notice applies to any EU/EEA individual who uses or interacts with:

  • Our website or landing pages
  • Consultation and document services
  • Email newsletters and legal updates
  • Contact forms and surveys

3. Legal Bases for Processing

Under GDPR, we rely on these legal bases:

  • Consent – For email newsletters, non-essential cookies, and contact form submissions
  • Contract – To provide paid legal services, wills, and trust arrangements
  • Legal obligations – To comply with tax, accounting, and regulatory requirements
  • Legitimate interests – To enhance our services and website performance

4. Your Rights Under GDPR

As an EU data subject, you have the right to:

  • Access your personal data
  • Rectify any inaccuracies
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability – receive your data in a structured format

5. Data Transfers Outside the EU

All data is processed on secure servers in Switzerland, which the European Commission recognizes as providing an “adequate level of protection.”

6. Data Retention

We retain personal data only as long as necessary for:

  • Delivering our legal services
  • Meeting legal and accounting requirements
  • Improving our offerings (using anonymized data)

Typical retention periods:

  • Case and billing records: 10 years
  • Consent and communication logs: 2 years
  • Inactive client data: deleted after 3 years

7. Data Protection Officer

Our appointed Data Protection Officer oversees GDPR compliance.

📩 Contact:
Data Protection Officer
📧 info@trustlawtop.com

8. Supervisory Authority

If you are dissatisfied with our data practices, you may lodge a complaint with your local Data Protection Authority (DPA).