Privacy Policy
Last updated: 12 May 2026
1. Who we are
This Privacy Policy explains how Cadena International Pty Ltd (ACN 675 105 183, ABN 85 675 105 183) (we, us, our) collects, uses, discloses, and protects personal information.
Cadena International is the international structuring arm of Cadena Legal Pty Ltd, an Australian law firm. We provide international corporate structuring, incorporation, and related advisory services through this website at cadena.international.
Our contact details for privacy matters are:
2. Scope of this Policy
This Policy applies to personal information we collect through this website and through related enquiry, consultation, and engagement channels (email, phone, video meeting, in-person meetings).
This Policy is written to satisfy our obligations under the Australian Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) contained in Schedule 1 of that Act, and the European Union General Data Protection Regulation (GDPR) insofar as our processing of personal data falls within its territorial scope under Article 3(2).
3. Information we collect
The personal information we collect depends on how you interact with us. It typically includes:
- Contact information: name, email address, phone number, country of residence;
- Enquiry information: jurisdiction of interest, service line you are considering, indicative budget, free-form message content;
- Engagement information (where you become a client): identification documents, residential address evidence, source of funds declarations, beneficial ownership details, and any other information reasonably necessary for KYC, sanctions, anti-money-laundering and counter-terrorism financing compliance, both Australian and in the jurisdiction of incorporation;
- Technical information: IP address, browser type and version, device identifiers, pages visited, referring URL, and similar log information collected automatically when you use the website;
- Cookies and analytics: see section 8 below.
4. How we use your personal information
We use personal information to:
- respond to enquiries and provide requested information;
- scope, quote, and provide our professional services;
- satisfy our KYC, AML/CTF, sanctions, and beneficial ownership obligations and those of our registered agents, banks, and counterparties in incorporation jurisdictions;
- communicate with you about our services, including occasional updates if you opt in;
- operate, secure, and improve our website;
- comply with our legal, regulatory, and professional obligations as an Australian incorporated services provider and as a service line affiliated with an Australian law firm;
- establish, exercise, or defend legal claims.
5. Legal basis (GDPR)
To the extent the GDPR applies to our processing, we rely on the following lawful bases under Article 6:
- Performance of a contract with you, or steps taken at your request prior to entering a contract (Article 6(1)(b));
- Compliance with a legal obligation to which we are subject (Article 6(1)(c)), particularly Australian and offshore AML/CTF and reporting obligations;
- Legitimate interests in operating our business, securing our website, communicating with prospective and current clients, and developing our services (Article 6(1)(f));
- Consent (Article 6(1)(a)) for any direct marketing communications and for non-essential cookies (which you can withdraw at any time).
Where we process special categories of personal data (for example, where source of funds evidence incidentally reveals such data), we rely on Article 9(2)(g) (substantial public interest, anti-money laundering) or your explicit consent under Article 9(2)(a).
6. Disclosure of your personal information
We disclose personal information to:
- Cadena Legal Pty Ltd and other members of the Cadena group where the engagement requires Australian legal advice or where the work is jointly delivered;
- Registered agents, corporate service providers, and licensed nominee directors in the jurisdiction of incorporation (for example, in the British Virgin Islands, Cayman Islands, Panama, Hong Kong, Singapore, Seychelles, or Samoa) where this is necessary to incorporate, maintain, or wind up a corporate entity for you;
- Banks and financial service providers where you ask us to make a banking introduction;
- Regulators, courts, and law-enforcement agencies where required by law (including under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and analogous laws in the jurisdiction of incorporation);
- Service providers that support our business, including IT, hosting, communications, accounting, and form-processing providers (notably Webflow, Inc. as our website host, and the email and CRM providers we use from time to time);
- Acquirers or successors in the event of a merger, sale, or restructuring of our business.
We do not sell personal information.
7. Cross-border transfers
The nature of international structuring means we routinely transfer personal information outside Australia. Recipients are typically located in the jurisdiction of incorporation you have selected and in countries where our service providers operate (including the United States, where our website host Webflow, Inc. is based).
Where we transfer personal data subject to the GDPR outside the European Economic Area, we rely on:
- Adequacy decisions of the European Commission where they exist;
- Standard Contractual Clauses adopted by the European Commission for transfers to countries not the subject of an adequacy decision;
- Your explicit consent for specific transfers in limited circumstances (Article 49(1)(a)).
By engaging us for an incorporation in an offshore jurisdiction you expressly consent to the transfer of your personal information to that jurisdiction for the purposes of completing your engagement.
8. Cookies and analytics
This website uses cookies and similar technologies for essential functionality and, with your consent, for analytics and marketing.
- Essential cookies are necessary for the site to function and cannot be disabled in our systems. They are usually set in response to actions you take, such as submitting a form.
- Analytics cookies help us understand how visitors interact with the site. We use these only where you have given consent through our cookie banner (if displayed) or your browser settings.
You can control cookies through your browser settings and through any cookie banner displayed on the site. Blocking essential cookies may impair site functionality.
9. How long we keep your information
We retain personal information only for as long as is necessary for the purposes for which it was collected, or for as long as is required by law.
- Enquiry data that does not become an engagement is retained for up to 24 months and then deleted unless required for legal reasons;
- Engagement data is retained for a minimum of 7 years from the conclusion of the engagement to satisfy Australian record-keeping obligations and analogous obligations in the jurisdiction of incorporation. Some jurisdictions impose longer minimum retention periods, in which case we retain to the longer period;
- Marketing data is retained until you unsubscribe.
10. Your rights
Subject to applicable law, you have rights to:
- Access the personal information we hold about you;
- Correct inaccurate or incomplete information;
- Delete your information (subject to overriding legal retention obligations described in section 9);
- Restrict or object to our processing on grounds relating to your particular situation;
- Portability of certain data you have provided to us;
- Withdraw consent at any time, where we rely on consent;
- Lodge a complaint with a supervisory authority. In Australia, this is the Office of the Australian Information Commissioner (oaic.gov.au). In the European Union, this is the data protection authority of the member state of your habitual residence, place of work, or place of the alleged infringement.
To exercise any of these rights, contact us at admin@cadena.international. We will respond within 30 days. We may need to verify your identity before processing the request.
11. Security
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. These include access controls, encryption in transit, vendor due diligence, and staff training. No transmission over the internet is completely secure, and we cannot guarantee absolute security of information transmitted to or from us.
12. Children
This website is not directed to children under 16 and we do not knowingly collect personal information from children under 16. If you believe we have collected such information, contact us and we will delete it.
13. Automated decision-making
We do not make decisions about you based solely on automated processing that produce legal effects concerning you or similarly significantly affect you.
14. EU representative
We do not currently maintain an Article 27 GDPR representative within the European Union as our processing of EU residents' personal data is occasional, not large scale, and does not involve special category data. If this position changes we will appoint a representative and update this Policy.
15. Changes to this Policy
We may update this Policy from time to time. The current version is identified by the "Last updated" date at the top of this page. Material changes will be notified through the website or by direct communication where appropriate.
16. Contact
For any privacy enquiries, including requests to exercise your rights:
