PRIVACY POLICY

Personal data (hereinafter referred to as “data”) are processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly Internet presence, including its contents and the services offered there.

According to Article 4(1) of Regulation (EU) 2016/679, i.e. the Basic Data Protection Regulation (hereinafter referred to only as “DPA”), “processing” shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With the following data protection declaration we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others about the purposes and means of processing. In addition, we inform you in the following about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Our privacy policy is structured as follows:
I. Information about us as responsible persons
II Rights of users and data subjects
III. Information on data processing

I. Information about us as responsible persons
Responsible provider of this website in the sense of data protection law is:

II Rights of users and data subjects
With regard to the data processing described in more detail below, the users and data subjects have the right

to obtain confirmation as to whether or not data concerning him/her is being processed, information on the data processed, further information on the data processing and copies of the data (see also Art. 15 DPA);
the correction or completion of incorrect or incomplete data (see also Art. 16 FADP);
to the immediate deletion of data relating to them (cf. also Art. 17 FADP), or, alternatively, if further processing is necessary under Art. 17 (3) FADP, to the restriction of processing in accordance with Art. 18 FADP;
to the receipt of data concerning them and provided by them and to the transfer of such data to other providers/responsible parties (cf. also Art. 20 FADP);
to lodge a complaint with the supervisory authority if they believe that the data concerning them is being processed by the provider in breach of data protection provisions (cf. also Art. 77 DPA).

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or the restriction of processing that is carried out on the basis of Articles 16, 17 (1), 18 DSGVO. However, this obligation does not apply if such notification is impossible or involves disproportionate effort. Irrespective of this, the user has a right to information about these recipients.

Likewise, according to Art. 21 DPA, users and data subjects have the right to object to the future processing of data concerning them, provided that the data are processed by the provider in accordance with Art. 6, paragraph 1, letter f) DPA. In particular, an objection to data processing for the purpose of direct advertising is permitted.

III. Information on data processing
Your data processed during the use of our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any legal storage obligations and no other information is subsequently provided on individual processing procedures.

Server data
For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider by your Internet browser. These so-called server log files are used to record, among other things, the type and version of your Internet browser, the operating system, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which our Internet presence is used.
This data is stored temporarily, but not together with other data about you.
This storage takes place on the legal basis of Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in the improvement, stability, functionality and security of our Internet presence.
The data will be deleted after seven days at the latest, unless further storage is required for evidential purposes. Otherwise, the data is wholly or partially exempt from deletion until the final clarification of an incident.

Cookies
a) Session cookies/session cookies
We use so-called cookies with our Internet presence. Cookies are small text files or other storage technologies that are stored on your terminal device by the Internet browser you use. Through these cookies, certain information from you, such as your browser or location data or your IP address, is processed to an individual extent.
This processing makes our website more user-friendly, more effective and more secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping basket function.
The legal basis for this processing is Art. 6 para. 1 lit. b.) DSGVO, insofar as these cookies process data for the initiation or execution of contracts.
If the processing does not serve the purpose of contract initiation or contract processing, our legitimate interest lies in the improvement of the functionality of our Internet presence. The legal basis is then Art. 6 para. 1 lit. f) DSGVO.
These session cookies are deleted when you close your Internet browser.

b) Third party cookies
Where appropriate, our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.
For details on this, in particular on the purposes and legal basis for processing such third-party cookies, please refer to the following information.

c) Disposal option
You can prevent or restrict the installation of cookies by adjusting your Internet browser settings. You can also delete already stored cookies at any time. However, the steps and measures required for this depend on the Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. With so-called Flash cookies, however, the processing cannot be prevented by the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the Flash Player you are using. If you have any questions, please also use the help function or documentation of your Flash Player or contact the manufacturer or user support.
Should you prevent or restrict the installation of cookies, this may, however, mean that not all functions of our website can be used to their full extent.

Contact enquiries / Contact possibility
If you contact us via contact form or e-mail, the data you provide will be used to process your request. The provision of the data is necessary for processing and answering your enquiry – without the provision of this data we cannot answer your enquiry or can only answer it in a limited way.
The legal basis for this processing is Art. 6 para. 1 lit. b) DSGVO.
Your data will be deleted, provided that your inquiry has been finally answered and the deletion does not conflict with any legal storage obligations, as for example in the case of a possible subsequent contract processing.

Facebook
To promote our products and services and to communicate with interested parties or customers, we operate a company presence on the Facebook platform.
On this social media platform we are jointly responsible with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
The data protection officer of Facebook can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the DSGVO. This agreement, from which the mutual obligations result, can be accessed via the following link: https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the processing of personal data that is carried out as a result and reproduced below is Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the analysis, communication, sales and advertising of our products and services.
The legal basis can also be a consent of the user according to Art. 6 para. 1 lit. a DSGVO towards the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 Para. 3 DSGVO.
When our online presence is called up on the Facebook platform, the user’s data (e.g. personal information, IP address etc.) is processed by Facebook Ireland Ltd. as the platform operator in the EU.
This user data is used for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes as well as to create user profiles. Using these profiles, Facebook Ireland Ltd. is, for example, able to advertise the users inside and outside of Facebook based on their interests. If the user is logged into his or her account on Facebook at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account.
If the user contacts Facebook, the personal data entered by the user on this occasion will be used to process the request. The user’s data will be deleted by us, provided that the user’s enquiry has been finally answered and no legal storage obligations, e.g. in the case of subsequent contract processing, stand in the way.
Facebook Ireland Ltd. may also use cookies to process the data.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by adjusting the browser settings accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented by the browser settings, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.
More details on the processing activities, their prevention and the deletion of data processed by Facebook can be found in the Facebook data policy:
https://www.facebook.com/privacy/explanation

It is not excluded that the processing by Facebook Ireland Ltd. may also take place via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
Facebook Inc. has subjected itself to the “EU-US Privacy Shield” and thereby declares compliance with the data protection requirements of the EU when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Instagram
To promote our products and services and to communicate with interested parties or customers, we operate a company presence on the Instagram platform.
On this social media platform we are jointly responsible with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
Instagram’s data protection officer can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

The legal basis for the processing of personal data that is carried out as a result and reproduced below is Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the analysis, communication, sales and advertising of our products and services.
The legal basis can also be a consent of the user according to Art. 6 para. 1 lit. a DSGVO towards the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator in accordance with Art. 7 Para. 3 DSGVO.
When our online presence is called up on the Instagram platform, the user’s data (e.g. personal information, IP address etc.) is processed by Facebook Ireland Ltd. as the platform operator in the EU.
This user data is used to provide statistical information about the use of our corporate presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes as well as to create user profiles. For example, Facebook Ireland Ltd. may use these profiles to promote the interests of users inside and outside Instagram. If the user is logged into his or her account on Instagram at the time of access, Facebook Ireland Ltd. may also link the data to the relevant user account.
In the event that the user contacts Instagram, the user’s personal data entered on this occasion will be used to process the request. The user’s data will be deleted by us, provided that the user’s inquiry has been conclusively answered and no legal storage obligations, e.g. in the case of subsequent contract processing, conflict with this.
Facebook Ireland Ltd. may also use cookies to process the data.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by adjusting the browser settings accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented by the browser settings, but by the corresponding setting of the Flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.
For details on processing activities, how to prevent them and how to delete data processed by Instagram, please refer to Instagram’s Data Policy:
https://help.instagram.com/519522125107875

Linking social media via graphic or text link
We also advertise on our website presence on the social networks listed below. The integration takes place via a linked graphic of the respective network. The use of this linked graphic prevents the automatic establishment of a connection to the respective server of the social network when a website with a social media application is called up in order to display a graphic of the respective network itself. Only by clicking on the corresponding graphic is the user forwarded to the service of the respective social network.
After the user is forwarded, information about the user is collected by the respective network. It cannot be excluded that the data collected in this way is processed in the USA.
This is initially data such as IP address, date, time and visited page. If the user is logged into his user account of the respective network during this time, the network operator may be able to assign the collected information of the user’s specific visit to the user’s personal account. If the user interacts via a “share” button of the respective network, this information can be stored in the user’s personal user account and, if necessary, published. If the user wants to prevent the collected information from being directly assigned to his user account, he must log out before clicking on the graphic. It is also possible to configure the respective user account accordingly.
The following social networks are integrated into our site by linking:

Jetpack – WordPress Stats
In our internet presence we use Jetpack with the extension “WordPress Stats”. This is a web analytics service provided by Automattic Inc, 132 Hawthorne Street, San Francisco, CA 94107, USA, hereinafter referred to as “Automattic” only.
Through the certification according to the EU-US Privacy Shield
https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active guarantees that Automattic will comply with EU data protection regulations even when processing data in the USA.
The Jetpack – WordPress Stats service is used to analyse the usage behaviour of our website. The legal basis is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in the analysis, optimization and economic operation of our Internet presence.
For the analysis of the usage behaviour Jetpack – WordPress Stats stores cookies via your internet browser on your end device.
During processing, your IP address, the website(s) of our Internet presence that you visit, the website from which you have switched to our Internet presence (referrer URL), your length of stay on our Internet presence as well as the frequency with which one of our websites is called up are recorded. The data collected is stored on a server of Automattic in the USA. However, your IP address will be anonymised immediately after processing and even before it is saved.
If you do not agree with this processing, you have the possibility to prevent the storage of the cookie by adjusting your internet browser settings. You will find more information on this under “Cookies” above.

Sample data protection declaration of the law firm Weiß & Partner

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.