Privacy policy

We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (DSGVO). This statement describes how and for what purpose your information is collected and used and what choices you have in connection with personal information.

A. Data collection during our mandate

When you mandate us, we collect the following information:

  • Title, first name, surname,
  • a valid e-mail address,
  • address,
  • phone number (landline and/or mobile)
  • Information that is necessary for the assertion and defense of your rights within the scope of the mandate

This data is collected,

  • to be able to identify you as our client;
  • to be able to provide you with appropriate legal advice and representation;
  • for correspondence with you;
  • for invoicing purposes;
  • to process any existing liability claims and to assert any claims against you;

The data processing is carried out at your request and is required pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR for the aforementioned purposes for the appropriate processing of the mandate and for the mutual fulfillment of obligations arising from the mandate agreement.

The personal data collected by us for the mandate will be stored until the expiry of the statutory retention obligation for lawyers (6 years after the end of the calendar year in which the mandate was terminated) and then deleted, unless we are required by Article 6 para. 1 S. 1 lit. c DSGVO aufgrund von steuer- und handelsrechtlichen Aufbewahrungs- und Dokumentationspflichten (aus HGB, StGB oder AO) zu einer längeren Speicherung verpflichtet sind oder Sie in eine darüber hinausgehende Speicherung nach Art. 6 Abs. 1 S. 1 lit. a DSGVO eingewilligt haben.

B. Data collection on this website and during contract initiation and execution

Who is responsible for the data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the responsible office” in this data protection declaration.

How do we collect your data?

On the one hand, your data is collected by you providing it to us. This may be, for example, data that you enter in a contact form.

Other data is collected automatically or after your consent when you visit the website by our IT systems. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the following rights with respect to us regarding the personal data concerning you:

– Right to information,

– Right to rectification or deletion,

– Right to restriction of processing,

– Right to object to processing,

– Right to data portability.

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us, if you see reason to do so.

Third-party analytics and tools

When visiting this website, your surfing behavior can be statistically analyzed. This is done mainly with so-called analysis programs.

Detailed information about these analysis programs can be found in the following privacy policy.

1. Hosting

We host the content of our website with the following provider:

All-Inkl

Provider is ALL-INKL.COM – Neue Medien Münnich, Inh. René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter All-Inkl). For details, please refer to All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

2. General notes and mandatory information

Privacy

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of the data against access by third parties is not possible.

Note on the responsible entity

The responsible party for data processing on this website is:

STELTZER Rechtsanwälte + Mediatoren PartG
Kurfürstendamm 167/168
10707 Berlin

Telefon: +49/ (0)30 / 94 87 14 10
E-Mail: mail@steltzer-kanzlei.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Storage duration

Unless a more specific storage period has been specified within this data protection declaration, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, insofar as special categories of data pursuant to Art. 9 para. 1 DSGVO are processed. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also carried out on the basis of Art. 49 para. 1 lit. a DSGVO. If you have consented to the storage of cookies or to the access to information in your terminal device (e.g. via device fingerprinting), the data processing is additionally carried out on the basis of § 25 para. 1 TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b DSGVO. Furthermore, we process your data insofar as this is necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO. The data processing may further be based on our legitimate interest according to Art. 6 para. 1 lit. f DSGVO shall take place. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection declaration.

Note on data transfer to third countries that are not secure under data protection law and transfer to US companies that are not DPF-certified

Among other things, we use tools from companies based in third countries that are not secure under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that in third countries with insecure data protection laws, no level of data protection comparable to that in the EU can be guaranteed.

We would like to point out that the USA, as a safe third country, generally has a level of data protection comparable to that of the EU. Accordingly, a data transfer to the USA is permitted if the recipient has a certification under the “EU-US Data Privacy Framework” (DPF) or has suitable additional guarantees. Information on transfers to third countries, including data recipients, can be found in this Privacy Policy.

Recipients of personal data

As part of our business activities, we cooperate with various external entities. In some cases, this also requires the transfer of personal data to these external bodies. We only pass on personal data to external bodies if this is necessary in the context of fulfilling a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest according to Art. 6 Para. 1 lit. f DSGVO have in the transfer or if another legal basis allows the data transfer. When using processors, we disclose personal data of our customers only on the basis of a valid contract on commissioned processing. In case of joint processing, a contract on joint processing shall be concluded.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 DSGVO)

IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 ABS. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) DSGVO).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).

Right of complaint to the competent supervisory authority

In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data. You can contact us at any time with regard to this and other questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time. The right to restrict processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data happened/is happening unlawfully, you may request the restriction of data processing instead of erasure.
  • If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
  • If you file an objection pursuant to Art. 21 para. 1 DSGVO, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Objection to advertising e-mails

The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information materials is hereby contradicted. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

3. Data collection on this website

Cookies

Our Internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or until they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies may be used to evaluate user behavior or for advertising purposes.

Cookies that are necessary to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

Which cookies and services are used on this website can be found in this privacy policy.

Consent with Borlabs Cookie

Our website uses Borlabs Cookie Consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consents you have given or revoked. This data is not shared with the provider of Borlabs Cookie.

The collected data will be stored until you request us to delete it or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Zwingende gesetzliche Aufbewahrungsfristen bleiben unberührt. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The use of Borlabs cookie consent technology is done in order to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO.

Contact form

If you send us inquiries via the contact form, the information you provide in the inquiry form, including the contact data you enter there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, provided that your request is related to the performance of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the requests addressed to us (Art. 6 (1) f DSGVO) or on your consent (Art. 6 (1) a DSGVO) if this has been requested; the consent can be revoked at any time.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

Request by e-mail, phone or fax

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not share this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, provided that your request is related to the performance of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the requests addressed to us (Art. 6 (1) f DSGVO) or on your consent (Art. 6 (1) a DSGVO) if this has been requested; the consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Communication via WhatsApp

For communication with our customers and other third parties, we use, among other things, the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp gains access to metadata that is created in the course of the communication process (e.g., sender, recipient, and time). We would also like to point out that WhatsApp, according to its own statement, shares personal data of its users with its parent company Meta, which is based in the USA. For more details on data processing, please see WhatsApp’s privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

WhatsApp is used on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 lit. f DSGVO). If a corresponding consent has been requested, the data processing is carried out exclusively on the basis of the consent; this can be revoked at any time with effect for the future.

The communication content exchanged between and on WhatsApp remains with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

The company is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the U.S. that is intended to ensure compliance with European data protection standards for data processing in the U.S.. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000011sfnAAA&status=Active

We use WhatsApp in the “WhatsApp Business” variant.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum.

We have concluded an order processing agreement (AVV) with the above-mentioned provider.

Calendly

On our website you have the possibility to make appointments with us. For booking appointments we use the tool “Calendly”. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”).

For the purpose of booking an appointment, enter the requested data and the desired date in the mask provided. The data entered will be used for the planning, execution and, if necessary, follow-up of the appointment. The appointment data is stored for us on the servers of Calendly, whose privacy policy you can view here: https://calendly.com/de/pages/privacy.

The data you enter will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected.

The legal basis for data processing is Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in making it as uncomplicated as possible to arrange appointments with interested parties and customers. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://calendly.com/pages/dpa.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

ProvenExpert

We have integrated rating seals from ProvenExpert on this website. Provider is Expert Systems AG, Quedlinburger Str. 1, 10589 Berlin, https://www.provenexpert.com.

The ProvenExpert seal allows us to display customer reviews submitted to ProvenExpert about our company in a seal on our website. When you visit our website, a connection is established with ProvenExpert so that ProvenExpert can determine that you have visited our website. Furthermore, ProvenExpert collects your language settings to display the seal in the selected local language.

The use of ProvenExpert is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in a presentation of customer ratings that is as comprehensible as possible. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

4. Plugins and tools

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the respective end device of the website visitor.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Browser plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Google Signals

We use Google signals. When you visit our website, Google Analytics records your location, search history and YouTube history as well as demographic data (visitor data), among other things. This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, the visitor data from Google Signal is linked to your Google account and used for personalized advertising messages. The data is also used to compile anonymous statistics on the user behavior of our users.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

YouTube with enhanced privacy

This website embeds videos from the website YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube not to store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – connects to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

For more information about privacy at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the U.S. that is intended to ensure compliance with European data protection standards for data processing in the U.S.. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Vimeo

This website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo video, a connection to Vimeo’s servers is established. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you allow Vimeo to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo uses cookies or similar recognition technologies (e.g. device fingerprinting) to recognize website visitors.

The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here: https://vimeo.com/privacy.

For more information on the handling of user data, please see Vimeo’s privacy policy at: https://vimeo.com/privacy.

Hippo Video

To display videos we use the tool from Hippo Video. Hippo Video is a tool from Lyceum Technologies, Inc, 2035 Sunset Lake Road, Suite B-2, Newark, Delaware, 19702 (USA).

After starting a video, a connection to Hippo Video servers is established. In doing so, Hippo Video may store cookies on your terminal device. Furthermore, Hippo Video stores IP addresses, location, device data and browser information. Browsers usually have a “Do not track” function. If you do not want to be tracked, you must enable this option in any browser you use.

The use of Hippo Video is in the interest of an appealing presentation of our online offers and thus in our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Hippo Video is DSGVO compliant. Read more: https://www.hippovideo.io/gdpr-compliance.html

For more information about how Hippo Video handles your information, please see the privacy policy of Lyceum Technologies, Inc. at www.hippovideo.io/privacy_policy.ht ml

5. Audio and video conferencing

Data processing

Among other things, we use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. When you communicate with us via video or audio conferencing over the Internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.

In doing so, the conference tools collect any data that you provide/enter to use the tools (email address and/or your phone number). Furthermore, the conferencing tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all technical data required for the handling of online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content specifically includes cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the Service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy statements of the respective tools used, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b DSGVO). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.

Storage duration

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Zwingende gesetzliche Aufbewahrungsfristen bleiben unberührt.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conferencing tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.

Data is stored in the European Economic Area. More details can be found here: https://zoom.us/de-de/privacy.html.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

6. Signature software (DocuSign)

We use software that enables electronic signatures in documents to conclude contracts with our clients. This replaces handwritten signatures.

We use software from DocuSign Inc., a U.S. company headquartered at.
221 Main St., Suite 1000 San Francisco, California
. The company offers companies the option of providing contracts digitally, having them countersigned with an electronic signature, and archiving the agreements.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. b) GDPR.

When you sign a contract digitally via DocuSign, your data (e.g. name, e-mail address, IP address) and the data of the document are transmitted to DocuSign and stored there. DocuSign complies with the requirements of the EU-US Privacy Framework, which means that an adequate level of data protection is guaranteed for data processing in the USA.

Data processed by DocuSign may include personal data related to the creation and signing of a document. The purpose and scope of the data collection and the further processing and use of the data by DocuSign as well as your rights in this regard and setting options for protecting your privacy can be found in the DocuSign data protection information: https://www.docusign.com/de-de/datenschutzerklaerung/datenschutz

Your personal data will be stored by DocuSign for 90 days after the conclusion of the contract.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our clients only according to our instructions and in compliance with the DSGVO.

7. Use of XpressDox

We use the cloud service of “XpressDox” to enable the semi-automated creation, editing and management of document templates. The provider of this service is Xpressdox (Pty) Ltd, 96 North Street, Ferndale, 2145 Randburg, Johannesburg,South Africa. Data processing is based on Art. 6 (1) lit. b DSGVO, provided that you have given us your consent or the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

Data processed by XpressDox may include personal data related to the creation, editing and management of document templates. The purpose and scope of the data collection and the further processing and use of the data by XpressDox as well as your rights in this respect and setting options for protecting your privacy can be found in the data protection information of XpressDox: https: //xpressdox.com/policies/privacy/

DocuSign complies with the requirements of the EU-US Privacy Framework, which means that an adequate level of data protection is ensured during data processing. The servers are located in Europe and hosted by Hetzner Online GmbH in Gunzenhausen.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our clients only according to our instructions and in compliance with the DSGVO.

8. Use of actaport

We use “Actaport” as cloud-based law firm software.

The provider of this service is dokSAFE GmbH, located at Goethestraße 1, 04109 Leipzig, Germany. The data processing is based on Art. 6 para. 1 lit. b DSGVO, provided you have given us your consent or the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

The data processed by Acptaport includes all data obtained in connection with the mandate granted, including your personal data. Your data is thus particularly secure and well protected against access by third parties. Read more: https://www.actaport.de/de/warum_actaport/datensicherheit.php

The disclosure of client secrets by dokSAFE GmbH is excluded, as is the disclosure of data to third parties, insofar as we do not actively enable this disclosure, e.g. in order to resolve any technical problems and a disclosure of data for this purpose should be unavoidable. The purpose and scope of data collection by dokSAFE GmbH can be found in Actaport’s privacy policy: https://www.actaport.de/de/rechtliches/datenschutz.php

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our clients only according to our instructions and in compliance with the DSGVO.

9. Use of accounting butler

For the completion of accounting we use the service of cloud-based accounting software BuchhaltungsButler GmbH, Spreestraße 5, 15913 Märkische Heide. AccountingButler processes incoming and outgoing invoices, as well as our company’s bank transactions, if applicable, in order to automatically capture invoices, match them to transactions, and create financial accounting from them in a semi-automated process. For more information about BuchhaltungsButler GmbH, the automated processing of data and data protection regulations, please visit https://www.buchhaltungsbutler.de/.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our clients only according to our instructions and in compliance with the DSGVO.

10. Use of Tresorit

We use the “Tresorit” service to exchange encrypted data with our clients.

The provider of this service is Tresorit AG with its registered office at Franklinstrasse 27, 8050 Zurich, Switzerland. The data processing is based on Art. 6 para. 1 lit. b DSGVO, provided you have given us your consent or the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

Data processed by Tresorit may include personal data related to secure storage, synchronization and file sharing. The purpose and scope of the data collection and the further processing and use of the data by Tresorit as well as your rights in this regard and setting options for protecting your privacy can be found in the Tresorit data protection information: https://tresorit.com/de/legal/privacy-policy

As Tresorit is located in Switzerland, a country recognized under the EU for its adequate level of data protection, additional data protection measures are not required with respect to the export of data.

You have the right to revoke your consent to the use of Tresorit at any time. The revocation is effective for the future. The data processing carried out until the revocation remains lawful.

Job processing

We have concluded a contract on order processing (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our clients only according to our instructions and in compliance with the DSGVO.

© 2024 
beratung.steltzer-kanzlei.de - All Rights Reserved

Search this website:

(You can use default Divi Search module or a custom plugin shortcode.)