Privacy Policy

Privacy policy (valid from May 2023)

The purpose of this Privacy Policy is to provide you with an overview of what happens with your personal data (hereinafter also referred to as “Data“) in our law firm and to inform you of the data protection claims and rights to which you are entitled in accordance with the European General Data Protection Regulation (“GDPR“) and national data protection laws, such as the German Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG“) and the German Teleservices Data Protection Act (“Telekommunikation-Telemedien-Datenschutz-Gesetz, “TTDSG“). We therefore ask you to take note of this Privacy Policy and, where appropriate, to print or save it.

Personal data is any information that can be used to personally identify you. The processing of your Data may be carried out for various purposes. In general, the data processing activities of tecLEGAL Habel RAe, Würmtalstraße 20 A, 81375 Munich, Germany (hereinafter also referred to as “tecLEGAL Habel” or “we“) can be divided into the following areas of application:

  • General information about data protection, data processing and the rights of data subjects, which applies to all data processing carried out for us, is set out in Part A
  • In connection with our website teclegal-habel.de (hereinafter: “Website“) or comparable external online presences, such as social media profiles, from which we refer to this Privacy Policy (Website and external online presences hereinafter also collectively: “Internet Presences“), we process data from visitors that is exchanged between their internet-enabled devices and the server operated by us, as well as other data that is communicated to us in connection with the use of the Internet Presenses. Please see Part B for details.

Please visit the individual sections for quick, contextual information on specific processing situations.

 

A. General information on data protection and data subject rights

 

I. Who is responsible for data processing and who can you contact if you have any questions?

Controller according to the GDPR and other national data protection laws of the member states as well as other provisions of data protection law is: tecLEGAL Habel RAe, Würmtalstraße 20 A, 81375 Munich (Germany), Tel.: +49 (0)891395766-0, E-Mail: info@teclegal-habel.de. 

The responsible contact person at TecLEGAL Habel RAe is Dr. Oliver M. Habel, attorney-at-law, ibidem.

 

II. What rights do you have regarding your Data?

If your Data is processed, you are a “Data Subject” under the GDPR, which may entitle you to the rights described below. If you wish to exercise any rights against us as the „Controller“, we recommend that you contact us using our contact details above:

1. Right of access

In accordance with Art. 15 GDPR, you may request confirmation from us as to whether and to what extent we are processing your Data.

2. Right to rectification

If the Data concerning you is incorrect or incomplete, you have the right to have your Data corrected and/or completed, in accordance with Art. 16 GDPR.

3. Right to erasure

If the legal requirements of Art. 17 GDPR are met, you can demand that we erase your Data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests. Please note that there may be reasons that prevent immediate deletion, such as statutory retention obligations.

Irrespective of the exercise of your right of erasure, we will immediately and completely delete your Data in order to comply with our legal obligations to delete Data, after the purpose of processing has ceased to apply, unless there is a legal or statutory retention period to the contrary.

4. The right to restriction of processing

In the cases referred to in Art. 18 GDPR, you may request us to restrict the processing of your data. If you have restricted the processing of your Data, such data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

5. Right to data portability

According to Art. 20 GDPR, you have the right to have the Data provided by you, which we process automatically on the basis of your consent or in fulfilment of a contract, transferred to you or to a third party in a common, machine-readable format. If you request your Data to be transferred directly to another responsible person, this will only be done to the extent, that it is technically feasible. The right to data transfer does not apply to the processing of Data necessary for the performance of a task in the public interest or in the exercise of official authority assigned to the Data Controller.

6. Right to object

If we process your Data on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you may object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling (which does not take place!) based on these provisions (see Art. 21 GDPR). If you object, we will no longer process the Data concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests as a Data Subject or for the establishment, exercise or defence of legal claims.

If we process your Data for the purpose of direct marketing (which we do not!), you have the right to object at any time to the processing of your Data for such marketing purposes, including the creation of profiles in connection with such direct marketing. If you object, your Data will no longer be used for direct marketing purposes. You may object to the processing of your Data for direct marketing purposes at any time without giving reasons.

7. Right to withdraw consent under data protection law

Some data processing operations may only be carried out with your express consent pursuant to Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TTDSG. You may revoke your consent at any time with effect for the future. Withdrawal of your consent does not affect the lawfulness of the processing based on your consent prior to its withdrawal. Please note that even if you withdraw your consent, we may still process the Data concerned in whole or in part on the basis of other legal principles.

8. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or the place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 GDPR in conjunction with Article 19 BDSG).

A list of data protection authorities in Germany and their contact details can be found at the following link www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

If you believe that we have breached German or European data protection law in the processing of your Data, please contact us to clarify the matter.

You also have the right to contact the supervisory authority responsible for our registered office:

Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, E-Mail: poststelle@lda.bayern.de, www.lda.bayern.de

 

III. What personal data do we process and from what sources?

1. Source of personal data

Through our Website, we process Data that we receive during your visit or that you actively provide to us during your use. Other Data is automatically collected automatically by our IT systems when you visit the Website. This is mainly technical data (e.g. Internet browser, operating system or time of a page request). This Data is collected automatically when you visit our Website. You can find details on this at Part B.

2. Categories of personal data

We process the following Data about you:

  • Access data: Date and time of the visit to our Website; the webpage from which the accessing system accessed our Website; the subpages accessed during the visit; session identification data (session ID); in addition, the following information about the accessing computer system: Internet Protocol (IP) address used, browser type and version, device type, operating system and similar technical information.

 

IV. For what purposes and on what legal basis are your data processed?

We process your Data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Teleservices Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz, “TTDSG”) as amended, in particular on the following basis:

1. Protection of legitimate interests (Art. 6 para. 1 lit.f GDPR)

Based on a balancing of interests, data processing may be carried out to protect our legitimate interests or those of third parties. This is permitted unless your interests or fundamental rights and freedoms require the protection of personal data to be overridden. Data processing for the protection of legitimate interests may occur, for example, in the following cases

  • Providing our Website, its functions and content
  • Use of technically necessary cookies or comparable technologies in the sense of § 25 Abs. 2 TTDSG
  • Responding to contact requests and communicating with users
  • Execution of payment transactions via external service providers

 

2. Consent (Art. 6 para. 1 lit.a GDPR):

If a service used by us in any way stores information in the user’s end devices or accesses such information, consent is required in accordance with Section 25 para 1 sentence 1 of the TDDSG. If the service functions without access to the terminal equipment, the GDPR applies. If we ask for your consent within the scope of the GDPR, this is done on the basis of Art. 6 para 1 lit. a in conjunction with Art. 7 GDPR.

If, in individual cases, you have given us your consent to process your data, it will be processed in accordance with the purposes and to the extent agreed in the declaration of consent. Consent given, for example to receive a newsletter, can be revoked at any time with effect for the future. To do so, please use the contact details given in Part A. No. I or No. II.

Please note that any processing that has taken place prior to the revocation will not be affected by the revocation and that the processing may continue, at least in part, on the basis of another legal basis.

 

V. Who will receive my Data?

Your data will be used for the purpose of processing a contractual relationship in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR or – depending on the nature of the specific contractual relationship – on the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR or those of our clients, in particular to service providers that we regularly use in connection with the homepage. This applies to the following recipients or categories of recipients:

  • IT service providers (e.g. email service providers, web hosting service providers)

If we use a service provider for the purpose of processing on behalf in accordance with Art. 28 GDPR, we remain responsible for the protection of your Data. To the extent required by law, such data processors are contractually bound by an data processing agreement to treat your Data confidentially and to process it only within the scope of providing the service. Our data processors will receive your Data only to the extent, that they need it to perform their respective services.

Your Data will only be disclosed to or collected for the purposes of government institutions and authorities in accordance with mandatory national laws.

 

VI. How long will my Data be stored?

Your Data will only be used for the purpose for which you have provided it to us or for which you have given us your consent and will be stored until that specific purpose has been fulfilled. Once the purpose has been fulfilled, or if you request us to delete your Data, your Data will only be kept for as long as is necessary to comply with statutory limitation periods or retention periods (in particular for tax and commercial law purposes).

However, the Data will be deleted at the latest upon expiry of all time limits, unless you have expressly consented to further or other use. You may also exercise your rights during the retention periods, such as the blocking of your data. See Part A. No. II.

We will delete or block your data as soon as the purpose for which it was stored no longer applies or you request us to delete it.

VII. Will personal data be transferred to a third country?

We do not generally intend to transfer personal data to the USA on a regular basis. However, as part of our processing operations, personal data may be transferred in the course of certain business transactions or activities to entities in so-called third countries outside the EU or the EEA that have not yet been certified by the EU Commission as having an adequate level of data protection, such as the USA. Should such a transfer become necessary in individual cases, it will only take place on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate data protection safeguards or your express consent.

 

B. Use of our Internet Presences

 

In general, you can visit our Internet Presences and use them for informational purposes without providing any personal information (e.g., registering, placing orders, or otherwise providing information about yourself).  In this case, we process personal information about our users only to the extent necessary to provide a functional Website and our content and services, or to the extent that cookies used on the Website provide us with personal information when you visit the Website. For information about our own cookies used by us, please see B Section II. Other cookies may allow our affiliates or third parties to recognise your browser on your next visit. For information on such third party cookies, please refer to Part B Section III.

In addition, the processing of personal data of our users is regularly only carried out with the consent of the user. The exception to this is where prior consent cannot be obtained for practical reasons and where the processing of the data is permitted by law.

 

I. Hosting, provision of the Website and creation of log files

Description of data processing

Each time you visit our Website, our system automatically collects data and information from the computer system of the computer accessing the Website, that your Internet browser automatically transmits to us or our web host (so-called log files). These server log files may include IP addresses or other information that allows us to identify a specific user. This could be the case, for example, if the link to the website from which the user accesses the Website, or the link to the website to which the user switches, contains personal data. The following information is collected and stored by our hosting provider in this context:

  • the type and version of the web browser used
  • the operating system used by the accessing system
  • the website from which an accessing system accesses our Website (so-called referrer)
  • the sub-websites to which an accessing system is directed from our Website
  • the date and time of access to our Website
  • the Internet Protocol address (IP address)
  • the internet service provider of the accessing system
  • other similar data and information used for the purpose of averting danger in the event of attacks on our information technology systems

 

The Data is stored in the log files of our web host. This Data is not stored together with other personal data of the user.

Legal basis and purposes of data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR. This information is also required for the provision of the service in accordance with Section 25 para. 2 no. 2 TTDSG.

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

The data is stored in log files to ensure the functionality of the site. The data is also used to optimise the site and to ensure the security of our IT systems.

 

Retention period / Right of objection and deletion

The Data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of Data collected for the purpose of providing the website, this will be the case when the relevant session has ended.

When Data is stored in log files, this is the case after 7 days at the latest.

The collection of Data for the provision of the Website and the storage of Data in log files are essential for the operation of the Website. Consequently, there is no possibility for the user to object.

 

II. Cookies and similar technologies

1. Use of Cookies

Description of data processing

Our Website uses cookies or similar methods and collects, processes and uses usage data (e.g. access times, websites visited) or meta and communication data (IP address, device information).

Cookies are text files with a characteristic string of characters that are stored in the Internet browser or by the Internet browser on the user’s computer system and enable the browser to be uniquely identified when the site is accessed again. When a user visits a website, a cookie may be stored on the user’s operating system. A cookie contains a unique string of characters. Cookies are used to make a website more user-friendly, effective and secure. When you visit a website that has a cookie embedded in it, the information you enter is stored only in the cookie on your computer. In this case, data is only transmitted to our servers when a page is requested.

Some cookies are deleted at the end of the browser session when your browser is closed (so-called session cookies). These cookies are technically necessary, e.g. to enable you to log in to the application and remain logged in across pages during your visit to our Website.

Other cookies remain on your device for a certain period of time and enable us to recognise your browser on your next visit (so-called persistent or protocol cookies). The purpose of using these cookies is to provide you with the best possible user experience, to “recognise” you and to present you with as varied a website and new content as possible when you return.

Cookies from partner firms or third parties may be used, for example, to collect information for advertising, customised content or statistics (“Third Party Cookies”). Unless we indicate that the cookie originates from a third party, the cookie originates from our site (“First Party Cookies”). We will inform you separately about any third party cookies or tracking technologies that we use in the following sections of our Privacy Policy.

Flash cookies are stored on your computer as data elements of web pages when they are operated using Adobe Flash. Flash cookies do not have a time limit.

We use various cookies and similar technologies to make our website more user-friendly.

The information stored on users’ devices, or access to information already stored on users’ devices, and details of the name, purpose, storage period, type and origin of the cookies and similar technologies used are set out in the table below:

 

Name of the Cookie Purpose Duration of storage Type of Cookie Domain
qtrans_front_language Selection of the language version of the Website 1 year Persistent Cookie www.teclegal-habel.de

 

Legal basis and purposes of data processing

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality and security of the website and a customer-friendly and effective design of the website visit, unless we ask you for your consent under Art. 6 para. 1 lit. a GDPR or § 25 para. 1 TTDSG. If this is not the case, the information is required for the provision of our services in accordance with Section 25 para. 2 no. 2 TTDSG.

 

The purpose of the use of technically necessary cookies is to facilitate the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised after a page change.

Retention period / Right of objection and deletion

Cookies are stored on the user’s computer and transferred to our site by the user. Therefore, as a user, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

For example, you can opt out of the use of cookies for online marketing purposes, particularly in the case of tracking, through the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or generally at http://optout.aboutads.info.

If you disable cookies for our website, you may not be able to use all the features of the website.

 

III. More information about the processes, plug-ins and tools used to design the Website

SSL or TLS encryption

Our Website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

IV. Links to other websites

Our Website may contain links to other websites. We have no influence whatsoever on the content or design of other providers’ websites. The statements in this privacy policy therefore do not apply to external providers to whose offers or content we merely link with.

If you are forwarded via links from our Website to other websites, please inform yourself there about the respective handling of your Data.

 

V. Online presences on social networks and platforms

Description of data processing

We maintain other Internet Presences within social networks and/or industry networks (LinkedIn or XING) (hereinafter also referred to as “SN“) and platforms (Google Maps) and link to these from our Website. By clicking on the respective buttons (recognisable by the respective logos of the social networks or platforms), you can access the respective Internet Presence on the SN. The purpose of these Internet Presences is to communicate with active clients, interested parties and users and to inform them about our services.

When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.

As the use of SN takes place outside of our Website, we have no control over it, unless otherwise stated below. However, please note that if you use the above-mentioned platforms and networks to which we link, Data may also be processed in the USA by these SN companies and may also be processed by the respective operators for market research and advertising purposes, including the creation of user profiles. If you are logged in to the relevant networks and platforms, they may also store cookies on your device that track your use of websites and other information about your usage behaviour.

Unless otherwise stated in our Privacy Policy, we only process users’ Data when they communicate with us within the social networks and platforms, such as by posting comments or sending us messages.

In order to make it easier for you to find out more about their data processing practices and how to opt-out, we refer you to the privacy policies and information provided by the operators of the respective SN below.

Legal basis and purposes of data processing

We process your Data only in the context of direct contact with us via the relevant social network or interaction with our Internet Presence there or its content. Unless otherwise stated in our Privacy Policy, we process Data on the basis of our legitimate interests pursuant to Art. 6 para 1 lit. f GDPR for the effective information of users and communication only insofar as they communicate with us within the social networks and platforms (e.g. when users write posts on our Internet Presences or send us messages). If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Otherwise, to the extent that Data is processed in connection with our appearance on a SN and the respective SN alone decides on the purposes and means of the processing, the respective SN is the sole controller of the processing. Please carefully consider what Data you share with us via a SN appearance. If you do not wish the SN to process the Data you provide to us, please contact us by other means.

Retention period / Right of objection and deletion

If you are a member of one of the SNs on which we maintain an Internet Presence and you do not want the SN to collect Data about you via our site and link it to your Data with the SN, you must log out of your SN before visiting our Website. For a detailed description of the respective processing, information on the duration of data storage by the respective SN and the opt-out options, please refer to the information provided by the providers linked below.

Similarly, in the case of requests for information and enforcement of users’ rights, we point out that the most effective way to do this is to contact the providers. Only the providers have access to users’ data and can directly take appropriate action and provide information. If you still need help, please contact us.

Linkedin
LinkedIn is a Service of LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

 

Privacy Policy: https://www.linkedin.com/legal/privacy-policy ,

Right to object:

https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out,

 

XING

XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland („XING“)

Privacy Policy / Right to object:

https://privacy.xing.com/de/datenschutzerklaerung

 

VII. Active use of our Website

E-mail contact

Description of data processing

Visitors to our Website can contact us using the e-mail address provided. In this case, the user’s Data transmitted in the e-mail will be stored.

Legal basis and purposes of data processing

The legal basis for the processing of the Data transmitted when sending an e-mail is Art. 6 para 1 lit. f GDPR. If the purpose of the contact form request or the e-mail contact is the conclusion of a contract, the additional legal basis for the processing is Art. 6 par. 1 lit. b GDPR.

The processing of Data is solely for the purpose of processing the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the Data.

 

Retention period / Right of objection and deletion

The Data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the Data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified and that no legal requirements call for longer storage.

If the user contacts us by e-mail, he can object to the storage of his Data at any time. In this event, all Data stored in the course of contacting us will be deleted unless legal requirements require longer storage. In such a case, the conversation cannot be continued.

 

C. Miscellaneous

 

Due to the development of our Website or our services, as well as changes in legal or regulatory requirements, it may become necessary to amend this Privacy Policy. You can access the current Privacy Policy on our Website at any time and print it out if you wish.

Comments are closed