Privacy Policy

1. Name and Contact Details of the Controller

This privacy policy informs you about the processing of personal data on the law firm’s website of:

Controller:
Schrömbges + Gesinn Partnerschaftsgesellschaft Rechtsanwälte Steuerberater mbB
Am Marienhof 18
22880 Wedel
Phone: 040 6009890
Fax: 040 60098989
Email: info@schroembges.net

2. Scope and Purpose of Processing Personal Data

2.1 Visiting the Website

When visiting this website schroembges.net, data is automatically transmitted from the visitor’s internet browser to the server of this website and temporarily stored in a log file until automatic deletion. The following data is stored without further input from the visitor:

The processing of these personal data is justified according to Art. 6 (1) sentence 1 lit. f) GDPR. The law firm has a legitimate interest in processing these data for the purpose of ensuring the stability and security of the website.

The processing is explicitly not carried out to gain any insights into the identity of the visitor.

2.2 Contact Form

Visitors can send messages to the law firm via an online contact form on the website. In order to receive a response, at least a valid email address is required. Any additional information can be provided voluntarily. By submitting the message via the contact form, the visitor consents to the processing of the personal data transmitted.

The processing of data is carried out solely for the purpose of handling and responding to inquiries via the contact form. This is done based on the consent given voluntarily in accordance with Art. 6 (1) sentence 1 lit. a) GDPR. The personal data collected for the use of the contact form are automatically deleted once the inquiry has been dealt with and no reasons for further storage exist (e.g. subsequent engagement of our law firm).

3. Disclosure of Data

Personal data will be transmitted to third parties if

• the data subject has expressly consented to this in accordance with Art. 6 (1) sentence 1 lit. a) GDPR,
• the disclosure is necessary pursuant to Art. 6 (1) sentence 1 lit. f) GDPR for the establishment, exercise or defense of legal claims and there is no reason to assume that the data subject has an overriding legitimate interest in the non-disclosure of their data,
• there is a legal obligation for disclosure pursuant to Art. 6 (1) sentence 1 lit. c) GDPR, and/or
• this is necessary pursuant to Art. 6 (1) sentence 1 lit. b) GDPR for the performance of a contractual relationship with the data subject.

In other cases, personal data will not be disclosed to third parties.

4. Cookies

This website uses so-called cookies. These are data packets exchanged between the server of the law firm’s website and the visitor’s browser. They are stored on the respective devices used (PC, notebook, tablet, smartphone, etc.) when visiting the website. Cookies cannot damage the devices used. In particular, they do not contain viruses or other malware.

Cookies store information that arises in connection with the specific device used. The law firm can in no way gain direct knowledge of the visitor’s identity.

Most browsers accept cookies by default. Browser settings can be configured so that cookies are either not accepted on the devices used or a special notice is displayed before a new cookie is created. Please note that deactivating cookies may mean that not all functions of the website can be used optimally.

The use of cookies serves to make the use of the law firm’s web offering more convenient. For example, session cookies can be used to track whether the visitor has already visited individual pages of the website. After leaving the website, these session cookies are automatically deleted.

To improve user-friendliness, temporary cookies are used. They are stored on the visitor’s device for a limited period. When visiting the website again, it is automatically recognized that the visitor has already accessed the page at an earlier time and which entries and settings were made so that they do not have to be repeated.

Cookies are also used to analyze website visits for statistical purposes and to improve the offering. These cookies make it possible to recognize that the website has already been accessed by the visitor in the past. Here, cookies are automatically deleted after a set period of time.

The data processed by cookies are justified for the aforementioned purposes to protect the legitimate interests of the law firm pursuant to Art. 6 (1) sentence 1 lit. f) GDPR.

5. Your Rights as a Data Subject

If your personal data are processed on the occasion of visiting our website, you have the following rights as a “data subject” within the meaning of the GDPR:

5.1 Right of Access

You may request information from us as to whether personal data concerning you are being processed by us. No right of access exists if providing the requested information would violate confidentiality obligations pursuant to Section 83 StBerG or if the information must be kept secret for other reasons, particularly because of an overriding legitimate interest of a third party. A duty to provide information may exist if, in particular, your interests outweigh the confidentiality interest, taking into account potential damages. The right of access is also excluded if the data are only stored because they may not be deleted due to statutory or constitutional retention periods or serve solely the purposes of data backup or data protection monitoring, provided that the provision of information would require a disproportionate effort and processing for other purposes is excluded by appropriate technical and organizational measures.

Where your right of access is not excluded and your personal data are processed by us, you may request information on the following:

• Purposes of the processing,
• Categories of personal data processed,
• Recipients or categories of recipients to whom your personal data have been or will be disclosed, in particular recipients in third countries,
• if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining that duration,
• the existence of a right to rectification or erasure or to restriction of processing of personal data concerning you or a right to object to such processing,
• the existence of a right to lodge a complaint with a supervisory authority,
• where the personal data are not collected from you, any available information as to their source,
• where applicable, the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing,
• where applicable, in the case of transfer to recipients in third countries where no adequacy decision of the EU Commission exists, information on which appropriate safeguards pursuant to Art. 46 (2) GDPR are in place to protect the personal data.

5.2 Rectification and Completion

If you discover that incorrect personal data about you are held by us, you may request immediate rectification. In the case of incomplete personal data concerning you, you may request completion.

5.3 Erasure

You have the right to erasure (“right to be forgotten”), provided that the processing is not necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, or to perform a task carried out in the public interest and one of the following reasons applies:

• The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
• The legal basis for processing was solely your consent, which you have withdrawn.
• You have objected to the processing of your personal data which we have made public.
• You have objected to the processing of personal data not made public by us, and there are no overriding legitimate grounds for processing.
• Your personal data have been unlawfully processed.
• The erasure of personal data is necessary to comply with a legal obligation to which we are subject.

No right to erasure exists if, in the case of lawful non-automated data processing due to the specific type of storage, erasure is not possible or only possible with disproportionate effort and your interest in erasure is low. In this case, processing will be restricted instead of erasure.

5.4 Restriction of Processing

You may request us to restrict processing if one of the following applies:

• You contest the accuracy of the personal data. Restriction can then be requested for a period enabling us to verify the accuracy of the data.
• The processing is unlawful, and you request restriction of use instead of erasure.
• Your personal data are no longer needed for the purposes of processing, but you need them for the establishment, exercise, or defense of legal claims.
• You have objected to processing pursuant to Art. 21 (1) GDPR. Restriction of processing may be requested as long as it is not yet clear whether our legitimate grounds override yours.

Restriction of processing means that personal data may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. Before lifting the restriction, we are obliged to inform you.

5.5 Data Portability

You have the right to data portability, provided that processing is based on your consent (Art. 6 (1) sentence 1 lit. a) or Art. 9 (2) lit. a) GDPR) or on a contract of which you are a party and processing is carried out by automated means. The right to data portability includes the following rights, provided that they do not adversely affect the rights and freedoms of others:

• You may request us to provide you with the personal data you have provided in a structured, commonly used, and machine-readable format.
• You have the right to transmit these data to another controller without hindrance from us.
• Where technically feasible, you may request us to transmit your personal data directly to another controller.

5.6 Right to Object

If processing is based on Art. 6 (1) sentence 1 lit. e) GDPR (performance of a task in the public interest or in the exercise of official authority) or on Art. 6 (1) sentence 1 lit. f) GDPR (legitimate interest of the controller or a third party), you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation. This also applies to profiling based on Art. 6 (1) sentence 1 lit. e) or lit. f) GDPR. After exercising your right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

You can object to the processing of your personal data for direct marketing purposes at any time. This also applies to profiling associated with such direct marketing. After exercising this right to object, we will no longer use the relevant personal data for direct marketing purposes.

You may submit your objection informally by telephone, email, fax, or to our postal address stated at the beginning of this privacy policy.

5.7 Withdrawal of Consent

You have the right to withdraw consent given at any time with future effect. The withdrawal of consent can be communicated informally by telephone, email, fax, or to our postal address. The lawfulness of data processing carried out on the basis of consent up to receipt of the withdrawal remains unaffected. Upon receipt of the withdrawal, data processing that is based solely on your consent will be discontinued.

5.8 Right to Lodge a Complaint

If you believe that the processing of your personal data is unlawful, you may lodge a complaint with a data protection supervisory authority responsible for your place of residence, place of work, or the place of the alleged infringement.

6. Date and Updates of this Privacy Policy

This privacy policy is dated 25 May 2018. We reserve the right to update this privacy policy from time to time to improve data protection and/or to adapt it to changes in administrative practice or case law.