Thank you for your interest in our services. Data protection is very important to Donhauser Law Rechtsanwaltsgesellschaft mbH, registered in the commercial register of the Munich District Court under number HRB 284952 and business address at Maximilianstraße 2 in 80539 Munich (hereinafter Donhauser or”Wir“or”Uns“), which is why the use of our website www.donhauser.law (hereinafter the”website“) is generally possible without providing any personal data.
If the processing of personal data is necessary to provide a functional website and our content, services and services, the processing is regularly carried out only after obtaining the user's consent, unless we have a legal right or we are obliged to collect it. An exception applies, for example, in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by legal regulations.
1. SCOPE OF APPLICATION AND PERSON RESPONSIBLE
This privacy policy informs users of our services about the nature, scope and purposes of collecting and using personal data.
Responsible person within the meaning of the European General Data Protection Regulation (hereinafter”GDPR“), other data protection laws applicable in the Member States of the European Union and other provisions related to data protection law are:
Donhauser Law Law Firm mbH
Maximilianstrasse 2
80539 Munich
Email info@donhauser.law
PHONE +49 (0) 89 250 061 960
F +49 (0) 89 205 008 150
2. GENERAL INFORMATION ABOUT DATA PROCESSING
2.1 Personal data
Personal data is any information relating to an identified or identifiable person (hereinafter”person concerned“). A person is considered to be identifiable when they can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more particular characteristics that are an expression of that person's physical, physiological, genetic, psychological, economic, cultural or social identity.
2.2 Processing
Processing is any process carried out with or without the aid of automated processes, such as in particular the collection, recording, organization, ordering, storage, adjustment or modification, reading, querying, dissemination or any other form of provision, reconciliation or linking, or deletion of personal data.
2.3 Scope of processing of personal data
Unless otherwise described below, we collect and use your personal data only to the extent necessary to provide a functional website, our content and services and to process your order. Your personal data is regularly collected and used only with your consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by law.
2.4 Legal basis for processing personal data
Insofar as we obtain consent from the data subject for processing personal data, Article 6 (1) (a) GDPR serves as the legal basis for processing personal data.
When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which we are subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) (f) GDPR serves as the legal basis for processing.
3. DESCRIPTION AND SCOPE OF INDIVIDUAL PROCESSING (mandate processing/contractual relationship)
3.1. Data and sources we process
We process personal data that we receive from our clients or other data subjects/parties as part of our business relationship. This includes, for example, your contact details (e.g. name, title, address, e-mail address, telephone numbers), order or contract data (e.g. subject of the order or enquiry, information about the consulting law firms, responsible lawyers, opponents and specialist details, bank details, payment information, authentication data), customer information data (e.g. information about the contact channel, date, cause, result), communication data as part of advertising measures (e.g. ordering newsletters, press releases, etc., participation in events) or including the content of correspondence or company data made with you (e.g. company object, members of the company management, employees, affiliated companies and their employees, information relevant to sales and earnings). If you provide us with personal data from data subjects, you should ensure in advance that you have the right to do so and inform the person concerned that we process their data in accordance with this information.
Insofar as this is necessary for the provision of our services or as part of our business relationship, we process personal data legitimately received from other companies or from other third parties (e.g. credit agencies, address publishers). In addition, we process personal data that we have legitimately obtained, received or acquired from publicly available sources (such as telephone directories, trade and association registers, debtor registers, land registers, press, Internet and other media) and may process.
3.2. Legal basis and purpose
We process personal data in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other applicable data protection regulations.
In detail:
3.2.1 Purposes for fulfilling a contract or pre-contractual measures (Art. 6 para. 1 b GDPR)
The processing of your personal data, which you provide to us, among other things as part of preparing a contract or when executing a contract, is carried out for the purpose of providing our legal and/or tax advisory services. We process this data to establish, execute and, if necessary, terminate our contracts with you and to fulfill your orders. This may include advice, analysis of your consulting needs, assistance with all legal matters, carrying out transactions, etc. We also use the data to recover our claims.
3.2.2. Purposes within the scope of a legitimate interest of us or third parties (Art. 6 para. 1 f GDPR)
In addition to the actual fulfilment of the (pre) contract, we may process your data if it is necessary to protect our legitimate interests or those of third parties, unless your interests or fundamental rights and freedoms conflict with this. Legitimate interests may include our economic interests, our legal interests, our interest in maintaining and ensuring compliance, or even IT security. Legitimate interests exist, for example, in the following cases:
3.2.3. Use of data for advertising purposes, such as newsletters, surveys, etc. and your right of objection (Art. 6 para. 1 f DSGVO, § 7 para. 3 UWG)
With your consent, we use your data for advertising purposes, such as sending you our newsletter, for advertising surveys or inviting you to events of interest to you. In doing so, we collect mandatory information, such as your email address, but also information that you provide to us voluntarily. We use the voluntary information to permanently improve our customer relationship and make it customer-friendly for you, to be able to address you individually in the future and to inform you about the products that interest you. You can unsubscribe from notifications at any time by clicking on the link provided in the newsletter and unsubscribing or by contacting us at the contact address given above.
We process your data to send newsletters, surveys, etc. and to personalize your message on the following legal basis:
Use of data for e-mail advertising and your right of objection
If we receive your e-mail address in connection with the conclusion of the contract and the provision of our services and you have not objected to this, we reserve the right to send you regular information about similar services from our offer by e-mail. You can object to this use of your e-mail address at any time by sending a message to the contact option described below or via a link provided for this purpose in the newsletter email, without incurring any costs other than the transmission costs at the basic rates.
3.2.4. Purposes to comply with legal requirements (Art. 6 para. 1 c GDPR)
Like everyone who participates in economic activity, we are also subject to a variety of legal obligations. These are primarily legal requirements (such as but not limited to commercial and tax laws), but also, where applicable, regulatory or other official requirements. The purposes of processing may include identity and age verification, fraud and money laundering prevention, preventing, combating and investigating terrorist financing and asset-endangering crimes, fulfilling tax control and reporting obligations, archiving data for data protection and data security purposes, and auditing by tax and other authorities. In addition, disclosure of personal data may be required as part of authorities/court measures for the purposes of collecting evidence, prosecuting or enforcing civil claims.
3.2.5. Purpose of credit checks and data transfer to credit agencies
We use the data you provide (name, address, date of birth and, if applicable, gender) about the application, execution and termination of the business relationship also for queries and credit information based on mathematical-statistical procedures at credit agencies to check your creditworthiness before concluding a contractual relationship, and may transfer data about non-contractual conduct or fraudulent conduct during the contractual relationship to a credit agency. The exchange of data with a credit agency is also used to verify identity. Based on the match rates provided by the credit agency, we can see whether a person is stored in their database at the address provided by the customer.
Insofar as we obtain an enquiry from a credit agency, the legal basis is Art. 6 para. 1 lit. b GDPR or insofar as we pass on information about non-contractual conduct to a credit agency, the legal basis is Art. 6 para. 1 lit. f GDPR, insofar as this is necessary to protect legitimate interests of us or third parties and do not prevail over your interests or fundamental rights and freedoms that require the protection of personal data. The legitimate interest is that the credit agency informs third parties about negative payment experiences and thus protects them from their own disadvantages.
3.3. Recipients or categories of recipients of your data
First, only our authorized employees will be aware of your personal data.
In principle, your data will only be passed on to third parties if this is permitted or required by law or if you have given your consent. We also share your data with the service providers we use to provide our services to the extent necessary. We limit the transfer of data to what is necessary to provide our services to you. In some cases, our service providers receive your data as contract processors and are then strictly bound by our instructions when handling your data. In some cases, the recipients act independently with your data, which we transfer to them.
The categories of recipients of your data are listed below:
In addition, we may share your personal data within our globally active group of companies who need this data to fulfill our pre-contractual, contractual and legal obligations or on the basis of our legitimate interests. These may be economic, administrative or even other internal business purposes; this only applies to the extent that your interests or fundamental rights and freedoms that require the protection of personal data do not prevail. In addition, we do not share your information with third parties.
3.4. Third country transfer
Data will only be transferred to countries outside the EU or the EEA (so-called third countries) if this is necessary in the course of processing or fulfilling our pre-contractual or contractual relationships (e.g. when using a law firm based in a third country) or is required by law (e.g. tax reporting requirements), you have given us consent or as part of order processing. If service providers are used in a third country, they are required to comply with the level of data protection in Europe in addition to written instructions by agreeing on the EU standard contractual clauses. Alternatively, we transfer the data based on the Binding Corporate Rules. For more information, please contact our data protection officer.
In addition, we do not transfer your personal data to countries outside the EU or the EEA or to international organizations.
4. DESCRIPTION AND SCOPE OF INDIVIDUAL PROCESSING OPERATIONS (WEBSITE)
4.1 Server log data
To operate our services, we use the web hosting provider Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter Webflow). Webflow is a tool for building and hosting websites. Webflow stores cookies or other recognition technologies that are necessary to display the page, to provide certain website functions and to ensure security (necessary cookies).
For details, see Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policy.
When you visit our website, Webflow collects various log files including your IP addresses, these include in particular:
4.1.1 Legal basis
The legal basis for the temporary storage of Webflow's server log data is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be withdrawn at any time.
Data transmission to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://webflow.com/legal/eu-privacy-policy..
4.1.2 Purpose of processing
When using these general data and information, Donhauser does not draw any conclusions about the data subject. Rather, this information is needed to determine the attractiveness of our offers and, if necessary, to improve their performance or content and make them even more interesting for you. Donhauser therefore analyzes this anonymously collected data and information statistically, with the aim of increasing data protection and data security in our enterprise, and to ensure an optimal level of protection for the personal data we process. This data is not combined with other data sources. It is not possible for Donhauser to link the IP address with any existing personal data.
4.2 contact form
For quick electronic contact and direct communication with Donhauser, you can contact us via our e-mail address or the contact form on our website. In the mobile app, the contact function can be accessed via the “More” tab.
We will of course use the personal data provided to us in this way exclusively for the purpose for which you provide it to us when you contact us. This personal data will not be passed on to third parties without your consent.
The processing of the data entered in the contact form (first name, last name, e-mail address, telephone number, company, job title) is therefore based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw this consent at any time. All you need to do is send us an informal message by e-mail. Withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent up to the withdrawal. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions — in particular retention periods — remain unaffected.
5. DURATION OF DATA STORAGE
We process your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract. If you have given your consent, until you withdraw your consent or — if we use your data for advertising purposes — until you object.
In addition, we are subject to various storage and documentation obligations, including but not limited to professional requirements, the Commercial Code (HGB), the Tax Code (AO) and the Money Laundering Act. The storage and documentation periods specified there are up to ten years beyond the end of the business relationship or pre-contractual legal relationship.
In addition, special legal regulations may require a longer storage period, such as the preservation of evidence within the framework of statutory statutes of limitations. According to Sections 195 et seq. of the Civil Code (BGB), the regular limitation period is three years, but limitation periods of up to 30 years may also apply.
If the data is no longer required to fulfill contractual or legal obligations and rights, they are regularly deleted, unless their - temporary - further processing is necessary in individual cases to fulfill the purposes listed in section 4. In these cases, even after the end of our business relationship or our pre-contractual legal relationship, we may store and, if necessary, use your data for a period compatible with the purposes.
6th ROUTINE DELETION AND STORAGE OF PERSONAL DATA
The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 of the GDPR. We only process and store personal data for as long as is necessary to achieve the storage purpose. In doing so, we measure the storage period for the data based on the specific purposes for which we use the data. In addition, we or the doctors are subject to legal storage and documentation obligations under the medical professional code and the federal mantle contract doctors and are often six or ten years old. This applies, for example, to data that is due to commercial or tax law reasons, in particular from the Commercial Code (HGB), the Tax Code (AO). Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, in accordance with Sections 195 et seq. of the Civil Code (BGB) are generally three years (from the end of the calendar year).
If the storage purpose ceases to apply or if a storage period prescribed by the European legislator of directives and regulations or another competent legislator expires, the personal data will be blocked or deleted routinely and in accordance with legal requirements.
7. DATA SECURITY
To protect the transmission of confidential content that you send to Donhauser via the website or mobile application, the website uses secure SSL or TLS encryption. This means that data that you submit via the website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and by the lock icon in the browser line.
As part of hosting, all necessary data to be processed to operate the website is stored. We process the data based on our legitimate interests in accordance with Article 6 (1) (f) GDPR. To provide the website, we use services from web hosting providers, to whom we transfer the above data.
8th DATA TRANSFER TO THIRD PARTIES
Your personal data will not be transferred to third parties for purposes other than those listed below. We will only share your personal data with third parties if and to the extent (a) you have given your express consent in accordance with Article 6 (1) (a) GDPR, (b) the transfer in accordance with Article 6 (1) (f) is necessary to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding legitimate interest in not sharing your data, (c) there is a legal obligation to transfer data in accordance with Article 6 (1) (c) GDPR, or (d) this is legally required is permitted and necessary for the execution of contractual relationships with you.
When we share your personal information in accordance with this privacy statement, this may include transferring your personal information to countries outside the European Union. Such data transmission generally does not have the high European level of data protection. In the event of a transfer, it may be that there is currently no adequacy decision by the EU Commission within the meaning of Article 45 (1), (3) of the GDPR. This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the data protection level of the European Union under the GDPR, so we have created the following appropriate guarantees and ensure that an adequate level of protection is guaranteed:
A: Transfer of personal data to countries which, in the opinion of the European Commission, offer an adequate level of protection for personal data (so-called “adequacy decision”);
B: Using special contracts approved by the European Commission, which provide personal data with the same protection that they enjoy in the EU;
C: Transfer of personal data to an institution that has introduced binding, internal data protection rules that comply with the EU level of protection for personal data.
In particular, our employees and partners outside the European Union are therefore obliged by us to maintain confidentiality and to comply with data protection regulations.
9. ANALYSIS TOOLS
9.1 Google Analytics
On the website, we use Google Analytics, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter:”google“). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the responsible person for your data. Google Ireland Limited is therefore the company associated with Google, which is responsible for processing your data and compliance with applicable data protection laws. Google Analytics uses cookies, which enable an analysis of your use of the website. The information generated by the cookie about your use of the website is usually transmitted to a Google server in the USA and stored there.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide other services related to website and Internet usage to the website operator. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that Google will abbreviate the IP address of users in member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and abbreviated there. The IP address provided by the user's browser is not combined with other data from Google. Users can prevent cookies from being saved by adjusting the settings accordingly to their browser software.
The legal basis for the use of Google Analytics is Section 15 Paragraph 3 TMG and Article 6 Paragraph 1 lit. f GDPR. Users can also prevent Google from collecting the data generated by the cookie and related to their use of the website (including their IP address) and from processing this data by Google by downloading and installing the browser add-on. Opt-out cookies prevent your data from being collected when you visit the website in the future. If you click on this link to deactivate Google Analytics, the opt-out cookie is set.
Users' personal data will be deleted or anonymized after 14 months.
For more information on Google's use of data, settings and objection options, please see Google's privacy policy (https://policies.google.com/privacy) and in the settings for displaying advertising by Google (https://adssettings.google.com/authenticated).
If you no longer want to be covered by Google Analytics in the future, you can also send an email to info@donhauser.io at any time.
9.2 GOOGLE ADS
We use the online advertising program on our website (hereinafter:”Google Ads“) and, in this context, conversion tracking (visit action evaluation). Google Conversion Tracking is an analysis service provided by Google. These advertising materials are delivered by Google via so-called “ad servers.” For this purpose, we use ad server cookies, which can be used to measure certain parameters to measure success, such as the display of ads or clicks by users. When you click on an ad placed by Google, a conversion tracking cookie is stored on your computer. These cookies have a limited period of validity (usually 30 days), do not contain any personal data and are therefore not used for personal identification. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
If you visit certain pages on our website and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to that page.
Each Google Ads customer receives a different cookie. There is therefore no way that cookies can be tracked via the websites of Ads customers. The information collected using the conversion cookie is used to create conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag.
Data processing, in particular the setting of cookies, is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR.
However, we do not receive any information that personally identifies users. Your data may be transferred to the USA.
You can withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent up to the withdrawal. For more information on Google's use of data, settings and objection options, please see Google's privacy policy (https://policies.google.com/privacy).
10. COOKIES AND TRACKING PIXELS
10.1 Cookies
We use so-called cookies on our website. Cookies are text files that are stored and stored on a device via an Internet browser.
This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers. A specific Internet browser can be recognized and identified via the unique cookie ID.
By using cookies, Donhauser can provide users of these services with more user-friendly services that would not be possible without the cookie setting.
By means of a cookie, the information and offers on our services and servers can be optimized for the user. In contrast to so-called “session cookies,” which are automatically deleted at the end of the browser session, other cookies remain on the device until they are deleted. As mentioned above, these cookies allow us to recognize users. The purpose of this recognition is to make it easier for users to use our services. For example, the user of the services that use cookies does not have to re-enter their login details each time they visit the services, as this is done by the services and the cookie stored on the user's computer system.
The data subject can prevent cookies from being set by us at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. In addition, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our services may be fully usable.
10.2 Facebook & Instagram
We have integrated the so-called Facebook pixel from Facebook into our services. Facebook and Instagram are operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
A code was implemented on our website for this purpose. The Facebook pixel is an excerpt of JavaScript code that loads a collection of functions with which Facebook can track your user actions if you came to our website via Facebook ads. For example, when you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies enable Facebook to compare your user data (customer data such as IP address, user ID) with the data from your Facebook account. Facebook then deletes this data again. The data collected is anonymous and cannot be viewed by us and can only be used as part of advertising. If you are a Facebook user yourself and are logged in, your visit to our website is automatically assigned to your Facebook user account.
We only want to show our services and products to people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. This allows Facebook users (if they have allowed personalized advertising) to see suitable advertising.
If you are logged in to Facebook, you can adjust your ad settings at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen change it yourself. If you are not a Facebook user, you can go to http://www.youronlinechoices.com/de/praferenzmanagement/ Basically manage your usage-based online advertising. There, you have the option to deactivate or activate providers.
If you want to learn more about Facebook's privacy policy, we recommend that you review the company's own data policies at https://www.facebook.com/policy.php.
10.3 LinkedIn Insight Day
We use the “LinkedIn Insight Tag” conversion tool from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser, which enables the collection of the following data, among other things: IP address, device and browser properties, and page events (e.g. page views). This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share any personal data with KPMG, but offers anonymized reports on the website target group and display performance. LinkedIn also offers the option of retargeting via the Insight Tag. KPMG can use this data to display targeted advertising outside its website without identifying you as a website visitor. For more information on LinkedIn's privacy policy, please see the LinkedIn Privacy Policy.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the insight tag on our website (“opt-out”), click here.
11. RIGHTS OF DATA SUBJECTS
11.1 Right to confirmation
Every data subject has the right granted by the European legislator of directives and regulations to request confirmation from the controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right of confirmation, they can contact an employee of the controller at any time.
11.2 Right to information
Every person affected by the processing of personal data has the right, granted by the European legislator of directives and regulations, to receive free information from the controller about the personal data stored about him and a copy of this information. In addition, the European legislator has provided the data subject with information on the following information:
In addition, the data subject has the right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate guarantees in connection with the transfer.
If a data subject wishes to exercise this right to information, they can contact an employee of the controller at any time.
11.3 Right to rectification
Every person affected by the processing of personal data has the right, granted by the European legislator of directives and regulations, to request the immediate correction of incorrect personal data concerning him or her. In addition, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data — including by means of a supplementary statement.
If a data subject wishes to exercise this right of rectification, they can contact an employee of the controller at any time.
11.4 Right to delete (right to be forgotten)
Every person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to request that the person responsible delete the personal data concerning him or her immediately, provided that one of the following reasons applies and insofar as processing is not necessary:
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by Donhauser, he or she may, at any time, contact any employee of the controller. An employee of Donhauser shall promptly ensure that the erasure request is complied with immediately.
If the personal data has been made public by Donhauser and our company, as the controller, is obliged to delete the personal data in accordance with Article 17 (1) of the GDPR, Donhauser shall take appropriate measures, including technical measures, to inform other data controllers who process the published personal data that the data subject is responsible for the processing of the published personal data The person responsible has requested the deletion of all links to this personal data or of copies or replications of this personal data, unless processing is necessary. An employee of Donhauser will arrange the necessary measures in individual cases.
11.5 Right to restrict processing
Every person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to demand that the person responsible restrict processing if one of the following conditions is met:
If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by Donhauser, he or she may at any time contact any employee of the controller. The employee will arrange for the processing to be restricted.
11.6 Right to data portability
Every person affected by the processing of personal data has the right, granted by the European legislator of directives and regulations, to receive personal data concerning him or her, which has been provided by the data subject to a controller, in a structured, common and machine-readable format. It also has the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data has been provided, provided that the processing is based on consent in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or on a contract in accordance with Article 6 (1) (b) GDPR and the processing is carried out using automated procedures, provided that the processing is not necessary for the performance of a task that is carried out in the public Is interested or is exercising There is public authority, which has been delegated to the person responsible.
Furthermore, when exercising their right to data portability in accordance with Article 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another controller, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.
In order to assert the right to data portability, the data subject may at any time contact any employee of the Donhauser.
11.7 Right to object
Every person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to object at any time, for reasons arising from their particular situation, to the processing of personal data concerning them carried out on the basis of Article 6 (1) (e) or f GDPR. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
If Donhauser processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This also applies to profiling, insofar as it is associated with such direct advertising. If the data subject objects to Donhauser processing for direct marketing purposes, Donhauser will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by Donhauser for scientific or historical research purposes, or for statistical purposes in accordance with Article 89 (1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In order to exercise the right to object, the data subject may directly contact any employee of Donhauser. Notwithstanding Directive 2002/58/EC, the data subject is also free to exercise his right of objection in connection with the use of information society services by means of automated procedures using technical specifications.
11.8 Right to lodge a complaint with the competent supervisory authority
In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which the company is based, in our case Bavaria. If you have any complaints regarding data protection issues, please contact the Bavarian State Commissioner for Data Protection (BayLFD).
Professor Dr. Thomas Petri
Wagmüllerstraße 18, 80538 Munich
Telephone: +49 (0) 89 212672-0
Fax: +49 (0) 89 212672-50
email: poststelle@datenschutz-bayern.de
If you have any questions, comments, or inquiries regarding this privacy statement, please contact: info@donhauser.law
However, we recommend that you always address a complaint to our data protection officer first.
12. SCOPE OF YOUR OBLIGATIONS TO PROVIDE DATA
You only need to provide the data that is necessary to enter into and carry out a business relationship or for a pre-contractual relationship with us or that we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract. This may also relate to data required later as part of the business relationship. If we also request data from you, you will be informed separately that the information is voluntary.
13. AUTOMATIC DECISION MAKING
We do not use purely automated decision-making processes in accordance with Article 22 GDPR. Due to legal requirements, we are required to combat money laundering and fraud. Data evaluations (for payment transactions, among other things) are also carried out. These measures also serve to protect you
14. LINKS TO OTHER WEBSITES
Our website may contain links to websites of other providers. We would like to point out that this privacy policy applies exclusively to the Donhauser website. We have no control over and do not control that other providers comply with applicable data protection regulations.
15. CHANGE TO THE PRIVACY POLICY
We reserve the right to change or adapt this privacy policy at any time in compliance with applicable data protection regulations.
16th RIGHT OF OBJECTION Art. 21 GDPR
You have the right to object at any time to the processing of your data, which is carried out on the basis of Article 6 (1) f GDPR (data processing based on a balance of interests), if there are reasons for this arising from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.
If you file an objection, we will no longer process your personal data unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
We will no longer process your data for direct marketing purposes if you object to processing for these purposes.
The objection can be made informally and should, if possible, be addressed to the specified contact address
