Privacy Policy

1. Controller

As the operator of this website (www.it-rechtsberater.de), Law Office Costard, Lina-Ammon-Straße 9, 90471 Nuremberg, Germany, telephone: +49 (0) 911 / 790 30 34, fax: +49 (0) 911 / 790 30 35, email: info@it-rechtsberater.de, is the controller in the sense of the EU General Data Protection Regulation (GDPR) which solely or jointly with others determines the purposes and means of processing personal data (hereinafter: “data”).

 

2. Processing Personal Data

Under the GDPR, personal data means information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier (such as a name, date of birth, address, telephone number, email address, IP address, location data or one or more specific factors, such as the genetic, economic or social identity of that natural person).

Processing means any operation or set of operations which is performed on data, whether or not by automated means. This especially includes collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Use of our website does not require disclosure of personal data. However, certain cases will require your name, address and additional information for us to perform your desired service under our mandate.

If we request additional data from you, this represents information disclosed voluntary.
Data is processed exclusively for performance of requested services as part of our mandate in accordance with Article 6(1) Sentence 1 Letter b GDPR and to safeguard our legitimate interests in accordance with Article 6(1) Sentence 1 Letter f GDPR.

 

3. Protection of Your Personal Data

Thank you for your interest in our law office and services. We want you to feel safe about the protection of your data when you visit our website. We take the protection of your data seriously. Compliance with the GDPR and the German Federal Data Protection Act [Bundesdatenschutzgesetz (BDSG)] in its respectively valid version goes without saying for us. Furthermore, attorney confidentiality under Section 43a(2) of the German Federal Lawyers Act [Bundesrechtsanwaltsordnung (BRAO)] and Section 2 of the German Federal Lawyers’ Code of Conduct [Berufsordnung (BORA)] is unlimited.

We implemented technical and organizational measures to ensure compliance with data protection law both by us and our external service providers. Our employees and service providers must maintain confidentiality and comply with the EU General Data Protection Regulation and the German Data Protection Act in its respectively valid version.
As part of our duty to provide information, we want to keep this Privacy Policy as transparent as possible. The purpose limitation of processing your data, the use of cookies and the use social media links will therefore be explained hereafter.

 

4. Purpose Limitation When Processing Personal Data

Data you disclose is processed by us in accordance with the principles of data minimization and purpose limitation. The principle of purpose limitation says that data may only be collected and processed for specified, explicit and legitimate purposes. Further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes is not considered to be incompatible with the initial purposes.

We only process your data for the purpose of answering your inquiry, processing your case (mandate) or providing access to certain information or offers to you. Data you provide will only be processed by us for the purposes specified by you. Your data will not be transferred to third parties without your express consent.

We only collect and transfer data to authorized state institutions and authorities in compliance with the law or a court order.

Your data is not marketed.

 

5. Necessary Cookies

When you visit our website, technically necessary cookies (“session cookies”) will be saved on your computer’s hard disk. This is necessary for the display and security functions of our website. The following data may be processed: the name of the page you accessed, your browser and operating system, the time and date of access, the search engine used and the names of downloaded files. Cookies are small text files sent to your browser by a web server and saved on your computer’s hard disk. This information is used to display the contents of our website, make navigation easier for you and improve surf comfort.

In addition, we use the free content management system WordPress (www.wordpress.com) which is provided as a general public license (GPU) and used to create and manage blog posts.

The legal basis for this is our legitimate interest under Article 6(1) Sentence 1 Letter f GDPR.

You may also visit our website without cookies. If you do not want us to recognize your computer, you may disable cookies by configuring your browser to “Block all cookies.” Please see your browser’s help function for instructions. However, not accepting cookies may limit the functionality of our website.

 

6. External Content

Our website uses the font library Google Fonts from Google LLC, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to display fonts uniformly and in a user-friendly manner. This represents a legitimate interest in the sense of Article 6(1) Sentence 1 Letter f GDPR.

If your browser does not support Fonts, a standard font from your computer will be used. Your browser will load the necessary fonts to your browser cache when you access our website.
Such access will automatically establish a connection to Google Inc. because Fonts is provided through an application program interface (API) for Google’s services. It cannot be excluded that Google may learn that your IP address accessed our website. Transmitted data may be processed by Google. We have no influence over this.

Further information about Google Fonts is provided at https://developers.google.com/fonts/faq and in Google’s Privacy Policy at https://www.google.com/policies/privacy/. Further information about Google APIs is provided at https://www.google.com/policies/privacy/.

 

7. LinkedIn Links

Our website features links to LinkedIn (www.linkedin.com), operated by LinkedIn Inc., 2029 Stierlin Court, Mountain View CA 94043, USA. Please note that links to LinkedIn are installed on our website. The LinkedIn logo consists of the word “Linked” (in black) with the letters “in” (white on blue).

Clicking on the LinkedIn button will establish a direct connection to LinkedIn via the link. We have no influence over the content of transmitted data. Nonetheless, we will inform you about which data is transmitted to LinkedIn to the best of our current knowledge.

When you click on the button, LinkedIn’s servers may be informed that you accessed certain pages of our website. User data of logged-in users may thereby be assigned to their user account.

To learn about the purpose and extent of processing of your data and about your rights and settings options to protect your privacy, please visit the following website for LinkedIn’s Privacy Policy: https://www.linkedin.com/legal/privacy-policy.

If you do not want LinkedIn to collect data about you via our website, please log out of LinkedIn before visiting our website.

 

8. XING Links

Our website uses functions of the network XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Links are marked by the 2-color “X” on a white background based on XING’s logo.

Please note that links to XING are installed on our website. Clicking on a XING button will establish a direct connection to XING. We have no influence over the content of transmitted data. Nonetheless, we will inform you about which data is transmitted to XING to the best of our current knowledge.
When you click on the XING button, XING’s servers may be informed that you accessed certain pages of our website. User data of logged-in users may thereby be assigned to their user account.

To learn about the purpose and extent of processing of your data and about your rights and settings options to protect your privacy, please visit the following website for XING’s Privacy Policy: https://privacy.xing.com/en/privacy-policy.

If you do not want XING to collect data about you via our website, please log out of XING before visiting our website.

 

9. Children and Adolescents

Our website is aimed exclusively at prospective clients, clients, business partners and potential applicants. Persons under 18 years of age may not transfer data to us without the authorization of a parent or guardian. We do not request data from children or adolescents who have not yet completed their 18th year of life. We do not collect or transfer such data to third parties.

 

10. Security

We implemented technical and organizational security measures as required by law to protect your data against loss, destruction, alteration and unauthorized access. Our employees and all persons involved in data processing must comply with the GDPR, the German Federal Data Protection Act in its respectively valid version and other data protection laws and must treat data confidentially.
Furthermore, we conclude processing agreements with our external service providers if the requirements of Article 28 GDPR are satisfied.
Our security measures are regularly reviewed and revised in accordance with technical advances.

 

11. Changes to This Privacy Policy

We reserve the right to amend our security and data protection measures if necessary due to technical advances. In such cases, we will also adjust our Privacy Policy. Therefore, please observe our Privacy Policy’s respectively current version.

 

12. Consent

If we require your consent to process your data, we will obtain this consent from you and use your data for the purposes specified with your consent. Your consent will be documented digitally.

You may withdraw your consent at any time with future effect. Please write us at Law Office Costard, Lina-Ammon-Straße 9, 90471 Nuremberg, Germany, or send us an email at info@it-rechtsberater.de.

 

13. Contact Form / Contacting Us

If you contact us via our contact form, we will request personal information. To process your inquiry, you must enter your name and a valid email address. Additional personal information may be disclosed voluntarily. Your information will be processed via email. Contact form transmissions use end-to-end encryption.

The above explanation correspondingly applies when contacting us by email, mail or telephone.

Your data will be stored on protected servers in Germany in compliance with data protection requirements. Processing for the purpose of contacting us is performed on the basis of Article 6(1) Sentence 1 Letter b GDPR. By clicking on the “send” button when contacting us via our contact form, you consent to the processing of your data for the above-stated purposes. If you do not consent to this, you must cancel this process. The contents entered on our contact form will then not be sent and your data will not be processed. You may withdraw your consent at any time with future effect. We will only use your data insofar as necessary to process your inquiry and for further correspondence with you. The data collected by us for use of our contact form will be stored to process your inquiry and in case of follow-up questions and will be erased in compliance with data protection law after your inquiry has been settled, unless other legal storage obligations apply. We use a ticket system to process your inquiries.

 

14. Google reCAPTCHA

Our website uses reCAPTCHA from Google LLC, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to protect your requests and inquiries submitted via our contact form and for protection against SPAM. We have a legitimate interest in this under Article 6(1) Sentence 1 Letter f GDPR. This verification is used to distinguish between submissions by humans and by abusive automated means. Verification includes submission of your IP address and, if necessary, other data required by Google Ireland Limited to Google LLC for reCAPTCHA.

For this purpose, your submission will be transmitted to and processed by Google LLC. However, Google LLC will first shorten your IP address in a member state of the European Union or in another state party to the Agreement on the European Economic Area. Only in exceptions will your complete IP address be transferred to and shortened by a Google LLC server in the US. Google LLC uses this information to assess your use of this service on our behalf. Your IP address transmitted to Google LLC by your browser via reCAPTCHA will not be merged with other Google LLC data.

This data is not subject to our, but to Google LLC’s Privacy Policy. Further information about Google LLC’s Privacy Policy is provided at https://www.google.com/policies/privacy/.

 

15. Application Process

By submitting applicant data, you consent to the processing of your data for the purpose of application. You may withdraw your consent at any time with future effect.

 

16. Data Subject Rights

If we process your data, you, as the data subject, are entitled to extensive rights listed hereafter:

a) Right of Access
Under Article 15 GDPR, you may obtain information from us about your data. You may especially obtain information about the purposes of the processing, the categories of data concerned, the recipients or categories of recipients and the envisaged period for which the data will be stored.
Please submit your inquiries to Law office Costard, Lina-Ammon-Straße 9, 90471 Nuremberg, Germany, or send us an email at info@it-rechtsberater.de.

b) Right to Rectification
Under Article 16 GDPR, you may obtain rectification or completion of your data stored by us in case of inaccuracy or incompleteness.
You may exercise this right at the above-stated contact details.

c) Right of Erasure
Under Article 17 GDPR, you may obtain erasure of your data if the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
In addition, you may obtain erasure if you object to the processing and there are no overriding legitimate grounds for processing your data and if personal data has been processed unlawfully or if the data must be erased for compliance with a legal obligation under EU or EU member state law.
You may exercise this right at the above-stated contact details.

d) Right to Restriction of Processing
Furthermore, under Article 18 GDPR, you have the right to restriction of processing if you contest the accuracy of the data for a period enabling the controller to verify the accuracy of the data; the processing is unlawful and you oppose the erasure of the data; the data is no longer needed for the purposes of the processing, but required for the establishment, exercise or defense of your legal claims or if you object to the processing pursuant to Article 21 GDPR pending the verification whether legitimate grounds of the controller override yours.
You may exercise this right at the above-stated contact details.

e) Right to Data Portability
Under Article 20 GDPR, you have the right to receive personal data concerning you in a structured, commonly used and machine-readable format (data portability). In addition, under certain circumstances, you may have your data transmitted directly from one controller to another, where technically feasible.

You may exercise this right at the above-stated contact details.

 

17. Right to Object

You have the right to object to use of your data for the above-stated purposes at any time (Article 21 GDPR). This is possible on grounds relating to his or her particular situation or where data is processed for direct marketing purposes. In case of objection to direct marketing, you have a general right to object which we will implement without requiring information about your particular situation.
To exercise your right to object, please write us at Law office Costard, Lina- Ammon-Straße 9, 90471 Nuremberg, Germany, or send us an email at info@it-rechtsberater.de.

 

18. Questions, Suggestions and Complaints

If you have questions about our Privacy Policy or processing of your personal data, you may contact us directly:

Law Office Costard
Lawyer for IT law and data protection
Attorney at Law Thomas P. Costard Lina-Ammon-Straße 9
90471 Nuremberg
Germany
Tel.: +49 (0) 911 / 790 30 34
Fax: +49 (0) 911 / 790 30 35
Email: info@it-rechtsberater.de
Website: www.it-rechtsberater.de

Attorney at law Costard is also available to you for inquiries or complaints.

 

19. Data Protection Supervisory Authority

Please also note that, irrespective of other administrative or legal remedies, the right to lodge a complaint with a supervisory authority, especially in the EU member state of your habitual residence, place of work or place of the alleged infringement, if you consider the processing of data concerning you to infringe on the GDPR.

A list and addresses of supervisory authorities for the non-public sector is provided (in German) at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html