The protection of personal data and the responsible handling of information that you entrust to us are important to us. Weisner Partner mbB Rechtsanwälte ("WEISNER PARTNER") processes personal data only in accordance with the statutory provisions, in particular the EU General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act (“BDSG”).
This Privacy Policy provides information about the processing of personal data in case you
● visit our website (see section 2)
● including the use of cookies (see section 3),
● conclude contracts with us (see section 4),
● are involved in legal proceedings as a third party – e.g. as a negotiation partner or as adverse party in a court case (see section 5),
● apply for a job (see section 6) and
● use internet-based video conferencing software to communicate with us (section 7).
This Privacy Policy also contains information about recipients of personal data within the EEA (see section 8), in third countries (see section 9), the deletion of your personal data and retention periods (see section 10), your rights as a data subject (see section 11) and automated decision-making (see section 12).
Controller
Controller in the meaning of data protection law: Weisner Partner mbB Rechtsanwälte, Große Bleichen 34, 20354 Hamburg, phone: +49 (0)40 228 6160 - 0, fax: +49 (0)40 228 6160 - 99, e-mail: info@weisnerpartner.de. WEISNER PARTNER's data protection officer can be contacted at the above address, for the attention of Ms. Julia Birkner, or at birkner@weisnerpartner.de. For further information, please see our legal notice at: https://weisnerpartner.de/en/impressum/#1.
Website Visit, Collection and storage of personal data as well as type and purpose of its use
When visiting our website, the browser of your device automatically sends certain information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected and stored until it is automatically deleted:
The aforementioned data is processed by us for the following purposes:
The legal basis for the data processing is Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above. In no case do we use the collected data to identify you.
We use cookies on our website. You can find more details in section 3 of this privacy policy.
If you would like detailed information on the balancing of interests, please refer to the addresses in section 1 above.
Cookies
We use cookies on our website. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware.
The cookie stores information in connection with the specific device used. This does not mean, however, that we gain direct knowledge of your identity.
The use of cookies has the goal to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These cookies are automatically deleted after you leave the site.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to Art. 6 (1)(f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your device or that a notice appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functionalities of our website
Conclusion and Performance of Contracts
Insofar as this is necessary for the conclusion or performance of contracts with you (in particular in relation to a legal mandate), we process your personal data. The legal basis for processing in this case is Article 6(1)(b) GDPR. The purpose of the processing is to establish and implement the contractual relationship with you. This requires the provision of your personal data. You are not obliged to provide your personal data. However, if you do not provide it, it will not be possible to establish and execute the contractual relationship. Otherwise there are no consequences for you.
In addition, insofar as this is necessary for the initiation or execution of client relationships, we also process data of persons with whom no (direct) client relationship exists. For example, we may process your data if you are a representative, contact person or employee of a company that is our client. In this case, the legal basis is our legitimate interest in the initiation or execution of the respective client relationship (Art. 6 para. 1 letter f GDPR).
As we mainly advise on corporate, litigation and general commercial law, we do not generally process any special categories of personal data within the meaning of Art. 9 (1) GDPR. However, if processing of special categories of personal data is exceptionally necessary for the purposes stated in this section 3 (e.g. the processing of health data in connection with claims for damages), the legal basis is the assertion, exercise or defense of legal claims (Art. 9 para. 2 letter f GDPR).
Pursuit of our Clients' Interests Against You; Other Involvement as a Third Party in a Client Relationship
If we pursue our clients’ interests or claims against you (or against a company whose representative or contact person you are) in or out of court, we may process your personal data in the course of this. The same applies if you (or a company whose representative, employee or contact person you are) are involved in any other way in or out of court (e.g. as a business or negotiating partner, as an intervening party, as a party to a dispute or as an employee of an authority or a court) and the processing is necessary for the performance of the client relationship.
The legal basis for the processing of your personal data in this context is Article 6(1)(f) GDPR. Our legitimate interest lies in effectively implementing the interests and claims of our clients. In order to safeguard this interest, it is also necessary to make direct contact and collect data from opposing parties, potential witnesses and other third parties relevant to the case processing.
As we mainly advise on corporate, litigation and general commercial law, we do not generally process any special categories of personal data within the meaning of Art. 9 (1) GDPR. However, if the processing of special categories of personal data is exceptionally necessary for the purposes stated in this section 4 (e.g. the processing of health data in connection with claims for damages), the legal basis is the processing for the establishment, exercise or defense of legal claims (Art. 9 para. 2 letter f GDPR).
Data will only be passed on to third parties in this context insofar as this is necessary for the execution of the mandate and insofar as other legal requirements to be observed exist.
Job Applications
We process your personal data as part of the application process, regardless of whether the application is made by e-mail or regular mail. Below you will find information about the legal basis, the purposes and, if applicable, the legitimate interests and the necessity of processing your personal data.
The legal basis for the processing of your personal data is § 26 para. 1, para. 8 sentence 2 BDSG or § 26 para. 2, para. 8 sentence 2 BDSG. The processing is carried out for the purpose of establishing contact and assessing your suitability for the position for which you are applying. It is not possible to apply to WEISNER PARTNER without providing personal data. You are neither obliged to apply to WEISNER PARTNER nor to provide personal data. If you do not provide us with any personal data, we will not be able to consider your application. Otherwise there will be no consequences for you.
Internet Video Conferencing
You may receive an invitation from us by e-mail or other means to a meeting, a telephone call or a meeting via internet-based video conferencing using software provided by a third-party provider. If you participate in such meetings, information may be transmitted to the respective provider.
The legal basis for processing your personal data in this context is Article 6(1)(b) GDPR (if we are holding the meeting for the performance of a contractual relationship with you) or Article 6(1)(f) GDPR (if we are holding the meeting for other business purposes); in the latter case, our legitimate interest lies in being able to use functional and widely used tools for video conferencing and the associated Voice over IP telephony in order to communicate efficiently with external partners.
We do not record video conferences and telephone conferences. Video conferences are secured according to the state of the art, but are not end-to-end encrypted.
Insofar as we use the "Microsoft Teams" service for the technical implementation, the following applies: The service provider we use is Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft processes personal data of the participants on our behalf, in particular the IP address, the content of the conversation, e-mail addresses, names and, if applicable, other service-related data, and stores these for the duration of the video conference or, if you use Microsoft Teams beyond this, for the duration of use. Microsoft is duly obliged by us as a processor to comply with data protection regulations. The provider may also process the data outside the European Economic Area. In order to ensure a level of data protection that complies with the EU General Data Protection Regulation (GDPR), we have agreed the EU standard data protection clauses with Microsoft in accordance with the EU Commission's decision (2010/87/EU). You can find more information on processing by Microsoft at: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy.
If we use another provider, you will find further information on the purpose and scope of data collection and the further processing and use of the data by the provider as well as your rights in this regard and setting options to protect your privacy in the data protection information of the respective provider.
Transfer of Personal Data to Recipients within the EEA
We only transfer personal data to third parties insofar as this is necessary for the provision of our service or is required by law in this context. Within the scope of the purposes mentioned here, personal data is forwarded to service providers who work for us and support us in particular in the provision of services. In addition to their legal obligation to comply with all data protection regulations, these service providers are bound by further contractual data protection requirements. In particular, this includes an obligation as a processor in accordance with Art. 28 GDPR.
In particular, we pass on personal data to the following categories of service providers, insofar as this is necessary for the purposes stated in this data protection declaration within the scope of the law firm's operations:
● Accounting, financial institutions, tax and legal advice
● IT service and infrastructure, IT support and maintenance
● Data destruction and facility services
● Provider of software for Internet video telephony
Otherwise, we only transfer personal data to other recipients if we have legal permission to do so or if you have given your prior consent. You can revoke any consent you have given at any time with effect for the future. We only pass on your data to government agencies within the scope of legal obligations or on the basis of an official order or court decision and only insofar as this is permitted under data protection law.
Transfer of Personal Data to Recipients outside the EEA
If necessary for our purposes, we may also transfer your data to recipients outside the European Economic Area (EEA), so-called "third countries", in individual cases. This is particularly the case if we have to transfer this data to recipients in third countries for the purpose of fulfilling a contract or due to legal obligations or if this is necessary for the establishment, exercise or defense of legal claims.
If we transfer data to third countries, we ensure that the recipient has implemented an adequate level of data protection within the meaning of Art. 45 GDPR or suitable guarantees within the meaning of Art. 46 (2) and (3) GDPR and that no other interests worthy of protection speak against the transfer of data.
Deletion
We delete your personal data as soon as it is no longer required for the aforementioned purposes of processing, in the event of an objection there are no compelling legitimate grounds on the part of WEISNER PARTNER to the contrary or in the event of a revocation there is no other legal basis for the processing. In certain cases, e.g. if there is a legal obligation to retain data, your personal data will first be blocked and then deleted once the retention period has expired.
Personal data from an application process will be stored until a decision is made and then deleted after six months at the latest or, if your application is successful, transferred to your personnel file.
Your Rights
As a data subject, you have the right to obtain confirmation as to whether or not personal data concerning you is being processed by WEISNER PARTNER and, where that is the case, the right to access this personal data (Art. 15 GDPR), the right to rectification of inaccurate data (Art. 16 GDPR), the right to erasure (Art. 17 GDPR) and the right to restriction (blocking) of your data (Art. 18 GDPR).
In addition, in the case of processing on the basis of Art. 6 para. 1 lit. e or f GDPR, you can object to the processing (Art. 21 GDPR), whereby you must provide a special reason, except in the case of direct advertising. If you have provided this data, you can request the transmission of the data (Art. 20 GDPR). If the processing is based on consent within the meaning of Art. 6 sentence 1 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, you can revoke this consent at any time for the future (Art. 7 para. 3 GDPR). You also have the right to contact the competent data protection supervisory authority (Art. 77 GDPR).
Whether and to what extent these rights exist in individual cases and under what conditions they apply is defined by law in the specified standards.
If you have any questions or complaints about data protection at WEISNER PARTNER, we recommend that you first contact our data protection officer (see the contact details in section 1).
No Automated Individual Decision-Making
We do not use your personal data for automated individual decisions within the meaning of Art. 22 para. 1 GDPR.
Amendment of this Privacy Policy
New legal requirements, business decisions or technical developments may require changes to our Privacy Policy. The Privacy Policy will then be adapted accordingly. You will always find the latest version on our website.
Status: December 2024