Privacy

I. Name and address of the Controller (party responsible)

The Controller responsible within the meaning of the General Data Protection Regulation (EU Regulation 2016/679 of the European Parliament and Council dated 27 April 2016 for the protection of natural persons with regard to the processing of personal data and on the free movement of such data and for the repealing of Directive 95/46/EG (General Data Protection Regulation) hereinafter: “GDPR”) and other national data protection laws of Member States as well as other data protection regulations is:

Kollmar, Deby & Sinz Rechtsanwaltsgesellschaft mbH
Josephspitalstraße 15
80331 Munich
Germany

T: +49 (0)89 99 810 8-0
F: +49 (0)89 99 810 8-50

kanzlei@kds-legal.com
www.kds-legal.com

The data protection officer of the Controller is:

Dr. Gerhard Sinz
c/o Kollmar, Deby & Sinz Rechtsanwaltsgesellschaft mbH
Josephspitalstraße 15
80331 Munich
Germany

T: +49 (0)89 99 810 8-0
F: +49 (0)89 99 810 8-50

datenschutz@kds-legal.com

II. General information on data processing activities

1. Scope of the processing of personal data

We place great importance on the protection of your personal data (e.g. your name, your telephone number and your email address), so this kind of personal data is exclusively collected, processed and/or used within the scope of the applicable laws, rules and regulations.

The use and the accessing of our website at www.kds-legal.com are basically possible without inputting, providing or communicating personal data.

2. Legal basis for the processing of personal data

Inasmuch as we obtain the consent of the data subject (person affected) for processing activities, Art. 6 (1) point (a) of the EU General Data Protection Regulation (GDPR) serves as a legal basis.

The legal basis for the processing of personal data necessary for the performance of a contract whose contractual party is the data subject is Art. 6 (1) point (b) GDPR. This also applies to processing which is necessary for the conducting of pre-contractual measures.

To the extent that processing personal data is necessary for the compliance with a legal obligation to which our company is subject, Art. 6 (1) point (c) GDPR serves as a legal basis.

In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 (1) point (d) GDPR serves as a legal basis.

If the processing is necessary for the safeguarding of a legitimate interest of our company or of a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the aforementioned interest, Art. 6 (1) point (f) GDPR serves as a legal basis for the processing.

3. Data erasure (right to be forgotten) and duration of storage

The personal data of the data subject will be erased or blocked as soon as the purpose of storing the data is no longer applicable. Moreover, data may also be stored if this is provided for by the European or national legislator in Union law directives, under the law or other rules and regulations to which the Controller is subject. Blocking or erasure of data will also take place if a data storage period expires under the defined standards unless it is necessary to keep the data stored for the purpose of concluding or performing a contract.

III. Provision of the website

1. Description and scope of data processing

The use and the accessing of our website are basically possible without inputting, providing or communicating personal data.

2. Legal basis for data processing

The legal basis for the temporary storage of data during a visit to our website is Art. 6 (1) point (f) GDPR.

IV. Use of cookies

  1. a) Description and scope of data processing

Our website uses a cookie. Cookies are text files which are saved in the Internet browser or by the Internet browser on the user’s computer system. If a user accesses the website, a cookie can be saved on the user’s operating system. This cookie contains a characteristic string which enables the clear identification of the browser when the website is accessed again.

When visiting our website, users are informed about the use of cookies through an information banner, and reference is made to this Privacy Statement. In this context, reference is also made to how to prevent cookies being stored in the browser settings.

  1. b) Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 (1) point (f) GDPR.

  1. c) Purpose of data processing

We use the “phpsessid” functional cookie on our website. This functional cookie improves the ease of use and performance of websites and enables various functions to be made available. The “phpsessid” cookie is automatically generated and does not contain any personal data. This cookie is only saved on our website for the duration of your session and is automatically deleted when the browser is closed. Allocating data to the user accessing the website is then no longer possible. The data is not stored together with other users’ personal data.

Our legitimate interest in the processing of personal data pursuant to Art. 6 (1) point (f) GDPR also resides in these purposes.

  1. d) Duration of the storage, objection and elimination option

Cookies are stored on the user’s computer and sent from there to our webpage. You as the user are therefore in complete control of how cookies are used. By changing the settings on your Internet browser you can deactivate or restrict the transmission of cookies. Cookies already saved can be deleted at any time, a process which can also be automated. If cookies for our website are deactivated not all of the functions of the website may be fully available for use.

V. Creation of log files

With every visit of the website the provider assigned with the hosting of our website (=1&1 Internet SE) automatically collects and stores the following data of the visitors of our website. These data are stored in log files of the server and in log files in the system of the provider assigned with the hosting of our website. These data will not be stored together with other personal data of the user. The provider assigned with the hosting of our website stores the following data over a time period of seven days:

– date and time of server request

– Referrer URL

– accessed file

– amount of transmitted data

– Browser type and version

– Operating system

– IP-adress

VI. email contact

1. Description and scope of data processing

Making contact using the email address provided is possible. In this case, the user’s personal data sent with the email will be stored.

In this context, no data will be passed on to third parties. The data are used exclusively for the processing of the conversation.

2. Legal basis for data processing

The legal basis for the processing of data transmitted in the context of sending an email is Art. 6 (1) point (f) GDPR. If the purpose of the email contact is to conclude a contract, Art. 6 (1) point (b) GDPR will apply as an additional legal basis for the processing.

3. Purpose of data processing

When contact is established via email, this also constitutes the required legitimate interest in the processing of the data.

4. Duration of the retention

The data will be deleted as soon as they are no longer required for achieving the purpose for which they were collected.

VII. Google

1. Google Maps

Our websites uses Google Maps API to display geographical information visually. Google Maps is a cartographic service of Google Inc. By using the Google Maps function Google collects, processes and uses data of visitors of the website by using the Maps-function. To fulfil the functions of Google Maps it is necessary to store your IP-adress. This information is usually transferred to server of Google and will be stored there.

We use Google Maps for an appealing presentation of our website. This is a legitimate interest according to Sec. 6 (1) lit. f DSGVO.

For more details of the data processing of Google see the privacy policy of Google. There you can find Google privacy center where you can change your settings to manage and to protect your data.

2. Google Fonts

For a consistent and appealing display of its content our website uses Web Fonts which are a service provided by Google Inc.

When entering our website the browser of a user loads the relevant fonts into his cache to display texts and fonts correctly.

Data about which of our web pages you have visited is then transmitted to the server. Google also stores the IP address of the device browser used by the user visiting our website.

Using these Google Web Fonts allows us to display our contents in a consistent and appealing way which is our legitimate interest pursuant to Art. 6 (1) point (f) DSGVO.

If your browser does not support Web-Fonts a default font from your computer will be used.

You will find more detailed information about Google Web Fonts here: https://developers.google.com/fonts/faq

VIII. Rights of the data subject

If your personal data are processed, you are the data subject (person affected) within the meaning of GDPR and you have the following rights in respect of the Controller. You are entitled to request confirmation as to whether the personal data pertaining to you are being processed by us.

  • If such processing is taking place, you can request the Controller for information pursuant to the provisions of GDPR (in particular Art. 15 GDPR).
  • Under the provisions of the GDPR (in particular Art. 16 GDPR) you are entitled to rectification and/or completion in respect of the Controller if the personal data pertaining to yourself are incorrect or incomplete. The Controller must take the appropriate action without delay.
  • Pursuant to the provisions under GDPR (in particular Art. 17 GDPR), you may require the Controller to delete your personal data immediately, and the Controller is obliged under the conditions set out in GDPR to delete these data immediately.
  • Under the provisions of GDPR (in particular Art. 18 GDPR), you can require a restriction on the processing of your personal data.
  • In the event of rectification, deletion or restriction of the processing in respect of the Controller, we will fulfil the notification obligation pursuant to the provisions under GDPR (in particular Art. 19 GDPR). In accordance with Art. 19 GDPR, you are entitled to be informed about the recipients of this notification.
  • Pursuant to the provisions of GDPR (in particular Art. 20 GDPR), you have the right to receive the personal data which you have provided to the Controller in a structured, customary and machine-readable format. Moreover, pursuant to the provisions of GDPR (in particular Art. 20 GDPR), you have the right to transmit these data to another Controller without hindrance by the Controller to whom the personal data were provided.
  • Right to object
    In accordance with the provisions of GDPR (in particular Art. 21 GDPR), you have the right to object at any time on grounds arising from your particular circumstances to the processing of your personal data carried out on the basis of Art. 6 (1) point (e) or (f) GDPR.
  • If you have submitted a separate declaration of consent under data protection law, you have the right to revoke your declaration of consent under data protection law at any time in accordance with the provisions of GDPR (in particular Art. 7 (3) GDPR). The legality of the processing carried out on the basis of the consent up to the point of its revocation shall not be affected.
  • Notwithstanding any other regulatory or judicial remedy, you are entitled to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the suspected infringement if you are of the opinion that the processing of your personal data is in breach of the GDPR.

The supervisory authority to whom the complaint was submitted will inform the complainant about the status and the outcome of the complaint, including the option of  applying to the courts pursuant to Art. 78 GDPR.

This supervisory authority is the Bayerische Landesamt für Datenschutzaufsicht (Bavarian State Office for Data Protection Supervision).

IX. Exceptions, Points to Note and Miscellaneous

If there are compelling legitimate grounds for processing which override your interests, rights and freedoms, or if the processing serves the purpose of the establishment, exercise or defence of legal claims, data can also be processed and used through the exercising of the rights pursuant to Clause VI.

X. Disclosure of data

Your data will only be disclosed to third parties if:

  • you have given your explicit consent to this pursuant to Art. 6 (1) sentence 1 point (a) GDPR,
  • disclosure pursuant to Art. 6 (1) sentence 1 point (f) GDPR is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being passed on,
  • in the event of an existing legal obligation pursuant to Art. 6 (1) sentence 1 point (c) GDPR, or
  • this is legally permissible and necessary for processing contractual content pursuant to Art. 6 (1) sentence 1 point (b) GDPR.

This Privacy Statement is currently valid and its status is April 2018.

Amending this Privacy Statement may become necessary due to the further development of our website and offering and/or for reason of changed statutory and regulatory requirements.   You can download and print the Privacy Statement in its respectively valid version from our website at http://www.kds-legal.com/kontakt/datenschutz/.