GAZEAS NEPOMUCK Rechtsanwälte Partnerschaftsgesellschaft mbB attaches great importance to the protection of personal data of the users of our Internet pages. We process your data only in accordance with the applicable data protection regulations, in particular the European General Data Protection Regulation (GDPR). In the following data protection information, we inform you about which of your personal data is collected on our Internet pages and how this data is used. With regard to the terms used (e.g. “processing” or “controller”) we refer to the definitions in art. 4 GDPR.
1. Contact details of the controller
Controller in the sense of art. 4 GDPR:
GAZEAS NEPOMUCK Rechtsanwälte Partnerschaftsgesellschaft mbB (in the following: GAZEAS NEPOMUCK)
50668 Cologne Germany
Tel. +49 221 97 58 58-10
Fax +49 221 97 58 58-280
2. Nature, purposes and legal basis of the processing of personal data
When using our Internet pages, we process your personal data for the purposes described below.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’). Personal data includes name, address, e-mail address, IP-address if applicable, or user behavior.
a) When using our Internet pages
When using our website purely for informational purposes, i.e. simply for accessing our website www.gazeas.de, the browser used on your terminal device automatically sends information to our server due to technical necessity. This information is temporarily stored in a so-called log file. The IP address is stored in encrypted form in the log files so that it cannot be traced back to your computer. The anonymous data of the server log files are stored separately from all personal data provided by the person concerned.
The following information is collected without your intervention and stored until automated deletion:
- IP address of the requestion computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- the Browser used and, if applicable, the operating system of your computer,
- Host name of the IP address and your access provider.
The data mentioned will be processed by us for the following purposes:
- to ensure a smooth connection with the website,
- to ensure a comfortable use of our website,
- To evaluate the system’s safety and stability as well as
- for other administrative purposes, such as averting danger and providing support in the event of connection problems.
The information is stored for security purposes, e.g. for the clarification of abuse actions or attacks on our web server, for the duration of max. 30 days. Afterwards they will be deleted.
The legal basis for the processing of data is in article 6 para. (1) sentence 1 f) GDPR. Our legitimate interest follows from the purposes for data processing listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
Cookies are also used when you visit our websites. You will find more detailed explanation on this subject below (point 3).
b) Contacting us by e-mail
If you contact GAZEAS NEPOMUCK by e-mail, e.g. for client enquiries or to obtain information, we only collect and use the personal data required to process, reply to and process your enquiry. These include usually your name, company name, e-mail address and other contact details.
The legal basis for data processing is article 6 para. 1 sentence 1 b) GDPR, insofar as it concerns the initiation and, if necessary, execution of contract. In all other respects, the legal basis is article 6 para (1) sentence 1 f) GDPR; our legitimate interest lies in answering and processing your enquiry, for which the stored data is necessary.
The personal data collected and stored by us in this context will – without your consent – generally not be used for further purposes and will be deleted after we have dealt with your request, unless the data has to be stored for a longer period of time in order to fulfil a legal storage obligation.
If a legal mandate follows an enquiry, you will be informed separately about the further data processing by a GAZEAS NEPOMUCK lawyer.
4. Google Analytics
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf for the purpose of evaluating the use of the website, compiling reports on website activity and providing other services relating to website activity. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with activated IP anonymisation. This means that the IP address of the user is shortened by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by making the appropriate settings in their browser software. In addition, users can prevent Google from collecting the data generated by the cookie and related to their use of the online service and Google from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
Further information on the use of data by Google, setting and objection options can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
The personal data of the users will be deleted or anonymized after 14 months.
5. Data sharing
We will only disclose your personal data to other individuals, companies or entities if:
- you have given your consent in individual cases as required by art. 6 para. (1) sentence 1 a) GDPR,
- the disclosure pursuant to art. 6 para. (1) sentence 1 f) GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your personal data,
- in the event that there is a legal obligation to disclose of data pursuant to art. 6 para. (1) sentence 1 c) GDPR, as well as,
- this is necessary for the execution of contractual relationships with you according to art. 6 para. (1) sentence 1 b) GDPR, or
- this occurs on the basis of our legitimate interests pursuant to art. 6 para. (1) sentence 1 f) GDPR.
6. Erasure of personal data
Personal data will only be processed or stored for the period of time necessary to achieve the storage purpose or required by law. If the storage purpose no longer applies, the personal data will be deleted. If statutory retention periods exist, the data will be deleted at the latest upon expiry of the retention period.
7. Rights of the data subjects
You have the following rights:
- According to art. 15 GDPR, you can request information about your personal data processed by us at any time. In particular, you may request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, unless it has been collected from us, as well as the existence of an automated decision-making process including profiling and, where applicable, meaningful information on its details. As part of your right to information, you have the right to request a copy of your personal data. Data copies are generally made available in electronic form, unless you have indicated otherwise. The first copy is free of charge for you; a reasonable fee may be charged for further copies. The provision is subject to the rights and freedoms of other persons who may be affected by the transmission of the data copy.
- According to art. 17 GDPR, you can request the erasure of your personal data stored by us, unless processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligations, for reasons of public interest or for the assertion, exercise or defence of legal claims.
- Pursuant to art. 18 GDPR, you may request the restriction of the processing of your personal data insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to art. 21 GDPR.
- Pursuant to art. 20 GDPR, you have the right to receive the personal data that you have provided to us in a structured, common and machine-readable format or, as far as technically feasible, to request the transfer directly to another responsible party.
According to art. 7 para. (3) GDPR, you can revoke your consent once given to us at any time. As a result, we may no longer continue the data processing based on this consent in the future.
- Gemäß Art. 7 Abs. 3 DS-GVO Ihre einmal erteilte Einwilligung jederzeit gegenüber uns zu widerrufen. Dies hat zur Folge, dass wir die Datenverarbeitung, die auf dieser Einwilligung beruhte, für die Zukunft nicht mehr fortführen dürfen.
- If your personal data is processed on the basis of legitimate interests pursuant to art. 6 para. (1) sentence 1 f) GDPR, you have the right to object to the processing of your personal data pursuant to art. 21 GDPR if there are reasons arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without stating a particular situation. In the event of an objection to the processing of your personal data on the basis of art. 6 para. (1) sentence 1 f) GDPR, we shall refrain from any further processing of your data unless it is necessary for overriding, compelling or legitimate reasons or for the assertion, exercise or defence of legal claims. The right of objection is subject to the restrictions of § 36 BDSG.
If you wish to exercise the rights set out above, simply send an e-mail to firstname.lastname@example.org or write to the postal address listed in point 1.
8. Right to lodge a complaint
In accordance with art. 77 GDPR, you have the right to lodge a complaint against the responsible supervisory authority. In North Rhine Westfalia the responsible supervisory authority is the LDI NRW, which can be reached at the following contact information:
Landesbeauftragte für Datenschutz und Informationsfreiheit
9. Data Security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously updated in accordance with the state of the art.