PRIVACY PROTECTION

INFORMATION ON DATA PROTECTION

 

1. Data protection officer
No data protection officer has been appointed. The law firm may draw on the exceptions provided for in Article 37, para. 4, GDPR in conjunction with sec. 38,
para. 1, BDSG [Federal Data Protection Act].

 

Responsible within the meaning of Art. 13  1. (a) GDPR are:

 

LIVONIUS │ VAN RIENEN Partnerschaft von Rechtsanwälten mbB

Dr. Barbara Livonius

Dr. Rafael van Rienen

Beethovenstraße 65

60325 Frankfurt am Main

Beethovenstraße 65 • 60325 Frankfurt am Main

Telefon 0 69 – 24 70 49-0

Telefax 0 69 – 24 70 49-49

kanzlei@lvr-frankfurt.com

Sitz: Frankfurt am Main

Amtsgericht Frankfurt/Main PR 2923

 

2. Collection and storage of personal data, types of use and purposes for which such data are used
When you visit our website at https://lvr-frankfurt.com, the browser in use on your device automatically sends information to our website server.
This information is temporarily stored in a so-called log file. At the same time, the following information is recorded without your active participation and stored
until it is automatically deleted:

  • IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which our website is accessed (referrer-URL),
  • browser used and, where applicable, your computer’s operating system and the name of your access provider.

 

We process the aforesaid data for the following purposes:

  • to guarantee the establishment of a smooth connection to the website,
  • to guarantee the user-friendliness of our website,
  • to analyse system security and stability and
  • for further administrative purposes.

 

Article 6, para. 1, sub-para. 1, point f, of the GDPR forms the legal basis for the data processing. Data are collected for the purposes listed hereinabove on account
of our legitimate interest. Under no circumstances do we use the data collected for the purposes of drawing conclusions about you personally. In addition to this,
when you visit our website, we use cookies and web analytics. Please refer to sections 4 and 5 of this data privacy notice for further explanations of this.

 

3. Disclosure of data
Your personal data is not transferred to third parties for any purposes other than those indicated hereinafter. We only disclose your personal data to third parties if:

  • you have expressly given your consent to this pursuant to Article 6, para. 1, sub-para. 1, point a, GDPR,
  • the disclosure pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR, is required for the exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
  • there is a legal disclosure obligation pursuant to Article 6, para. 1, sub-para. 1, point c, GDPR, and
  • provided that this is statutorily permissible and is required pursuant to Article 6, para. 1, sub-para. 1, point b, GDPR, for the purposes of maintaining contractual relationships with you.

 

4. Cookies

We use the WordPress cookie plugin “Borlabs Cookie” provided by Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany. This service enables us to obtain and manage website users’ consent to data processing.

Borlabs Cookie uses cookies to collect data generated by end users who use our website. When an end user gives consent, the following data, among others, are automatically logged:

  • Cookie duration,
  • Cookie version,
  • Domain and path of the WordPress site,
  • Selection in the cookie banner,
  • UID (a randomly generated ID).

The consent status is also stored in the end user’s browser so that the website can automatically read and respect the end user’s consent for all subsequent page requests and future end‑user sessions for up to 12 months. The consent data (consent and withdrawal of consent) are stored for three years. The retention period corresponds to the regular limitation period pursuant to section 195 of the German Civil Code (BGB). The data are then deleted without delay.

The functionality of the website cannot be ensured without the processing described above. The user has no right to object for as long as there is a legal obligation to obtain the user’s consent for certain data processing operations (Art. 7(1) and Art. 6(1)(c) GDPR).

The data collected are neither transmitted to Borlabs GmbH nor does Borlabs GmbH obtain access to them.

Further information is available on: https://borlabs.io/borlabs-cookie/.

 

 

5. Analytics tools
Tracking tools
The tracking measures that we use, as set out below, are implemented on the basis of Article 6, para. 1, sub-para. 1, point a, GDPR and solely with your consent. Through the tracking measures used, we wish to facilitate/ensure the needs-based design and continued optimisation of our website. On the other hand, we use the tracking measures to record the use of our website for statistical purposes and to analyse this with a view to optimising our offering for you. The respective data processing purposes and data categories are detailed as follows.

Your consent can be withdrawn at any time with effect for the future by using the cookie consent management tool on our website.

Google Tag Manager

We use the Google Tag Manager service on this website. The operator of Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google corporate group headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This tool enables the implementation of “website tags” (i.e., markers embedded in HTML elements) and their management through an interface. By using Google Tag Manager, we can automatically record which button, link, or personalized image you actively clicked and can then determine which content on our website is of particular interest to you.

The tool also triggers other tags that may in turn collect data. Google Tag Manager does not access these data. If you have deactivated tracking at the domain or cookie level, this deactivation remains in effect for all tracking tags implemented via Google Tag Manager.

These processing operations are carried out exclusively upon the grant of explicit consent pursuant to Art. 6(1)(a) GDPR.

The parent company, Google LLC, as a U.S. entity, is certified under the EU–US Data Privacy Framework. An adequacy decision pursuant to Art. 45 GDPR is therefore in place, allowing the transfer of personal data without further safeguards or additional measures.

Further information on Google Tag Manager and Google’s Privacy Policy is available from Google.

 

Google Analytics 4

We use Google Analytics 4 (GA4) on our websites, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

In this context, pseudonymized usage profiles are created and cookies are used (see the “Cookies” section). The information generated by the cookie about your use of this website may include, among other things:

  • temporary collection of the IP address without permanent storage,
  • location data,
  • browser type/version,
  • operating system used,
  • referrer URL (previously visited page),
  • time of the server request.

The pseudonymized data may be transferred by Google to a server in the United States and stored there.

The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website and internet usage for purposes of market research and the needs-based design of these internet pages. This information may also be transmitted to third parties where required by law or where third parties process these data on our behalf.

These processing operations are carried out exclusively upon the grant of explicit consent pursuant to Art. 6(1)(a) GDPR.

The data retention period is 24 months. Otherwise, personal data are retained for as long as necessary to fulfill the processing purpose. The data are deleted as soon as they are no longer required to achieve that purpose.

The parent company, Google LLC, as a U.S. entity, is certified under the EU–US Data Privacy Framework. An adequacy decision pursuant to Art. 45 GDPR is therefore in place, allowing the transfer of personal data without further safeguards or additional measures.

Further information on data protection when using GA4 is available here: https://support.google.com/analytics/answer/12017362?hl=en.

Under the Digital Markets Act (DMA), Google is obliged to obtain users’ consent before processing user data for personalized advertising. Google meets this requirement with “Consent Mode.” Website operators are required to implement this in order to demonstrate that they obtain website visitors’ consent.

Google offers two implementation modes: the basic implementation and the advanced implementation.

We use the basic implementation of Google Consent Mode. Only if you grant your consent to the use of Google Analytics (see above) will a connection to Google be established, Google code executed, and the processing activities described above performed. If you refuse consent, Google receives only information that no consent has been given. The Google code is not executed and no Google Analytics cookies are set.

 

 

6. Rights of the data subject
You shall have the right:

  • pursuant to Article 15 GDPR, to request information on your personal data that we have processed. You may, in particular, request information on the purposes of the processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the data will be stored, the existence of a right of rectification, erasure, restriction of processing or an objection to such processing, the existence of the right to lodge a complaint, the source of your data where the data was not recorded by us, and the existence of automated decision-making, including profiling, and where applicable, meaningful information about the details of this;
  • pursuant to Article 16 GDPR, to request without delay the rectification of inaccurate personal data or the completion of your personal data which we have stored;
  • pursuant to Article 17 GDPR, to request the erasure of your personal data which we have stored, unless the processing is required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • pursuant to Article 18 GDPR, to request the restriction of the processing of your personal data if the accuracy of the data is contested by you, if the processing is unlawful, you however oppose the erasure of the data and we no longer need it, but it is required by you for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive your personal data, which you have provided us, in a structured, commonly used and machine-readable format or to request the transfer of the data to another controller;
  • pursuant to Article 7, para. 3, GDPR, to withdraw your consent that was once given to us at any time. This will mean that we may, in the future, no longer continue the data processing activity that was based on your consent, and
  • pursuant to Article 77 GDPR, lodge a complaint with a supervisory authority. As a rule, you may for such purposes contact the supervisory authority in the place of your habitual residence or workplace or of the headquarters of our law firm.

 

7. Right to object
Provided that your personal data are processed based on legitimate interests pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR, you have the right pursuant to Article 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or if the objection concerns direct marketing. In case of the latter, you have a general right of objection, which we will handle without the need to cite a particular situation. If you wish to avail yourself of your right of withdrawal or objection, an email addressed to kanzlei@lvr-frankfurt.com will suffice.

 

8. Data security
Whenever you visit our website, we use the commonly used SSL (Secure Socket Layer) process in conjunction with the, in each case, highest level of encryption supported by your browser. This is, as a rule, 256-bit encryption. If your browser does not support 256-bit encryption, we shall then instead utilise 128-bit-v3 technology. You can see whether an individual page of our online presence is transmitted in encrypted form by the display of the padlock symbol in the status bar of your browser. We also use the appropriate technical and organisational security measures to protect your data from accidental or deliberate tampering or partial or total loss or destruction, or from unauthorised access by third parties. Our security measures are continuously updated according to the best technology available.

 

9. Updates to this data privacy notice and amendments to the same
This data privacy notice is currently in force and is valid as of May 2018. It may be necessary, as the result of the further development of our website and the
offerings made through our website, or due to revised statutory and/or regulatory terms of reference, to amend this data privacy notice.


You may at any time print the, in each case, up-to-date data privacy policy here.