1. General Information
ERLBURG Rechtsanwaltsgesellschaft mbH
Friedrichstrasse 88, D-10117 Berlin
1.2 Legal basis
The term “personal data” under data protection law refers to all information relating to a specific or identifiable person. This includes, for example, their name, address or email. We process personal data in compliance with the relevant data protection regulations and only to the extent permitted by law. This means that we generally only process personal data if you have given your consent (Art. 6(1)(aa) GDPR), this is done for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Art 6(1)(b) GDPR), for compliance with a legal obligation (Art. 6(1)(c) GDPR) or if processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Art. 6(1)(f) GDPR).
1.3 Duration of storage
Unless otherwise stated in the following information, we only store your personal data for as long as is necessary to achieve the processing purpose or to fulfill our contractual or legal obligations. Such statutory retention periods may result in particular from commercial, tax law or special legal standards.
1.4 Recipient of the data
We use contracted service providers for certain data processing. This includes maintenance, hosting and support of IT systems, marketing activities, brand management, translations or the destruction of files and data media. Such service providers commissioned by us process the personal data in question only in accordance with our express instructions and are obliged to ensure confidentiality and the legally required level of data protection with suitable technical and organizational measures. In addition, we may transfer personal data of our clients to postal and delivery services, courts, opposing parties, our house bank, tax advisors / auditors, fiscal or other authorities.
1.5 Processing when exercising your rights in accordance with Art. 15 – 22 GDPR
If you exercise rights under Art. 15 – 22 GDPR, the personal data transmitted to us in this context will be processed by us for the purpose of implementing these rights. This allows us to provide evidence in this regard, as we are legally obliged to do (Art. 6(1)(c) GDPR).
1.6 Your rights
If you as a person are affected by data processing by us, you can exercise your rights against us. You have the following rights in particular:
- According to the provisions of Art. 15 GDPR and para. 34 BDSG, you have the right to request information as to whether and if so to what extent we are processing personal data about you or not.
- According to the provisions of Art. 16 GDPR, you have the right to ask us to correct your data.
- According to the provisions of Art. 17 GDPR and para. 35 BDSG, you have the right to ask us to erase your personal data.
- According to the provisions of Art. 18 GDPR, you have the right to restrict the processing of your personal data.
- According to the provisions of Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided in a structured, commonly used and machine-readable format and to transmit this data to another controller.
- If you have given us separate consent to data processing, you can withdraw this consent at any time according to the provisions of Art. 7 GDPR. We wish to point out that this does not affect data processing based on consent prior to withdrawal.
- If, in your view, the processing of the personal data concerning you infringes the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
1.7 Right to object
According to the provisions of Art. 21(1) GDPR, you have the right to object to processing on the legal basis of Art. 6(1)(e) or (f) GDPR on grounds relating to your particular situation. If we process personal data about you for direct marketing purposes, you can object to this processing in accordance with Art. 21(2), (3) GDPR.
2. Data processing on our website
When you use our website, information is collected that you provide yourself. In addition, certain information about your website usage is automatically recorded during your visit to our website. Under data protection law, the IP address is also regularly regarded as personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send or receive data.
2.1 Processing of server log files
When using our website, general information that your browser transmits to our server is stored automatically, i.e. when it is used without registering. By default, this includes the browser type/version, the operating system used, the website accessed, the website previously visited (referrer URL), the host name of the accessing computer, the IP address, date and time of the server request. This processing is necessary so that you can access our website content and serves our legitimate interest in providing a website, Art. 6(1)(f) GDPR. The log files are not saved.
You can send us a message using the contact email on the website. We process the data provided by you for the purpose of answering your query. If your query relates to the conclusion of a mandate agreement or a contract of another nature with us, Art. 6(1)(b) GDPR is the legal basis for the data processing. Otherwise, we process the data based on our legitimate interest in contacting inquiring persons. The legal basis for data processing in this case is Art. 6(1)(f) GDPR.
Adobe Typekit is used on our website to display fonts. Adobe Typekit is a font library access service that is provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA. When a page of our website is opened, the browser loads the required web fonts into your browser cache in order to display texts and font types correctly. No cookies are placed or used when the Typekit service is used to provide the fonts. Adobe may collect information about the fonts used to identify the website itself and the linked Typekit account in order to provide the Typekit service. Further information are provided in the information section of Adobe Typekit and in the Adobe Data Protection Guidelines.
3. Data processing on our LinkedIn page
We operate a LinkedIn page on which we present our company, provide information about our services and communicate with our clients or interested parties. If you contact us via LinkedIn or interact with our site, we process personal data about you. If the query relates to the conclusion or implementation of a mandate agreement or a contract of another nature with us, this is done on the basis of Art. 6(1)(b) GDPR. Otherwise, we process the data based on our legitimate interest in contacting inquiring persons. The legal basis for data processing in this case is Art. 6(1)(f) GDPR.
4. Further data processing
4.1 Contracts with service providers
In order to enter into or carry out a contractual relationship with you as a service provider, the processing of personal master, contract and payment data is regularly necessary. Art. 6(1)(b) GDPR is the legal basis for this processing.
4.2 Client relationship
Your personal data will be processed in the context of a client relationship or the initiation of a client relationship, insofar as this is necessary for the establishment and implementation of the client relationship. This includes, in particular, your first and last name, your contact details and other data required for the execution of the mandate, depending on the type and scope of the mandate issued. Art. 6(1)(b) GDPR is the legal basis for this processing.
If your personal data relating to an existing or future mandate is transmitted to us by third parties, the data processing serves to implement the mandate. If your personal data is transmitted to us because our client is considering making claims against you, or our client expects such claims to be made by you, the data processing also serves to assert, exercise or defend legal claims. The processing therefore serves to protect our client’s legitimate interests in accordance with Art. 6(1)(f) GDPR.
If you apply to ERLBURG Rechtsanwaltsgesellschaft mbH, we process your application data exclusively for purposes related to your interest in working for us and in the processing of the application. The application is only viewed and processed by the relevant contact persons in our office. All employees entrusted with data processing are obliged to maintain confidentiality in respect of the data. If we do not offer you any employment, the data you provide will be kept by us for up to 3 months after any rejection in order to answer possible questions about the application/a possible challenge. This does not apply if statutory provisions prevent deletion, further storage is necessary for evidence purposes, or you have expressly consented to longer storage. The legal basis for data processing is para. 26(1), sentence 1 BDSG.
Date: March 2020