Information obligations according to Article 13 of the EU General Data Protection Regulation (GDPR)

  1. Identity and contact details of the controller 

    These information obligations apply to the processing of personal data by the controller: SWM Rechtsanwälte ABC mbB, Kaiserhofstraße 16, 60313 Frankfurt/Main, Germany, local court of Frankfurt/Main, PR 2315, email: info [@] swm-legal.eu, phone: 0049 (0)69 2222 609 100, fax: 0049 (0)69 2222 609 101. We are committed to protecting and respecting your privacy. According to Article 4 No. 1 GDPR, personal data is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. For example, your name or email address is considered personal.

  2. Purposes of data processing, legal basis, storage period

    Personal data collected during visits to our web pages at “www.swm-legal.eu” will only be processed in accordance with the applicable data protection regulations and to the extent necessary.

    1. Visit to our website

      When you visit our website, the web servers of our website temporarily save every access of your terminal device in a log file. The following data is recorded and stored until it is automatically deleted:

      •    IP address of the requesting computer
        ii.    Date and time of access
        iii.    Name and URL of the retrieved data
        iv.    Amount of data transferred
        v.    Message whether the retrieval was successful
        vi.    Browser and operating system used
        vii.    Name of the Internet access provider
        viii.    Web page from which access is made (referrer URL)
        ix.    This data is processed for the following purposes
        o     Enabling the use of the website (establishing the connection)
        o     Administration of the network infrastructure
        o     Appropriate technical and organisational measures for IT system and information security, taking into account the state of the art
        o     Ensuring a user-friendly use
        o     Optimisation of the website offer
        x.    The legal bases for the above processing operations are
        o     for processing data relating to the visit of the web pages under nos. 1-2, Article 6(1) point b (necessary for performing the web page usage agreement),
        o     for processing operations referred to in no. 3, Article 6(1) point c GDPR (legal obligation to implement technical and organisational measures to secure data processing pursuant to Article 32 GDPR) and Article 6(1) point f GDPR (legitimate interests in data processing for network and information security), and
        o     for processing operations referred to in nos. 4-5, Article 6(1) point f GDPR (legitimate interests). The legitimate interests of our data processing consist in making our offer user-friendly and optimising it.
        o     The aforementioned data will be deleted after 7 days at the latest or IP addresses will be anonymised by shortening them. If data is processed for longer periods of time for purposes according to nos. 2-5, it will be anonymised or deleted when storage is no longer required for the relevant purpose.
    2. Newsletter

      If you have given your express and voluntary consent in accordance with Article 6(1) point a GDPR (consent), we will use your email address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an email address. You can voluntarily provide further information.
      After your registration, you will receive a registration notification by email, which requires your confirmation for you to receive the newsletter (double opt-in procedure). The confirmation proves to us that the registration actually originated from the owner of the email address used.
      You can unsubscribe from the newsletter at any time, for example using the link at the end of each newsletter. In this case, the data you provided when you registered will be deleted. Alternatively, you can send a cancellation request at any time to the data protection officer at the email address provided above. The cancellation is also a revocation of your consent.

    3. Use of the contact form and inquiries by email

      For inquiries of any kind, we offer you the option of contacting us through a form provided on the website or by email to the email addresses provided on the website. For this purpose, a valid email address is required for the inquiry can be answered, as well as information about your identity, e.g. your name, in engagement-related matters or to provide individual information. If you do not provide this information, it may not be possible to provide answers to inquiries. Optionally, further information can be provided voluntarily; failure to provide such further information has no influence on the response.
      Data processing for the purpose of contacting us is carried out in accordance with Article 6(1) point a GDPR (consent) or Article 6(1) point b GDPR (implementation of pre-contractual measures) or in the case of ongoing client relationships in accordance with Article 6(1) point b GDPR (performance of contract). The personal data collected by us as a result of your use of the contact form will be deleted after the completion of the inquiry you have made or subsequent transactions resulting from it.

    4. No further processing

      Personal data will not be processed beyond the cases mentioned above, unless you expressly agree in advance to further processing.

  3. Disclosure to third parties, processors, categories of recipients

    Any transfer of your personal data to third parties, i.e. to individuals or legal entities other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorised to process the personal data, will take place only for the purposes set out below:

    •    You have given your express and voluntary consent in accordance with Article 6(1) point a GDPR,
      ii.    According to Article 6(1) point b GDPR, the transfer is necessary for the processing of contractual relationships with you, e.g. to suppliers or recipients of goods or services named by you.
      iii.    There is a legal obligation to pass on the data in accordance with Article 6(1) point c GDPR, e.g. to financial or law enforcement authorities.
      iv.    According to Article 6(1) point f GDPR, the transfer is required for the establishment, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not transferring your data; such transfer may be made, for example, in the event of attacks on our IT systems to state institutions and law enforcement agencies.

    Our web pages are hosted exclusively on servers in Germany by Hetzner Online GmbH, Industriestrasse 25, 91710 Gunzenhausen, Germany, on our behalf in accordance with Article 28 GDPR.
    We remain responsible for data protection even when processors are involved. We do not intend to transfer your personal data to a third country.

  4. Cookies

    We use cookies on our websites. Cookies are small text files that are automatically stored locally in the cache of your web browser on your end device when you visit our site. Information is stored in the cookie which is related to the specific terminal device used, e.g. stored language settings or screen resolutions. This does not mean, however, that we obtain direct knowledge of your identity.

    The use of cookies serves to make the use of our offer more convenient for you, for technical session control and to enable certain functions.

    We use so-called session cookies to recognise that you have already visited individual pages of our website within a session and to enable session control, e.g. to save form entries during the session. Session cookies are deleted at the latest when you close your web browser.

    The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Article 6(1) point f GDPR. In the case of cookies necessary for the functioning of the website, processing is carried out in accordance with Article 6(1) point b GDPR (performance of a contract).

    You can also view our websites without cookies. However, most web browsers automatically accept cookies. You can set your web browser settings to prevent cookies from being saved or to always display a message before a new cookie is created. You can also delete cookies via your web browser. However, deleting or disabling cookies may mean that you will not be able to use all the features of our website in the same way.

  5. Social Plug-Ins

    On our websites, we also use social plug-ins from Google Inc., USA, especially integrated maps. These plug-ins are technically operated in the USA or other countries outside Germany and the European Union and are partly offered through national companies in the EU. When you open a page of our website in your web browser that contains such a plug-in, your web browser establishes a direct connection to the provider’s servers in the respective country. By integrating the plug-ins, the provider receives at least the information that your web browser has visited a certain page of our website, and possibly also further information that your web browser or the device you are using reveals. The content of the plug-in is loaded by your web browser directly from the provider and integrated into our website. If you are registered and/or logged in with the respective provider, your visit can also be assigned to your user account. If you interact with a plug-in, e.g. if you call up directions, this information is also transmitted directly from your web browser to the provider, where it is stored and used further if necessary. The purpose and scope of the described data collection and use are mainly marketing measures of the provider. More detailed information is available in the privacy policies of the relevant provider (see www.google.de), which also describe your rights and where you can set options to protect your privacy . The legal basis for this data processing on our websites is Article 6(1) point f GDPR (legitimate interests). We do not store any data for interaction with plug-ins. If you do not want a provider to collect data about you via our websites, you must deactivate plug-ins in your web browser. Certain functions such as map viewing will then no longer be available. If you want to avoid being linked to an existing user account, you must log out before visiting our websites.

  6. Rights of data subjects

    You have the right:

    • to request information about your personal data processed by us, in accordance with Article 15 GDPR. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, where possible, the envisaged period for which the personal data will be stored, the existence of a right of rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the source of your data, if not collected from you, and the existence of automated decision-making including profiling and, if applicable, meaningful information on its details,
      ii.     to request without undue delay the rectification of inaccurate or incomplete personal data stored by us, in accordance with Article 16 GDPR, 
      iii.     to request the erasure of your personal data stored by us, if in accordance with Article 17 GDPR if
      o     they are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
      o     you withdraw your consent on which the processing was based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing,
      o     you object to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or you object to processing for the purpose of direct marketing, including related profiling, pursuant to Article 21(2),
      o     the personal data have been unlawfully processed,
      o     the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject,
      o     the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR (consent of a child).
      iv.    The right to erasure shall not apply to the extent that the processing is necessary
      o     for exercising the right of freedom of expression and information 
      o     for compliance with a legal obligation, for reasons of public interest in the area of public health or for archiving purposes in the public interest, or
      o     for the establishment, exercise or defence of legal claims.
      v.     to request the restriction of the processing of your personal data, in accordance with Article 18 GDPR, provided that
      o     you contest the accuracy of the personal data,
      o     the processing is unlawful, but you opposes the erasure of the personal data,
      o     we no longer need the data, but you need them for the establishment, exercise or defence of legal claims, or
      o     you objected to processing pursuant to Article 21 GDPR.
      vi.     to receive your personal data that you have provided us in a structured, commonly used and machine-readable format or to request to transmit those data to another controller, in accordance with Article 20 GDPR,
      vii.     to revoke your consent to us at any time, in accordance with Article 7(3) GDPR. As a result, we may no longer continue data processing based on this consent in the future if there is no other legal basis for doing so and
      viii.    to lodge a complaint with a supervisory authority in accordance with Article 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our registered office.
       
  7. Right to object

    If your personal data is processed on the basis of legitimate interests in accordance with Article 6(1) point f) GDPR, pursuant to Article 21 GDPR, you have the right to object to the processing of your personal data if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without specifying a special situation.
    If you would like to make use of your right of revocation or objection, you can contact us using the contact details given above and send us an email, for example.

  8. Data security

    We use the common SSL (secure socket layer) method in connection with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256 bit encryption. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed key or lock symbol in the status bar of your web browser.
    We also use appropriate technical and organisational measures to secure data processing, in particular to protect your data against manipulation or unauthorised access. In doing so, we take into account the state of the art. Our security measures are adapted according to technological developments.

  9. Relevance, validity and amendment of this privacy policy

    By using our website, you agree to the data processing described above. This privacy policy is currently valid and dated 19 May 2018. Due to changes in the legal framework, the further development of our website and offers, the implementation of new technologies or due to changed legal or official requirements, it may become necessary to amend this privacy policy with effect for the future. You can access the current privacy policy at any time on our website and save or print it.

  10. Severability clause

    Should any provisions of this privacy policy be or become invalid or unenforceable in whole or in part, this shall not affect the validity of the remaining provisions. The same applies in case of gaps.