Name and contact details of the persons responsible for the processing
This data privacy information applies for the data processing by the following:
CETI Law Grosche & Stölzle Rechtsanwälte GbR
Controller:Daniel Grosche and Christian Stölzle
Head office of the company: Im Grund 1A, 13591 Berlin
Phone: +49 (0)30 403 658 470
Fax: +49 (0)30 403 658 471
Collection and storage of personal data, and the type and purpose of their use
When visiting the website
When visiting our website, https://www.cetilaw.de/, information will be automatically sent to the servers of our website by the browser used on your end device. This information will be stored temporarily in a so-called log file. The following information will thereby be collected without your assistance and stored until automatic erasure:
- IP address of the querying computer
- Date and time of access
- Name and URL of the file being accessed
- Website from which access takes place (referrer URL)
- Browser used and, if applicable, the operating system of your computer, and the name of your access provider
The named data will be processed by us for the following purposes:
- To guarantee the smooth connection of the website
- To guarantee easy use of our website
- To analyse system security and stability
- For other administrative purposes
The legal basis for the data processing is Art. 6 (1)(1)(f) GDPR. Our legitimate interest comes from the above-listed purposes of the data collection. In no case will we use the collected data for the purposes of tracing your personal identity.
When sending emails and using the contact form
In the case of queries of any kind, we will grant you the opportunity to contact us via the email address info[at]cetilaw.de and via our contact form. It is thereby necessary to enter a valid email address, so that we know who the query came from and so that we can respond to it. Further details can be provided voluntarily.
The data processing for the purpose of establishing contact with us takes place in accordance with Art. 6 (1)(1)(a) GDPR on the basis of your voluntarily granted consent.
The personal data collected by us when a corresponding query is sent will be automatically erased after the query sent by you has been answered, or sent to a file (to be created), upon the issue of a mandate.
Special features of communication via unencrypted email
The lawyers’ duty of confidentiality forms one of the basic requirements of a lawyer’s activities. Not only is it explicitly specified in § 43 Para. 2 BRAO as a professional duty, but it is also protected as a legal right in accordance with § 203 Para. 1 No. 3 StGB (Strafgesetzbuch – Criminal Code) During the electronic communication between the lawyer and the client, the transfer of the data must therefore be protected by suitable encryption. Otherwise, there is the possibility that transferred data may be intercepted and read by third parties. There is also the risk that competitors will find out trade secrets this way, and that they can be used against the clients. As a result, it must be ensured that the right to informational self-determination of the client is protected against unauthorised access by third parties, and therefore that careful handling of the client’s data is guaranteed.
Regular email traffic does not meet the above requirements. There are particular risks of unauthorised access, duplication and falsification by unauthorised third parties, meaning that the legal requirements regarding data privacy and IT security can no longer be met. Communication via email may involve security vulnerabilities.
The use of unencrypted emails for communication is therefore only possible at one’s own risk. Liability for consequent loss is excluded, provided that there has been no intentional or grossly negligent conduct on our part. Should you wish to use alternative communication methods, please contact us.
If you appoint us as your lawyers, we will collect and process the following information:
- Salutation, first name, surname, academic title, title of nobility
- A valid email address
- Telephone number (landline or mobile)
- Information that is necessary for the assertion and defence of your rights as part of the mandate
- Legal protection information and insurance number
- Bank account details
The collection of these data takes place exclusively, if required for the following purposes:
- To identify you as our client
- To provide you with appropriate legal advice and represent you
- For correspondence with you
- For invoicing
- For the handling of any existing liability claims and to assert any claims against you
The data processing takes place upon your request and is required in accordance with Art. 6 (1)(1)(b)(c) and (f) GDPR for the named purposes, for the appropriate processing of the appointment order, for the mutual fulfilment of obligations resulting from the mandate agreement, and to safeguard our legitimate interests.
To process personal data, we use software which is customary in the industry.
The personal data collected by us for the mandate order will be stored until the end of the statutory retention periods (up to 6 years after the end of the calendar year in which the mandate was terminated) and then erased, unless we are obliged to store them for longer periods in accordance with Art. 6(1)(1)(c) GDPR due to fiscal or commercial retention and documentation obligations (from the HGB, StGB, AO or BRAU), or if you have consented to further storage in accordance with Art. 6(1)(1)(a) GDPR.
Forwarding to third parties
Transfer of your personal data to third parties for purposes other than those listed below will not take place.
We will only pass on your personal data to third parties if:
you have granted your explicit consent in accordance with Art. 6 (1)(1)(a) GDPR,
the transfer is required in accordance with Art. 6 (1)(1)(f) GDPR for the establishment, exercise or defence of legal claims, and there is no reason to assume that you have an overriding legitimate interest in the non-transfer of your data,
in the event that there is a legal obligation to transfer the data in accordance with Art. 6 (1)(1)(c) GDPR, and
doing so is legally permitted and required in accordance with Art. 6 (1)(1)(b) GDPR for the handling of contractual relationships with you.
Attorney-client privilege remains unaffected. If the data are subject to attorney-client privilege, transfer to third parties will only take place in consultation with you.
Information will be stored in the cookie and will be related in each case to the specific end device used. However, this does not mean that we will therefore receive direct knowledge of your identity.
To optimise user-friendliness, we also use temporary cookies that will be stored on your end device for a certain set timeframe. If you visit our site again to use our services, it will be automatically recognised that you have already visited us and what data and settings you entered, so that they do not have to be re-entered.
The data processed by cookies is required for the named purposes, to safeguard our legitimate interests and those of third parties, in accordance with Art. 6 (1)(1)(f) GDPR.
Most browsers accept cookies automatically. However, you can set your browser so that no cookies are stored on your computer, or that a notification always appears before a new cookie is created. The complete deactivation of cookies, however, can mean that you are unable to use all features of our website.
You can edit your cookie settings here.
Google uses the so-called standard contractual clauses of the European Commission and hereby provides a guarantee that European data privacy law will be obeyed.
Google will use this information on our behalf, in order to analyse the use of our website by the users, compile reports about the activities within this website, and provide us with other services related to the use of this website and the use of the internet. Pseudonymised usage profiles of the users may thereby be created from the processed data.
We only use Google Analytics with activated IP anonymisation. This means that the IP addresses of the users will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA, and shortened there.
The IP addresses passed on by the user’s browser will not be merged with other Google data. Users may prevent the storage of cookies by setting their browser software accordingly; users can also prevent the data obtained by the cookie and related to their use of the website from being collected and sent to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Users’ personal data will be erased or anonymised after 14 months.
Rights of the data subject
- in accordance with Art. 15 GDPR to request information about your personal data which are being processed by us. In particular, you may request information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or withdrawal, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us, and the existence of an automated decision-making process including profiling, and any meaningful information about its individual features;gemäß Art. 16 DSGVO unverzüglich die Berichtigung unrichtiger oder Vervollständigung Ihrer bei uns gespeicherten personenbezogenen Daten zu verlangen;
- in accordance with Art. 16 GDPR to immediately request the rectification of incorrect data or completion of your personal data which are stored by us;
- in accordance with Art. 17 GDPR to request the erasure of your personal data which are stored by us, if the processing is not required to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims;
- in accordance with Art. 18 GDPR to request the restriction of processing of your personal data, if you dispute the accuracy of the data, if the processing is unlawful but you reject its erasure, and we no longer need the data, but you require it for the establishment, exercise or defence of legal claims, or if you have objected to the processing in accordance with Art. 21 GDPR;
- in accordance with Art. 20 GDPR to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format, and to transmit those data to another controller;
- in accordance with Art. 7 (3) GDPR to withdraw at any time the consent you once granted us. As a consequence, in the future we will no longer be able to continue the data processing which was based on this consent, and
- in accordance with Art. 77 GDPR to lodge a complaint with a supervisory authority. Generally, for this purpose, you can contact the supervisory authority of your usual place of residence or work, or that of the office of our law firm.
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 (1)(1)(f) GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data, on grounds relating to your personal situation, or if the objection is to direct marketing. In the latter case, you have a general right to object, which will be implemented by us without the need to state your specific situation.
If you would like to exercise your right to withdraw or object, an email to info[@]cetilaw.de is sufficient.