Data Protection

1. The person responsible within the meaning of the General Data Protection Regulation (GDPR) is

Dr. Dydra Donath
Talmühlenstrasse 42
52525 Heinsberg

E-Mail: info@dydra-donath-law.com
Phone: +49 2452 8607324

2. Data processing for the handling of client matters

We process personal data insofar as this is necessary for the establishment of client relationships and the handling of client matters, namely from:

  • Clients and their employees and board members (board members, managing directors)
  • Third parties whose personal data are required for the establishment of the relationship or the handling of the client matter. These include, among others, direct and indirect shareholders of the client, business and contractual partners as well as advisors of the client, (potential) opponents in a legal dispute  and their legal advisors as well as the employees and members of the bodies of the persons and entities mentioned.
  • Employees of authorities and courts.
  • Witnesses and experts.

The following personal data are processed insofar as they are necessary for the establishment of a client relationship or the handling of a client matter:

  • Contact information, in particular first and last name, title if applicable, address, telephone number, e-mail address
  • Information on professional activity
  • Information on income and financial circumstances / assets
  • other personal data which are required for the determination and legal assessment of the facts and the appropriate legal advice and representation of the client in connection with the matter.

Insofar as we do not receive this personal data directly from the data subjects (e.g. in the context of correspondence with contacts at clients and/or opposing parties), the data originates from the following sources:

  • Clients
  • Courts and authorities (e.g. in the context of file inspection and/or receiving in­formation)
  • Other third parties (e.g. parties to the proceedings, witnesses, etc.)
  • Publicly accessible sources (public registers, internet research)

These data are processed in connection with the handling of a client matter for the following purposes:

  • To fulfil of legal requirements (e.g. under the Money Laundering Act) to identify the client and the beneficial owners associated with the client. The legal         basis for this processing is Art. 6 para. 1 subpara. 1 letter c DSGVO /GDPR.
  • Checking  of possible conflicts before accepting a matter
  • Determing and legally assess the facts of the matter
  • Advising and respresenting the client
  • Correspondence with clients, authorities, courts and other parties involved
  • Issuing invoices
  • Processing and asserting other claims arising from the client relationship.

The legal basis for these processing activities is, insofar as personal data of the client are processed, Art. 6(1), first subparagraph (b) of the GDPR; otherwise Art.6 (1), first subparagraph 1 (f) of the GDPR. The legal basis for the processing of special categories of personal data is Article 9 (2)( f) of the GDPR.

To the extent necessary for the handling of a client matter, we transfer personal data to the following recipients:

  • clients
  • authorities and courts
  • other third parties. These include, but are not limited to, direct and indirect shareholders of the client, business and contractual partners as well as advisors of the client, (potential) opponents in a legal dispute and their legal advisors.

In individual cases, data is also transferred to recipients in third countries outside the European Union or the European Economic Area for which the European Commission has not formally established the existence of an adequate level of data protection pursuant to Article 46 of the GDPR. Unless the transfer is necessary for the assertion, exercise or defence of legal claims (Article 49(1), first subparagraph (e) of the GDPR) and there is no other reason for transfer pursuant to  Article  49(1) of the GDPR, appropriate safeguards for the protection of personal data at the recipient’s end are provided, regularly in the form of data protection contracts based on so-called standard data protection clauses pursuant to Article 46 (2) (c) of the GDPR.

Personal data is stored for as long as it is necessary to process it for the afore­mentioned purposes, unless statutory pro­visions require a longer storage period.

3. Information about privacy when com­muni­cating and/or collaborating using Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, please refer to the Microsoft Teams privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

4. Collection and storage of personal data, as well as their nature, purpose and use when visiting the website

When you visit our website www.dydra-donath-law.com, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the downloaded file
  • The website from which the access was made (referrer URL)
  • The type of browser and operating system you are using and the name of your access provider

We will process the above data for the following purposes:

  • To ensure a smooth connection to the website
  • To ensure that our website is easy to use
  • Assessment of system security and stability
  • Other administrative purposes

The legal basis for data processing is Art. 6 par. 1 (1) lit. f GDPR. Our legitimate interest is based on the above-mentioned purposes of data collection. Under no  circumstances do we use the collected data to draw conclusions about your person.

When you subscribe to our newsletter

If you have given your express consent in accordance with Article 6(1)(1)(a) of the GDPR, we will use your email address to send you our newsletter on a regular  basis. The provision of an email address is sufficient to receive the newsletter.

You can unsubscribe at any time, for example by following the link at the end of each newsletter. Alternatively, you can unsubscribe at any time by emailing info@dydra-donath-law.com.

If you use our contact form

If you have any questions, you can contact us using the form provided on the website. It is necessary to provide a valid email address so that we know who sent the query and can respond. Other information is optional.

Data processing for the purpose of contac­ting us is carried out in accordance with Article 6 (1) (1) (a) of the GDPR, on the basis of your voluntarily  given  consent.

The personal data we collect when you use the contact form will be automatically deleted once we have dealt with your enquiry.

5. Passing on data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only share your personal infor­ma­tion with third parties if:

  • you have given your express consent to this in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO
  • the disclosure is necessary in accordance with Art. 6 (1) p. 1 lit. f DSGVO for the assertion  exercise or defence of legal claims and there is no reason to   assume that you have an overriding interest worthy of protection in the non-disclosure of your data
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.

6. Social Media Plug-ins

We use social plug-ins from the social network Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA  (“Instagram”) on our website on the basis of Art. 6 (1) sentence 1 lit. f GDPR in order to raise awareness of our law firm. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection-compliant operation is to be ensured by their respective providers. We integrate these plug-ins using the so-called two-click method in order to protect visitors to our website as best as possible.

The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”.

When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the Insta­gram servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram.

This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the „Instagram” button, this information is also transmitted directly to an Instagram server and stored there.

The information will also be published on your Instagram account and shown to your contacts there.

If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website.

For more information, please see the privacy policy of Instagram

7. Rights of affected persons

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • to demand the correction of incorrect or incomplete personal data stored by us without delay in accordance with Art. 16 GDPR;
  • pursuant to Art. 17 GDPR to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to   freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you,   the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal   claims or you have objected to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to re­ceive the personal data that you have provided to us in a structured, ordinary and machine-readable format or to request its transfer to another controller.
  • You may revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This will have the effect that we will no longer be able to continue processing data based on this consent in the future, and
  • complain to a supervisory authority in accordance with Art. 77 DSGVO. As a general rule, you can contact the supervisory authority for your usual place of residence or work or for our registered office.

8. Rights of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to info@dydra-donath-law.com.

9. Data security

We use the widely used Secure Socket Layer (SSL) in conjunction with the highest level of encryption supported by your browser when you visit the site.This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell if a particular page of our website is being transmitted in encrypted form by the closed key or lock icon in the bottom status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technologi­cal developments.

10.  The up-to-dateness of and any changes to this data protection notice

This data protection notice is currently valid and has the status of May 2023.