Privacy statement

The following information serves the purpose to fulfill the obligation to provide mandatory information according to the General Data Protection Regulation - GDPR ("Privacy statement").

 

Data Protection

We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

The use of our website is generally possible without providing personal data. As far as personal data (for instance name, addresses or e-mail addressed) are collected when visiting our websites, it occurs only on a voluntary base as far as possible. No personal data will be forwarded to any third parties without your express consent except when necessary in the execution of the contract, as to the payment processing with the responsible institution. We would like to point out that security loopholes may occur in the course of data transmission via the Internet which cannot be prevented by the technical design of this website. A complete protection of personal data is not possible when using the Internet.

 

Name and address of the data controller

As long as data is being processed while visiting the online content provided by proto-legal.de, the responsible controller is the following:

Rechtsanwalt (Attorney-at-law, lawyer)
Robert Proto
Unter den Linden 10
10117 Berlin

Telephone: +49 30 8145607-60
Telefax: +49 30 8145607-69
E-mail address: 

 

General

Our web portal can generally be used without providing personal data. Individual functions of the portal require the processing of personal data. However, before these are collected and processed, we ask for your consent.

Scope of the processing of personal data

The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons, but the processing of the data is permitted by law.

There is neither a contractual nor a legal obligation to provide any data requested in forms. Failure to provide information means that we cannot provide the content and / or service linked to the form.

An evaluation of data for direct marketing purposes does not take place, just as there is no profiling for other purposes.

Legal basis for the processing of personal data

We only process personal data if the person concerned has consented or if the law allows us to process it. Permissions that are relevant for us can be found, for example, in the EU General Data Protection Regulation (GDPR), the Berlin Data Protection Act (BlnDSG), Telemedia Act (TMG) or in the Federal Data Protection Act (BDSG).

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 letter a GDPR serves as the legal basis.

When processing personal data that is necessary to fulfill an obligation towards you (sending a newsletter or press releases after registration), Article 6 Art. 6 para. 1 letter b GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Art. 6 para. 1 letter f GDPR serves as the legal basis for the processing.

Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

Technical and organizational measures to protect your data

Through appropriate technical and organizational measures (TOM), we ensure that your data is not unintentionally or unlawfully destroyed and / or lost and / or changed and / or disclosed to third parties and / or third parties have unauthorized access during collection and processing Receive your data.

The transmission of all data via the Internet to our portal is at least secured against unauthorized access by a 128-bit encryption (https: //). Furthermore, cookies that are not necessary are only set after you have given your express consent (more on this below).

 

Cookies

Description and scope of data processing

We use so-called cookies on our portal. Cookies are brief pieces of information that your Internet browser saves on your computer. They serve to make our website and the offers there user-friendly. For example, we also remember our data protection information in a cookie. The cookies used are so-called session cookies, which are deleted again after the end of your visit.

Legal basis for the processing of personal data

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 letter f GDPR, unless the cookie is absolutely essential for using the service. If a cookie is absolutely necessary (e.g. when saving shopping carts in online shops or consenting to the integration of Google Maps here in the portal), the legal basis is Art. 6 para. 1 letter a GDPR.

The purpose of using technically necessary cookies is that the pages behave in accordance with the consent you have given.

We want to display our pages optimally on the devices used and also offer the information you are looking for. Cookies that are not absolutely necessary help us to implement this concern, which is also our legitimate interest (within the meaning of Art. 6 para. 1 letter f GDPR).

Duration of storage, possibility of objection and removal

Session cookies are deleted after your visit. You can prevent the use of cookies by setting your browser accordingly. You also have the option of deleting cookies individually or in bulk in your browser at any time.

 

Provision of the website and creation of log files

Description and scope of data processing

Every time our website is called up, our web server automatically collects the following data and information from the computer system of the calling computer:

  1. Browser type and version
  2. operating system used
  3. Website from which you are visiting us (referrer URL)
  4. Website that you visit with us
  5. Date and time of your access
  6. HTTP status code of your access

These data are stored separately from any personal data you may have entered and thus do not allow any direct conclusions to be drawn about a specific person. Your IP address is not saved by our web server.

A transfer of data to third parties does not take place.

Legal basis for data processing

The legal basis for the storage of the data and the log files is Art. 6 para. 1 letter f GDPR.

Purpose of data processing

Temporary processing of the IP address by the system is necessary to enable the website to be delivered to the user's computer. To do this, the user's IP address must be stored temporarily for the duration of the session.

The above-mentioned data is stored in log files in order to ensure the functionality of the website or to restore it. In addition, we use the data to optimize the website and to ensure the security of our information technology systems.

Our legitimate interest in data processing according to Art. 6 para. 1 letter f GDPR also lies in these purposes.

Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is usually the case after three months. Storage beyond this is possible.

Objection and removal option

The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website, so that this cannot be contradicted.

 

Contact form and email contact

Description and scope of data processing

On our website, we offer you the opportunity to contact us by email and / or using forms.

In the contact form, only the data requested in the respective form is collected and only transmitted to our server with consent. We also save the date and time of the process.

Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be saved.

The data will only be used to conduct the conversation. The data is not passed on to third parties, nor is the data collected in this context compared with data that may have been collected by other components of our site.

Legal basis for data processing

If the user has given his / her consent, the legal basis for processing the data is Art. 6 para. 1 letter a GDPR. The legal basis for processing the data that is transmitted in the course of sending an email is Art. 6 para. 1 letter f GDPR. If the aim of the e-mail contact is to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 letter b GDPR.

Purpose of data processing

The processing of the personal data from the input mask serves us only to process your request and to contact you. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case for the personal data from the input mask of the contact form and those sent by e-mail if it can be inferred from the circumstances that the facts in question have been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of 30 days at the latest.

Objection and removal option

The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

 

Rights of the data subject

Everyone whose personal data is in the possession of a third party and / or is being processed by a third party has rights vis-à-vis this third party, which allow him to review the legality of the possession and processing of the personal data by the third party and, if necessary, to enforce the legality should. These rights, which you may also have against us in individual processing operations, are:

  • Right of revocation, with which you can withdraw your consent to the storage and / or processing of data relating to you at any time with effect for the future,
  • Right to information, with which you can request information about the personal data that we have about you and numerous circumstances relating to the processing of this data (Art. 15 GDPR),
  • Right to correction, with which you can request the correction of incorrect and / or incomplete data relating to you (Art. 16 GDPR),
  • Right to deletion, with which you can essentially request the deletion of data that we are no longer allowed to store and / or process (Art. 17 GDPR),
  • Right to restriction of processing, with which you can, under certain circumstances, prevent data stored about you from being further processed for certain purposes (Art. 18 GDPR),
  • Right to object to processing, with which you can, under certain circumstances, prevent such processing that we are only allowed to do based on weighing our interests and yours (Art. 21 para. 1 GDPR),
  • Right to object to the processing of your data for the purpose of direct advertising, with which you can, for example, prevent direct mail from being sent by post, SMS, email, WhatsApp, etc. (Art. 21 para. 2 GDPR),
  • Right to data portability, with which you can request the surrender of data concerning you and which we have received from you digitally in a common exchange format (Art. 20 GDPR),
  • Right to personal information and decision, which gives you the opportunity in cases in which automated decisions affecting you with legal or similar effects have been made, to request the intervention of a person, to present your own point of view and to contest the decision (Art. 22 GDPR).

If, after you have exercised your rights, we have to restrict the processing of data, delete data or correct data, we are legally obliged to prevent third parties to whom the data affected by your exercise of rights have been transmitted from the correction, deletion and / or restriction to inform (Art. 19 GDPR).

 

Right to complain

If you have any doubts about the legality of our handling of your data, you can always contact the following supervisory authority responsible for us in data protection issues:

Berliner Beauftragte für Datenschutz und Informationsfreiheit ("Berlin Commissioner for Data Protection and Freedom of Information")
Friedrichstr. 219
10969 Berlin

Telephone: 030 13889-0
Telefax: 030 2155050
E-mail address: 
Website: www.datenschutz-berlin.de