Skip to content

Data protection policy

1. Name and contact details of the person responsible

This data protection declaration informs about the processing of personal data on the Law firm's website: Buschmann Partnerschaft mbB Rechtsanwälte Steuerberater.

Responsible:
Buschmann Partnerschaft mbB Rechtsanwälte Steuerberater (Partnerschaftsgesellschaft mit beschränkter Berufshaftung), Vorsetzen 35, 20459 Hamburg.

Contact person for data protection:
Dr. Andreas Schwarz, c/o Buschmann Partnerschaft mbB, Vorsetzen 35, 20459 Hamburg.
The contact person for data protection of the law firm is listed at the above office address and at andreas.schwarz@buschmann.eu .

2. Scope and Purpose of processing of Personal Data

2.1 Accessing the Website

When you visit this website www.buschmann.eu data is automatically sent to the server of this website with the Internet browser that is used by the visitor and stored in a log file for a limited period of time. Until automatic deletion, the following data will be stored without further entry by the visitor:

  • IP address of the visitor's device,
  • Date and time of access by the visitor,
  • Name and URL of the page accessed by the visitor,
  • Website from which the visitor arrives at the law firm's website (so-called referrer URL),
  • Browser and operating system of the visitor's terminal device and the name of the access provider used by the visitor.

The processing of this personal data is justified in accordance with Article 6(1), first sentence, letter f of the DSGVO/GDRP-EU. The firm has a legitimate interest in data processing for the following purpose:

  • to quickly establish a connection to the firm's website,
  • to enable a user-friendly use of the website,
  • to recognize and guarantee the security and stability of the systems and
  • to facilitate and improve the administration of the website.

The processing does not take place expressly for the purpose of gaining knowledge about the person or the visitor of the website.

2.2 Newsletter

By registering to receive our newsletter, the visitor expressly agrees to the processing of the transmitted personal data. To subscribe to the newsletter, all you need to do is enter a visitor's e-mail address. The legal basis for processing the personal data of the visitor for the purpose of sending newsletters is the consent pursuant to Art. 6 paragraph 1 sentence 1 letter a) DSGVO/GDRP-EU.

Visitors can unsubscribe from future newsletters at any time. This can be done by using a special link at the end of the newsletter or by sending an e-mail to newsletter@buschmann.eu.

3. Disclosure of Data

Personal data will be transmitted to third parties if

  • in accordance with Article 6(1), first sentence, letter a) of the DSGVO/GDRP-EU, was expressly consented to by the person concerned,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 letter f) DSGVO/GDRP-EU is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that the data subject has an overriding interest worthy of protection in not disclosing his or her data,
  • for the data transmission in accordance with Art. 6, para. 1, sentence 1 lit. c) DSGVO/GDRP-EU has a legal obligation, and/or this is necessary for the fulfilment of a contractual relationship with the data subject pursuant to Article 6(1), first sentence, letter b) of the DSGVO/GDRP-EU.

In other cases, personal data will not be passed on to third parties.

4. Cookies

So-called cookies are used on the website. These are data packages that are exchanged between the server of the law firm's website and the visitor's browser. These are stored when visiting the website by the devices used (PC, notebook, tablet, smartphone, etc.). In this respect, cookies cannot cause any damage to the devices used. In particular, they do not contain viruses or other malware. Information is stored in the cookies that leads in each case to the connection with the specifically used terminal device. Under no circumstances can the firm obtain direct knowledge of the identity of the visitor to the website.

Cookies are largely accepted according to the basic browser settings. The browser settings can be set so that cookies are either not accepted on the devices used or that a special message is displayed before a new cookie is created. However, it should be noted that the deactivation of cookies may result in not all functions of the website being used in the best possible way. The use of cookies serves to make the use of the law firm's website more comfortable. For example, session cookies can be used to determine whether the visitor has already visited individual pages of the website. After leaving the website, these session cookies are automatically deleted.

Temporary cookies are used to improve user-friendliness. They are stored on the visitor's device for a temporary period of time. When the website is visited again, the device is automatically recognized and that the visitor has already visited the page at an earlier point in time and which entries and settings were made in order not to have to repeat them again.

Cookies are also used to analyse calls to the website for statistical purposes and to improve the service. These cookies make it possible to be automatically recognized during a renewed visit and that the web page was already called up before by the visitor. Here, cookies are automatically deleted after a specified period of time.

The data processed by cookies is justified for the above-mentioned purposes in order to safeguard the legitimate interests of the Registry pursuant to Art. 6 para. 1 sentence 1 letter f) DSGVO/GDRP-EU.

5. Plugins for social networks (social plugins)

Plugins from social networks XING and LinkedIn are integrated on our law firm website. The legal basis for the use of social plug-ins is Art. 6 para. 1 sentence 1 letter f) DSGVO/GDRP-EU. A legitimate interest of our law firm and the purpose of using plugins of social networks is to make our offer known to a wide audience. The social networks are responsible for the data protection-compliant handling of their users' data.

a) LinkedIn Plugin

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you access one of our pages that contains functions of LinkedIn, a connection to LinkedIn's servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the "Recommend button" of LinkedIn and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We point out that we, as provider of the pages have no knowledge of the content from the transmitted data and their use by LinkedIn. For more information, please refer to LinkedIn's privacy policy under: linkedin.com/legal/privacy-policy.

b) XING plugin

Our website uses functions of the XING network. Provider is XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland. Every time you access one of our pages that contains XING functions, a connection to XING servers is established. To our knowledge, personal data will not be stored. In particular, no IP addresses are stored or the usage behaviour evaluated. Further information on data protection and the XING Share button can be found in XING's data protection statement at: privacy.xing.com/de/datenschutzerklaerung.

c) Instagram Plugin

Our website uses functions of the LinkedIn network. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

Every time you access one of our pages that contains functions of Instagram, a connection to Instagram's servers is established. Instagram is informed that you have visited our website with your IP address. If you click on the "Recommend button" of Instagram and are logged into your Instagram account, Instagram is able to associate your visit to our website with you and your user account. We point out that we, as provider of the pages have no knowledge of the content from the transmitted data and their use by Instagram. For more information, please refer to Instagram's privacy policy under: instagram.com/about/legal/privacy.

6. Your Rights as a data subject

If your personal data is processed during your visit to our website, you as the "data subject" are entitled to the following rights within the meaning of the DSGVO/GDRP-EU:

6.1 Information

You may request information from us as to whether your personal data is processed by us. There is no right to information if the provision of the requested information would violate the duty of confidentiality pursuant to § 83 StBerG or if the information must be kept secret for other reasons, in particular because of a predominant legitimate interest of a third party. Deviating from this, there may be an obligation to provide information if your interests outweigh the interest in confidentiality, especially taking into account impending damages. Furthermore, the right to information is excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods. Or serve exclusively purposes of data protection or data protection control, provided that the provision of information would require a disproportionately high amount of effort and processing for other purposes is excluded with suitable technical and organisational measures. If in your case the right to information is not excluded and your personal data is processed by us, you can re-quest information from us about the following information:

  • Purposes of Processing Data,
  • Categories of personal data processed by you,
  • Recipients or categories of Recipients to whom your personal data is disclosed, in particular Recipients in third countries,
  • if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining the storage period,
  • the existence of a right to rectification, deletion or limitation of the processing of personal data concerning you or a right of opposition to such processing,
  • the existence of a right of appeal to a data protection supervisory authority,
  • if the personal data has not been collected from you as the data subject, the available information on the origin of the data,
  • the existence of automated decision making, including profiling and meaningful information on the logic involved, as well as the scope and intended effects of automated decision making,
  • in the case of transfers to recipients in third countries, if the EU Commission has not decided on the adequacy of the level of protection pursuant to Art. 45 para. 3 DSGVO/GDRP-EU, Information on the appropriate Guarantees provided for the protection of personal data pursuant toArt. 46 para. 2 DSGVO/GDRP-EU.

6.2 Correction and completion

If you notice that we have incorrect personal data from you, you can ask us to correct this incorrect data immediately. In the case of incomplete personal data concerning you, you may request completion.

6.3 Deletion

You have a right to cancellation ("right to be forgotten"), provided that processing data is not necessary to exercise the right to freedom of expression, the right for information or to fulfil a legal obligation or to perform a task which is in the public interest then one of the following reasons applies:

  • The personal data is no longer necessary for the purposes for which it was processed.
  • The basis of justification for processing data was exclusively your consent and which you have revoked.
  • You have filed an objection to the processing of your personal data, which we have made public.
  • You have objected to the processing of personal data not made public by us and there are no overriding legitimate reasons for the processing.
  • Your personal data has been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation to which we are subject.

There is no claim for deletion if deletion is not possible or only possible with disproportionate effort in the case of legal, non-automated data processing due to the special type of storage and your interest in deletion is low. In this case, the restriction of processing overrides the deletion of data.

6.4 Limitation of processing

You may request us to restrict processing if one of the following reasons applies:

  • You deny the accuracy of your personal data. In this case, a restriction may be required for the duration which gives us the opportunity to verify the accuracy of the data.
  • The processing is unlawful and instead of deletion you request the restriction of the use of your personal data.
  • We no longer need your personal data for the purposes of processing, but for asserting, exercising or defending legal claims.
  • You have filed an objection pursuant to Art. 21 para. 1 DSGVO/GDRP-EU. The restriction of processing may be required as long as it is not yet clear whether our justified reasons outweigh your reasons.

Restriction of processing means that personal data will only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest. Before we lift the restriction, we have a duty to inform you.

6.5 Data transferability

You have a right to transferability of data, provided that the processing is based on your consent (Art. 6 para. 1 sentence 1 letter a) or Art. 9 para. 2 letter a) DSGVO/GDRP-EU) or on a contract to which you are a contracting party and the processing is carried out using automated procedures. In this case, the right to data transfer includes the following rights, provided that this does not affect the rights and freedoms of other persons.

You can ask us to receive the personal data you have provided to us in a structured, common and machine-readable format. You have the right to pass this data on to another person responsible without hindrance on our part. If technically feasible, you can request that we transfer your personal data directly to another person responsible.

6.6 Opposition

If the processing is based on Art. 6 para. 1 sentence 1 letter e) DSGVO/GDRP-EU (performance of a task in the public interest or in the exercise of official authority) or on Art. 6 para. 1 sentence 1 letter f) DSGVO/GDRP-EU (legitimate interest of the person responsible or a third party), you have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation. This also applies to profiling based on Article 6(1), first sentence, letter e) or letter f) of the DSGVO/GDRP-EU. After exercising the right of objection, we will no longer process your personal data unless we can prove compelling grounds for processing that out-weigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You may at any time object to the processing of personal data concerning you for direct marketing purposes. This also applies to profiling in connection with such direct advertising. After exercising this right of objection, we will no longer use the personal data concerned for direct marketing purposes.

You have the possibility to send your objection by telephone, by e-mail to office@buschmann.eu, if necessary by fax under +49 40 300697979 or to our postal address listed at the beginning of this data protection declaration.

6.7 Revocation of consent

You have the right to revoke your consent at any time with effect for the future. You can revoke your consent by telephone, by e-mail to office@buschmann.eu, if necessary by fax under +49 40 300697979 or to our postal address. The legality of the data processing, which is based on the consent until receipt of the revocation, is not affected by the revocation. After receipt of the revoca-tion the data processing, which was based exclusively on your consent, is stopped.

6.8 Complaint

If you believe that the processing of personal data concerning you is unlawful, you may file a complaint with a data protection supervisory authority responsible for the place of your stay or work or for the place of the alleged infringement.

7. Status and updating of this data protection declaration

This privacy statement is dated May 24, 2018 and we reserve the right to update the privacy state-ment in due course in order to improve data protection and/or adapt it to changes in government practice or case law.