DATA PROTECTION

This data protection information is intended to provide an overview of what happens to your personal data (hereinafter also referred to as “data”) in our law firm and to inform you about the data protection claims and rights to which you are entitled within the meaning of the European General Data Protection Regulation (“GDPR”), the Federal Data Protection Act (“BDSG”) and the Telecommunications and Telemedia Data Protection Act (“TTDSG”). We therefore ask you to take note of this data protection information and, if necessary, print it out or save it.

Personal data is all data with which you can be personally identified. Your personal data may be processed for various purposes. Essentially, the data processing operations of the law firm Lohmanns Lankes & Partner PartGmbB Rechtsanwälte & Patentanwalt, Würmtalstraße 20 A, 81375 Munich (hereinafter also referred to as “LLP Law|Patent” or “we”) can be divided into the following areas of application:

General information on data protection, data processing operations and data subject rights, which apply to all data processing operations carried out for us, can be found in Part A below.

In connection with our website llp-law.de (hereinafter: “website”) or comparable external online presences, such as social media profiles, from which we refer to this data protection notice (websites and external online presences hereinafter jointly also: “internet presences”), we process data of visitors that is exchanged between their internet-enabled end devices and the server operated by us, other data that is communicated to us in the context of the use of the internet presences. You can find details on this under Part B.

Additional information on data processing in the client relationship or in the context of client processing can be found in Part C.

Please visit the individual sections if you wish to obtain information on specific processing situations quickly and in context.

A. General Information on Data Protection and Data Subject Rights

1. Who is responsible for data processing and who can you contact if you have any questions?

Lohmanns Lankes & Partner PartGmbB Rechtsanwälte & Patentanwalt, Würmtalstraße 20 A, 81375 Munich, phone: +49 (0) 89 55 27 55 00, fax: +49 (0) 89 55 27 55 0 29, e-mail: office@llp-law.de is responsible for data processing.

If you have any questions about data protection at LLP Law|Patent, please use the above contact addresses.

1. What rights do you have regarding your personal data?

If your personal data is processed, you are a “data subject” within the meaning of the GDPR and can assert the rights described below. If you wish to assert rights against us as the “controller”, we recommend that you address these to our contact details above:

• Right to information

In accordance with Art. 15 GDPR, you can request confirmation from us as to whether personal data concerning you is being processed by us and request information on the extent to which we process your data.

• Right to correction

If the personal data concerning you is incorrect or incomplete, you have the right to correction and/or completion in accordance with Art. 16 GDPR.

• Right to erasure

If the legal requirements of Art. 17 GDPR are met, you can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely to fulfil our statutory erasure obligations once the purpose of processing no longer applies, provided that there is no legal or statutory retention period to the contrary.

• Right to restriction of processing

You can request that we restrict the processing of your data in the cases specified in Art. 18 GDPR. If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

• Right to data portability

According to Art. 20 GDPR, you have the right to have data provided by you, which we process automatically on the basis of your consent or in fulfilment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible. The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

• Right to object

If we process your data on the basis of a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR, you can object to this data processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions (see Art. 21 GDPR). If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.

If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

• Right to revoke the declaration of consent under data protection law

Some data processing operations are only possible with your express consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation. Please note that even after revocation of consent, processing of the data concerned may continue to be possible in whole or in part on the basis of other legal bases.

• Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR in conjunction with Section 19 BDSG). A list of data protection officers and their contact details can be found at the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions.

Of course, you also have the right to contact the supervisory authority responsible for us according to our registered office:

Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, e-mail: poststelle@lda.bayern.de, www.lda.bayern.de

III Which personal data is processed and from which sources does this data originate?

• Origin of the personal data

Via our websites, we process data that we receive during your visit or that you actively communicate to us during your use. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of a page view). This data is collected automatically as soon as you access our website. You can find details on this under Part B.

We also process data that we have legitimately received from partner companies with whom we have a long-term business relationship or from clients in the context of existing client relationships.

In individual cases, we also process data that we have legitimately received from other third parties such as third-party debtors, credit agencies, creditor protection associations, courts or authorities, or that we have legitimately taken, received or acquired from publicly accessible sources (e.g. telephone directories, company registers, press, Internet or other media).

• Categories of personal data

The personal data that we regularly process includes

Personal master data: Title, first name and surname, salutation, date of birth.

Address data: Street, house number, address supplements if applicable, postcode, city, country

Contact details: Telephone number(s), e-mail address(es)

In addition, depending on the mandate or other relationship with you, we process the following other personal data:

Access data: Date and time of the visit to our website; the page from which the accessing system reached our site; pages accessed during use; session identification data (session ID); also the following information of the accessing computer system: internet protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.

Information about the nature and content of our business relationship, such as mandate documents, sales and receipt data, mandate history, consultation documents

Advertising and sales data

Documentation data (e.g. consultation protocols, file notes)

other data that we have received from you as part of our business relationship (e.g. in client meetings or correspondence),

the documentation of declarations of consent.

IV. For what purposes and on what legal basis is the data processed?

We usually process your data on the following bases:

1. Fulfilment of (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR)

Personal data is processed on the basis of Art. 6 para. 1 lit. b GDPR for the fulfilment of our contractual obligations, in particular in connection with the operation of our websites, as well as all activities required for the operation or administration of our law firm as is customary in the industry (e.g. client and contact management). The data may also be processed at a pre-contractual level in the context of initiating business with us or in the course of other contractual relationships with us.

For example, Art. 6 para. 1 lit. b GDPR is the legal basis in the following cases

Creation and maintenance of client files

Sending information, pleadings and other documents

Offer and provision of legal advice or other legal services by LLP Law|Patent

Handling client relationships, e.g. bookkeeping, auditing and other steps in connection with the implementation of our business relationship

Details on the purpose of this data processing can be found in the respective contractual documents and terms and conditions.

2. Protection of legitimate interests (Art. 6 para. 1 lit.f GDPR)

Based on a balancing of interests, data may be processed beyond the actual fulfilment of a contract to protect our legitimate interests or those of third parties. This is permissible unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail. Data processing to protect legitimate interests takes place, for example, in the following cases

Provision of our websites, their functions and content

Use of technically necessary cookies or comparable technologies within the meaning of Section 25 (2) TTDSG

Answering contact enquiries and communicating with users

Carrying out payment transactions via external service providers

Transmission of data to partner law firms

Transmission of data to partners, e.g. for the purpose of background checks, consultation of and data exchange with credit agencies and government agencies to determine residence and/or creditworthiness data

Use of debt collection service providers and lawyers to collect and/or enforce claims in court

Assertion of other legal claims and defence in legal disputes

Advertising or marketing

Market and opinion surveys

Measures for business management and further development of our services

Maintaining databases on clients or interested parties of our services or service providers to improve our offering

Carrying out a risk assessment (due diligence) as part of any law firm restructuring or a company acquisition or sale

Ensuring the IT security and IT operation of our law firm and our website

Measures for building and plant security

3. Fulfilment of legal obligations (Art. 6 para. 1 lit. c GDPR)

Processing of your data may be necessary in part for the purpose of fulfilling various legal obligations and requirements to which we are subject, e.g. from the German Commercial Code or the German Fiscal Code.

4. Consent (Art. 6 para. 1 lit.a GDPR; § 25 para. 1 TTDSG):

If a service used by us in any way stores or accesses information in the user’s terminal equipment, consent is required in accordance with Section 25 (1) sentence 1 TTDSG. If the service functions without any access to the terminal equipment, the GDPR is relevant. If we request your consent within the scope of the GDPR, this is done on the basis of Art. 6 para. 1 lit. a in conjunction with Art. 7 GDPR. Art. 7 GDPR.

If you have given us your consent to process your data in individual cases, it will be processed in accordance with the purposes specified in the declaration of consent and to the extent agreed therein. Consent given, e.g. for sending a newsletter, can be revoked at any time with effect for the future. To do so, please use the contact details provided in Section A. I or II.

Please note that processing that took place before the cancellation is not affected by the cancellation and that data processing may still be possible, at least in part, on the basis of another legal basis.

V. Who receives my data?

Your data will be received by those employees or organisational units who need it to fulfil our contractual and legal obligations or to process or pursue our legitimate interests.

Your data will be forwarded for the initiation or fulfilment of a contractual relationship (e.g. provision of a legal service) in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR or – depending on the nature of the specific relationship with us – on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR or those of our clients, in particular to companies that we regularly use in connection with the provision of our services or for contract processing. This concerns the following recipients or categories of recipients

IT service providers (e.g. email service providers, web hosting companies)

Cooperation partners

Legal service providers that we commission in connection with the mandate entrusted to us, such as (external) lawyers and defence lawyers, consultants, mediators or experts and other specialists

clients

advertising partners

insurance companies

banks

Communication providers (telephone providers, fax providers)

Payment service providers

Shipping and logistics service providers

Credit agencies

Auditors

Tax and legal advisors

If we use a service provider in the sense of order processing in accordance with Art. 28 GDPR, we nevertheless remain responsible for the protection of your data. Where required by law, processors are contractually obliged by means of an order processing agreement to treat your data confidentially and to process it only within the scope of the provision of services. The processors commissioned by us will receive your data if they require the data to fulfil their respective service.

Your data will only be transmitted to state institutions (e.g. courts), authorities or third-party debtors or collected for this purpose within the framework of mandatory national legal provisions or if we are commissioned to do so within the framework of a client relationship.

VI How long will my data be stored?

Your personal data will only be used for the purpose for which you have provided it to us, for which we have collected it or for which you have given us your consent. Your data may be processed by us, in particular stored, until the respective purpose has been fulfilled. After complete fulfilment of the purpose or as soon as you have legitimately requested us to delete your data, your data will be stored at most for as long as this is necessary due to statutory limitation or retention periods (in particular tax and commercial law). However, the data will be deleted after these periods have expired at the latest, unless you have expressly consented to further or different use. You can also assert rights during the retention periods, such as the blocking of your data. Please see section A. point II.

Your data will be deleted or blocked by us as soon as the purpose of storage no longer applies or you request us to delete it.

We process, and in particular store, your data only until the end of the business relationship or until the expiry of the applicable guarantee, warranty and limitation periods. For example, the limitation period according to §§ 195 ff. of the German Civil Code (BGB) is generally three years, but in certain cases up to thirty years. In addition, it may be necessary to retain data until the legally binding conclusion of any legal disputes in which the data is required as evidence.

Personal data is stored by us within the scope of a client relationship at least until the conclusion of the respective matter. In addition, we are legally obliged to retain the files kept by us in accordance with Section 50 (1) BRAO for a period of 6 years after the end of the calendar year in which the mandate was terminated.

Furthermore, we are subject to statutory documentation and retention periods (e.g. from the German Commercial Code (e.g. Section 257 HGB), the German Money Laundering Act or the German Fiscal Code (e.g. Section 147 AO)). The retention and documentation periods specified there are two to ten years. For example, we would have to store your data even after the termination of a contract with you for a period up to the conclusion of the tax audit of the last calendar year in which you were a client.

VII. Is personal data transferred to a third country?

A regular transfer of personal data to the USA is not planned. However, as part of our processing procedures, personal data may also be transferred in certain business transactions or areas of activity to locations in so-called third countries outside the EU or the EEA that have not yet been certified by the EU Commission as having an adequate level of data protection, for example to the USA. If such a data transfer should become necessary in individual cases, this will only take place on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees for compliance with data protection or your express consent.

Use of Our Websites

In principle, you can visit our websites and use them for information purposes without having to provide any personal details (e.g. register, place orders or otherwise provide information about yourself). In this case, we process personal data of our users only to the extent necessary to provide a functional website and our content and services or to the extent that cookies used on the website transmit personal information to us when you visit the website. Information on our own cookies can be found in section B, point II.

Furthermore, the processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

1. Hosting, provision of the website and creation of log files

Description of the data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer, which your Internet browser automatically transmits to us or our web host (so-called log files). These server log files contain IP addresses or other data that enable an assignment to a user. This could be the case, for example, if the link to the website from which the user accesses the website or the link to the website to which the user switches contains personal data. The following information is collected and stored by our hosting provider

Browser types and versions used

the operating system used by the accessing system

the website from which an accessing system accesses our website (so-called referrer)

the sub-websites that are accessed via an accessing system on our website

the date and time of access to the website

an internet protocol address (IP address)

the internet service provider of the accessing system

other similar data and information used for security purposes in the event of attacks on our information technology systems

The data is stored in the log files of our web host. This data is not stored together with other personal data of the user.

Legal basis and purpose of data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR. This information is also required for the provision of our website in accordance with Section 25 (2) No. 2 TTDSG.

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems.

Duration of storage / objection and removal options

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after 7 days at the latest.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.

II Cookies and comparable technologies

1. use of cookies

Description of the data processing

Our website uses cookies or similar processes and collects, processes and uses usage data (e.g. access times, websites accessed) or meta and communication data (IP address, device information).

Cookies are text files with a characteristic string of characters that are stored in the Internet browser or by the Internet browser on the user’s computer system and that enable the browser to be uniquely identified when the website is called up again. When a user accesses a website, a cookie can be stored on the user’s operating system. A cookie contains a characteristic string of characters. These cookies are used to make a website more user-friendly, effective and secure. When you visit a website on which a cookie is embedded, the data you enter is stored exclusively in the cookie on your computer. In this case, data is only transmitted to the servers of our website when a page request is made.

Some cookies are deleted again at the end of the browser session when your browser is closed (so-called session cookies). These cookies are technically necessary, e.g. so that you can log in to the application and remain logged in across pages during your visit to our website.

Other cookies remain on your end device for a specified period and enable us to recognise your browser on your next visit (so-called persistent or protocol cookies). The purpose of using these cookies is to offer you optimal user guidance, to “recognise” you and to be able to present you with a website that is as varied as possible and new content on repeated visits.

Third-party cookies can be used, for example, to collect information for advertising, customised content or statistics (“third-party cookies”). If we do not identify cookies as originating from third parties, the cookies originate from our website (“first-party cookies”). We will inform you separately about third-party cookies or tracking technologies that we use in the following sections of our privacy policy.

Flash cookies are stored as data elements of websites on your computer if they are operated with Adobe Flash. Flash cookies have no time limit.

You can access further information on the individual cookies we use via our cookie consent tool Cookiebot by clicking on the “Show details” button and looking through the function groups listed there.

Legal basis and purpose of data processing

The legal basis for the processing of personal data using technically necessary cookies within the meaning of § 25 para. 2 TTDSG is Art. 6 para. 1 lit. f GDPR. As the operator of websites, we have a legitimate interest in the best possible functionality and security of the website as well as a user-friendly and effective design of the site visit, unless we ask you for your consent in accordance with Section 25 (1) sentence 1 TTDSG.

We have integrated a cookie consent tool on our website. This blocks all categories of cookies that are not required for the proper functioning of the website, unless you consent to the use of additional tools.

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised even after a page change.

Duration of storage / objection and removal options

Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically if necessary. For example, you can object to the use of cookies for online marketing purposes by means of a variety of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ or generally at http://optout.aboutads.info.

However, you can also use the functionalities of the cookie consent tool we have integrated (see below) by clicking on the following link, which you will also find at the bottom of the website:

Change your consent

If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

Cookiebot (cookie consent tool)

Description of the data processing

We use the cookie consent tool “Cookiebot” from Cybot A/S, 1058 Copenhagen, Denmark (hereinafter: “Cookiebot”). When you visit our website, Cookiebot shows you a list of cookies categorised by function groups in a pop-up window, explains the purpose of the cookie function groups and the individual cookies as well as their storage duration. You can then switch on the cookies categorised by function groups by clicking on the corresponding box and give your consent to the use of cookies, or give your consent for all cookies. Please note that the technical cookies are already stored when you access the website and the relevant box is preset.

Legal basis and purpose of data processing

The legal basis for the processing of personal data using cookies within Cookiebot is Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality and security of the website as well as a customer-friendly and effective visit design. For this purpose, Cookiebot uses technically necessary cookies to save the content of the consent you have given for your next visit. The use of technically necessary cookies serves to simplify the use of the website for the user. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised even after a page change.

Storage duration / right of objection and deletion

Cookies are stored on the user’s computer and transmitted by the user to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. However, if you want to check or change your cookie settings, you can use Cookiebot and click on “Change your consent” (link also at the bottom of the website) and then make the appropriate settings in Cookiebot.

If cookies are deactivated for our website, it is possible that functions of the website can no longer be used to their full extent.

III Statistical analysis of the website / increasing reach / marketing tools

1. google analytics

Description of the data processing

This website uses functions of the web analysis service Google Analytics. The provider in Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, which in turn is a subsidiary of Alphabet Inc, ibid (hereinafter: “Google”).

Google Analytics also uses so-called “cookies”. The information generated by the Google cookie about your use of this website is generally transmitted to a Google server in the USA and stored there.

We would like to inform you that this website uses Google Analytics exclusively using the “anonymiseIp()” extension. This means that your IP address is not stored in full and is truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. The visitor to the website cannot be identified. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

For more information on the processing of data by Google, please read Google’s privacy policy: https://policies.google.com/privacy?hl=de,

Legal basis and purpose of data processing

Since we as the website operator have a great interest in analysing user behaviour in order to optimise both our website and our offers and advertising placed there, we ask you to give your consent to the use of Google Analytics and the storage of Google Analytics cookies on the basis of Art. 6 para. 1 lit. a GDPR.

The information generated by the cookies about your use of this website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of analysing your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google has contractually guaranteed that it will not associate your IP address with any other data held by Google.

We have concluded a contract with Google for the processing of data on behalf of Google and, as described above, implement the requirements of the German data protection authorities when using Google Analytics.

Duration of storage / objection and removal options

Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

You can deactivate Google Analytics at any time by clicking on the “Deactivate Google Analytics” link at the bottom of every subpage of the website. Alternatively, you can object to the use of Google Analytics by installing a browser add-on to deactivate Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de). By doing so, you inform Google Analytics that no information about the website visit should be transmitted to Google Analytics.

Furthermore, you can install an opt-out cookie on your device via this link https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable, especially for browsers on mobile devices, to prevent the future collection of data by Google Analytics on our website. Please note that if you delete the cookies on your device, you must also reinstall the opt-out cookie.

Further information on procedures, plugins and tools used to design the website

1. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2 Google Maps

Description of the data processing

On our website, we use Google Maps, a web service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, a subsidiary of Alphabet Inc, ibid. (hereinafter: “Google”) to display interactive maps in order to visualise geographical information. By using this service, you will be shown our location to make it easier for you to find us.

Information about your use of our website (such as your IP address) is transmitted to Google’s servers and processed there as soon as you access the subpages in which the Google Maps map is integrated. This takes place regardless of the existence of a user account with Google. Google processes your data as user profiles and analyses them for its own purposes. Such an evaluation is carried out by Google in accordance with Art. 6 para. 1 lit. f GDPR on the basis of Google’s legitimate interests in the display of personalised advertising, market research and/or demand-oriented design of Google’s websites.

If you are logged in to Google with your user account, your data will also be assigned directly to your account.

For more information about the processing of data by Google, please read Google’s privacy policy: https://policies.google.com/privacy?hl=de .

Legal basis and purpose of data processing

The use of Google Maps is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR in a simple and effective way for our clients to plan their journey to our law firm.

Duration of storage / possibility of objection and removal

If you do not want this association with your profile on Google, you must log out before using our subpage on which Google Maps is integrated. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. Please also note the Google opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=de, or Google’s settings for the display of adverts: https://adssettings.google.com/authenticated.

If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of deactivating this service completely by switching off the JavaScript application in your browser. Please note, however, that you will then not be able to use the corresponding functionality of our website.

V. Links to websites of other providers

Our website may contain links to other websites. has no influence whatsoever on the content and design of the offers of other providers. The statements in this data protection declaration therefore do not apply to external providers whose offers or content we merely link to.

If you are redirected to other sites via links from our pages, please inform yourself there about the respective handling of your data.

VI Online presence on social networks and platforms

Description of data processing

We maintain additional online presences within social networks or industry networks (such as LinkedIn (https://de.linkedin.com/company/llp-law-patent) or XING (https://de.linkedin.com/company/llp-law-patent)) (hereinafter also referred to as “SN”) and platforms (e.g. Google Maps) and link to them from our website. Clicking on the respective buttons (recognisable by the respective logos of the social networks or platforms) will take you to the respective online presence of the SN. The purpose of these online presences is to communicate with the clients, interested parties and users active there and to inform them about our services.

When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

Since the use of SN takes place outside of our website, we have no influence on this, unless otherwise stated below. However, we would like to point out that when using the above-mentioned platforms and networks to which we link, data may also be processed in the USA by these SN companies and may also be processed by the respective operators for market research and advertising purposes, including the creation of user profiles. If you are logged in to the respective networks and platforms, they may also store cookies on your device that track your use of websites and other information about your usage behaviour.

Unless otherwise stated in our privacy policy, we only process users’ data if they communicate with us within the social networks and platforms, e.g. write comments or send us messages.

In order to make it easier for you to find out about the respective data processing and the objection options of the respective operators, we refer below to the data protection declarations and information of the operators of the respective networks.

Legal basis and purpose of data processing

We only process your personal data in the context of direct contact with us via the respective SN or interaction with our presence there or its content. Unless otherwise stated in our privacy policy, we process users’ data on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR for the effective information of users and communication only if they communicate with us within the social networks and platforms (e.g. when users write posts on our online presences or send us messages). If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Insofar as personal data is also processed in connection with our presence on an SN and the respective SN alone decides on the purposes and means of processing, the respective SN is otherwise the sole controller for the processing. Please check carefully which personal data you share with us via an SN website. If you wish to prevent SN from processing personal data that you have transmitted to us, please contact us by other means.

Duration of storage / objection and removal options

If you are a member of one of the SNs on which we maintain online presences and do not want the SN to collect data about you via our offer and link it to your data at the SN, you must log out of your SN before visiting our offer. For a detailed description of the respective processing, information on the duration of the storage of data by the respective SN and the opt-out options, we refer to the following linked information from the providers.

In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the user’s data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

Linkedin

LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA, operated in Europe by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn is an Internet-based social network that enables users to connect with existing business contacts and make new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

Each time you visit our website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. Further information on the LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins As part of this technical process, LinkedIn receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in at the same time on LinkedIn, LinkedIn recognises with each visit to our website by the data subject and for the entire duration of the respective stay on our website, which specific sub-page of our website the data subject visits. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged in to LinkedIn at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads as well as to manage ad settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy. The applicable data protection provisions of LinkedIn may be retrieved under https://www.linkedin.com/legal/privacy-policy LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy

If you wish to reject LinkedIn cookies, in particular retargeting cookies, which LinkedIn uses under its own responsibility, please use the following link:

https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

XING

The operating company of Xing is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (“Xing”)

Xing is an Internet-based social network that enables users to connect with existing business contacts and to make new business contacts. Individual users can create a personal profile for themselves on Xing. Companies can, for example, create company profiles or publish job offers on Xing.

Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information about the Xing plug-ins may be accessed under https://dev.xing.com/plugins. As part of this technical process, Xing receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to Xing at the same time, Xing recognises which specific sub-page of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks on one of the Xing buttons integrated on our website, for example the “Share” button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.

Xing always receives information via the Xing component that the data subject has visited our website if the data subject is logged in to Xing at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, they can prevent the transmission by logging out of their Xing account before accessing our website.

The data protection provisions published by Xing, which can be accessed at https://www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Xing has also published data protection information for the XING share button at https://www.xing.com/app/share?op=data_protection.

Further notes and information on the possibility of objecting to data processing that Xing carries out under its own responsibility can be found at: https://privacy.xing.com/de/datenschutzerklaerung

VII Active use of our website

1. Contact form and e-mail contact

Description of the data processing

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data and content entered in the respective input mask will be transmitted to us and stored. These data are

Salutation

First name

Surname

e-mail address

Subject

Enquiry content

The following data is also stored when the message is sent:

the IP address of the user

Date and time of registration

Alternatively, it is possible to contact us via the e-mail address provided by us for this purpose. In this case, the user’s personal data transmitted with the e-mail will be stored.

Legal basis and purpose of data processing

The legal basis for the processing of data transmitted in the course of sending a contact form enquiry or an email is Art. 6 para. 1 lit. f GDPR. If the contact form enquiry or email contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The processing of the personal data from the input mask serves us solely to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage / objection and removal options

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified and no legal requirements necessitate longer storage.

The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case, unless legal requirements require longer storage.

1. Data Processing in the Client Relationship

Description of data processing

We primarily process the data that we receive directly from our clients verbally, by post, fax, beA or e-mail during the initiation or course of a mandate. Further personal data is regularly received from parties involved in the mandate (opponents, courts, authorities, etc.) as well as from publicly accessible sources (commercial register, company register, etc.).

The personal data that we regularly process when we are commissioned includes personal master data and contact data, such as: first and last name, address, e-mail address, telephone number, fax number, position in the company. In addition, depending on the type of contact, we process other personal data that is necessary for the assertion and defence of your rights within the scope of the mandate, such as information about the type and content of the business relationship such as contract data, order data, sales and document data, customer and supplier history, information about the financial status (e.g. creditworthiness data), payment data and other data that we have received from you within the scope of our business relationship (e.g. in client meetings).

Legal basis and purpose of data processing

The processing of personal data of our clients takes place within the framework of a client relationship primarily on the basis of Art. 6 para. 1 lit. b GDPR for the fulfilment of contractual obligations of LLP Law|Patent in connection with the provision of our legal services as well as all activities required for the operation or administration of LLP Law|Patent as is customary in the industry (e.g. client management and registration as a client of LLP Law|Patent, invoicing, debt collection). The data may also be processed at pre-contractual level in the context of initiating business with LLP Law|Patent, or in the performance of other contractual relationships with LLP Law|Patent. Details on the purpose of this data processing can be found in the respective contractual documents and terms and conditions.

Based on a balancing of interests, data processing may also take place outside of a contractual relationship or beyond the actual fulfilment of the contract to protect the legitimate interests of LLP Law|Patent or third parties (such as our clients). This is permissible unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail. As part of the client relationship, we collect and process the information from the other party that is necessary to clarify the matter, for communication, for legal examination of the matter, for proper advice and representation of our clients and for the assertion and exercise of legal claims of our clients or for defence against legal claims directed against our clients.

It may be necessary to process your data in part for the purpose of fulfilling various legal obligations and requirements to which we are subject, e.g. under the law governing the legal profession, the German Commercial Code or the German Fiscal Code pursuant to Art. 6 para. 1 lit. c GDPR.

If you have given us your consent to process your data in individual cases, it will be processed in accordance with the purposes and to the extent agreed in the declaration of consent. Any consent given can be revoked at any time with effect for the future. Please note that processing that took place before the revocation is not affected by the revocation and that, under certain circumstances, data processing may continue to be possible, at least in part, on the basis of another legal basis.

At LLP Law|Patent, those employees or organisational units receive your data that need it to fulfil our contractual and legal obligations or to process or pursue our legitimate interests.

Data transfer to third parties

Your data will also be passed on to third parties to the extent necessary. This includes in particular the disclosure to opposing parties and their representatives (in particular their lawyers) as well as courts and other public authorities for the purpose of correspondence and for the assertion and defence of your rights. Your data will only be transferred to state institutions, courts, law enforcement authorities, supervisory authorities, government officials and others within the framework of mandatory national legislation

The attorney-client privilege remains unaffected. Where data is subject to legal professional privilege, it will only be passed on to third parties such as IT service providers, experts and other specialists in consultation with you. If we use a service provider in the sense of order processing in accordance with Art. 28 GDPR, we nevertheless remain responsible for the protection of your data. Where required by law, processors are contractually obliged by means of an order processing agreement to treat your data confidentially and to process it only within the scope of the provision of services. The processors commissioned by us will receive your data if they require the data to fulfil their respective service.

Duration of storage / possibility of objection and removal

The data collected by us in the course of processing the mandate will be stored after complete fulfilment of the purpose or as soon as you have legitimately requested us to delete your data, as long as this is necessary due to statutory limitation or retention periods (in particular professional, tax and commercial law). Personal data collected in the context of the mandate will be stored in particular until the expiry of the statutory retention period for lawyers (6 years after the end of the calendar year in which the mandate was terminated, Section 50 (1) BRAO).

Please note that we are not obliged to cease processing legal matters in response to an objection, insofar as the data processing serves the assertion and exercise of legal claims of our clients. The same applies to the assertion of cancellation claims. We are not obliged to delete your data for as long as data processing is necessary within the scope of the client relationship – even after the matter has ended.

1. Miscellaneous

Due to the further development of our website or our services as well as due to changed legal or official requirements, it may become necessary to change this data protection information. You can access the current version of the data protection notice on our website at any time and print it out if required.