Privacy Policy

The protection of personal data and the responsible handling of information that you entrust to us are important to us. Weisner Partner mbB Rechtsanwälte ("WEISNER PARTNER") processes personal data only in accordance with the statutory provisions, in particular the EU General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act (“BDSG”).

This Privacy Policy provides information about the processing of personal data in case you

●     visit our website (see section 2),

●     conclude contracts with us (see section 3),

●     are involved in legal proceedings as a third party – e.g. as a negotiation partner or as adverse party in a court case (see section 4),

●     apply for a job (see section 5) and

●     use internet-based video conferencing software to communicate with us (section 6).

This Privacy Policy also contains information about recipients of personal data within the EEA (see section 7), in third countries (see section 8), the deletion of your personal data and retention periods (see section 9), your rights as a data subject (see section 10) and automated decision-making (see section 11).

  1. 1. Controller

Controller in the meaning of data protection law: Weisner Partner mbB Rechtsanwälte, Große Bleichen 34, 20354 Hamburg, phone: +49 (0)40 228 6160 - 0, fax: +49 (0)40 228 6160 - 99, e-mail: Enable JavaScript to view protected content.. WEISNER PARTNER's data protection officer can be contacted at the above address, for the attention of Ms. Julia Birkner, or at Enable JavaScript to view protected content.. For further information, please see our legal notice at: https://weisnerpartner.de/en/impressum/#1.

  1. 2. Website Visit

When you visit our website (https://weisnerpartner.de/#1 including all sub-domains and sub-directories), we process personal data to enable you to use the website (“Usage Data”). Below you will find information about the legal basis, purpose and, if applicable, legitimate interests and the necessity of processing your personal data:

Usage Data includes your IP address and data about the start, end and purpose of your use of the website and, if applicable, identification data. This also includes technical data transmitted by your browser, such as browser type / browser version, the previously visited website (referrer URL), monitor resolution, operating system, device information (e.g. device type), etc. We process this data for the provision and demand-oriented design of this website in our legitimate interest (Art. 6 para. 1 letter f GDPR). If you would like detailed information on the balancing of interests, please refer to the addresses in section 1 above.

  1. 3. Conclusion and Performance of Contracts

Insofar as this is necessary for the conclusion or performance of contracts with you (in particular in relation to a legal mandate), we process your personal data. The legal basis for processing in this case is Article 6(1)(b) GDPR. The purpose of the processing is to establish and implement the contractual relationship with you. This requires the provision of your personal data. You are not obliged to provide your personal data. However, if you do not provide it, it will not be possible to establish and execute the contractual relationship. Otherwise there are no consequences for you.

In addition, insofar as this is necessary for the initiation or execution of client relationships, we also process data of persons with whom no (direct) client relationship exists. For example, we may process your data if you are a representative, contact person or employee of a company that is our client. In this case, the legal basis is our legitimate interest in the initiation or execution of the respective client relationship (Art. 6 para. 1 letter f GDPR).

As we mainly advise on corporate, litigation and general commercial law, we do not generally process any special categories of personal data within the meaning of Art. 9 (1) GDPR. However, if processing of special categories of personal data is exceptionally necessary for the purposes stated in this section 3 (e.g. the processing of health data in connection with claims for damages), the legal basis is the assertion, exercise or defense of legal claims (Art. 9 para. 2 letter f GDPR).

  1. 4. Pursuit of our Clients' Interests Against You; Other Involvement as a Third Party in a Client Relationship

If we pursue our clients’ interests or claims against you (or against a company whose representative or contact person you are) in or out of court, we may process your personal data in the course of this. The same applies if you (or a company whose representative, employee or contact person you are) are involved in any other way in or out of court (e.g. as a business or negotiating partner, as an intervening party, as a party to a dispute or as an employee of an authority or a court) and the processing is necessary for the performance of the client relationship.

The legal basis for the processing of your personal data in this context is Article 6(1)(f) GDPR. Our legitimate interest lies in effectively implementing the interests and claims of our clients. In order to safeguard this interest, it is also necessary to make direct contact and collect data from opposing parties, potential witnesses and other third parties relevant to the case processing.

As we mainly advise on corporate, litigation and general commercial law, we do not generally process any special categories of personal data within the meaning of Art. 9 (1) GDPR. However, if the processing of special categories of personal data is exceptionally necessary for the purposes stated in this section 4 (e.g. the processing of health data in connection with claims for damages), the legal basis is the processing for the establishment, exercise or defense of legal claims (Art. 9 para. 2 letter f GDPR).

Data will only be passed on to third parties in this context insofar as this is necessary for the execution of the mandate and insofar as other legal requirements to be observed exist.

  1. 5. Job Applications

We process your personal data as part of the application process, regardless of whether the application is made by e-mail or regular mail. Below you will find information about the legal basis, the purposes and, if applicable, the legitimate interests and the necessity of processing your personal data.

The legal basis for the processing of your personal data is § 26 para. 1, para. 8 sentence 2 BDSG or § 26 para. 2, para. 8 sentence 2 BDSG. The processing is carried out for the purpose of establishing contact and assessing your suitability for the position for which you are applying. It is not possible to apply to WEISNER PARTNER without providing personal data. You are neither obliged to apply to WEISNER PARTNER nor to provide personal data. If you do not provide us with any personal data, we will not be able to consider your application. Otherwise there will be no consequences for you.

  1. 6. Internet Video Conferencing

You may receive an invitation from us by e-mail or other means to a meeting, a telephone call or a meeting via internet-based video conferencing using software provided by a third-party provider. If you participate in such meetings, information may be transmitted to the respective provider.

The legal basis for processing your personal data in this context is Article 6(1)(b) GDPR (if we are holding the meeting for the performance of a contractual relationship with you) or Article 6(1)(f) GDPR (if we are holding the meeting for other business purposes); in the latter case, our legitimate interest lies in being able to use functional and widely used tools for video conferencing and the associated Voice over IP telephony in order to communicate efficiently with external partners.

We do not record video conferences and telephone conferences. Video conferences are secured according to the state of the art, but are not end-to-end encrypted.

Insofar as we use the "Microsoft Teams" service for the technical implementation, the following applies: The service provider we use is Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft processes personal data of the participants on our behalf, in particular the IP address, the content of the conversation, e-mail addresses, names and, if applicable, other service-related data, and stores these for the duration of the video conference or, if you use Microsoft Teams beyond this, for the duration of use. Microsoft is duly obliged by us as a processor to comply with data protection regulations. The provider may also process the data outside the European Economic Area. In order to ensure a level of data protection that complies with the EU General Data Protection Regulation (GDPR), we have agreed the EU standard data protection clauses with Microsoft in accordance with the EU Commission's decision (2010/87/EU). You can find more information on processing by Microsoft at: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy.

If we use another provider, you will find further information on the purpose and scope of data collection and the further processing and use of the data by the provider as well as your rights in this regard and setting options to protect your privacy in the data protection information of the respective provider.

  1. 7. Transfer of Personal Data to Recipients within the EEA

We only transfer personal data to third parties insofar as this is necessary for the provision of our service or is required by law in this context. Within the scope of the purposes mentioned here, personal data is forwarded to service providers who work for us and support us in particular in the provision of services. In addition to their legal obligation to comply with all data protection regulations, these service providers are bound by further contractual data protection requirements. In particular, this includes an obligation as a processor in accordance with Art. 28 GDPR.

In particular, we pass on personal data to the following categories of service providers, insofar as this is necessary for the purposes stated in this data protection declaration within the scope of the law firm's operations:

●     Accounting, financial institutions, tax and legal advice

●     IT service and infrastructure, IT support and maintenance

●     Data destruction and facility services

●     Provider of software for Internet video telephony

Otherwise, we only transfer personal data to other recipients if we have legal permission to do so or if you have given your prior consent. You can revoke any consent you have given at any time with effect for the future. We only pass on your data to government agencies within the scope of legal obligations or on the basis of an official order or court decision and only insofar as this is permitted under data protection law.

  1. 8. Transfer of Personal Data to Recipients outside the EEA

If necessary for our purposes, we may also transfer your data to recipients outside the European Economic Area (EEA), so-called "third countries", in individual cases. This is particularly the case if we have to transfer this data to recipients in third countries for the purpose of fulfilling a contract or due to legal obligations or if this is necessary for the establishment, exercise or defense of legal claims.

If we transfer data to third countries, we ensure that the recipient has implemented an adequate level of data protection within the meaning of Art. 45 GDPR or suitable guarantees within the meaning of Art. 46 (2) and (3) GDPR and that no other interests worthy of protection speak against the transfer of data.

  1. 9. Deletion

We delete your personal data as soon as it is no longer required for the aforementioned purposes of processing, in the event of an objection there are no compelling legitimate grounds on the part of WEISNER PARTNER to the contrary or in the event of a revocation there is no other legal basis for the processing. In certain cases, e.g. if there is a legal obligation to retain data, your personal data will first be blocked and then deleted once the retention period has expired.

Personal data from an application process will be stored until a decision is made and then deleted after six months at the latest or, if your application is successful, transferred to your personnel file.

  1. 10. Your Rights

As a data subject, you have the right to obtain confirmation as to whether or not personal data concerning you is being processed by WEISNER PARTNER and, where that is the case, the right to access this personal data (Art. 15 GDPR), the right to rectification of inaccurate data (Art. 16 GDPR), the right to erasure (Art. 17 GDPR) and the right to restriction (blocking) of your data (Art. 18 GDPR).

In addition, in the case of processing on the basis of Art. 6 para. 1 lit. e or f GDPR, you can object to the processing (Art. 21 GDPR), whereby you must provide a special reason, except in the case of direct advertising. If you have provided this data, you can request the transmission of the data (Art. 20 GDPR). If the processing is based on consent within the meaning of Art. 6 sentence 1 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, you can revoke this consent at any time for the future (Art. 7 para. 3 GDPR). You also have the right to contact the competent data protection supervisory authority (Art. 77 GDPR).

Whether and to what extent these rights exist in individual cases and under what conditions they apply is defined by law in the specified standards.

If you have any questions or complaints about data protection at WEISNER PARTNER, we recommend that you first contact our data protection officer (see the contact details in section 1).

  1. 11. No Automated Individual Decision-Making

We do not use your personal data for automated individual decisions within the meaning of Art. 22 para. 1 GDPR.

  1. 12. Amendment of this Privacy Policy

New legal requirements, business decisions or technical developments may require changes to our Privacy Policy. The Privacy Policy will then be adapted accordingly. You will always find the latest version on our website.

Status: May 2024