Data Protection Declaration

Dated 27.07.2020

1. General

Thank you for visiting our website and for your interest in our law firm and in our services. The protection of your personal data is of the utmost importance to us. We treat all your personal data with confidentiality in accordance with applicable data protection regulations and this Data Protection Declaration. As a rule, we use any and all personal data only as required and solely for the effectiveness and user-friendliness of our website, including its contents and services offered on it.

Using this website involves the collection of various personal data. Personal data includes data that can be used for your personal identification. This Data Protection Declaration explains which data we collect, how we collect and use it and for what purpose. Be advised that Internet data transfer (for example, communication by e-mail) in general may pose the risk of security gaps. 

This Data Protection Declaration applies to the website of HEUSSEN Rechtsanwaltsgesellschaft (hereinafter referred to as “Heussen” or “We/Us”). It does not apply to any other Internet offers we refer to merely by a link. 

Responsible Party/Parties
Responsible party in accordance with applicable data protection regulations, especially der EU General Data Protection Regulation (GDPR): 

HEUSSEN Rechtsanwaltsgesellschaft mbH
Brienner Straße 9 / Amiraplatz
D-80333 Munich, Germany
Tel.:         +49 (0)89 29 09 70
Fax:         +49 (0)89 29 09 7200

Data Protection Officer
For any questions, comments, or questions regarding the exercise of your rights pursuant to GDPR, you are welcome to contact our Data Protection Officer anytime:

Lars Beitlich
IfDuS GmbH
Landsberger Str. 396
D-81241 Munich, Germany
Tel.:         +49 (0)89 85 63 34 60
Fax:         +49 (0)89 29 09 7200

Alternatively, you may also contact the Dept. Data Protection Officer for Notaries Public Dr. Stefan Bauer, Stephan Correll, Dr. Thomas Miller, Norbert Pahl, Prof. Wolfgang E. Trautner and Karl Woschnagg: 

Robert Faußner
Brienner Straße 9 / Amiraplatz
80333 München / Germany
Tel.:         +49 (0)89 29 09 70
Fax:         +49 (0)89 29 09 7200

Your Rights
When it comes to exercising your rights as described below, please feel free to contact us via the aforementioned contact information. Pursuant to the General Data Protection Regulation, you have the following rights:

  • To be informed of any and all of your data being saved by us and our use thereof (Art. 15 GDPR),
  • To have any incorrect personal data corrected by us (Art. 16 GDPR),
  • To have any of your data saved by us deleted by us (Art. 17 GDPR),
  • To restricted use of your data in as far as legal obligations prevent us from deleting your data without further delay or in as far as we are required to review your data in more detail prior to deleting it (Art. 18 GDPR),
  • To object to the use of your data acc. to Art. 21 GDPR and
  • Unrestricted data transferability as far as you have consented to data management or signed a data management agreement with us (Art. 20 GDPR).

We do not utilize any automated decision-making systems, including any profiling systems, as defined in Art. 13, Sect. 2 (f) GDPR in conjunction with Art. 22 GDPR.

Once you have given us consent to use your data, you can withdraw your consent for any future use thereof any time. In that case, all you need to do is to let us know by sending us an informal message via e-mail. Any use of your data prior to withdrawal of your consent, however, remains legally unaffected thereof.

In case of violation(s) of GDPR, you have the right to file a complaint with the relevant authorities; specifically, in the member state of your habitual residence, your workplace or the location of the suspected violation(s). Your right to file a complaint is protected without prejudice to any other administrative or judicial remedies.

An overview of data protection authorities (DPAs) in the private sector in Germany is available here. The relevant DPA in the State of Bavaria is:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18
D-91522 Ansbach, Germany

Postal Address:
P.O. Box 1349, D-91504 Ansbach, Germany
Tel.:                0981/180093-0
Fax:                0981/180093-800

2. Informational Use

Type and Scope of Data Use
As soon as you access our website, informational data automatically starts being collected, even if you never register on our website or if you use our website to otherwise transfer information to us. This informational data (server logfiles) contains the IP address of the computer being used to access our website, the date and time of your access, the page/name of whichever file you access, the data load being transferred, the message confirming successful website access, the Internet address from which the respective page or file was accessed or from which the relevant function was initiated as well as the web browser being used in the process.

Said informational data is specifically used for the following purposes:

  • To guarantee a secure and stable connection to our website,
  • To guarantee the flawless use of our website,
  • To provide analytical data regarding system stability/security as well as
  • For other administrative purposes.

Please be advised that we do not use your personal data to draw conclusions about you as an individual. The only way we use this information is for statistical analysis, which may help us to further optimize our website as well as the technology behind it. 

Legal Basis
Any and all of aforesaid informational data is used in accordance with Art. 6, Sect. 1, Clause 1 (f) GDPR, based on our legit interest in improving the functionality and stability of our website.

Recipients of aforesaid informational data solely include technical service providers hired by us for operation and maintenance of our website.

Storage Period
Once your informational data is no longer required for data collection purposes, it is deleted. Data that merely serves in providing access to our website is generally deleted immediately after you finish visiting our website.

The provision of aforesaid personal data is neither mandated by law nor required under the terms of any contract. However, without an IP address, we cannot guarantee the functionality of our website. Moreover, some of the services or functions may be unavailable or of limited use. For that reason, any possibility of a contradiction is ruled out.

3. Online Applications

You can use our website as an opportunity to meet us. Once we receive your online application, we collect your submitted data for candidate management purposes and save all of it, including, for example:

  • Name, title and academic degrees
  • Address and contact information
  • CV data
  • Description of work experience, job skills and educational background
  • Application documentation and references.

Legal Basis
Your data is used for the purpose of contract compliance and for fulfillment of pre-contractual obligations pursuant to Art. 6, Sect. 1, Clause 1 (b) GDPR.

Recipients of your data may include recruitment professionals complying with guidelines under Art. 28 GDPR. 

Storage Period
Any and all data collected from job applicants for that purpose is saved within the storage periods legally mandated for processing employment applications. If we are unable to offer you a position, your submitted data is deleted after a maximum period of 6 months following completion of the application process. 

4. Client Acquisition

You can use our website to inquire about our law services in a legal matter. In that case, we collect your submitted data for fulfillment of relevant contractual and pre-contractual obligations and save all of it, including, for example:

  • Name, title and academic degrees (if any)
  • Address and contact information
  • Date of birth
  • Payment information
  • Description of case matter 

Legal Basis
Your data is used for fulfillment of contractual and pre-contractual obligations in accordance with Art. 6, Sect. 1, Clause 1 (b) GDPR.

Recipients of your data may include service providers complying with guidelines under Art. 28 GDPR.

Storage Period
Your collected data is saved within the storage periods legally mandated for processing case matters. Generally, Art. 50, Sect. 1 of the German Federal Lawyers’ Act (BRAO) calls for a record-keeping period of six years for contract files. Under this federal guideline, we may be required to maintain your personal data beyond the conclusion of your service agreement with us, in order to fulfill any contractual or legal obligations on our part. 

5. Contact Form

The data you enter on our website is saved in order for us to communicate online with you personally. To this end you, have to enter a valid e-mail address as well as your name. This data, along with a timestamp, serves to facilitate both assignment of your inquiries and follow-up responses to them. Any other data input is optional.

Legal Basis
The data you enter on our Contact Form is used on the basis of a legit interest (Art. 6, Sect. 1, Clause 1 (f) GDPR). Our Contact Form is just our way of making it easier for you to contact us.

When you contact us with an inquiry through our website, the data you enter on our Contact Form is used by our system for performing pre-contractual procedures (Art. 6, Sect. 1, Clause 1 (b) GDPR).

Recipients of your data may include service providers complying with guidelines under Art. 28 GDPR. 

Storage Period
Personal data entered for initial inquiries is deleted after a maximum period of 6 months following the processing and conclusion of inquiries.

If an initial inquiry leads to a signed agreement for services, we are bound to the legal storage periods of the German Commercial code (HGB) and will delete your data following expiration of said periods.

Providing personal data is done on a voluntary basis. However, in order to process your inquiries, we need your name, your e-mail address and the reason for your inquiry. 

6. Cookies

Like many other websites, we utilize computer cookies too. These are small text files that are saved to your device (PC, laptop, tablet, smartphone, etc.) when you open our website.

These cookies provide us with specific data such as the IP address, browser and operating system you’re using. We should point out that cookies cannot be used to start any programs, nor any computer viruses. Instead, the information contained within the cookies allow us to facilitate navigation on our website and insure the correct display of our website. We will never use any of your collected data to pass it on to third parties without your consent, nor will we ever use any of it to create a link to other personal data. 

Naturally, you can always visit our website without activating any cookies. Internet browsers are generally preset to accept cookies. Still, you can usually deactivate cookies anytime using your own browser settings. Please refer to the Help functions of your Internet browser to learn how to change these presets. However, be advised that deactivating cookies may cause you to lose certain functions on our website.

Storage Period and Cookies Used
In as far as you allow our use of cookies by either consent or the means of your personal browser settings, you may see use of the following cookies on our website:





Legal Basis

Storage Period



Maintenance of session variables

Legit interest Art. 6, Sect. 1, Clause 1 (f) GDPR

1 year



Vimeo LLC

Video presentations

Consent Art. 6, Sect. 1, Clause 1 (a) GDPR

2 years



Google LLC

User behavior analysis

Consent Art. 6, Sect. 1, Clause 1 (a) GDPR

2 years


While some of these cookies are essential to the functionality of our website, others require your consent to be activated. In what follows, you can find out more detailed information about cookies and plug-Ins, which can also be used to save personal data.

For more detailed settings, you can apply the menu at the footer of this website anytime.

You can also use your personal browser settings to delete individual cookies or even the entire list of cookies. You can also find information and instructions on how to delete these cookies or how to keep them from being saved in the first place. Depending on the provider of your browser, you can find the necessary information under the following links:

6.1.    Session Cookie “PHPSESSID”

The “PHPSESSID” cookie saves each session of your visit to our website. Anytime you visit our website, we can use this session ID to clearly identify you. 

Legal Basis
The data you enter is used on the basis of our legit interest in the proper display of our website in accordance with Art. 6, Sect. 1, Clause 1 (f) GDPR. 

Recipients of your data may include service providers complying with guidelines under Art. 28 GDPR.

Storage Period
Your personal data is saved for one year. 

Transfer to Third Countries
There are no transfers of personal data to third countries.

Activating this cookie is essential for the operation of this website. Preventing activation of this cookie may prevent the proper display of this website.

7. Links

Our website features links to the external websites of third parties, whose contents are outside of the sphere of our influence. We cannot be held liable for the contents of these linked websites and expressly dissociate ourselves from them. Each of the contents of these websites is the responsibility of the respective website provider/operator. A thorough inspection of the aforesaid websites for any possible infringements immediately prior to being linked revealed no illicit contents of any kind. Should we become aware of any infringements, we will promptly remove the corresponding link. 

We furthermore offer links to the following social and business media platforms: 




LinkedIn Ireland Unlimited Company Wilton Place Dublin 2, Ireland


Twitter, Inc. 1355 Market Street, Suite 900 San Francisco, CA 94103


New Work SE Dammtorstraße 30 D-20354 Hamburg, Germany


By clicking on the corresponding icons, you open the links to the services of the corresponding providers. This is the only way you can send your data to these providers on this site. If you do not click on the corresponding icons, there can be no data exchange between you and the providers of these platforms. For more detailed information on the collection and use of your data by these social networks, please refer to the relevant terms of use of the corresponding Providers. 

8. SSL Encryption

In order to protect your data security during data transfer, we utilize state-of-the-art HTTPS encryption, such as SSL. 

9. External Service Providers

The following organizations, companies and individuals are hired by the operator of this Website as external service providers for data processing services in accordance with Art. 28 GDPR: IT service providers 

10. Changes to Our Data Protection Policy

We reserve the right to amend this Data Protection Declaration in order to ensure it is continuously up-to-date with the latest data protection requirements and/or with any changes in our services. Your visit to this website is subject to the most recent version of this Data Protection Declaration. 

11. Inquiries to Data Protection Officer

For any further questions about data protection, please contact us by e-mail or apply directly to the person in charge of data protection at our organization.