DATA PROTECTION DECLARATION

Thank you for visiting our website and for your interest in our law firm and our services. The protection of your privacy and of your personal data when using our website is important to us. 

This data protection declaration applies to the website of HEUSSEN Rechtsanwaltsgesellschaft mbH. It does not apply to any other internet offers to which we merely refer by a link. 

Here you will find information about the handling of your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary that we collect personal data about you. In the following we explain what kind of data we collect about you, why this is necessary and what rights you have with regard to your data. 

§ 1 Responsible Party/Parties and Scope of Applicability
Responsible for processing of personal data on this website (see Imprint):

HEUSSEN Rechtsanwaltsgesellschaft mbH
Brienner Straße 9 / Amiraplatz
80333 Munich / Germany
Phone.: +49 (0)89 29 09 70
Fax: +49 (0)89 29 09 7200
E-Mail:  　　

§ 2 Data Protection Officer
If you have any questions about data protection, you can also contact our data protection officer at any time: 

Lars Beitlich
Datenschutzbeauftragter
IfDuS GmbH
Landsberger Str. 396
81241 München
Tel.: +49 (0)89 85 63 34 60
Fax: +49 (0)89 29 09 7200
E-Mail: dsb-heussen@ifdus.de

§ 3 Definition
According to Art. 4 No. 1 of the EU General Data Protection Regulation, "personal data" means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural Person. 

§ 4 Informational Use
a) Type and scope of data processing
When you use this website we collect technically necessary data, which is automatically transmitted to our server, among other data:

• IP address
• Date and time of query
• Query contents
• Access status/HTTP status code
• Browser type
• Browser software language and version
• Operating System

All this data is required for technical reasons in order for us to be able to display our website to you. We also utilize this data to ensure the security and stability of our Website. 

b) Legal basis
Your data is collected based on Art. 6 (1) (a) of the EU General Data Protection Regulation. 

c) Duration of data storage
If the data is no longer required to display the website, it will be deleted.

§ 5 Data Capture, Intended Purpose and Legal Basis
a) Kind and scope of data processing
On conclusion of a contract with you, we collect personal data from you, including the following:

• first and last name
• address
• date of birth
• e-mail address
• phone number
• billing Information

We exclusively use this data to fulfil our obligations under the contract with you. 

b) Legal basis
The legal basis for processing your personal data is to fulfill our contractual obligations with you pursuant to Art. 6 (1) (b) of the EU General Data Protection Regulation. If you additionally give your consent, the legal basis is also Art. 6 (1) (a) of the EU General Data Protection Regulation. 

c) Duration of data storage
Once the processed data is no longer required for fulfilling our contractual obligations with you, that data is deleted. Even after the fulfillment of all contractual obligations certain contractual or legal requirements may necessitate storing some of your personal data even beyond. Continuous data storage may take place in individual cases where required by law. 

§ 6 Transient Cookies
We use so-called Session IDs, which allows different queries from the browser to be assigned to a specific visit (session). These session cookies (transient cookies) are automatically deleted when the browser is closed.

§ 7 Online Applications
a) Kind and Scope of Data Processing You can submit your application on our website via e-mail. When you apply online, we collect and save all data that you send us via e-mail. We process your data solely for the purpose of processing your application. None of your data is transferred to third parties.

b) Legal Basis Your data is processed based on Art. 6 (1) (b) of the EU General Data Protection Regulation.

c) Duration of Data Storage If we are unable to offer you a position, we save your data for a maximum period of 6 months following completion of the application process.

§ 8 Contact Form
a) Scope of Data Processing
Our web site contains contact forms, which you can use to enter your personal data. When you use these contact forms, we collect and save all data that you enter in the input mask (name, company and e-mail address). None of your data is transferred to third parties.

b) Legal Basis
In case of your approval, the legal basis for processing your data is Art. 6 (1) (a) of the EU General Data Protection Regulation. If your query serves the conclusion of an agreement, Art. 6 (1) (b) of the EU General Data Protection Regulation additionally applies as legal basis.

We exclusively use your data for the purpose of processing your query and responding to it.

c) Duration of Data Storage
Once your processed data is no longer required for processing your query or for concluding an agreement, it is deleted.

§ 9 Google Maps
As part of our web site features, we use Google maps. That way, we are able to show you interactive maps directly on our web site and offer you the convenient use of the map application. By use of Google maps, your data is transmitted to Google in the United States, including your IP address.

You are able to prevent your data from being transmitted to Google by deactivating JavaScript in your browser settings. However, by doing so, you will not be able to use the Google maps on our web site.

The legal basis for processing your data is Art. 6 (1) (f) of the EU General Data Protection Regulation. Google participates in the EU-US Privacy Shield:
www.privacyshield.gov/EU-US-Framework

For more information about Google: Google LLC, 1600 Amphitheater Parkway, Mountainview, CA 94043, USA

For detailed information about the terms of use of Google Maps: www.google.com/intl/de_US/help/terms_maps.html

For more information in the Data Protection Declaration of Google: http://www.google.de/intl/de/policies/privacy/

§ 10 Social Plugins
We currently use the following social media plugins: LinkedIn, Twitter und Xing. Use of these involves personal data being transmitted via the use of a button to the plugin providers where such data is being stored.

The respective plugin providers store your collected data as user profiles, utilizing it for Marketing, market research purposes and/or designing their web sites on a needs-oriented basis. In particular, this utilization of collected data (even from users who are not logged in) serves the purpose of presenting targeted marketing campaigns and informing other users of the same social network about your activities on our web site. You have the right to object to the use of your data in these user profiles, but have to contact the respective plugin Providers in order to exercise it. Featuring these plugins on our website allows us to offer you the opportunity of interacting with social networks as well as other users. This, in turn, allows us to further improve our web service and to make it more appealing to you as a user. The legal basis for our use of plugins is Art. 6 (1) (f) of the EU General Data Protection Regulation. 

Data transmission to these plugin providers takes place regardless whether you have an account there and are logged in. When you are logged in at a plugin provider’s site, any of your data collected through us by that plugin provider is directly associated with your account there. In case of US-American plugin providers, your data is transmitted to the United States, making them subject to the EU-US Privacy Shield:
www.privacyshield.gov/EU-US-Framework

To learn more about the purpose and scope of data Collection and processing by plugin providers, please turn to the data protection declarations of these plugin providers as listed below. These declarations also contain Information about your individual rights in this regard as well as settings options to protect your privacy:

• LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA; www.linkedin.com/legal/privacy-policy
• Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA
  twitter.com/privacy
• Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany; http://www.xing.com/privacy

§ 11 Your Rights
You have the following legal rights against us regarding your personal data:

• Right to Information
  You may request confirmation as to whether we are processing personal data concerning you. If this is the case, you may request information about this personal data as well as further information, such as the purpose of processing said data, recipients, the planned duration of data storage or the criteria for determining said Duration. 
• Right to Correction an Completion
  You may request the correction of incorrect data. In consideration of the purpose of data processing, you may request completion of incomplete data. 
• Right to Deletion ("Right to Be Forgotten")
  You may request deletion of data to the extent processing of said data is not necessary. This may be case, for example, if your data is no longer necessary for the original purpose of processing, if you have revoked your declaration of consent under data protection law or if your data has been improperly processed. 
• Right to Limited Processing
  You may request limitations concerning the data processing, for example, if you believe that your personal data is incorrect. 
• Right to Data Portability
  You may receive any personal data concerning you in a structured, standardized and machine-readable format.  
• Right to Object
  You may object to the processing of specific personal data concerning you at any time for any reason owing to your specific situation. 
  With regard to direct advertising, you may object to the processing of personal data concerning you for such advertising purposes at any time; the same applies to any profiling associated with such direct advertising.  
• Right to Revoke Your Declaration of Consent Under Data Protection Law
  You may revoke your declaration of consent to the processing of your personal data with effect for the future anytime. However, this does not affect the legality of any data processed prior to revocation. 

You may also file a complaint with a data protection authority at any time, for example, if you believe that any processing of your data is not in compliance with existing data protection regulations.  

§ 12 Data Security
We commit ourselves to the protection of your privacy and to the confidential treatment of your personal data. In order to prevent any manipulation, loss or misuse of your data stored with us, we take comprehensive technical and organizational security measures which we review and adapted regularly in line with technological progress, including our use of recognized encryption technology (SSL or TLS). However, given the overall structure of the internet, we would like to inform you that third parties or institutions acting beyond our control and responsibility may ignore existing data regulations and aforesaid security measures. In particular, any unencrypted data transferred, e.g. via e-mail, may be exposed to third parties. This is beyond our technical influence. It is therefore the user’s responsibility to protect any data made available by him or her by encrypting it or other means against misuse.