1. Name and Contact Data of the Controller as well as of the Company Data Officer
1.1 Responsible Entity
1.2 Data Protection Coordinator (DPC) of SNP Schlawien Partnerschaft mbB Rechtsanwälte Steuerberater
1.3 Data Protection Officer
2. Collection and Storing of Personal Data as well as Method and Purpose of their Use
2.1 When visiting the website
2.2 When subscribing to our newsletter
2.3 When using our email address for applications (firstname.lastname@example.org)
3. Transfer of Data
5. Analyzer Tools
6. Protection of Minors, Rights of Data Subjects
6.1 Protection of minors
6.2 Rights of data subjects
7. Right to Object
8. Data Security
9. Links to Other Websites
10. Other Information
11. Current Applicability and Modification of this Data Protection Policy
DATA PROTECTION POLICY
We use your data in compliance with the applicable data protection regulations. In this Data Protection Policy, we inform you about which of your personal data we collect and store. Moreover, you receive information on how your data is used and which rights you have in respect of the use of your data.
The controller according to the data protection laws is (with the exception of the notaries):
SNP Schlawien Partnerschaft mbB Rechtsanwälte Steuerberater (hereinafter: SNP Schlawien), Türkenstrasse 16, 80333 Munich, Germany
The controller according to the data protection laws for the notary Laurin Bludau:
60314 Frankfurt, Germany
Phone: +49 69 610908-0
Fax: +49 69 610908-45
The controller according to the data protection laws for the notary Joachim Garbe-Emden:
10719 Berlin, Germany
Phone: +49 30 253780-31
Fax: +49 30 253780-50
The controller according to the data protection laws for the notary Sarah Scherwitzki:
10719 Berlin, Germany
Phone: +49 30 253780-38
Fax: +49 30 253780-50
1.2 Data Protection Coordinator (DPC) of SNP Schlawien Partnerschaft mbB Rechtsanwälte Steuerberater
Dr. Petra Ostermaier
Phone: +49 89 28634-250
Fax: +49 89 28634-300
Email: email@example.com (for requests that do not include highly confidential contents)
Data Protection Officer (DPO) of SNP Schlawien Partnerschaft mbB Rechtsanwälte Steuerberater:
Phone: +49 171 2440099
Fax: +49 89 66002036
Email: firstname.lastname@example.org (for requests that do not include highly confidential contents)
Data Protection Officer (DPO) of the notaries Laurin Bludau (Frankfurt), Joachim Garbe-Emden (Berlin) and Sarah Scherwitzki (Berlin):
(contact as aforesaid)
When viewing our website www.snp-online.de, the browser used on your terminal device sends information to the server of our website automatically. Such information is stored on a temporary basis in a so-called log file. In the process, the following information is collected without your involvement and stored until the automated erasure:
- IP address of the requesting computer;
- Date and time of access;
- Name and URL of the retrieved file;
- Website from which the access occurs (referrer URL);
- Browser used and, if applicable, the operating system of your computer; as well as
- Name of your access provider.
We process the mentioned data for the following purposes:
- To ensure the smooth connection buildup of the website;
- To ensure the convenient use of our website;
- Evaluation of system security and stability; as well as
- For other administrative purposes.
The legal basis for data processing is Art. 6 (1) sentence 1 f) GDPR (General Data Protection Regulation), according to which "the processing is lawful if processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject (affected person) which require protection of personal data, in particular where the data subject is a child". Our legitimate interest results from the data collection purposes listed above. In no event will we use the collected data for drawing conclusions relating to your person.
If you gave your express consent pursuant to Art. 6 (1) sentence 1 a) GDPR to the sending of our newsletter per email with information on current news, important developments of the law or other contents of relevance for you or your company, as well as information about or invitations to events/fairs etc., we will use your email address to send you our newsletter on a regular basis. To receive the newsletter it is sufficient to indicate the title, first and second name, as well as a valid email address; moreover, at least one field of law has to be selected. These data will be stored.
We use "CleverReach", a service of CleverReach GmbH & Co. KG, CRASH Building, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter referred to as "CleverReach") to send our newsletter. For this purpose, the data provided by you when registering for the newsletter will be passed on to CleverReach. CleverReach uses this data to send and statistically evaluate the newsletter on our behalf. The newsletter emails contain tracking pixels for this purpose. These are one-pixel-sized image files that are stored on our websites. This allows us to track your user behavior, in particular whether you have opened the newsletter e-mail or which hyperlinks in the e-mail you have clicked on. In addition, technical information such as the time of the retrieval, your IP address, data on your web browser and operating system are recorded. This data is collected exclusively pseudonymously. The data is not linked to other personal data. A direct reference to a person is therefore excluded.
We use CleverReach on the basis of your consent. The legal basis is Art. 6 para. 1 p. 1 lit. a DS-GVO. We also use CleverReach for marketing and optimization purposes, in particular to analyze the use of our newsletter and to continuously improve individual functions and offers as well as the user experience for you. Through the statistical evaluation of user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in processing the above information. The legal basis in this respect is Art. 6 para. 1 p. 1 lit. f DS-GVO.
You can revoke your consent at any time. You can also object to the above processing at any time by unsubscribing from the newsletter.
In order to oblige CleverReach to process the transmitted data only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded an order processing agreement with CleverReach.
You can find more information about Cleverreach's data protection at https://www.cleverreach.com/de/datenschutz/.
We process the applicant data only for the purpose of the application procedure in conformity with the legal regulations. The processing of the applicant data is made in compliance with our (pre) contractual obligations in the context of the application procedure as defined in Art. 6 (1) b) GDPR (General Data Protection Regulation), Art. 6 (1) f) GDPR, if data processing becomes necessary e.g. as part of legal proceedings (sec. 26 BDSG (German Federal Data Protection Act) is applicable additionally).
The application procedure requires that the applicants transfer the applicant data to us. Where we use an online form, the required applicant data are marked or result otherwise from the job descriptions and basically include the personal data of the individual, mail and contact addresses and the documents relating to the application such as cover letter, curriculum vitae and the references/testimonials. In addition, applicants may provide additional information to us on a voluntary basis.
In transferring the application to us, the applicants declare their agreement to the processing of their data for purposes of the application procedure in accordance with the type and scope set out in this Data Protection Policy.
If in the context of the application procedure special categories of personal data as defined in Art. 9 (1) GDPR are communicated on a voluntary basis, their processing will be made additionally in accordance with Art. 9 (2) b) GDPR (e.g. health data such as severely disabled status or ethnic origin). If in the context of the application procedure special categories of personal data as defined in Art. 9 (1) GDPR are requested from applicants, their processing will be made additionally in accordance with Art. 9 (2) a) GDPR (e.g. health data, if required for exercising the occupation).
If provided, applicants may transfer their applications to us by way of an online form on our website. The data will be transferred to us in an encrypted condition in accordance with the state of the art.
Moreover, applicants may send us their applications via email. In this connection, however, the applicants should note that emails are not encrypted when sent in principle and the applicants themselves have to ensure the encryption. Therefore, we cannot assume any responsibility for the transfer route of the application from the sender to the receipt on our server and we recommend rather using the online form or mail. As an alternative to the application via the online form and email, the option of sending us the application by mail is still available to the applicants.
In the event of successful application, we may continue processing the data provided by the applicants for the purposes of the employment. If on the other hand the application for a job is not successful, the data of the applicants are erased. The data of the applicants are also erased if an application is withdrawn, which the applicants have the right to do at any time.
Unless in case of a justified revocation by the applicants, erasure is made after the lapse of a period of six months from the date of filling the position to enable us to answer possible follow-up questions regarding the application or to comply with our duty to furnish evidence under the German Equal Treatment Act (Gleichbehandlungsgesetz).
Invoices on the reimbursement of travelling expenses, if any, shall be archived in accordance with tax law requirements.
Provided that the inclusion of the application in the talent pool has been approved, the applicant data will be processed for a maximum period of eighteen months after the receipt of application and then deleted.
No transfer of your personal data to third parties will take place for purposes other than as listed below.
We transfer your personal data to third parties only if:
- you gave your express consent in this respect pursuant to Art. 6 (1) sentence 1 a) GDPR;
- the transfer pursuant to Art. 6 (1) sentence 1 f) GDPR is required to assert, exercise or defend legal claims and there is no reason to presume that you have an overriding interest requiring protection in not transferring your data;
- the transfer pursuant to Art. 6 (1) sentence 1 c) GDPR is subject to a legal obligation; as well as
- this is permitted by law and pursuant to Art. 6 (1) sentence 1 b) GDPR for the performance of the contractual relations with you.
In the cookie, information is stored that is generated in connection with the specifically used terminal device. This, however, does not imply that we get direct knowledge of your identity.
Moreover, and also to optimize user convenience, we use temporary cookies that are stored on your terminal device for a specific determined period. If you revisit our website to make use of our services, such cookies automatically recognize that you visited us before and which entries and settings you made to avoid that you have to make them again.
The data processed by cookies are required for the mentioned purposes to safeguard our legitimate interests as well as the legitimate interests of third parties pursuant to Art. 6 (1) sentence 1 f) GDPR. By means of a cookie banner, we inform you in advance about the setting of cookies and ask you to give your consent if such consent is required by law. The legal basis for this is Art. 6 (1) sentence 1 a) GDPR.
Most browsers accept cookies automatically. Nevertheless, you may set your browser in such manner as to ensure that no cookies are stored on your computer anymore or that a notice pops up before a new cookie is created. The complete deactivation of cookies, however, may entail that you cannot use all the functions of our website.
We apply the tracking measure set out below based on Art. 6 (1) sentence 1 f) GDPR. In applying the tracking measure, we intend to ensure an adequate structure of our website and the continuous optimization of our website. Apart from that, we apply our tracking measure to gather statistical data on the use of our website and evaluate such data to optimize our offer for you. Such interests are to be considered as legitimate in the meaning of the aforementioned legal provision.
To improve our online offer, this website uses Website Matomo, previously: Piwik, a web analyzer service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, for the analysis and statistical evaluation of the use of the website. We have configured Matomo so that no cookies are set for the aforementioned purposes. The information generated by Matomo is transferred to our server, combined in pseudonymous user profiles and stored for analysis purposes. In no event will the IP address be linked with other data concerning the user. The IP addresses are anonymized, thus preventing any reference (IP masking).
The information is used to evaluate the use of the website and to enable an adequate structuring of the website. There will be not transfer of the information to third parties.
If you do not agree with the storing, analysis and evaluation of such data, you may object at any time subsequently by deactivating the following checkbox:
In such a case, a so-called opt-out cookie is stored in your browser with the effect that Matomo will not collect any session data. Please note that in case of complete erasure of your cookies, the opt-out cookie will be erased, too, and you may have to reactivate it.
For more information on data protection relating to Matomo, please consult the following websites of InnoCraft:
- Information on data protection: https://matomo.org/privacy/
Persons under the age of 18 should not transfer any personal data to us, unless with the consent of their parents or legal guardians.
We do not request any personal data from children and youth.
You have the right:
- pursuant to Art. 7 (3) GDPR to withdraw your consent previously granted to us at any time. The withdrawal shall not affect the legality of the processing made on the basis of your previous consent. The consequence of the withdrawal is that in the future we must not continue the data processing that was based on such consent;
- pursuant to Art. 15 GDPR to request information about your personal data we process. You may particularly request information on the purposes of processing, the category of the personal data, the categories of recipients to which your data are or have been disclosed, the scheduled storing period, the existence of a right to rectification, restriction of processing or objection, the existence of a right to complain, the origin of your data if not collected by us, as well as the existence of the automated decision-making, including profiling and, if applicable, meaningful information as to their details;
- pursuant to Art. 16 GDPR to request immediate rectification of incorrect data or the completion of your personal data we have stored;
- pursuant to Art. 17 GDPR to request the erasure of your personal data we stored, unless the processing is required to exercise the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- pursuant to Art. 18 GDPR to request the restriction of processing of your personal data to the extent in which the accuracy of the personal data is contested by you, the processing is unlawful, but you oppose the erasure of the personal data and we no longer need the personal data, but they are required by you for the establishment, exercise or defense of legal claims or if you objected to processing pursuant to Article 21 GDPR;
- pursuant to Art. 20 GDPR to request the receipt of the personal data concerning you, which you provided to us, in a structured, commonly used and machine-readable format, and the transfer of those data to another controller;
- pursuant to Art. 77 GDPR to complain with a supervisory authority. As a rule, you may address the supervisory authority at your usual place of abode or workplace or at the place of our law firm office.
Where your personal data are processed based on legitimate interests pursuant to Art. 6 (1) sentence 1 f) GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or if the objection is raised against direct marketing. In the latter case you have a general right to object, which we implement without the need for you to indicate any particular situation.
If you desire to make use of your right to withdraw or to object, an email to email@example.com will suffice.
Within our website, we use the widespread SSL procedure (Secure Socket Layer) in combination with the highest encryption level as applicable from time to time that is supported by your browser. As a rule, it will be a 256-bit encryption. If your browser does not support 256-bit encryption, we use the 128-bit v3 technology instead. You can recognize whether an individual page of our website is transferred in an encrypted condition if the key or closed lock symbol is displayed on the lower status bar of your browser.
Apart from that, we use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or third-party access. We improve our security measures on a continuous basis in accordance with the technological development.
We set links to websites of other providers (third parties) not affiliated with us.
We do not assume any liability for the data collection and processing by third parties.
You can recognize websites of third parties as they always pop up in an own window of your browser. In contrast, new pages of our offer always pop up in a new tab of your browser.
We attach great importance to your trust in us. This is why we seek to be available to provide you with information and to answer your questions relating to your personal data at any time. If you have questions on data protection issues on our website, which have not been answered in this Data Protection Policy, or if you require in-depth information on a specific point, please do not hesitate to contact firstname.lastname@example.org at any time.
In further developing our website and the offers on it or due to changed legal and/or governmental requirements, it may become necessary to modify this Data Protection Policy. You can retrieve the Data Protection Policy as applicable from time to time on our website at http://www.snp-online.de/en/data-protection.html and print it at any time.
(Revision of: April 2021)