Privacy Policy
The protection of privacy and adherence to applicable data protection laws is of utmost importance to the Goldenstein law firm. In this context, by personal data we mean all data with which you can be personally identified. Therefore, we use your information in compliance with the strict provisions of the relevant data protection laws, especially the EU General Data Protection Regulation (GDPR). With our data protection declaration, we would like to inform you transparently and comprehensively about what personal data is collected by us within the scope of our websites and offers, for what purposes and how it is processed.
If you have any questions, suggestions and/or any critique regarding our services, please do not hesitate to contact us: Goldenstein Rechtsanwaltsgesellschaft (Goldstein & Partner – Legal Tax Consultant); Hegelallee 1; 14467 Potsdam; Phone: +49 331-2005720; info@goldenstein-kanzlei.de.
As on: 26.11.2020
I. Name and contact details of the responsible party
The responsible party within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:
Goldenstein Rechtsanwaltsgesellschaft
Hegelallee 1
14467 Potsdam
Phone: +49 331- 2 98 20 0
E-Mail: info@goldenstein-kanzlei.de
(hereinafter referred to as “Goldenstein Law Firm”)
For more details, kindly see our respective website imprint.
II. Data protection officer
You can contact the data protection officer of Goldenstein Rechtsanwaltsgesellschaft here
Goldenstein Rechtsanwaltsgesellschaft
z. H. des Datenschutzbeauftragten
Hegelallee 1
14467 Potsdam
Phone: +49 331-2005720
Fax: +49 331-96809310
Email: datenschutz@goldenstein-kanzlei.de
III. Right to complain
If there is a violation of your rights in connection with your rights to data protection, you have a statutory right to complain to the competent supervisory authority. The pertinent authority usually is the state data protection officer of the federal state of the company’s registered office. Here is a list of data protection officers and their contact details.
IV. Data collection when visiting our website
During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you: our website visited by you; date and time at the time of access; amount of data sent in bytes; source/reference from which you reached the page; browser used; operating system used; IP address used (if applicable: in anonymized form).
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.
V. Cookies
Cookies and cookie function groups
Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case – by us). Cookies cannot execute programs or transmit viruses to your computer system.
Described below is the distinction between cookies of the functional groups:
a) Technical cookies.
These cookies are necessary so that we can display the website to our users and provide essential basic functions, e.g. page navigation.
The following data is stored and transmitted in the cookies:
- Language settings
- Page settings
- Other status information
The purpose of using technically necessary cookies is to simplify the use of websites for users. We therefore also use cookies for the purpose of being able to identify you for subsequent visits. Also, some functions of our website cannot be offered without the use of cookies. For such functions, it is necessary that the browser is recognized even after a page change.
b) Cookies for user preferences
These cookies are used to recognize our user and the settings they have made when they return to the website. For example, we can greet users by name, store preferences and searches, or display targeted product suggestions.
c) Cookies for performance and statistics
These cookies are used to analyze website usage and user behavior. This allows us to understand how our website is used and where errors have occurred. We can then use this information, for example, to make the website more user-friendly or to better tailor information and services to our users.
d) Marketing cookies
These cookies are used to analyze our users’ visits to the website (e.g. which links were clicked, which sub-pages were visited). We use this information to target advertising on the website more closely to the interests of our users.
Cookie management
a) Cookie-Consent-Tool
To enable you to control the use of cookies, a cookie consent tool is implemented on the website. It shows you a cookie list divided into function groups, explains the purpose of the cookie function groups and the individual cookies as well as their storage duration.
For the use of the Cookie Consent Tool, the storage of a cookie is technically required.
b) Settings via the Cookie-Consent-Tool
When you visit the website for the first time, the Cookie Consent Tool is displayed as a pop-up window on the website. Here you can then switch on the cookies classified by function groups by clicking on the corresponding box. Please note that the technical cookies are already stored when the website is summoned and the relevant box is preset.
If technical cookies are deselected, the use of the website or individual functions on the website may be restricted or rendered impossible.
c) Your cookie settings
If you would like to check or change your cookie settings, either click on “Cookie Settings” (at the bottom of the website) or on the following link and then make the appropriate settings in the Cookie Consent Tool. Change cookie settings.
Revocation / opt-out options
a) Setting via the Cookie-Consent-Tool
If you have consented to the setting of cookies when visiting this website, you can revoke your consent by calling up the cookie consent tool (see above – Cookie settings) and deselecting the relevant cookie category.
b) Directly through the cookie provider
In addition to the revocation option via the Cookie Consent Tool, you can deactivate cookies directly with a cookie provider or prevent the processing of data via browser plug-ins. If a cookie provider offers such options, we have provided a corresponding link in the respective notices.
c) Browser settings / plug-ins
Another way to control the use of cookies is through appropriate settings in browsers with corresponding setting options.
Description of the cookies used and technically necessary cookies
a) Google Analytics
aa) Our website uses functions of Google Analytics – the web analysis service. The provider of the web analytics service is Google Inc, 160 Amphitheatre Parkway, Mountain view, CA 94043, USA.
Google Analytics uses cookies. These are small text files that your web browser stores on your terminal device and these cookies enable an analysis of website usage. Information generated by means of cookies about your use of our website is transmitted to a Google server and stored there. As a rule, the server location is AUS. The setting of Google Analytics cookies is based on Art. 6 (1) lit. f GDPR. As the operator of the website, we have a legitimate interest in analyzing user behavior in order to optimize our website and, if necessary, advertising.
bb) IP anonymization
We use Google Analytics in conjunction with IP anonymization. It ensures that Google truncates your IP address within member states of the EU or in other contracting states of the Agreement on the European Economic Area before transmission to the USA. There may be exceptional cases in which Google transfers the full IP address to a server in the USA or truncates it there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing us with other services relating to website activity and internet usage. The IP address transmitted by Google Analytics is not merged with other Google data.
cc) Objection to data collection
You can prevent the collection of your data by Google Analytics by also clicking on the following link. An opt-out cookie will then be set, which will prevent the collection of your data during future visits to our website. The instructions on how to proceed for deactivation as well as further details on Google Analytics especially with regard to data protection can be found at the following link:
dd) Order processing
In order to fully comply with the legal data protection requirements, we have concluded an order data processing agreement with Google Analytics.
ee) Demographic characteristics with Google Analytics
Our website uses the “demographic characteristics” function of Google Analytics. It can be used to create reports that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. It is not possible to assign this data to specific persons. You can deactivate this function at any time. You can do so via the ad settings in your Google account or by generally prohibiting the collection of your data by Google Analytics as explained in the point “Objection to data collection”.
VI. Contacting
When you contact us (e.g. via contact form or e-mail), personal data is collected. The data collected in the case of a contact form can be viewed from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. For the aforementioned purpose, your data may be passed on to service providers who support us (hosters, service providers, operators of communication applications, etc.), who we have of course carefully selected and who are bound by our instructions. This particularly concerns technical service providers who support us in the provision of services. The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your request. Such shall be the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
VII. Scope of the processing of personal data
We process personal data only in compliance with the relevant data protection regulations. This means that the data will only be processed if so legally permitted. I.e., especially if the data processing is necessary for the provision of our contractual services as well as online services, or is required by law, consent has been given, as well as on account of our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 (1) lit. f GDPR, especially in the case of range measurement, creation of profiles for advertising and marketing purposes, as well as collection of access data and use of third-party services).
The legal basis for the consents is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for the processing for the fulfillment of our services and implementation of contractual measures is Art. 6 para. 1 lit. b GDPR, the legal basis for the processing for the fulfillment of our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for the processing for the protection of our legitimate interests is Art. 6 para. 1 lit. f GDPR.
VIII. Disclosure of data to third parties
We only disclose your data to third parties if necessary, for example, on the basis of Art. 6 para. 1 lit. b) GDPR for contractual purposes or if it can be justified on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f. GDPR
In the event that we use subcontractors to provide our services, we take appropriate legal as well as technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal requirements.
We do not transfer your personal data to third parties for purposes other than those listed below.
a) Insofar as this is necessary pursuant to Art. 6 Para. 1 Sentence 1 b) GDPR for the processing of client relationships with you, your personal data will be passed on to third parties. This includes especially the disclosure to opposing parties and their representatives (particularly their attorneys at law) as well as courts and other public authorities for the purpose of correspondence and the assertion and defense of your rights. The data disclosed may be used by the third party exclusively for the aforementioned purposes.
b) Your personal data will be transferred to contracted service providers (order processors). Our service providers (scanning service providers, hosters and other IT service providers as well as external administrators, service centers) have access to the data for processing activities (maintenance and remote maintenance, disposal of files/data carriers).
c) The attorney-client privilege shall always remain unaffected. Insofar as data subject to attorney-client privilege is involved, it will only be disclosed to third parties in consultation with you.
There are no plans to transfer your personal data to a third country/international organization.
IX. Rights of persons concerned
Pursuant to the GDPR, you have the following rights:
- If your personal data is processed, you have the right to receive information about the data stored about you (Art. 15 GDPR).
- If incorrect personal data is processed, you have the right to rectification (Art. 16 GDPR).
- If the legal requirements are met, you may request erasure or restriction of processing as well as object to processing (Art. 17, 18 and 21 GDPR).
- If you have consented to the data processing or if there is a contract for data processing and the data processing is carried out with the help of automated procedures, you may have the right to data portability (Art. 20 GDPR).
- You can complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your customary place of residence or workplace or our registered office.
- If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your specific situation.
X. Possibility of elimination and revocation of consent
If the data processing is based on your consent, this consent can be revoked at any time with effect for the future (Art. 7 (3) GDPR).
If you wish to exercise your right of revocation, simply send an e-mail to info@goldenstein-kanzlei.de. You will not incur any costs for the revocation, except for the costs incurred for the transmission. The legality of the data processing carried out on the basis of the consent until the revocation is not affected by it.
XI. Duration of storage of personal data
The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a GDPR, this data is stored until the persons concerned revoke his or her consent.
If there are statutory retention periods for data that are processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment of the contract or the initiation of the contract and/or there is no legitimate interest on our part to continue storing it.
When processing personal data on the basis of Art. 6(1)(f) GDPR, this data is stored until the persons concerned exercise his or her right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the persons concerned, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) GDPR, this data is stored until the persons concerned exercise his or her right to object pursuant to Article 21 (2) GDPR.
Unless otherwise stated in the other information in this statement about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
XII. SSL or TLS encryption
For security reasons and to protect confidentiality, all data transmitted by you to the site operator within the scope of the offerings of this website is transmitted using SSL or TLS encryption.
XIII. Modification clause
We reserve the right to change this privacy policy from time to time. Updated versions will be published. To the extent that the change to the Privacy Policy does not affect the use of existing data, the new Privacy Policy will apply from the date it is updated on our website. Any change to the privacy policy that relates to the use of the data already collected will only be made insofar as it is deemed reasonable for you. In such a case, we will notify you in a timely manner by e-mail, on our websites, in our application or in another form. You have the right to object to the validity of the new data protection declaration within four weeks of receipt of the notification. In the event of an objection, we reserve the right to terminate the contractual relationship. If no objection is made within the aforementioned period, the amended data protection statement shall be deemed to have been accepted by you. We will inform you of your right to object and the significance of the objection period in the notification.