Data Protection Declaration by TIGGES Rechtsanwälte Partnerschaft mbB
(as of January 2022)
As the operator of the website www.tigges.legal and the party responsible for the personal data of the users (hereinafter referred to as "you") of the website in the sense of the statutory data-protection stipulations, TIGGES Rechtsanwälte Partnerschaft mbB (hereinafter referred to as "we") take data protection very seriously.
We protect your private sphere and your private data. We collect, process and use personal data in compliance with the contents of these data protection provisions as well as the applicable data protection legislation.
It is stated in these data protection provisions what personal data we collect, process and use concerning you.
I. Name and address of the party responsible, contacting the data protection officer
The party responsible in the sense of the General Data Protection Regulation (GDPR) and other national data protection legislation of the member states as well as other data protection-law provisions is:
TIGGES Rechtsanwälte Partnerschaft mbB
Zollhof 8
40221 Düsseldorf
Germany
Partnerschaftsregister AG Essen PR 1705
info@tigges.legal
Tel. +49 (0)211 8687-0
Fax +49 (0)211 8687-100
Website: www.tigges.legal
If you have any queries regarding the subject of data protection, please contact our data protection officer, quoting the keywords "data protection TIGGES website". Please direct your query to datenschutz@tigges.legal.
II. General information regarding data processing
1. Scope of the processing of personal data
As a matter of principle, we only process personal data of our users insofar as this is necessary to provide a functional website as well as our content and services. Processing personal data of our users is usually done only after consent has been granted by the respective user. An exception applies in cases where prior obtaining of a consent is not possible for factual reasons and the processing of the data is permitted by statutory provisions.
2. Legal basis for the processing of personal data
Insofar as we obtain a consent from the person affected for the processing of personal data, Article 6 paragraph 1 a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data which is necessary in order to perform a contract to which the person affected is a contract party, Art. 6 paragraph 1 b of the GDPR serves as the legal basis. This also apples for processing which is necessary for the implementation of pre-contractual measures.
Insofar as processing personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 paragraph 1 c of the GDPR serves as the legal basis.
In the event that crucial interests of the person affected or of another natural person make it necessary to process personal data, Art. 6 paragraph 1 d of the GDPR serves as the legal basis.
If the processing is necessary to safeguard a justified interest of our company or of a third party and if the interests, fundamental rights and fundamental freedoms of the person affected do not outweigh that justified interest, then Art. 6 paragraph 1 f. of the GDPR serves as the legal basis for the processing.
3. Data deletion and storage duration
The personal data of the person affected is deleted or blocked as soon as the purpose of the storage ceases to apply. Storage can go beyond this if this is provided for by the European or national legislator in Union-law ordinances, laws or other provisions to which the party responsible is subject. Blocking or deleting the data is also done if a storage period prescribed by the named norms expires, unless there is a necessity for further storage of the data for entry into or performance of a contract.
III. Providing the website and generating log files
1. Description and scope of the data processing
Whenever our website is accessed, our system collects automated data and information from the computer accessing it.The following data is collected in this context:
- IP address
- the domain name of the website you came from
- the pages of our website which you have visited
- the names of the files accessed
- the date and time of each access
- the name of your Internet service provider
- as well as, where applicable, the operating system and browser version of your PC.
The data is also saved in our system's log files. This data is not stored together with other personal data of the user.
2. Legal basis for the data processing
The legal basis for the provisional storage of the data and the log files is Article 6 paragraph 1 f of the GDPR.
3. Purpose of the data processing
The provisional storage of the IP address by the system is necessary in order to make it possible to deliver the website to the user's computer. For this purpose, the user's IP address must be saved for the duration of the session.
Saving is done in log files in order to ensure the functionality of the website. Moreover, we use the data in order to optimise the website and to guarantee the security of our information-technology systems. No evaluation of the data for marketing purposes takes place in this context.
These purposes also include our justified interest in data processing pursuant to Article 6 paragraph 1 f of the GDPR.
4. Duration of the storage
The data will be deleted as soon as it is no longer required to achieve the purpose of its collection. In the case of the collection of the data in order to make the website available, this is the situation when the respective session has come to an end.
In the case of storage of the data in log files, this is the situation after a maximum of three days. Storage going beyond this is possible. In such case, the IP addresses of the users are deleted or transformed so that it is no longer possible to allocate them to the accessing clients.
5. Objection and removal option
Collecting the data in order to make the website available and storing the data in log files are absolutely essential for the operation of the website. As a consequence, it is not possible for the user to object thereto.
IV. Using cookies
1. Description and scope of the data processing
When you visit one of our website pages, it can be the case that we deposit information in the form of a "cookie" on your computer, which we automatically identify when you next visit. Cookies are small text files which are deposited on your computer's hard drive and which enable a website to recognise your browser, but do not permit any personal identification of your person. What is collected is information about your activities on the websites you visit (e.g. surfing behaviour, pages of websites visited, advertising banners clicked on, etc.). All usage data is saved using a pseudonym so that no conclusions can be drawn about your person, and thus personal identification is excluded.
When accessing our website, users are informed by an information banner about the use of cookies for analysis purposes, and about this Data Protection Declaration. Information is also given in this context about how the storage of cookies can be prevented in the browser configuration settings.
2. Legal basis for the data processing
The legal basis for the processing of personal data using cookies for analysis purposes is Article 6 paragraph 1 a of the GDPR if a consent has been granted by the user in this respect.
3. Purpose of the data processing
Analysis cookies are used for the purpose of improving the quality of our website and its contents. Through the analysis cookies, we ascertain how the website is used and can thus continuously optimise our offer.
These purposes also include our justified interest in the processing of the personal data pursuant to Article 6 paragraph 1 f of the GDPR.
4. Duration of the storage, objection and removal option
Cookies are stored on the user's computer and information is transmitted from this to our website. Thus, as the user you have full control over the use of cookies. By making a change to the configuration settings in your Internet browser, you can deactivate or limit the transfer of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all of the website's functions can be used any longer.
V. Web analysis by Matomo (formerly PIWIK)
1. Scope of data processing
We use the open source software tool Matomo (formerly PIWIK) on our website to analyse the surfing behaviour of our users. The software sets a cookie on the user's computer if the user gives his consent. If individual pages of our website are called up, the following data is stored:
(1) Two bytes of the IP address of the calling system of the user
(2) the website called up
(3) the website from which the user accessed the accessed website (referrer)
(4) the sub-pages accessed from the accessed website
(5) the length of stay on the website
(6) the frequency with which the website is accessed
(7) technical information, e.g. device type, device model, device brand, screen resolution, browser, operating system
The software runs exclusively on the servers of our website. A storage of the personal data of the users only takes place there. The data will not be passed on to third parties. The IP address is anonymised before being saved.
2. Legal basis for the data processing
The legal basis for the processing of users' personal data is Art. 6 para. 1 letter a DSGVO. The tool will only be used if the user has expressly agreed to this beforehand.
3. Purpose of the data processing
The processing of users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness.
4. Duration of the storage
The data is deleted as soon as it is no longer required for our recording purposes. In our case this is after 7 days.
5. Objection and removal option
Cookies are stored on the user's computer and transmitted by the user to our site. Therefore you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it may not be possible to use all the functions of the website to their full extent.
VI. Contact form and email contact
1. Description and scope of the data processing
Our website has a contact form which can be used for making contact electronically. If a user makes use of this option, then the data entered into the form will be transmitted to us and stored. This data is:
- first and last names
- your email address
- any additional personal data supplied by you in the framework of your message
Moreover, the following data is saved at the point in time when the message is sent:
- user's IP address
- date and time of the registration.
For the processing of the data in the framework of the dispatch process, your consent is obtained and reference is made to this Data Protection Declaration.
Alternatively, it is possible to make contact via the email address provided. In such case, the user's personal data transmitted with the email is stored.
The data is not passed on to third parties in this context. The data is exclusively used in order to process the conversation.
2. Legal basis for the data processing
If a consent has been granted by the user, the legal basis for the processing of the data is Article 6 paragraph 1 a of the GDPR.
The legal basis for the processing of the data which is transmitted in the course of sending an email is Article 6 paragraph 1 f of the GDPR. If the aim of the email contact is to enter into a contract, then an additional legal basis for the processing is Article 6 paragraph 1 b of the GDPR.
3. Purpose of the data processing
The processing of the personal data from the form serves only for us to process the contact by you. In the case of contact by email, the requisite justified interest in processing the data is also present therein.
The other personal data processed during the dispatch process serves to prevent the contact form from being misused and to guarantee the security of our information-technology systems.
4. Duration of the storage
The data will be deleted as soon as it is no longer required to achieve the purpose of its collection. For the personal data in the contact form and the data which is sent by email, this is the case if the respective conversation with the user has come to an end. The conversation is at an end if it can be inferred from the circumstances that the pertinent set of facts has been finally clarified.
The personal data additionally collected during the dispatch process is deleted at the latest after a period of three days.
5. Objection and removal option
The user has the option at all times to revoke his or her consent to the processing of the personal data. If the user contacts us by email, then s/he can object at any time to the storage of his or her personal data. In such a case, the conversation cannot be continued.
You can revoke the consent to the processing of your data by sending an email to the data protection officer at any time.
All personal data which is saved in the course of making contact is deleted in such case.
VII. Links to other websites
Our website can contain links to third-party websites. If you follow a link to one of these websites, please note that we cannot assume any liability or give any guarantee regarding third-party contents or data protection conditions. Please inform yourself about the respectively-applicable data protection conditions before you transmit personal data to these websites.
VIII. Facebook Fan page – Joint Responsibility
Pursuant to the case law of the European Court of Justice, we are jointly responsible together with Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (Facebook) in the sense of data protection law for the processing of personal data which is collected when visiting our Fanpage via Facebook.
When you visit our Fan page, Facebook automatically collects personal data from you as a visitor to the Fan page, without us having any ability to influence this. You can find more information regarding data collection in the Facebook data protection declaration.
Facebook places cookies in order to collect, save and further process data. If the user has a Facebook profile and is logged into their account, the storage and analysis is done across devices as well. Further information regarding the use of cookies by Facebook can be found in the Facebook cookie guidelines. You can object to Facebook's use of cookies at the following websites:
- https://www.facebook.com/settings?tab=ads (registration necessary)
- http://www.youronlinechoices.com
Facebook makes various anonymised statistics available to use in the framework of so-called page insights concerning the visits to our fan page. We have no influence on the compilation of this information. In particular, we cannot stop collection and processing by Facebook. For a selectable period as well as for each of the categories of fans, subscribers, accomplished people and interacting people, we are provided with the following anonymised data with regard to our fan page: total number of times the page has been accessed, "likes" information, page activity, contribution interactions, reach, video views, contribution reach, comments, shared contents, replied, proportion of men and women, origin related to country and city, language, hits and clicks in the shop, clicks on route planner, clicks on telephone numbers. Further information regarding the page insights can be obtained from the corresponding Facebook website:
https://www.facebook.com/business/a/page/page-insights
We use this information in order to make our fan page and the contents on the fan page more attractive for visitors to our fan page. This also constitutes our justified interests in the sense of our legal basis for this processing pursuant to Article 6 paragraph 1, sentence 1 f) of the GDPR.
The reciprocal obligations with regard to the joint responsibility are set out in the page entitled "page insights addition with regard to the parties responsible". The primary responsibility is borne by Facebook in the sense of the GDPR for the processing of insight data, and declares that it fulfils all of the obligations arising out of the GDPR with regard to the processing of insight data (inter alia Articles 12 and 13 of the GPDR, Articles 15 to 22 of the GDPR, and Articles 32 to 34 of the GDPR). Only Facebook can make and implement decisions with regard to the processing of insight data. Because Facebook makes decisions at its general discretion as to how it fulfils its obligations arising out of this agreement, we have no influence on the fulfilment of the data protection-law obligations by Facebook. Should queries be received by us in connection with the insight data, we are obliged to forward all of the relevant information to Facebook.
IX. Data security
All of the information which you transmit to us will be stored on servers within the European Union. Unfortunately, transferring information via the Internet is not completely secure, which is why we cannot guarantee the security of the data transmitted via the Internet to and via our website. However, we secure our website and other systems in the best possible manner through technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised parties.
We take precautionary measures in order to guarantee the security of your personal data. Your data is conscientiously protected against loss, destruction, falsification, manipulation and unauthorised access or unauthorised disclosure.
X. Rights of the person affected
If your personal data is processed, you are the person affected in the sense of the GDPR and you are entitled to the following rights:
1. Information right
You can request a confirmation from us as to whether personal data pertaining to you is being processed by us.
If such processing is taking place, you can request details from us about the following information:
(1) the purposes for which the personal data is being processed;
(2) the categories of personal data which are processed;
(3) the recipients and/or the categories of recipients to whom the personal data pertaining to you has been disclosed or will be disclosed;
(4) the planned duration of the storage of the personal data pertaining to you or, if no specific details are possible in this respect, criteria for the determination of the storage period;
(5) the existence of a right to correction or deletion of the personal data pertaining to you, a right to limit the processing by the party responsible or a right to object to this processing;
(6) the existence of a right to complain to a supervisory authority;
(7) all available information concerning the origin of the data, if the personal data is not collected from the person affected.
You are entitled to the right to request information about whether the personal data pertaining to you will be transmitted to a non-EU state or to an international organisation. In this context, you can request to be informed about the suitable guarantees pursuant to Article 46 of the GDPR in connection with the transmission.
2. Right to correction
You have a right to correction and/or completion insofar as the processed personal data pertaining to you is incorrect or incomplete. We will make the correction without undue delay.
3. Right to restrict the processing
Subject to the following prerequisites, you can request restriction of the processing of the personal data pertaining to you:
(1) if you dispute the correctness of the personal data pertaining to you, namely for a period, that enables us to check the correctness of the personal data;
(2) if the processing is unlawful and you refuse deletion of the personal data and instead request restriction of the usage of the personal data;
(3) we no longer require the personal data for the purposes of the processing but you require it for the assertion, exercise or defence of legal claims; or
(4) if you have filed an objection to the processing pursuant to Article 21.1 of the GDPR as long as it is not yet certain whether our justified reasons outweigh your reasons.
If the processing of the personal data pertaining to you is restricted, this data may – apart from its storage – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the right of another natural person or legal entity or for reasons of an important public interest of the Union or a member state.
If the processing has been restricted pursuant to the abovementioned prerequisites, you will be informed by us before the restriction is lifted.
4. Right to deletion
a) Deletion obligation
You can request from us that the personal data pertaining to you be deleted without undue delay. We are obliged to delete this data without undue delay if one of the following reasons exists:
(1) The personal data pertaining to you is no longer necessary for the purposes for which it was collected or processed in another way.
(2) You revoke your consent on which the processing pursuant to Article 6 paragraph 1 a or Article 9 paragraph 2 a of the GDPR was based and there is a lack of another legal basis for the processing.
(3) You file an objection to the processing pursuant to Article 21.1 of the GDPR and there are no overriding justified reasons for the processing, or you file an objection to the processing pursuant to Article 21.2 of the GDPR.
(4) The personal data pertaining to you has been processed unlawfully.
(5) The deletion of the personal data pertaining to you is necessary in order to fulfil a legal obligation pursuant to the law of the Union or the member state(s) to which the party responsible is subject.
(6) The personal data pertaining to you was collected in connection with services offered by the information company pursuant to Article 8.1 of the GDPR.
b) Exceptions
The right to deletion does not exist insofar as the processing is necessary
(1) to exercise the right to free expression of opinion and information;
(2) in order to fulfil a legal obligation which requires the processing pursuant to the law of the Union or the member state(s) to which we are subject;
(3) for reasons of the public interest in the area of public health pursuant to Article 9 paragraph 2 h and i as well as Article 9 paragraph 3 of the GDPR;
(4) for the assertion, exercise or defence of legal claims.
5. Right to data transferability
You have the right to receive in a structured, common and machine-readable format the personal data pertaining to you which you have provided to us. In addition, you have the right to transmit this data to another party responsible without impediment by the party responsible to whom the personal data has been provided, insofar as
(1) the processing is based on a consent pursuant to Article 6 paragraph 1 a of the GDPR or Article 9 paragraph 2 a of the GDPR or on a contract pursuant to Article 6 paragraph 1 b of the GDPR, and
(2) the processing is done with the assistance of automated processes.
In exercise of this right, you also have the right to procure that the personal data pertaining to you is transmitted directly by one party responsible to another party responsible insofar as this is technically feasible. No freedoms or rights of other parties may be detrimentally affected thereby.
The right to data transferability does not apply for processing of personal data which is necessary in order to carry out a task which is in the public interest or in exercise of official authority which has been transferred to the party responsible.
6. Objection right
You have the right for reasons which arise from your special situation to file an objection at any time to the processing of the personal data pertaining to you which is done on the basis of Article 6 paragraph 1 e or f of the GDPR.
We then no longer process the personal data pertaining to you, unless we can prove mandatory protection-worthy reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves in the assertion, exercise or defence of legal claims.
You have the option of exercising your objection right in connection with the usage of services by the information company – irrespective of Directive 2002/58/EC – by means of automated processes where technical specifications are used.
7. Right to revocation of the data protection-law consent declaration
You have the right to revoke your data protection-law consent declaration at any time. The revocation does not affect the lawfulness of the processing which took place on the basis of the consent until the revocation.
8. Right to complain to a supervisory authority
Irrespective of contrary administrative-law or judicial legal remedies, you are entitled to the right to complain to a supervisory authority, particularly in the member state of your place of residence, your workplace or the location of the alleged breach, if you are of the view that the processing of the personal data pertaining to you breaches the GDPR.
The supervisory authority to which the complaint is submitted will inform the complainant about the status and the outcome of the complaint, including the possibility of a judicial legal remedy pursuant to Article 78 of the GDPR.
XI. Changes to the data protection provisions
We reserve the right to modify this Data Protection Declaration at any time with effect for the future, in order that it always conforms to the current legal requirements or in order to incorporate changes to our services in the Data Protection Declaration, e.g. if we introduce new services. For this reason, please look again at the Data Protection Declaration during your next visit.