Information about Data Protection
The protection of your personal data is very important to us. Your personal data is only handled in accordance with the law, in particular the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
The controller responsible for data processing on this website is:
GÖRG Partnerschaft von Rechtsanwälten mbB
50679 Cologne, Germany
Tel.: +49 221 33660 0
Fax: +49 221 33660 80
Email: koeln [at] goerg.de
2. Data protection officer
Our Data Protection Officer can be contacted as follows:
GÖRG Partnerschaft von Rechtsanwälten mbB
Data protection officer
50679 Cologne, Germany
Tel.: +49 221 33660 0
Email: dsb [at] goerg.de
3. Processing personal data, purposes, legal basis for processing and storage period
We process your personal data as follows when visiting our website or when interacting with us via our website or by email:
A) Data collected automatically when visiting our website
When visiting our website our website’s server is automatically sent data and technical information from the browser of your device. The following information is temporarily stored in a log file until it is automatically erased: IP address of your device, name and URL of the requested file, access sta-tus/HTTPS status code, the browser of your device.
These log files are erased from the server after 7 days and after 3 months from our back-ups.
We collect and use this information to provide the user with a seamless connection to our website and for (network) security and stability purposes.
The legal basis for processing is Article 6 (1) (f) GDPR. Our legitimate interest results from the aforementioned purposes. Under no circumstances will this data be used to draw conclusions about your personal identity. This data is not stored with other personal data.
B) Using our contact form and contacting us by email
You can always contact us using the form provided on our website if you have any questions. As well as your title, first name, surname and the name of your company you must provide a valid email address so we know who the enquiry came from and answer it accordingly. Further infor-mation can be provided voluntarily. The data provided in the contact form is always transferred to us in an encrypted format and only processed by us to answer your enquiry. Even if you contact us by email we will only process the data you provide to answer your enquiry.
The collected personal data will be erased directly after your enquiry has been resolved, provided it is not further required for other purposes (such as commencing or implementing a contract with you, statutory retention obligations, documentation and compliance purposes within the scope of the statute of limitations). Email correspondence will be archived in accordance with the principles of properly maintaining and storing records and documents in electronic form and for data access (GoBD). Archived emails will be automatically erased after 10 years.
Data is processed in accordance with Art. 6 (1) (a) GDPR on the basis of your consent which you provide when contacting us.
C) Registering for our newsletter
You can register on our website to receive newsletters from various areas of law. Providing a valid email address is sufficient to receive the newsletter. Further information can be provided voluntari-ly. The double-opt-in process is used for registration for your security. This means we will first send an email to the email address you have provided us with. Your newsletter subscription will only become active when you click on the confirmation link contained in this email. This process elimi-nates the possibility of a third party registering you against your will.
Data for the purpose of sending the newsletter is processed on the basis of your consent and for the duration of your consent in accordance with Art. 6 (1) (a) GDPR. You may withdraw your con-sent at any time with effect for the future. There is an unsubscribe link for this purpose contained in every email you receive from us. Alternatively, you may send an email to marketing [at] goerg.dedata-anytype="link" data-anytype-button-style="primary" data-anytype-shape="email" data-anytype-show-as-button="0" class="button-primary" at any time to withdraw your consent. This withdrawal of consent will result in your email address being deleted from the mailing list..
4. Data protection information for job applicants
If you wish to apply to us electronically, please only use our Online Career Portal. The Data Privacy Notice for Job Applicants provides further information about how your data is dealt with in these circumstances. Please refrain from applying by email as this does not guarantee that your data will be securely transferred.
The Creditor Information System (GIS) can be found on our website under “GIS”. If you are a credtor in insolvency proceedings you can use GIS to obtain information about the respective insolven-cy proceedings at any time. You can also submit your claim(s) electronically and forward it to the responsible Insolvency Administrator.
We use the following cookies on our websites:
- Session cookies: These store a session ID, with which various different requests of your browser can be allocated to the same session. This allows your computer to be recognised when you return to our website. Session cookies are automatically deleted when you close the browser.
- Persistent cookies We also use persistent cookies which last beyond one session. These cookies are automatically deleted after a preset period, which can be from 30 minutes to 13 months depending on the type of cookie.
Some cookies placed by us allow for certain functions on our website, such as monitoring whether a user has consented to tracking. Other cookies that are used for analysis purposes (see also the “Web analysis tools” section) help us to understand how visitors interact with our website. These cookies allow us to collect statistical data about the use of our website and analyse this in order to optimise our services.
Cookies essential for the smooth operation of our website are processed on the basis of Art. 6 (1) (f) GDPR and section 25 (2) no. 2 of the German Regulation of Data Protection and Privacy in Tele-communications and Telemedia Act (TTDSG) to safeguard our legitimate interests.
For all non-essential cookies your data is processed on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. We will request your consent using our cookie banner. You can specify here as to whether you want to allow non-essential cookies and if you do, which ones. You may withdraw your consent at any time with effect for the future by changing the cookie settings on our website via the cookie settings link.
Most browsers are set up to automatically accept cookies. You may deactivate the automatic acceptance of cookies via your browser, or set up your browser to inform you as soon as cookies have been sent.
7. Web analysis tools
We use Piwik Pro on our website, a web analysis service from Piwik Pro GmbH, Kurfürstendamm 21, 1719 Berlin, Germany (“Piwik Pro”). We have entered into a Data Processing Agreement with Piwik Pro in accordance with Art. 28 GDPR.
If you have agreed in our cookie banner to accept analysis cookies, Piwik Pro will place persistent cookies which are stored on your device to enable the analysis of your use of our website. In addition to your IP address, information collected by the analysis cookies includes the number of times you accessed a particular sub page of our website, the length of time spent on individual pages, the website visited before accessing our website, data about the location you are accessing the web-site from (such as town or state) and the information about the conversion rate of sub pages. The data collected is stored on Piwik Pro's servers in the EU. Your IP address is anonymised by Piwik Pro immediately after collection and before it is stored so that no conclusions can be drawn about your personal identity. Analysis cookies are stored for anywhere between 30 minutes and 13 months. If a user gives their consent for tracking in the cookie banner this consent is stored for 12 months using a specific cookie.
As already explained, you may completely reject the placement of analysis cookies and withdraw previously given consent at any time (see the “Cookies” section).
We process the data we collect using analysis cookies on the basis of your consent as per Art. 6 (1) (a) GDPR and section 25 (1) TTDSG.
8. Our company profile on social media and other online platforms
Within social networks and platforms (such as LinkedIn, Spotify, Podcast.de, XING, YouTube and Instagram hereinafter "networks") we are represented with our company profile. Personal data may be collected when using the respective networks. The terms and conditions and privacy policies of the respective network operators apply. We would like to point out that you use the networks and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered in our company profile there on our website.
A list of the networks we use, as well as a link to the respective privacy policies, can be found here:
- LinkedIn: https://de.linkedin.com/legal/privacy-policy?
- Podcast.de: https://www.podcast.de/datenschutzerklaerung
- Spotify: https://www.spotify.com/de/legal/privacy-policy/
- XING: https://privacy.xing.com/de
- Instagram: https://privacycenter.instagram.com/policy/
- YouTube: https://policies.google.com/privacy?hl=de
A) Processing of user data
The networks are online services with different focuses. In some cases, their primary purpose is to share photos and videos, and in others they offer other information as well.
When you visit our company profile on the network in question, the network operator regularly collects data from you, including your IP address and other information available on your terminal device (information about your terminal device, your location, your login data, etc.). The data collected from you when using the network will be processed by the relevant network operator and, if applicable, assigned to your user account. We have no influence on this processing by the network operators. The networks are used by the visitors on their own responsibility.
Based on the collected user data, some network operators conduct analyses for their own purposes. In addition, they provide us as the operator of the company profile with statistical evaluations of user behavior. We receive the data only as statistical evaluations or in anonymized form. Such use of analysis tools by us takes place on:
- Instagram (via "Instagram Insights") Information on how the tool works can be found at: https://help.latest.instagram.com/788388387972460?helpref=hc_fnav
We have no influence on the processing by the network operators.
The following applies with regard to "Instagram Insights":
We, as the operator of the company profile, are joint controllers together with the network operator pursuant to Art. 4 No. 7 DSGVO. The network is operated by: Meta Platforms Ireland Ltd, 4 Grand Central Square Grand Canal Harbour, Dublin 2, Ireland. We have concluded a corresponding agreement with the operator. For more information, please visit: https://help.instagram.com/581066165581870/?helpref=hc_fnav. With the agreement, the operator of the social network recognizes the joint responsibility under data protection law with regard to so-called insights data and assumes essential obligations under data protection law to inform data subjects, to ensure data security and to report data protection breaches.
C) Purposes of the processing
We operate company profiles on the networks in order to inform active users and interested parties there about our services and to communicate with them. Insofar as we receive further information in the process, e.g. due to comments, direct messages or because we are followed or our content is shared, the corresponding processing takes place exclusively for the purpose of communication and interaction.
The respective network operators use the collected data, among other things, to improve their advertising systems. You can find more information in the respective data protection notices of the network operators. For us as the operator of the company profile, the evaluations enable us to obtain statistics that are generated on the basis of visits to our company profile. This enables us to control the marketing of our activity or to place targeted interest-based advertising.
D) Legal basis
Any processing of personal data by us serves our legitimate interest pursuant to Art. 6 (2) p. 1 lit. f DSGVO. Our interest consists in the perception of our business objectives. Through the networks, we can provide applicants, interested parties, clients, business contacts and other persons with insights into our company as well as our services and thus improve the perception of our company.
E) Transfer of data
The network operators may transfer your data to countries outside the European Union (third countries). We have no influence on the type and scope of the data processed by the network operators, the type of processing and use or the transfer of this data to third parties. In the case of transfer to third countries (in particular to the USA), there is a risk that an adequate level of data protection may not exist in these countries and that authorities there may gain access to your data without you having sufficient legal remedies against this.
A transfer by us does not take place in accordance with section 10. of this notice.
F) Data subject rights
For data processed by us, you are entitled to all of the data subject rights listed in sections 13. and 14. above. With regard to the "Instagram Insights", we ask that you direct corresponding requests directly to the network operator. The latter has the direct possibility to influence the processed data. If you nevertheless direct your request to us, we will of course contact the network operator. You can also file an objection for Instagram using the form provided on Facebook (https://www.facebook.com/help/contact/1994830130782319).
9. Recipients of your data
In some circumstances it may be necessary for us to disclose your personal data to third parties. This includes the following categories of recipients:
- IT service providers (in particular hosting providers for the provision of this website, web analysis providers, operators of social networks, service providers who maintain our IT systems).
- Other service providers who support us with our business activities (such as advertising agencies, lettershop services, shipping companies, company/tax consultants and auditors).
- Other GÖRG companies.
- Public authorities, courts and other public bodies.
We only disclose your personal data to third parties where and to the extent that this is required and permitted by law or we are subject to a legal or statutory obligation to do so.
10. Transfers to third countries
Your personal data is not transferred to third countries outside of the EU.
11. Security, communication by email
We place great importance on the security of our data processing systems and our website. We therefore use modern data storage and security technology to best protect your data. Our security measures are continuously improved in line with technological developments.
256 bit SSL encryption technology is used on this website. Your data is always transferred in an encrypted format.
If you contact us by email please be aware that emails can be read or altered by unauthorised persons in transmission and this may not be detected. We also use spam filter software to filter out unwanted emails. This spam filter may result in emails being rejected if they have been falsely identified as spam emails due to certain characteristics. If you wish to send us confidential infor-mation we recommend you use the postal service or fax the documents to us.
If our website also contains links to external third party websites whose content we do not have any influence over which we nevertheless make available for use as “third party content”, we do not assume any liability for this third party content as we do not have any influence over it. The respective provider or operator of these websites is always responsible for the content of the linked web pages. The linked web pages were inspected for any legal violations at the time the links were created. No illegal content was apparent at the time that the links were created. However, it is not possible for us to permanently monitor linked web pages without any specific indications of a legal infringement. We will remove such links immediately upon being notified of such an infringement
13. Right of access, right to object and other rights
You are entitled to request access to your personal data we store at any time (Art. 15 GDPR). You also have the right to have your inaccurate personal data rectified and incomplete data completed (Art. 16 GDPR).
You have the right to have your personal data erased or to have its processing restricted (blocked) within the limits of the statutory provisions (Art. 17 and 18 GDPR). In addition, you have the right to receive your personal data that you have provided us with in a structured, commonly used and machine-readable format or to have this data transmitted to another controller in accordance with Article 20 GDPR.
You may also object to the processing of your data, provided the requirements of Art. 21 GDPR have been met. In addition, you may withdraw your previously given consent at any time with future effect in accordance with Art. 7 (3) GDPR.
Please contact us in writing, by fax or email at dsb [at] goerg.dedata-anytype="link" data-anytype-button-style="primary" data-anytype-shape="email" data-anytype-show-as-button="0" class="button-primary" to exercise your rights. Please note that we process your personal data in accordance with Art. 6 (1) (f) GDPR to process an application or for identification purposes.
14. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a Data Protection Authority in accordance with Art. 77 GDPR if you consider that the processing of your personal data was not lawful. This may be made, for example, to the Data Protection Authority responsible for us:
Office for Data Protection and Freedom of Information for the State of North Rhine-Westphalia, Kavalleriestr. 2-4, 40213 Düsseldorf, Germany