Privacy Policy
This privacy policy applies to the processing of your data, namely your personal data, on the website “kanzlei-raimer.com” including subpages (platform). The party responsible for data processing is Rechtsanwalt (Attorney-at-Law) Daniel Raimer based in Düsseldorf, Germany (operator). You can find the operator’s contact details in the legal notice (Impressum) linked on the platform. The platform serves to inform you about the operator’s activities and to enable communication with the operator. You can access the content of this declaration at any time via the subpage linked on the platform and also save or print it using the corresponding function of your internet browser.
A. Preliminary Remarks
The operator takes the protection of your data seriously and complies with data protection laws. These laws protect natural persons with regard to the processing of personal data. Personal data means all information relating to an identified or identifiable natural person. Such data will only be processed to the extent necessary for contract execution or for the provision and improvement of the platform. Processing only takes place as specified below, in a separate declaration/consent, by order of authorities or courts, or if otherwise legally provided. As a rule, data is processed by the operator within the member states of the European Union (EU) or the European Economic Area (EEA). In particular, the internet servers used by the operator for data processing are located in EU member states. Your data may be transferred to technical service providers who process the data on behalf of the operator (hosting/support). Such processors act on the operator’s instructions and are also obliged to maintain data protection. A transfer to a third country or an international organization only takes place as specified below, in a consent, or if otherwise separately indicated.
B. Data Processing
Your data may be processed depending on whether you use a form or not. Form-related data are those you provide in a form on the platform. Form-independent data are those that are generated during your visit to the platform, even without filling out a form, and are stored on the operator’s servers.
I. Form-Related Processing
The data you provide in a form on the platform will be processed when you use the form, namely after submitting it. This may particularly involve data used to contact the operator. Personal data you transmit via a designated form will be encrypted and sent to the operator’s servers.
1. Contact
If you contact the operator via a form, the data you provide in the contact form will be transmitted encrypted to the operator. The personal data you transmit will generally only be used to process your inquiry, including any follow-up questions. Responses are generally provided by email, which is also transmitted in encrypted form, provided your mail service provider supports this. The same applies if you contact the operator via email instead of using a contact form. After your inquiry has been processed in full, including related activities, your personal data provided via the form or in an email will be deleted. This does not apply if the data are still required for contract execution, including the assertion, exercise, or defense of legal claims (until the statute of limitations has expired), or if statutory retention obligations prevent deletion (tax, commercial, or professional law retention obligations). Where possible, further processing of the data will be restricted until then.
2. Other
Data you provide in other forms will be transmitted to the operator’s servers. This may particularly include search forms. Such data will only be processed for the search and not stored any longer. As a rule, the forms do not require personal data. You should therefore not provide such data.
II. Form-Independent Processing
The data required by the operator for the provision or improvement of the platform are processed independently of forms. These may particularly include cookies and statistical data. The data are generally transmitted in encrypted form.
1. Logfiles
To ensure the security and functionality of the platform (e.g., defense against attacks), an access log (logfile) is created on the operator’s servers. The log records data on access to the platform. This includes the data transmitted by your browser when establishing a connection with the server, i.e., your IP address, the time of access, the address (URL) accessed, whether access was successful, and the size of the data transmitted by the server. If transmitted by your browser, the log also records the previous address (referrer) as well as information on your operating system and browser (e.g., version); you may prevent the transmission of this data via your browser settings. Logfiles are deleted at regular intervals after collection. Before deletion, they may be statistically evaluated. Logged data are stored separately from other data you provide on the platform and are not combined with them. The statistical analysis of logfiles does not allow personal identification.
2. Cookies
The platform may use so-called cookies. These are small text files or simple database entries stored by your browser. The data in cookies can only be read by the platform that stored them. Cookies serve to make websites more user-friendly and secure. If cookies contain security-related data, the platform generally uses so-called session cookies. Such cookies can ensure, for example, that no other user can access data you have provided in a form or stored in the debtor portal. Session cookies are deleted at the end of each visit to the platform, e.g., when you close your browser. Other cookies are deleted no later than six months after the last use of the platform. Cookies generally only store pseudonymous identifiers and no other personal data. The cookies used by the platform do not harm your device (e.g., computer/tablet), and in particular, they do not contain viruses. You may prevent the storage of cookies via your browser settings; in this case, however, you may not be able to use all functions of the platform in full. The same applies to the deletion of stored cookies.
3. Analytics
The platform may integrate Google Analytics. This is a web analytics service provided by Google, where data processing is carried out by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The service uses cookies to analyze platform usage. The generated information may be transmitted to Google servers in the USA. However, the operator has activated IP anonymization for this platform. Before transmission to the USA, your IP address is generally truncated within the EU or the EEA. Transmission takes place in encrypted form. The service processes the information to evaluate user behavior on the platform on behalf of the operator, to create statistics on platform usage, and to provide the operator with further services in this context. The information is not combined with other personal data you provide on the platform. Statistical analysis by the operator does not allow personal identification either. Where data are transferred by Google to affiliated companies in the USA, these companies are certified under the EU-U.S. Data Privacy Framework, for which the European Commission has determined the existence of an adequate level of data protection. The information is only stored temporarily. The cookie and thus the link to your platform usage will be deleted no later than six months after your last visit.
You may withdraw your consent to the integration of the web analytics service at any time via the linked button. After withdrawal, Google Analytics will no longer analyze data during your use of the platform. You can prevent the storage of cookies or delete stored cookies via your browser settings. This means that Google Analytics will not recognize you on your next visit to the platform. Independently of this platform, you can prevent data collection and processing by Google Analytics by installing the linked browser plugin. For further information, please refer to Google’s linked privacy policy.
4. External Resources
The platform may integrate resources that are retrieved from external servers. Such servers are operated independently by third parties. Resources may include fonts, program scripts, and similar content. Retrieval serves to improve delivery efficiency of the platform and generally takes place via an encrypted connection. No personal data are transmitted by the platform to the servers of third parties during integration. Technically, however, retrieval means that your IP address is transmitted to the server. Depending on your browser, further data may also be transmitted, which is beyond the operator’s control. The integrated resources are located on servers in the EU, the EEA, or in a third country. Transmission to a third country only takes place if the European Commission has determined the existence of an adequate level of data protection for that country. If the third country is the USA, transmission only takes place if the server operator is certified under the EU-U.S. Data Privacy Framework. You can determine which resources are involved in your visit to the platform via your browser’s network monitor. In particular, this may include: fonts on servers operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, in accordance with their privacy policy.
C. Legal Bases
The statutory provisions for data protection are found in particular in the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). If you have given consent to data processing, this also constitutes the legal basis for processing data for the purposes you consented to (Art. 6 para. 1 lit. a GDPR). If processing is necessary for the initiation or performance of a contract (contract execution), this constitutes the legal basis (Art. 6 para. 1 lit. b GDPR). This may particularly involve initiating contracts with you as a client. Otherwise, the legal basis for data processing is the pursuit of the operator’s legitimate interests (Art. 6 para. 1 lit. f GDPR). This may particularly involve the operator’s economic interest in running the platform. If the operator engages a processor, the legal basis is the contract on processing between the operator and the service provider pursuant to Art. 28 GDPR, in conjunction with the legal basis otherwise applicable to the processing of the data. The operator does not engage in automated decision-making including profiling within the meaning of Art. 22 GDPR.
D. Your Rights
If you are affected by the processing of your personal data, you are entitled to rights against the controller under data protection law. You may contact the operator at any time to exercise these rights, e.g., by email using the address provided in the legal notice. The same applies to other questions regarding data protection by the operator.
Right of Withdrawal: Pursuant to Art. 7 para. 3 GDPR, you have the right to withdraw consent to data processing at any time. Withdrawal of consent does not affect the lawfulness of processing carried out based on the consent before withdrawal.
Right to Object: Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you. This also applies in particular to objections against processing for direct marketing purposes.
Right to Lodge a Complaint: Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates statutory provisions. The supervisory authority responsible at the operator’s location is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI). The contact details are provided on the linked LDI website. Your right to lodge a complaint with another supervisory authority remains unaffected. The right to lodge a complaint also applies without prejudice to other remedies.
Right of Access: Pursuant to Art. 15 GDPR, you have the right to request information from the operator. In addition to other information, most of which you can already find in this declaration, this right particularly includes a copy of your personal data being processed. The restrictions of § 34 BDSG also apply.
Right to Rectification: Pursuant to Art. 16 GDPR, you have the right to request the operator to correct inaccurate personal data concerning you without delay. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data – including by means of a supplementary statement.
Right to Erasure: Pursuant to Art. 17 GDPR, you have the right to request the operator to erase personal data concerning you. If the data need not be erased, you may instead request restriction of further processing. The restrictions of § 35 BDSG also apply. The right to erasure includes the so-called right to be forgotten.
Right to Restriction: Pursuant to Art. 18 GDPR, you have the right to request the operator to restrict the processing of your personal data. Apart from storage, the data may then generally no longer be processed.
Right to Data Portability: Pursuant to Art. 20 GDPR, you have the right to portability of the personal data concerning you, which you have provided to the operator. Your right to erasure remains unaffected.
Right to Notification: Pursuant to Art. 19 GDPR, the operator will notify all recipients to whom your personal data have been disclosed of any rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. The operator will inform you of such recipients if you so request.