Contents

Data Protection

In this data privacy statement, we provide you with detailed information regarding the treatment of your data collected by us in connection with our website with the URL, https://de.schindhelm.com, (hereinafter the “Website”).

1. Responsibility

The ”controllers” under data protection law are the following Schindhelm partnerships 

(hereinafter, collectively, “Schindhelm Partnerships”, or “we”).

2. Contact details of our data protection officers

You can contact the data protection officers of all Schindhelm Partnerships at . Individually, you can contact the data protection officers as follows:

  • Hanover office:
  • Osnabrueck office:
  • Duesseldorf office:

3. Access to our Website

We automatically collect and store “log file data”, which your browser transmits to us. These are:

  • browser type/version,
  • operating system,
  • URL of the website visited before,
  • URL of the website called up by you on the Website,
  • IP address of the accessing terminal device,
  • name and URL of the requested file,
  • the transferred data volume,
  • the notification whether the access was successful, and
  • date and time of the retrieval of the Website.

 The collection of those data is necessary for technical reasons. Unfortunately, the Website cannot be used without the provision of your IP address. Such data collection takes place prior to entering into a contract and for the purposes of our legitimate interests to show you the content of this Website.

4. Cookies

When using our Website, cookies will be generated and used, provided that you have given us your consent to do so through our banner. “Cookies” are small text files which are transmitted from our web server to the browser of your terminal device and will be stored there. Mostly, the browser of your terminal device will be set such that the creation and storage of cookies will be accepted. You can prevent the storage of cookies by setting your browser accordingly.

These are the following cookies:

Name

Description

Storage period

version

Determines whether the mobile or desktop version of the Website will be displaced first at future visits.

1 week

ga-disable-

Opt-out cookie which prevents the future collection of the data through Google Analytics when accessing the Website, so long as the Cookie is not deleted

Until 1 December 2100

You can set your browser such that you are informed when cookies are set and decide individually whether or not to accept them, or exclude the placement of cookies for specific cases or generally. Should cookies by deactivated, this may, however, result in a limited functionality of the Website.

The following third-party cookies will be set:

Name

Description

Storage period

_et_coid
Cookie detection etracker Analytics.

2 years
_ga
Anonymous ID to analyse page visits in Google Analytics

2 years
_gat
Cookie to reduce the request requirements.

10 minutes

Tracking Cookies
Google Analytics

Our Website also uses the web analysis service, Google Analytics, of Google  Ireland  Limited,  Gordon  House,  Barrow  Street, Dublin  4,  Irland (“Google”). To this end, Google uses cookies which facilitate an analysis of your use of the Website. From those data, usage profiles may be created under a pseudonym. By the cookies, your browser can be remembered. The collected data will not, however, be used to identify you as a person and will not be aggregated with your personal data

The following cookies will be set and used:

Name

Description

Storage period

_ga

Anonymous ID to analyse page visits in Google Analytics

2 years

_gat

Cookie to reduce the request requirements

10 minutes

The data collected by Google will normally be transmitted to a server of Google in the USA and will be stored there. Google will use that information on our behalf to compile reports on your use of the Website and to provide other services to us relating to website activities and Internet usage.

The analyses of the use of the Website carried out by Google and etracker serve the joint purpose of the Schindhelm Partnerships to optimally adapt the Website to the needs and wishes of the users of the Website.

Google acts under the “EU-US Privacy Shield” and has obtained the relevant certification (Article 46(2)(f), in conjunction with Article 42(1), of the GDPR). 

To warrant an anonymised collection of IP addresses, the source code of Google Analytics was expanded by the code, “_anonymizeIP”. Thereby, the IP addresses will only be processed in a shortened form to exclude a personal reference. The IP address transmitted by your browser in connection with Google Analytics will not be aggregated with other data of Google.

Through a link in the cookie banner, you have the option to obtain additional information regarding the individual cookies. You can prevent the collection of the data relating to your use of the Website (including the IP address) and their processing by Google not only through your browser settings, but also by downloading and installing the browser plug-in which is available at the following link:

http://tools.google.com/dlpage/gaoptout?hl=de.

By clicking the link, on opt-out cookie will be set, which prevents the collection of your data by Google.

Please do not delete the opt-out cookie so long as you wish to keep up your objection.

Further information regarding the terms of use and data privacy of Google is available at the following links: 

http://www.google.com/analytics/terms/de.html

http://www.google.com/intl/de/analytics/learn/privacy.html  

http://www.google.de/intl/de/policies/privacy

eTracker

We also use the analysis service, etracker, which is offered by etracker GmbH, Erste Brunnenstraße 1 20459 Hamburg, Germany (“etracker”). etracker set cookies, by which the user behaviour can be identified and analysed. The data are collected and processed anonymously.

You can object to the collection and storage of data at any time with effect for the future. To object to the collection and storage of your visitor data with effect for the future, you can obtain an opt-out cookie from etracker, which prevents the collection and storage of visitor data of your browser by etracker in future: http://www.etracker.de/privacy?et=V23Jbb

Thereby, an opt-out cookie with the name, "cntcookie", will be set by etracker. Please do not delete that cookie so long as you wish to keep up your objection. Further information is available in the data privacy statement of etracker: http://www.etracker.com/de/datenschutz.html.

Further details regarding the data protection by etracker is available at the following link: http://www.etracker.com/de/datenschutz.html.

5. Contact form

Through the link, “Contact”, you have the option to send us messages. After clicking that link, you will be asked to complete an online form with your data. The data fields marked with an asterisk (salutation, first name, last name, email address and your message) are mandatory details and serve the processing of your request. Regardless of your status as a prospective client or an existing client, this serves the initiation of an attorney-client relationship, and thus the performance of pre-contractual measures or the performance of the attorney-client relationship, i.e., the performance of a contract. The other details are voluntary and will also be used for contracting purposes or to process your request, respectively. 

If an attorney-client relationship is entered into, you will be notified separately of the processing of your data collected in that context.

The data processing relating to the use of the contact form serves the joint purpose of the Schindhelm Partnerships to forward requests and suggestions to the contact who can offer the best possible service in relation to the subject matter of the request or suggestion, respectively.

If you do not provide the mandatory details, you will not receive any feedback on your request from us. If you do not provide voluntary details, this will be without any consequences. 

Please note that your request will be brought to the attention of all Schindhelm Partnerships as a result of the joint Internet presence. Should you wish to contact only one specific office or one specific colleague, please use the email address of the respective office, or the email address of the respective colleague, specified in section 1 above.

6. Newsletter subscription

If you subscribe for our newsletter on our Website under “News & Jusful”, “Newsletter Subscription”, we will collect and use your email address to inform you of current legal topics by sending you our newsletter. We use the “double opt-in” procedure for the subscription for our newsletter. This means that we will send you, after your registration, an email to the email address stated by you, in which we will ask you to confirm your registration. The email address is a mandatory detail. The other details are voluntary and will be used in order that you can be addressed personally.

The data processing relating to the sending of the newsletters serves the joint purpose of the Schindhelm Partnerships to further client loyalty and to present the firm.

If you do not provide the mandatory details, you will not receive any newsletters from us. This will not apply if you do not provide voluntary details; this will merely result in your not being addressed personally in the respective newsletter.

By subscribing for our newsletter, you have made the following declaration:

“I agree that the offices of the law firm, Schindhelm, in Hanover and Osnabrück, as well as the partnership, Schmidt Rogge Thoma Rechtsanwälte, in Düsseldorf, will inform me of current legal topics and news regarding Schindhelm no more often than once a month. I may revoke that consent at any time with effect for the future. The lawfulness of the newsletters sent up to the receipt of the revocation will not be affected thereby.”

If you no longer wish to receive the newsletter, you can unsubscribe the newsletter at any time. You may also do this by clicking the link in the newsletter or by a notification to us without any specific form, for example, by email.

7. Unsolicited job applications

Under the link, “Career”, “Job Offers” and “Unsolicited Job Application”, you have the option to send us an unsolicited job application. The text fields marked with an asterisk contain mandatory details (salutation, first name, last name, desired position, preferred location, potential commencement of the employment and form of communication). These serve the evaluation as to whether you are a potential candidate and to provide feedback on our part. The provision of those data serves the performance of pre-contractual measures. The details in the other text fields are voluntary and will also be used to process your job application.

Please note that the use of that applicant tool will result in your job application being sent to all Schindhelm Partnerships. The advantage of this is that all partnership can review whether you are a potential candidate. If you wish to apply at only one location, please use the email address of the respective office stated in section 1 above.

All data will be used to process your job application, and thus to perform pre-contractual measures. The email address is required in order that the receipt of your job application can be confirmed directly. Contact details will be used to contact you such as, for example, to agree a date for a job interview.

Your applicant data will be stored for a period of six months from the time when the desired position is filled, or for a period of six months after the rejection of an unsolicited job application, respectively. Directly after the filling of the position, the data of the applicants who were unsuccessful will be blocked for any purpose other than the clarification of any claims of applicants. In the case of unsolicited job applications, the data will be blocked after the rejection. Otherwise, applicant data will only be stored and used if you have given to us your express consent to the continued storage of the applicant data, or in the event of a legitimate interest of the Schindhelm Partnerships, for example, to furnish evidence in a lawsuit. If an employment or training contract is concluded with an applicant, the data will be stored and processed to perform the employment relationship, and thus for contractual purposes.

8. Statutory and contractual duties to provide data

The provision of any data to us is neither contractually required nor prescribed by law.

9. Further processing for the purposes of legal defence and prosecution

We may use your data for our own legal defence and prosecution as a legitimate interest. This is a purpose which is pursued by each of the Schindhelm Partnerships individually, so that each of the Schindhelm Partnerships is responsible on its own under data protection law.

10. Storage period and deletion of data

The log file data transmitted by your browser to us will be deleted after maximum 2 months from the end of the visit to the Website, or the sending of the contact request, the registration for the newsletter, or the job application, at the latest.

The data provided to us by you in connection with the use of our contact form will be deleted once your request has been fully clarified. If you have given to us your consent that your request may be forwarded within the Schindhelm Partnerships, those data will be deleted as early as upon the respective forwarding. This will not apply if you are already our client. The storage period of those data will be governed by the engagement letter entered into with you.

The data which are provided to us by you in connection with the subscription for the newsletter and which you have confirmed thereafter in connection with the “double opt-in” procedure will be deleted once you unsubscribe the newsletter. This will not apply to the voluntary details if you have provided them to us also for a different purpose. If you do not confirm your subscription for our newsletter, your email address will also be blocked, or deleted after one month, if we are not allowed to continue the processing of your email address.

The data provided to us by you for an unsolicited job application will, in the case of a rejection, deleted six months from the notification of the rejection, at the latest.

To the extent that we process your data in the event of a legal dispute for the purposes of legal defence and prosecution, those data will be stored for the duration of the legal dispute or the statutory limitation periods, respectively. While the limitation period can be up to 30 years, the regular limitation period is three years.

11. Disclosure of your data

We will only disclose your data to third parties if we are entitled, or obliged, to so do based on your consent or under applicable law. The same will apply if we receive your data from third parties, i.e., neither from you nor from business enterprises instructed by us.

An entitlement will exist both in the case where third parties collect data for us on our behalf and in the case where we disclose data to other business enterprises which process the data on our behalf.

The latter will be the case, in particular, if we do not perform our business activities (e.g., operation of the Website, preparation and sending of newsletters) ourselves but, rather, have those business activities performed by other business enterprises, and those activities relate to the processing of your data. In those cases, we have contractually bound those business enterprises in advance to use the data only for the purposes legally permitted for us. We are authorised to monitor those business enterprises in that respect.

A statutory duty will exist, for example, in the case of the disclosure of data to prosecution authorities.

12. Your rights (objection, revocation, information, correction, blocking, deletion,  transmission, complaint)  

12.1. Objection

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data by us. To do this, you can use the contact options specified in sections 1 and 2 above. If you object, we will no longer process your personal data, unless we are able to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.

12.2. Revocation

In addition, you have the right to revoke any consent given with effect for the future. The lawfulness of the processing activities based on your consent will, however, not be affected up to the exercise of the right of revocation.

12.3. Other rights

You have the right, free of charge, to be provided with information regarding your personal data stored by us, to correct inaccurate data, and to have data blocked or deleted. You also have the right to be provided with your data in a structured, commonly used and machine-readable format and to have your data transmitted by us to another person. Finally, you have the right to lodge a complaint with a supervisory authority.

With the exception of your right to lodge a complaint with a supervisory authority, you may address your relevant request to the contact details specified in sections 1 and 2 above.

13. Data security

Your personal data will be transmitted via the Internet in encrypted form. We secure the Website and the other systems by technical and organisational measures, in particular, the encryption technology, SSL (Secure Socket Layer), against any loss, destruction, access, alteration or dissemination of your data by unauthorised persons.

Taking into account the state of technology, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the likelihood and severity of an infringement of the rights and freedoms of natural persons, the Schindhelm Partnerships have implemented appropriate technical and organisational measures within the meaning of Article 32 GDPR.

The following measures will, inter alia, be taken to protect your data and to protect them against any loss, destruction, access, alteration or dissemination by unauthorised persons:

  • ensuring the confidentiality, integrity, availability and resilience of the processing systems and services;
  • ensuring the speedy restoration of the availability of personal data in the event of a physical or technical incident;
  • the implementation of procedures for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures for ensuring the security of the processing.

Please note that, while we endeavour to create a secure and reliable website for users, the absolute confidentiality of messages or materials transmitted to, or from, the Website cannot be guaranteed.