Privacy Notice

When you visit our website, your browser will contact our web server to find the page you want to visit. In this context, personal data such as your IP address will be transmitted to us by your browser (i.e. HTTP/S-requests). The connection data is processed by our web server to enable access to and display of our website.

Our web server automatically stores a log of the pages you visit (known as "log files" or "session logs"). We use these log files to ensure the security of our website, in particular to prevent unauthorised intrusions into our website and to enable us to exercise our legal rights and obligations in relation to such unauthorised intrusions.

We also analyse session logs in order to optimise our website. The analysis as such takes place in anonymous form, so that the results do not allow any conclusions to be drawn about you as an individual.

The legal basis for processing your data when surfing our website regularly depends on the purpose of your visit. Insofar as you wish to inform yourself about our offers on our website and, if applicable, contact us for an assignment, the legal basis is Art. 6 para. 1 lit. b) GDPR (initiation of a contract). For general information purposes in other respects, the legal basis is our legitimate interest in operating a website for general information and communication purposes and for presenting our law firm, and your legitimate interest in viewing it (Art. 6 para. 1 f) GDPR). The processing of log files is based on our legitimate interests according to Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to protect our facilities and systems from attacks and, if necessary, to take legal action against attackers, as well as to further develop our websites for economic purposes.
 

Our IT department has access to log files and will share them with our internal and external recipients, including the appropriate authorities, as necessary to exercise our legal rights regarding unauthorized intrusions into our website.

Our website is operated via servers of the company "NetBuild GmbH", Alfred-Nobel-Allee 38, 66793 Saarwellingen, which acts as a service provider for hosting services on our account (Art. 28 GDPR).

We do not transfer your personal data to any third country or international organisation in connection with your visit to our website.

The log files are stored for 14 days. All other data is deleted immediately after the HTTP/S call has been executed.

Without the processing of the aforementioned personal data, you will not be able to view or visit our website.

We use the map service "Google Maps" on our website. We have marked the location of the law firm in Cologne on Google Maps and embedded this map on our website under "Contact".
The company Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) acts as controller within the meaning of the GDPR. We have no access to the data collected by Google as part of the map service. Any data processing is solely determined by Google. In the interest of the best possible transparency, we would nevertheless like to provide you with some information on data processing in connection with the Google Maps service. For more information, please refer to Google's privacy policy (available at policies.google.com/privacy ).

We have marked the location of the law firm in Cologne on Google Maps and embedded this map on our website under "Contact" to enable visitors to find the location quickly and to render our website more attractive.
 

From Seitz's perspective, the processing of your personal data in connection with the Google Maps service serves legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to optimise our website to promote our business purposes and to enable visitors to quickly find the location of the law firm in Cologne. For more information on the legal basis for the processing of your personal data, please refer to the privacy policy of Google as the Controller (available at policies.google.com/privacy).
 

We do not have access to your personal data in connection with the Google Maps service and do not share any information with third parties. For more information about how Google, as the controller, shares your personal data, please see Google's privacy policy (available at policies.google.com/privacy).
 

We do not transfer your personal data in connection with the Google Maps service to a third country or an international organisation. If the Google Maps service connects to servers of Google as the controller and personal data is transmitted by you for this purpose, you will find further information on this in the Google privacy policy (available at policies.google.com/privacy).
 

We do not store any personal data in connection with the Google Maps service. Further information on the storage of your personal data by Google as the controller can be found in Google's privacy policy (available at policies.google.com/privacy).

You are not obliged to provide your personal data. However, without processing your personal data, the use of our website seitzpartner.de and the map service Google Maps embedded on the website is not possible.
 

We maintain social media presences on various platforms (e.g. LinkedIn, Talent Rocket).

In this context, the respective platform operator is primarily responsible under data protection law (controller). Information about data processing can be found in the respective social media providers’ data protection notices:

LinkedIn: https://de.linkedin.com/legal/privacy-policy

TalentRocket: https://www.talentrocket.de/datenschutz

Seitz acts as joint controller under data protection law (Art. 26 GDPR) with the operator of the social media platform for the following processing operations:

• Evaluation of statistics on the usage behavior of visitors. This data is regularly only available to us anonymously.
• Interacting with our social media team or responding to our posts (e.g. through comments, likes, etc.).

Visits to our social media sites, user statistics

When you visit our social media sites - regardless of whether you are logged in - the respective social media provider collects personal user data (usage data), some of which is shared with us in the form of user statistics. However, we do not have full access to collected data or your profile data.

For example, the following information may be provided to us anonymously:

• Followers/fans etc.: Development of the number of people who follow Seitz.
• Reach: e.g. number of people who see a specific post.
• Ad performance (if relevant): How many people have seen an ad?
• Demographics: average age of visitors, gender, place of residence, language.

However, we cannot draw any conclusions about individual users from the usage data. Statistics are only used to improve the online offer on our social media sites and to better respond to user interests.

Interaction

If you interact with us via the social media presences, e.g. by sending us an application or other message or commenting on posts, the corresponding content of the interaction will be processed by Seitz. In addition, Seitz may be able to see the public information of your profile, which you can manage yourself. 

The legal basis for the above-mentioned processing by Seitz in connection with job applications is generally Section 26 para.1 sentence 1 of the German Data Protection Act - BDSG (necessity for the decision on the establishment of an employment relationship). 

Apart from that, Art. 6 para. 1 lit. f) GDPR (our legitimate interest to conduct business correspondence or e.g. to answer inquiries about us as an employer) is the legal basis for the processing.

Your data will only be used or forwarded by us internally by the respective responsible persons. For information on who is involved in the processing of data at the respective social media provider, please refer to the privacy policy of the respective social media network.
 

We do not transfer your personal data to any third country or international organization in connection with our social media presences.

It is possible that an operator of social media platforms connects to servers in third countries (e.g. USA) as part of its services and transmits your personal data there. You will find information on this in the privacy policy of the respective social media provider.

As a matter of principle, we do not store any personal data on the servers we use in connection with our social media sites, except in the cases mentioned below in which we process your information internally (direct communication, e.g. applications). In these cases, the explanations given in section 7 apply to job applications, and the explanations given in section 8 apply to other communication. 

We also regularly have access to the data stored by the respective social media platform. For more information on the storage of your personal data by the operator of the social media platform itself, please refer to the privacy policy of the respective social media provider.

You are not obliged to provide your personal data. However, without processing your personal data, the use of our social media presences is not possible or only possible to a limited extent.

We process personal data in relation to a legal matter ("Mandate Data") for certain specific purposes, including:

• for providing Advice to our clients and processing the mandate
• for compliance with our obligations under applicable laws and regulatory requirements in the jurisdictions in which we operate
• for operational purposes (e.g. keeping internal records, bookkeeping, invoicing and tax compliance)
• for the fulfilment of certain legal obligations (e.g. disclosure obligations and compliance with court orders, if applicable)

Depending on the circumstances of the case, personal data of different data subjects may be processed, including data of:

• Clients and their respective mandate holders, representatives, and employees
• Counterparties or contractual partners of our clients and their respective mandate holders, representatives, and employees
• Other advisors, consultants and freelancers dealing with the mandate, as well as their respective mandate holders, representatives, and employees
• Our partners and employees
• Third parties such as court personnel, witnesses and other natural persons involved in the mandate.

Depending on the nature of the mandate and the information provided to us or obtained in the course of the mandate, Mandate Data may include different types of personal data. The types of personal data we normally process in relation to a mandate include client contact details and communications data.

Depending on the mandate, we also process "special categories of personal data" within the meaning of Article 9 para. 1 of the GDPR (e.g. health data) and personal data relating to criminal convictions and offences or related security measures within the meaning of Article 10 of the GDPR. Of course, we limit the processing of personal data and in particular sensitive personal data to the minimum necessary..

• The basis for the processing of client data by us is usually our legitimate interests in providing our (Advisory) services to our clients (Art. 6 para. 1 lit. f) GDPR). This processing is also necessary to protect the legitimate interest of our clients in receiving advisory services and, if applicable, representation by us.
• We also have a legitimate interest in processing client data in order to fulfil certain obligations in connection with the operation of our firm, such as maintaining our client relationships and record keeping and invoicing and for tax purposes (Art. 6 para. 1 lit. c) GDPR).
• We also process client data to comply with our legal obligations under applicable laws.

We process special categories of personal data where necessary:

• for the assertion, perception, or defence of legal claims,
• on the basis of your consent,
• in the context of labour law and social security law,
• in the context of personal data published by the data subject

and/or for reasons of public interest in connection with a statutory provision.

In connection with a mandate, our clients normally provide us with personal data which we need to process the mandate in our capacity as legal advisors.

However, we may obtain certain personal information from other sources, such as public records and databases, judicial and public records, and our communications with third parties and other counsel involved in the matter.

In the course of our work on a mandate, we share certain personal data where necessary and subject to appropriate conditions of confidentiality and data protection:

• if necessary, on a case-by-case basis, with other freelance consultants, including those working with us on a mandate
• with other parties who supply goods or provide services to us for the purpose of supporting our work on a mandate (e.g. providers of legal technology) or in connection with the administration of Seitz's activities in the normal course of the firm's business; and/or
• with our freelance consultants and insurers if the provision of their services is necessary for us.

Where applicable, we share business development data within our seitz.global network and with certain third parties who assist us in managing our activities in the regular course of our partnership. Appropriate safeguards for the transfer of personal data are provided through standard contractual clauses. This processing is based on your consent or that the transfer complies with data protection law for other reasons. In addition, we at Seitz have established binding data protection and information security policies that govern all of our internal data processing operations.

We only retain personal data for as long as there is a legitimate reason or other legal ground for doing so, and we will review these legal grounds regularly. We regularly review the existence of a reason for retention. If there is no longer a legal reason to retain the data, we will securely delete or in some cases anonymise personal data.
 

If you do not provide us with your personal data, we will not be able to carry out the contractual relationship or fulfil the above-mentioned communication purposes.

In carrying out our partnership business, we promote our business development with existing and potential clients and other relevant third parties in a number of ways. For these purposes, we process certain "business development data", such as:

• Contact details (e.g. name, business address, telephone numbers, e-mail address, position)
• Data about (marketing) preferences and areas of interest and/or 
• Data on previous involvement in marketing initiatives.

This data is provided either directly by the relevant data subject or through other business contacts and sources (e.g. business information services, public registers).

The processing is based on our legitimate interest to pursue business development interests or, if applicable, to carry out pre-contractual measures that take place at the request of the data subject (Art. 6 para. 1 lit. f), Art. 6 para 1 lit. b) GDPR).

On a case-by-case basis, we share certain business development data with our business partners (e.g., cooperating law firms in our seitz.global network) and certain other parties who assist us in our business development activities in the normal course of law firm operations (e.g., marketing service providers).
 

Where applicable, we share business development data within our seitz.global network and with certain third parties who assist us in managing our activities in the regular course of our partnership. Appropriate safeguards for the transfer of personal data are provided through standard contractual clauses. This processing is based on your consent or that the transfer complies with data protection law for other reasons. In addition, we at Seitz have established binding data protection and information security policies that govern all of our internal data processing operations.

We retain personal data for as long as there is a legitimate reason or other legal ground for doing so. We regularly review the existence of a reason for retention. If there is no longer a legal reason to retain the data, we will securely delete or in some cases anonymise personal data.

If we collect business performance data directly from you, you have full discretion over how and what you disclose to us. There are no negative consequences for you if you do not provide us with business development data.
 

Application by e-mail

On our website, we offer you the opportunity to apply by e-mail for a vacancy in our law firm. Personal data such as name, contact details, training data and information on professional experience ("applicant data"), which you provide to us as part of your application, will be treated confidentially and stored and used electronically solely for the purpose of processing the application and, if applicable, for the implementation of the subsequent employment relationship. We require the data processed as part of the application process for the possible conclusion of an employment relationship or the decision on your employment. We process this personal data in order to check your suitability for the relevant position, for the purpose of processing the application and for contacting you.

Application via a social media presence

In the event of an application via social media presences, the statements made under point 4 shall apply, in particular with regard to joint controllership.

Generally, we receive all applicant data directly from you.

When we conduct pre-employment checks, we also receive data from third parties (e.g. previous employers or other references).

In general, the processing is based on the fact that we carry out pre-contractual measures upon your request as a data subject or fulfil a contract concluded with you (Art. 6 para. 1 lit. b) GDPR). Furthermore, the processing is based on relevant national regulations on data protection in the employment context (in particular Section 26 German Data Protection Act - BDSG).

Some applicant data is processed to ensure compliance with certain obligations under laws or regulations.

If we need to process special categories of personal data, we will ask for your consent where necessary.

We only pass on your data within our firm to the department responsible for your application. In addition, we will only pass on your personal data to other recipients if there is a legal obligation of notification, for example towards the authorities.
 

We retain personal data for as long as there is a legitimate reason or other legal basis for doing so. We regularly review the existence of a legal basis for retention. If there is no longer a legal basis for retaining the data, we will securely delete or in some cases anonymise personal data.

Your application data will be stored for the duration of the review of your application. If your application is unsuccessful or if you withdraw your application, your application data will be deleted unless longer retention is permitted or required by another legal basis (e.g. to exercise our legal rights or to comply with applicable law). 

Furthermore, your personal data may be retained for evidential purposes for the period during which there is a possibility that claims may be brought against Seitz (e.g. on the basis of national anti-discrimination legislation). If your application is successful, any data provided as part of the application process may be further processed for (or in relation to) your future employment with us. For more information about the processing of your personal data in connection with your employment, you will be able to access the internal privacy statement available to our staff on the intranet.

If you do not provide us with the aforementioned personal data, this will not have any negative consequences for you. However, incomplete or inaccurately completed applications cannot be considered. Unfortunately, without providing your personal data, the application cannot be submitted and will therefore be deleted.

We offer you the possibility to contact us by e-mail or via our contact form. We will process your personal data (e.g. your name, address, telephone number) in order to deal with your enquiry and store it for potential further enquiries. The content of the communication will also be stored by us in order to respond to your request.

The processing of your data in the context of communication via the contact form or by e-mail is based on Art. 6 para. 1 lit. b) GDPR, insofar as the exchange is related to the initiation or performance of a contract with you. Otherwise, the legal basis depends on the specific purpose of the exchange. In most cases, Art. 6 para. 1 lit. f) GDPR (our legitimate interest in conducting business correspondence or communicating with customers or, for example, answering inquiries about data protection) will be relevant.

We will only pass on your communication data internally to the respective department at Seitz responsible for your request.
 

We retain personal data for as long as there is a legitimate reason or other legal ground for doing so. We regularly review the existence of a reason for retention. If there is no longer a legal reason to retain the data, we will securely delete or in some cases anonymise your personal data.

You are not obliged to provide us with your personal data. However, we need the relevant data to contact you and respond to your request.
 

You have the right to object to the processing of your personal data in certain cases.

You have the right to be informed whether and, if so, to what extent we process your data.

Subject to certain exceptions, you have the right to obtain confirmation as to whether or not we are processing your personal data. If this is the case, you have a right of access to your data.

If the personal data we process is incomplete or inaccurate, you have the right to request that the data be completed or corrected at any time.

Subject to certain exceptions, you have the right to request the erasure of all or some of your personal data if you consider that processing should cease. However, there may well be reasons why immediate erasure is not possible (for example, where retention is required by legal or regulatory obligations).

You are entitled to request that we restrict the processing of your personal data in certain cases:

• If you dispute the accuracy of your personal data, you may request that its processing be restricted while we verify its accuracy.
• If the processing of your personal data is deemed to be unlawful but you object to erasure of your personal data.
• If we no longer need the data for the purposes of its processing but you need it for the assertion, exercise or defence of legal claims.
• If you object to our processing of your data on the basis of our legitimate interests.

If the processing is based on your consent or a contract and is automated, you have the right to request that we provide your personal data in a machine-readable format.

You have the right to object to decisions based solely on the automated processing of your personal data.

If your personal data is processed on the basis of your consent, you have the right to revoke your consent at any time. The revocation of your consent does not affect the lawfulness of the processing based on your consent until your revocation.

This includes all applicable laws, rules, orders, statutes and regulatory requirements, as well as ordinances and executive orders of governmental or judicial authorities, in each case in the version valid at the respective point of time.

Refers to an independent public authority established under Article 51 GDPR.

Refers to all advisory services provided by us, including legal and tax advice services.

According to Art. 9 GDPR, this term relates to personal data that allows conclusions to be drawn about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data in the sense of a unique identification of a natural person, data relating to health or data relating to the sex life or sexual orientation of a natural person.

A cookie is a small text file consisting of letters and numbers that - if you agree - is stored on your browser or your computer's hard drive. Cookies contain information that is transferred to your computer's hard drive.

Refers to all applicable laws, rules and regulatory requirements relating to the processing of personal data, including, where applicable, the GDPR (and any laws, rules and regulations implementing the foregoing).

This is a country which is not a member of the European Union or the European Economic Area or which is not covered by the European Commission's "adequacy decision".

Stands for the EU General Data Protection Regulation (Regulation (EU) 2016/679), including national implementing laws.

Designates Seitz Rechtsanwälte Steuerberater Partnerschaftsgesellschaft mbB, Aachener Str. 621, 50933 Cologne, Germany

Refers to Seitz's international cooperation network, which bundles the memberships in the international lawyer network LAW as well as the employment law specialized network Innangard.

Is a matter in respect of which we agree to provide advice or services to a client.

Has the meaning given to that term in Section 5 of this Privacy Policy (Advising Our Clients).

Is any information that relates to an identified or identifiable living person.

A collection of contractual clauses recognised and approved by the European Commission (Decision 2004/915/EC) as appropriate safeguards for transfers of personal data to a third country.

Telemedia Act of 26 February 2007 (BGBl. I p. 179) as amended.

This is the legal or natural person who alone or jointly with others determines the purposes and means of the processing of personal data.

Means anything done to or with personal data (including, without limitation, collecting, recording, holding, disclosing, transmitting, making available, using or deleting such data).