Privacy Policy

Privacy policy
Thank you for taking an interest in our website. In the following we inform you which data Schürmann Rosenthal Dreyer Rechtsanwälte (hereinafter referred to using the pronoun “we”) collects and processes, and for which purposes, when you use our website.

Icon person

1. Contact person

The point of contact and the controller for the processing of your personal data when visiting this website within the meaning of the EU General Data Protection Regulation (GDPR) is Schürmann Rosenthal Dreyer Rechtsanwälte Partnerschaft von Rechtsanwälten mbB, Berlin office, Am Hamburger Bahnhof 4, 10557 Berlin. If you have any questions, please do not hesitate to contact us. Our full contact details are available here. You are also welcome to direct your data protection concerns to our data protection officer by sending an email to privacy@srd-rechtsanwaelte.de or writing to the postal address provided in the Imprint section of this website (please mark all correspondence with: “F.A.O. Data protection officer”).

Icon website

2. Data processing on our website

a. Visiting our website. Every time you use our website, we collect the access data automatically transmitted by your browser in order to make visiting the website possible. This access data includes in particular:

  • date and time of access
  • name of the file requested
  • website from which the file was requested
  • access status (e.g. file transferred, file not found)
  • your web browser and your device’s operating system
  • the IP address of the requesting device
  • online identifiers (e.g. device IDs, session IDs).

It is necessary to process this access data to make it possible to visit the website and to guarantee the long-term functionality and security of our systems. The legal basis for this is Art. 6(1) (b) GDPR. For data protection reasons, we do not permanently store or analyse log files.

b. Contact form. We offer you the opportunity to send us messages directly by means of a contact form. This requires you to provide an email address where we can contact you. We also ask for your name so that we can address you. All mandatory fields are marked as such. We process the data you provide in the contact form in order to respond to your enquiry. The legal basis for this data processing is Art. 6(1) (b) GDPR. The data collected when you use the contact form will be automatically deleted once we have finished processing your enquiry, unless we still require your enquiry to fulfil contractual or legal obligations.

c. Newsletter. You have the opportunity to subscribe to our newsletter, which informs you regularly about specialist articles from the fields of data protection, IT and competition law, practical tips, events and lectures. When registering, we ask you to provide your email address so that we can send you the newsletter.
We use CleverReach, a service provided by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany (“CleverReach”), for sending our newsletter.
For newsletter subscriptions we use the so-called double opt-in procedure, which means that we will only send you newsletters by email if you click on a link in our notification email to confirm that you are the owner of the email address provided. If you confirm your email address, we will store your email address, the time of registration and the IP address you used when registering until you unsubscribe from the newsletter. The sole purpose of storing this data is to be able to send you the newsletter and prove that you registered.
You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. It is of course also sufficient if you notify us using the contact details provided above or in the newsletter (e.g. by email or letter). The legal basis of the above processing is your consent pursuant to Art. 6(1)(a) GDPR.

d. Google Maps. On the contact page we use the map service Google Maps, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). In order for the Google map information we use to be integrated and displayed in your web browser, when you visit our contact page your web browser must connect to a Google server, which may also be located in the USA. In the event that personal data is transferred to the USA , Google has subjected itself to the EU-US Privacy Shield. Google thus receives the information that the contact page of our website has been accessed from the IP address of your device. The legal basis is Art. 6(1) (f) GDPR, based on our legitimate interest in integrating a map service to present our offices.
If you retrieve a map service from Google on our website and are simultaneously logged in to your Google profile, Google can link this event to your Google profile. If you do not want this information to be associated with your Google profile, you must log out of Google before visiting our contact page. Google stores your data and uses it for purposes of advertising, market research and the personalised display of Google Maps. You may object to this data collection by Google.
For further information, please refer to Google’s Privacy Policy and the Additional Terms of Service for Google Maps.

e. Adobe Typekit. We use Adobe Typekit to ensure a visually appealing design of our website. Typekit is a service provided by Adobe Systems Software Ireland Ltd., 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland (“Adobe”), which gives us access to the Adobe font library. To be able to integrate the fonts we use, your web browser must connect to an Adobe server in the USA and download the font needed. Adobe thus receives the information that our website has been accessed from the IP address of your device. Adobe has subjected itself to the EU-US Privacy Shield and thus committed itself to ensuring the European data protection principles and level of data protection even in the context of data processing occurring in the USA. The legal basis is Art. 6(1) (f) GDPR, based on our legitimate interest in a visually appealing design of our website.

For further information about Adobe Typekit, please refer to Adobe’s privacy policy.

f. Applications. You can apply to us for advertised vacancies by email. The purpose of data collection here is the selection of applicants for potential employment. In order to process your application, we collect the data provided by you (usually your first and last name, email address, application such as curriculum vitae and cover letter, earliest possible date you could start work and salary expectations). We would like to point out that we cannot guarantee confidentiality if applications are sent unencrypted by email. As a rule, you can also apply for our positions by post or in person. The legal basis for the processing of your application documents is Art. 6(1) (b) and Art. 88(1) GDPR in conjunction with Section 26(1) of the German Federal Data Protection Act (BDSG).
We store your personal data upon receipt of your application. If we accept your application and we subsequently employ you, we will store your applicant data for as long as the data is necessary for your employment and as far as we are legally required to retain it. If we reject your application, we will store your applicant data for a maximum of three months after rejection of your application, unless you give us your consent to longer storage. If you have given us your separate consent, once the application process is complete we will store the data you submitted for your application in our applicant pool for a further twelve months. This will allow us to identify any further jobs which may be of interest to you and, if necessary, to contact you again. The data will be deleted after this period. You can withdraw this consent at any time with future effect by emailing us at karriere@srd-rechtsanwaelte.de.

Icon drive

3. Use of cookies and comparable technologies for usage analysis and online advertising.

To improve our website, we use cookies and comparable technologies (e.g. web beacons) for the statistical recording and analysis of general usage behaviour based on access data. In addition, we use services that process the access data generated by the use of our website in order to enable the deployment of interest-based advertising, for example in the context of search queries.
The legal basis for the data processing described below is Art. 6(1) (f) GDPR, based on our legitimate interest in the demand-oriented design and continuous optimisation of our website and in the advertising of our services.

a. Google Analytics. Our website uses the web analytics service Google Analytics, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies with a validity of 14 months to record your access data when you visit our website. On our behalf, Google combines the access data into pseudonymous user profiles and transmits it to a Google server in the USA. Your IP address is anonymised beforehand. We are therefore unable to determine which user profiles belong to a particular user. This means that we cannot identify you or determine how you use our website based on the information collected by Google. In exceptional cases where this involves transferring personal data to the USA, Google has also subjected itself to the EU-US Privacy Shield. Google has thus committed itself to ensuring the European data protection principles and level of data protection even in the context of data processing occurring in the USA.
On our behalf, Google uses the information generated by cookies for the purpose of evaluating the usage of our website, compiling reports on website activity, and providing us with other services relating to website usage and internet usage. For further information, please refer to the Google Analytics privacy policy.
You may object to these web analytics activities by Google at any time. There are several ways to do this:

For further information about Google Analytics, please refer to Google’s privacy policy.

b. Google AdWords Remarketing. Our website uses “AdWords Remarketing”, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), to advertise our services within Google Search and the Google Search Network following your visit to our website. The service uses cookies and similar technologies for this purpose. For evaluation purposes, Google may transfer the data generated in this context to a server in the USA and store it there. In the event that personal data is transferred to the USA, Google has subjected itself to the EU-US Privacy Shield. Google has thus committed itself to ensuring the European data protection principles and level of data protection even in the context of data processing occurring in the USA.
If you use a Google Account, depending on the settings in your Google Account, Google can link your web and app browsing history to your Google Account and use information from your Google Account to show you personalised ads. If you do not want this information to be associated with your Google Account, you must log out of Google before visiting our website.
You can configure your browser to reject cookies as described above. You can also disable the “Ads Personalisation” button in your Google Ads Settings. In this case, Google will then only display general advertising which has not been selected based on information collected about you.
Please refer to Google’s Privacy Policy for further details.

c. Bing Ads. Our website uses Bing Ads, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). Microsoft uses cookies and similar technologies to present you with ads that are relevant to you. Using these technologies enables Microsoft and its partner websites to serve ads based on previous visits to our or other websites. For evaluation purposes, Microsoft may transfer the data generated in this context to a server in the USA and store it there. In the event that personal data is transferred to the USA, Microsoft has subjected itself to the EU-US Privacy Shield. Microsoft has thus committed itself to ensuring the European data protection principles and level of data protection even in the context of data processing occurring in the USA.
You can prevent the storage of cookies by adjusting your browser settings accordingly (as described above); however, we would like to point out that if you do this you may not be able to use the full functionality of the website. Furthermore, you can prevent the recording of data generated by cookies about your use of the website and its processing by Microsoft by disabling personalised ads on the opt-out page provided by Microsoft. If you do this, please note that if you later delete all cookies in your browser or use a different browser and/or profile, you will need to opt out again.
Please refer to Microsoft’s privacy statement for further details.

Icon carussel

4. Social plug-ins

Social plug-ins from various social networks are integrated into our website:

  • Facebook (Facebook, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA), Data Policy
  • Twitter (Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA), Privacy Policy
  • Google+ (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), Privacy Policy
  • LinkedIn (LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, California 94043, USA), Privacy Policy
  • Xing (XING AG, Dammtorstraße 30, 20354 Hamburg, Germany), Privacy Policy

Social plug-ins can be recognised by the logos of the individual providers.
If you use the functions of the respective social networks on our website, this establishes a direct connection with the servers of those social networks. We have integrated the social network plug-ins in such a way that the networks are only informed that you have visited our website if you interact with the respective social plug-ins, and not when you simply visit our site.
If when you interact with the respective social plug-ins you are logged in to the respective social network with your username and password, the information that you are visiting our site will be transferred to the social network, and the respective provider may assign this information to your user account. If you interact with the social plug-ins, for example by using the Facebook “like” or Twitter “Tweet This” function, the content of our pages will be linked to your Facebook or Twitter profile.
If you are not a member of the respective social networks or have logged out of the providers’ websites before visiting our website, it is still possible that at least your IP address will be transmitted and stored there if you interact with the respective social plug-ins.
We would like to point out that the content and scope of data collected directly by and transmitted to the social networks via the social plug-ins, but also the storage period of up to 250 days and the purposes for which the data is used, are determined exclusively by the respective providers. We have no way of influencing the content of the plug-ins and the transmission of information. For further information, please refer to the providers’ privacy notices, links to which are provided above.
The legal basis of this integration is Art. 6(1) (f) GDPR, based on our legitimate interest in providing the aforementioned social network functions.

Icon arrowsnake

5. Facebook Fanpages

We jointly operate a fan page on the social network of Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA (“Facebook”), where we communicate with interested parties and followers and inform them about our products and services.

We may receive statistics from Facebook about how Facebook/Fanpage users use our Fanpage, such as information about interactions, likes, dislikes, comments, or aggregated information and statistics (such as the age or origin of our followers) that help us learn about interactions with our site. For more information about the nature and extent of these statistics, please see the Facebook info on using pages insights. Further information on the respective legal responsibilities can be found in the Facebook Page Insights Controller Addendum. The legal basis for this data processing is Art. 6 (1b) of the GDPR and 6 (1f) of the GDPR based on our aforementioned legitimate interest.

We have no control over the data that Facebook processes on its own responsibility in accordance with Facebook’s terms of use. However, we would like to point out that when you visit the fan page, data on your usage behaviour is transferred from Facebook and the fanpage to Facebook. Facebook itself processes the aforementioned information in order to compile more detailed statistics and for its own market research and advertising purposes over which we have no control. You can find more detailed information on this in Facebook’s privacy policy. In the event that personal data is transferred to the USA, Facebook has submitted to the EU-US Privacy Shield.

If we receive your personal data while operating the fanpage, you are entitled to the rights stated in this data protection declaration. If you also wish to assert your rights against Facebook, the easiest way to do this is to contact Facebook directly. Facebook knows the details of the technical operation of the platform and the associated data processing as well as the concrete purposes of data processing and can implement appropriate measures on request if you make use of your rights. We are happy to support you in asserting your rights to the extent possible and forward your requests to Facebook.

Icon foldertree

6. Disclosure of data

In principle, we will only passion the data we collect if:

  • you have given your explicit consent pursuant to Art. 6(1) (a) GDPR;
  • disclosure is necessary pursuant to Art. 6(1) (f) GDPR in order to establish, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being disclosed;
  • we are legally obliged to do so under Art. 6(1) (c) GDPR; or
  • this is permitted by law and is required under Art. 6(1) (b) GDPR for the processing of contractual relationships with you or for taking steps at your request prior to entering into a contract.

Part of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, this may in particular include data centres that store our website and databases, IT service providers that maintain our systems, and consulting firms. If we pass data on to our service providers, they may use the data exclusively for the fulfilment of their tasks. We have carefully selected and commissioned the service providers. They are contractually bound by our instructions, have appropriate technical and organisational measures in place to protect the rights of data subjects and are carefully monitored by us.
In addition, data may be disclosed in connection with official requests, court orders and legal proceedings if this is necessary to pursue or enforce rights.

Icon balance

7. Your rights

You have the right to information about how we process your personal data at any time. When providing this information, we will explain the data processing to you and provide you with an overview of the data stored about you.
If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected.
You may also demand that your data be erased. Should the erasure not be possible in exceptional cases due to other legal regulations, the data will be blocked so that it is only available for that legal purpose.
You are also entitled to have the processing of your data restricted, e.g. if you believe that the data we have stored is incorrect. You also have the right to data portability, which means that on request we will send you a digital copy of the personal data you have provided.
In order to assert your rights described here, you can contact us at any time using the contact details provided in Section 1 above. This also applies if you wish to receive copies of safeguards in order to prove an adequate level of data protection.
In addition, you have the right to object to data processing if it occurs based on Art. 6(1)(e) or (f) GDPR or for direct marketing purposes. Finally, you have the right to lodge a complaint with our competent data protection supervisory authority. You can assert this right by contacting a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement. The competent supervisory authority in Berlin is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

Icon arrowsnake

Right of withdrawal and objection.

Pursuant to Art. 7(3) GDPR, you have the right to withdraw the consent you gave us at any time. As a result of this, we will cease the data processing based on this consent with future effect. This withdrawal of your consent will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.
If we process your data on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right under Art. 21 GDPR to object to the processing of your data, and to give us reasons which arise from your particular situation which, in your opinion, show that your legitimate interests override ours. If your objection is to data processing for direct marketing purposes, you have a general right of objection, which we will implement without requiring you to give reasons.
If you would like to make use of your right of withdrawal or objection, it is sufficient to simply notify us using the contact details provided above.

Last amended: September 2018

Our lawyers are recommended by: