Information about the collection, storage and processing of personal data on this web site
General information
The following information provides a brief overview of what happens to your personal data when you visit this website. Personal data refers to any data that can be used to identify you personally.
In general, you can access and use this web site without providing any personal data. However, if you wish to use specific services, such as a contact form or a scheduling tool, you will be required to provide some personal data in order for us to be able to handle your request. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data—such as the name, address, email address, or telephone number is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable. We have implemented numerous technical and organizational measures to ensure the most comprehensive protection possible for the personal data processed via this web site. Nevertheless, internet-based data transmissions may, in principle, be subject to security vulnerabilities. Therefore, absolute protection cannot be guaranteed. For this reason, you may want to transmit personal data to us via alternative means — for example, by telephone or regular post.
Responsible for the collection of data on this web site
Janin Ahnefeld
AHNEFELD LAWFIRM
Anton-Wilhelm-Amo-Straße 45
10117 Berlin
Germany
Phone: +49 30 34 35 60 38
Fax: +49 30 34 09 77 54
Email: contact@ahnefeldlaw.com
Automated data collection on this web site
Every time you access our web site, a series of general data and information are collected automatically by the web site server. These general data and information are stored in the server’s log files and include your browser types and version, your operating system, the website from which you have reached our web site, the pages of our web site which you have accessed, date and time of access, your IP address, your internet service provider and other similar data and information serving to prevent risks in the event of attacks on our information technology systems.
This general data and information is stored anonymously and cannot be used to draw any conclusions regarding your person. This information is required to deliver the content of our web site correctly, optimize the content of our web site and measure its reach, ensure the long-term viability of our information technology systems and provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyberattack.
Legal Basis for the Processing of Personal Data
Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.
Purpose of Data Processing
The temporary (automated) storage of data is necessary for the functioning of a website visit to enable the delivery of the website. The storage and processing of personal data are also carried out to maintain the compatibility of our website for as many visitors as possible and for combating misuse and troubleshooting. This requires logging the technical data of the accessing computer to respond as early as possible to display errors, attacks on our IT systems, and/or malfunctions of our website’s functionality. Additionally, the data is used for optimizing the website and ensuring the general security of our information technology systems.
Duration of Storage
The deletion of the aforementioned technical data occurs as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.
Objection and Deletion Options
You can object to the processing at any time in accordance with Art. 21 GDPR and request the deletion of data under Art. 17 GDPR. Information about your rights and how to exercise them can be found in the lower section of this privacy policy.
External services used on this web site
Google Maps & Cloud APIs
We use the Google Maps service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.
The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.
We use Google APIs to load additional services from Google on the website. Google APIs are a collection of interfaces for communication between various Google services that are used on your website. The service is used, in particular, for providing the Google Maps map.
Regarding the processing, the service or we collect the following data: IP address.
If the service is active on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transmits the necessary data. As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. When using the Google service on our website, information from other Google services may also be transmitted and processed by Google to provide background services for displaying and processing the services provided by Google. This may also involve data transmission to Google services such as Google Cloud, Google Maps, Google Ads, and Google Fonts, according to Google’s privacy policy and under the legal responsibility of Google. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.
For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.
The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.
Usage of cookies
Our web site integrates and uses cookies to enable certain functions and to integrate external web services. These so-called “cookies” are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie.” Cookies can be set by both the website itself and external web services. The cookies are set by our website or external web services to maintain the full functionality of our website, improve user-friendliness, or pursue the purpose you have consented to. The cookie technology also allows us to recognize individual visitors using pseudonyms, such as an individual or random ID, so that we can offer more individual services.
Legal basis for the processing of personal data
If cookies are processed based on consent according to Art. 6 (1) lit. a GDPR, this consent is also considered consent under § 25 (1) TTDSG for setting the cookie on the user’s terminal device. If another legal basis is mentioned in accordance with the GDPR (e.g., for the performance of a contract or to fulfill legal obligations), storage or setting is based on an exception under § 25 (2) TTDSG. This occurs “when the sole purpose of storing information on the end user’s device or the sole purpose of accessing information already stored on the end user’s device is to transmit a message over a public telecommunications network” or “when storing information on the end user’s device or accessing information already stored on the end user’s device is absolutely necessary to provide a telemedia service expressly requested by the user.”
Purpose of data processing
The cookies are set by our website or external web services to maintain the full functionality of our website, improve user-friendliness, or pursue the purpose you have consented to. The cookie technology also allows us to recognize individual visitors using pseudonyms, such as an individual or random IDs, so that we can offer more individual services.
Storage duration
The storage of our cookies continues until they are deleted in your browser or, if it is a session cookie, until the session expires.
Objection and removal options
You can configure your browser according to your preferences to generally prevent the setting of cookies. You can then decide on a case-by-case basis whether to accept cookies or accept cookies as a general rule. Cookies can be used for various purposes, such as recognizing that your access device is already connected to our website (permanent cookies) or storing recently viewed offers (session cookies). If you have explicitly granted us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of processing performed on the basis of consent before revocation is not affected by the revocation.
Communication Security
Your personal data is protected by technical and organizational measures during collection, storage and processing so that it is not accessible to third parties. If you send information in an unencrypted fashion (i.e. by email), we can not guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or using the postal service for information with a high need for confidentiality.
Your rights as a data subject
In accordance with statutory provisions, you are entitled to request information about which personal data we have stored about you, request the correction of incorrect personal data or the deletion of personal data, insofar as we are not obliged to store this data, to request information about who we may share your personal data with and to revoke your consent to the handling of your personal data at any time. Specifically, you have the following rights:
Right to information
You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to know what specific information about you we are processing, as specified in Art. 15 Para. 1 GDPR, provided that the rights and freedoms of other persons are not impaired (cf. Art. 15 Para. 4 GDPR). We would also be happy to provide you with a copy of the data.
Right to rectification
In accordance with Article 16 GDPR, you have the right to have any incorrectly stored personal data (e.g. address, name, etc.) corrected at any time. You can also request that the data we have stored be completed at any time. A corresponding adjustment will be made immediately.
Right to deletion
According to Art. 17 Para. Para. 1 DSGVO you have the right to request the deletion of your personal information if the data is either no longer needed; the legal basis for processing no longer applies due to the revocation of your consent; you have objected to processing and there are no legitimate grounds for it; your data is processed unlawfully; a legal obligation requires this or a collection has taken place in accordance with Article 8 (1) GDPR.
According to Art. 17 (3) GDPR, the right does not exist if the processing is necessary to exercise the right to freedom of expression and information; your data has been collected on the basis of a legal obligation; the processing is necessary for reasons of public interest; the data is required to assert, exercise or defend legal claims.
Right to restriction of processing
In accordance with Art. 18 Para. 1 GDPR, you have the right to demand the restriction of the processing of your personal data.
This is the case when the accuracy of the personal data is contested by you; the processing is unlawful and you do not consent to deletion; the data is no longer required for the purpose of processing, but the data collected is used to assert, exercise or defend legal claims; an objection to the processing pursuant to Article 21 (1) GDPR has been filed and it is still unclear which interests prevail.
Right of revocation
If you have given us your express consent to the processing of your personal data (Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Right to objection
According to Article 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 Paragraph 1 Letter f (within the scope of a legitimate interest). You are only entitled to this right if special circumstances speak against the storage and processing.
Right to data portability
In accordance with Art. 20 GDPR, you have the right to have your personal data transmitted. We provide the data in a structured, common and machine-readable format. The data can either be sent to you or to a person named by you. On request, we will provide you with the following data in accordance with Article 20 (1) GDPR.
We will transfer the personal data directly to a responsible person of your choice, insofar as this is technically feasible. Please note that we are not permitted to transfer data that encroach on the freedoms and rights of other people in accordance with Article 20 (4) GDPR.
Right of appeal to the supervisory authority
If you suspect that your data is being processed illegally, you can of course seek judicial clarification of the problem at any time. In addition, you have every other legal option. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) GDPR. You have the right to lodge a complaint according to Art. 77 GDPR in the EU member state of your residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the places mentioned above. The supervisory authority to which the complaint was lodged will then inform you of the status and results of your submission, including the possibility of a judicial remedy in accordance with Article 78 GDPR.
How do you exercise your rights?
You can exercise your rights at any time by using the contact details mentioned above.
The revocation of your consent or the deletion or blocking of personal data can mean that we can no longer provide certain services and functions. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
If you have any questions or complaints, you can also contact the Berlin Data Protection Authority (0049 030 13889-0).