Partnerschaftsgesellschaft mit beschränkter Berufshaftung (PartG mbB),),
1. Subject matter of this privacy policy
WEBER-STEINHAUS & SMITH
Rechtsanwälte Solicitor
Partnerschaftsgesellschaft mit beschränkter Berufshaftung (PartG mbB), (hereinafter "WEBER-STEINHAUS & SMITH", "we", „company“ or "us") takes the protection of personal data (hereinafter "data") very seriously. In the following, we would therefore like to inform visitors to our website (www.weber-steinhaus.com) in detail about which data is collected when they visit our website and use our offers there and how we process this data in the following, as well as which accompanying protective measures we have also taken from a technical and organizational point of view.
2. Responsible body/service provider
a. The controller within the meaning of the GDPR and at the same time service provider within the meaning of the German Telemedia Act (TMG) is
WEBER-STEINHAUS & SMITH
Rechtsanwälte Solicitor
Partnerschaftsgesellschaft mit beschränkter Berufshaftung (PartG mbB),
eingetragen im Partnerschaftsregister des Amtsgericht Bremen unter PR 227 HB
Baumwollbörse #206
Wachtstraße 17 – 24, 28195 Bremen
Postfach 10 73 01, 28073 Bremen
b. The company is represented by the partners of the partnership company designated as "Partner".
c. The contact details of our data protection officer are Postal address of the company, as stated above.
Telephone: 01728183846
E-mail: info@weber-steinhaus.com
d. If you have any questions or comments about this privacy policy or data protection in general, please send them to the following e-mail address.
info@weber-steinhaus.com
3. Collection and use of data
a. The scope and nature of the collection and use of data differs depending on whether a visitor only visits our website to retrieve information or, for example, writes to us or submits an application to us.
b. Informational use
- 1. it is generally not necessary for the visitor to provide data for the informational use of our website. Rather, in this case we only collect and use the visitor's data that the visitor's Internet browser automatically transmits to us, such as
· °IP address
· ° Date and time of the request
· ° page accessed/name of the file accessed
· ° amount of data transferred
· ° Message as to whether the access/retrieval was successful
· ° Internet address from which the page or file was accessed or the
· ° desired function was initiated
· ° Web browser used
- 2. We collect and use this data during an informational visit for the purpose of enabling the use of the web pages accessed by the visitor. This data is stored for the duration of the communication process. We also store the IP address for a short period of up to 7 days after the end of the communication process for the purpose of ensuring IT security, in particular to protect our IT systems from misuse and to defend against attacks. The collection and processing of the visitor's data is carried out on the basis of Art. 6 para. 1 lit. b) GDPR, for the execution of the contract of use of our website for informational purposes and with regard to the storage of the IP address for a period of up to 7 days after completion of the communication process on the basis of Art. 6 para. 1 lit. f) GDPR, because we have a legitimate interest in protecting our IT systems. The data can be viewed internally by our IT department. In addition, the data can be viewed by service providers who support us in providing the website. We have of course carefully selected these service providers and concluded an order processing contract with them in accordance with Art. 28 GDPR, which obliges the service providers to process the data only on our behalf and on our instructions.
3. Job applications
a. Visitors to our website can send us an e-mail to apply for an open position.
b. We use the data sent to us with the application solely for the purpose of checking whether a position with us is suitable for the applicant and to contact him/her in this regard. Sending an application is of course voluntary and the applicant decides which data he or she discloses to us. However, if the application does not contain the data usually included in such an application and if this data is not subsequently submitted, it cannot be considered as part of the application.
c. The application will be made available internally to the HR department and, if necessary, to the responsible HR manager for the above-mentioned purpose.
d. The collection and processing of the applicant's data sent with the application is carried out on the legal basis of Art. 6 para. 1 a) and b) GDPR in conjunction with § 26 BDSG. The applicant can withdraw their consent to the processing of their application data at any time. In this case, their application cannot be processed any further. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. If consent is withdrawn, we will delete the data unless storage is permitted or required on another legal basis.
e. We delete the application data in accordance with Section 61 b (1) ArbGG in conjunction with Section 15 AGG after a period of 6 months after we have informed the applicant that he or she is not eligible for a position, unless there is another legal basis for longer storage.
f. If an employment relationship is established with the respective applicant, he or she will receive information about our handling of employee data as part of the conclusion of the respective employment contract.
4. Other inquiries via the contact details on our website
a. If visitors to our website contact us via the contact details provided there, we collect and process the information provided by the respective visitor exclusively for the purpose of processing the respective specific request.
b. Contacting us is of course voluntary and the visitor determines which data he or she discloses to us.
c. The data will be made available internally to the person responsible for processing the request.
d. The collection and processing of the data of the respective request is carried out on the legal basis of Art. 6 para. 1 a) and b) GDPR. The visitor can revoke their consent to the processing of data for the purpose of responding to their request at any time. In this case, their request can no longer be processed. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. If consent is withdrawn, we will delete the data unless storage is permitted or required on another legal basis.
e. Should a client develop from a request, the conclusion of a separate mandate agreement is required. The client will then receive information about our handling of data received in the context of the mandate as part of the conclusion of the mandate agreement.
f. Duration of storage
In principle, data that is only stored on the basis of consent in accordance with Art. Art. 6 para. 1 lit. a) GDPR, unless statutory retention obligations conflict with this or another legal basis permits or requires further storage, will be deleted if the visitor revokes the consent given. Other data will only be stored for as long as it is necessary for the purpose for which it was collected, unless statutory retention periods prevent this or a legal basis permits or requires further storage.
5. Rights of the persons concerned
a. Information
Every person has the right to request confirmation from us as to whether data concerning them is being processed by us and, if this is the case, every data subject has a right to information in accordance with Art. 15 GDPR in conjunction with 34 BDSG.
b. Rectification
Every data subject whose data we have stored has the right, under the conditions of Art. 16 GDPR, to demand that we rectify their data.
c. Erasure
Every data subject whose data we have stored has the right, under the conditions of Art. 17 GDPR in conjunction with Section 35 BDSG, to request that data concerning them be deleted.
d. Restriction of processing
Every data subject whose data we have stored has the right, under the conditions of Art. 18 GDPR, to request that we restrict the processing of their data.
e. Right to data portability
Every data subject whose data we have stored has the right to data portability under the conditions of Art. 20 GDPR.
f. Right of revocation and objection
- 1. we would like to point out that any data subject may revoke any consent given to us under data protection law at any time with effect for the future.
- 2. every data subject also has the right to object to the processing of data concerning them under the conditions of Art. 21 GDPR.
g. Exercise of rights pursuant to section 5.a to section 5.g
If a data subject wishes to exercise any of their rights under sections 5.a to 5.g, they can contact us informally using the contact details provided in section 2.a above.
h. Complaint
Pursuant to Art. 77 GDPR, every data subject has the right to lodge a complaint about us with the competent data protection supervisory authority.
6. Use of cookies
a. We use the technology of cookies for our website. Cookies are small text files that are sent from our web server to the visitor's browser during a visit to our website and are stored on the visitor's computer for later retrieval.
b. We only use so-called session cookies (also known as temporary cookies), i.e. cookies that are only stored temporarily for the duration of the use of one of our websites. The purpose of these cookies is to continue to identify the visitor's computer during a visit to our website when switching from one of our websites to another and to be able to determine the end of the visit.
c. The cookies are deleted as soon as the visitor has ended their browser session.
d. Whether cookies can be set and retrieved can be determined by each visitor himself through the settings in his browser. For example, the visitor can completely deactivate the storage of cookies in his browser, restrict it to certain websites or configure the browser so that he is automatically notified as soon as a cookie is to be set and asked for feedback. For technical reasons, however, it is necessary to allow the aforementioned session cookies in order to use the full functionality of our website.
e. The legal basis for the processing of personal data using the cookies we use is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to provide visitors with the full functionality of our website in a user-friendly manner. In this context, we do not store personal data after the end of the respective session.
f. Use of HTML5 LOCALSTORAGE
- 1. We also use HTML5 localStorage technology for our website. Here, small text files are sent from our web server to the visitor's browser during a visit to our website and stored on the visitor's computer for later retrieval. During a subsequent visit to our website, this small text file can then be used to retrieve which browser the visitor is using and which version of the browser as well as the visitor's preferred language when visiting our website. If the visitor does not want this data to be stored, they can remove these files by deleting the browser history.
- 2. The legal basis for the processing of personal data using HTML5 LOCALSTORAGE is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to provide visitors with the full functionality of our website in a user-friendly manner.
6. Data storage
We use suitable technical and organizational security measures to protect the processed data. For this purpose, the protection objectives of Art. 32 para. 1 GDPR, such as confidentiality, integrity and availability of the systems and services as well as their resilience in relation to the type, scope, circumstances and purpose of the processing, are taken into account in such a way that appropriate technical and organizational measures ensure adequate protection of the data.
7. Responsible authority
Der Landesbeauftragte für den Datenschutz der Freien Hansestadt Bremen
Adresse: Arndtstraße 1, 27570 Bremerhaven
Telefon: 0471 924610
E-Mail: office@datenschutz.bremen.de
