1. GENERAL, PERSONAL DATA
As attorneys, the protection of your personal data constitutes a very important concern for us, Maybach Bechter Hellbert Rechtsanwälte GesbR. We are obliged to maintain the highest level of confidentiality due to our professional duties of confidentiality.
Personal data are all data that contain information about personal or factual circumstances, for example name, address, e-mail, telephone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of persons as well as biometric data such as fingerprints. Sensitive data, such as health data or data related to criminal proceedings, may also be included within the scope of our professional activities.
2. USE OF DATA
We collect, process and use your personal data only with your consent or on the basis of our mandate or in preparation thereof, or if another legal basis exists in accordance with GDPR or other relevant legislations.
Although we generally collect personal data from and about you, we may also obtain data from other sources. These other sources are publicly available information that we obtain from the Internet or, in individual cases, from credit reporting agencies or information that we collect in connection with our legal verification obligations to prevent money laundering and terrorist financing (e.g., registers of beneficial owners, databases on politically exposed persons). The data we obtain about you from third party sources and store in our systems is limited to contact information (email address and phone number, postal address), whether you are a politically exposed person, your function in the company and your assignment to or responsibility for a particular company (usually your employer or a group-affiliated company), if you should not have disclosed this data to us in the course of communication. This processing is based on our legitimate interest in having a complete set of data about you necessary for professional communication and the handling of the mandate, the business relationship depending on the relationship we have with you (Art 6 para 1 (f) GDPR).
We also process personal data of opponents of our clients or involved parties as well as respondents in matters we handle for our clients. We regularly receive this data from our clients, from the Internet or other available public sources, as well as from other third parties who serve as informants for us. Separate, specific information about data processing will not be provided even if we enter into direct contact with you in your capacity as an opponent, involved party or respondent, because we are exempt from an obligation to provide information in this regard pursuant to Art 14 (5) GDPR.
If you disclose personal data and, if applicable, also company and business secrets of you as well as of your relatives, employees or other third parties to us, we will assume in all these cases that you are authorized to disclose such data.
3. NEWSLETTER AND EVENTS
Based on your consent to receive our newsletter, we will process your voluntarily provided personal data (title, name, address, company, position, email address) for sending MBH newsletters, invitations to our events, seasonal greetings, publications and other information material about legal developments via email. You may withdraw this consent at any time with future effect (e.g., by email to office@mbh-law.eu).
If you register for events that we organize, we will process the personal data you provide (email, name, company) in order to put you on the guest list of our event as requested. This data is necessary for administration and will be processed with external processors if necessary.
4. TRANSFER OF DATA TO THIRD PARTIES
In order to fulfill your mandate, it may be necessary to forward your data to third parties (e.g. opposing party, substitute attorneys, partner law firms, insurance companies, tax advisors, auditors, service providers whom we use and to whom we make data available) courts or authorities. Your data will only be forwarded on the basis of the GDPR, in particular to fulfill your mandate or on the basis of your prior consent.
Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection.
If we transfer your personal data to recipients in non-EU countries that the EU Commission does not currently consider to have an adequate level of data protection, however, we take steps to ensure that all recipients have an adequate level of data protection, in particular by entering into standard contractual clauses.
External processors with whom we work may also process your personal data. These processors are in particular IT service providers and providers of other tools and software solutions. Our processors only process your data on our behalf, in accordance with our instructions and for the purposes set out in this Privacy Policy. Some of these processors may be located outside the EU/EEA. However, in all cases of using processors, we always ensure that the European level of data protection and data security standards are maintained.
5. DATA SECURITY
Your personal data is protected by appropriate organizational and technical precautions to protect against unauthorized, unlawful or even accidental access, processing, loss, use and manipulation.
Notwithstanding our efforts to maintain a reasonably high level of due diligence at all times, it cannot be ruled out that information you disclose to us via the Internet may be viewed and used by others.
Please note that we cannot accept any liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacker attack on e-mail accounts or telephone).
6. REPORT OF DATA BREACHES
We strive to ensure that data breaches are identified at an early stage and, where appropriate, reported to you or the relevant supervisory authority without delay, including the relevant categories of data involved.
7. RETENTION OF DATA
We will not retain data for longer than is necessary to fulfill our contractual or legal obligations and to defend against any liability claims.
Depending on the respective processing purpose, a different retention period is required for different data (categories). We will provide you with specific details on the storage of your respective transmitted data upon request.
8. COOKIES
Our website uses “cookies” to make our services more user-friendly, effective and secure.
A “cookie” is a small text file that we transfer via our web server to the cookie file of the browser on the hard drive of your computer. This enables our website to recognize you as a user when a connection is established between our web server and your browser. Cookies help us to determine the frequency of use and the number of users of our web pages. The content of the cookies we use is limited to an identification number that no longer allows any personal reference to the user. The main purpose of a cookie is to recognize visitors to our website.
Two types of cookies are used on our website:
- Session cookies: these are temporary cookies that remain in the cookie file of your browser until you leave our website and are automatically deleted at the end of your visit.
- Persistent cookies: for a better user experience, cookies remain stored on your terminal device and allow us to recognize your browser on your next visit.
The legal basis for the aforementioned processing of personal data is your consent, which you give us by agreeing via the cookie banner on our website. You can revoke this consent at any time with immediate effect.
9. SERVER LOG FILES
In order to optimize our website in terms of system performance, user-friendliness and provision of useful information about our services, the provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider and date/time. We do not merge this data with personal data sources. e reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use. The legal basis for the aforementioned processing of your personal data is our legitimate interest in the functionality, stability and security of our website.
10. YOUR RIGHTS
As a client or, more generally, as a data subject, you have the right at any time – subject to the secrecy obligations of the legal profession – to obtain information about your personal data, their origin and recipients and the purpose of the data processing, their storage period as well as the right to rectification, data transfer, objection, restriction of processing as well as blocking or deletion of incorrect or inadmissibly processed data. Insofar as there are changes to your personal data, we request that you inform us accordingly.
You have the right to withdraw your consent to the use of your personal data at any time. Your request for information, deletion, correction, objection and/or data transfer can be sent to the address given in section 11 of this information. However, the withdrawal of consent does not affect the lawfulness of the processing until the time of the withdrawal.
In certain cases, you also have the right to receive the data we process about you in a machine-readable format determined by us or to instruct us to transfer your data directly to a third party of your choice, whereby any data portability must not be precluded by unjustifiable expenses or by legal or other obligations of secrecy or confidentiality considerations.
If you are of the opinion that the processing of your personal data by us violates applicable data protection law or that your data protection rights have been violated in any other way, you may file a complaint to the competent supervisory authority. In Austria, the data protection authority is responsible for such matters.
11. OUR CONTACT DETAILS
We can be reached at the contact information below during regular office hours for your questions or requests.
Maybach Bechter Hellbert Rechtsanwälte GesbR
Schwarzspanierstraße 11/7
A-1090 Wien
Telefon: +43 1 3618099
E-Mail: office@mbh-law.eu
VAT-Tax ID: ATU77889448
Competent chamber: Vienna Bar Association, Austria