Privacy Policy

Privacy policy, as of August 2024

1. Name and contact details of the controller

This privacy policy provides information about the processing of personal data on the website of

BARTH ASSOCIATES GmbH
Lindenstr. 15
60325 Frankfurt am Main
mail@barth-associates.de
Tel.: 069/956504-0
Fax: 069/956504-11
Website: www.barth-associates.de

Contact details of the data protection officer:
The data protection officer of the law firm can be contacted at the above office address and at datenschutz@barth-associates.de.
The data protection officer of the controller is
Jelena Banozic
E-mail: banozic@barth-associates.de

2. Scope and purpose of the processing of personal data
2.1 Accessing the website
When this website www.barth-associates.de is accessed, data is automatically sent to the server of this website by the Internet browser used by the visitor and stored in a log file for a limited period of time. The following data is stored without further input from the visitor until it is automatically deleted:
– IP address of the visitor’s end device,
– Date and time of access by the visitor,
– Name and URL of the page accessed by the visitor,
– Website from which the visitor accesses the law firm’s website (so-called referrer URL),
– browser and operating system of the visitor’s end device as well as the name of the access
access provider used by the visitor.
– Language and version of the browser software

The processing of this personal data is justified in accordance with Art. 6 para. 1 sentence 1 letter f) GDPR. The firm has a legitimate interest in data processing for the purpose

– to establish the connection to the law firm’s website quickly
– to enable user-friendly use of the website
– recognising and ensuring the security and stability of the systems and
– to facilitate and improve the administration of the website.

The processing is expressly not carried out for the purpose of gaining knowledge about the person visiting the website.

3. Hosting
We host the content of our website with the following provider:

IONOS
The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter referred to as IONOS). When you visit our website, IONOS collects various log files including your IP addresses. Details can be found in the IONOS privacy policy:
https://www.ionos.de/terms-gtc/terms-privacy.

IONOS is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible.

Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

4. Transfer of data
Personal data is transferred to third parties if
– the data subject has expressly consented to this in accordance with Art. 6 para. 1 sentence 1 letter a) GDPR
– the transfer is necessary for the establishment, exercise or defence of legal claims pursuant to Art. 6 (1) sentence 1 (f) GDPR and there is no reason to assume that the data subject has an overriding legitimate interest in the non-disclosure of their data
– there is a legal obligation for the data transfer pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR there is a legal obligation, and/or
– this is necessary for the fulfilment of a contractual relationship with the data subject in accordance with Art. 6 para. 1 sentence 1 letter b) GDPR.
In other cases, personal data will not be passed on to third parties.

5. Cookies
Cookies are used on the website. These are data packets that are exchanged between the server of the law firm’s website and the visitor’s browser. These are stored by the devices used (PC, notebook, tablet, smartphone, etc.) when the website is visited. In this respect, cookies cannot cause any damage to the devices used. In particular, they do not contain viruses or other malware. Information is stored in the cookies that results in each case in connection with the specific end device used. Under no circumstances can the law firm obtain direct knowledge of the identity of the visitor to the website.

Cookies are largely accepted according to the basic browser settings. The browser settings can be configured in such a way that cookies are either not accepted on the devices used or that a special message is displayed before a new cookie is created. However, it should be noted that deactivating cookies may mean that not all functions of the website can be used to the best possible effect.

The use of cookies serves to make the use of the law firm’s website more convenient. For example, session cookies can be used to track whether the visitor has already visited individual pages of the website. After leaving the website, these session cookies are automatically deleted. Our website uses functional cookies for the proper functioning of the website, including cookies that save your language settings.

Temporary cookies are used to improve user-friendliness. They are stored on the visitor’s device for a temporary period. When the website is visited again, it is automatically recognised that the visitor has already visited the site at an earlier time and which entries and settings were made so that they do not have to be repeated.
The data processed by cookies is justified for the above-mentioned purposes to safeguard the legitimate interests of the law firm in accordance with Art. 6 para. 1 sentence 1 letter f) GDPR.

6. Social media

This website contains links to our presence on various social media platforms. You can recognise these by the logo of the respective social media provider. When you use our website, no personal data is passed on to the providers of the social media platforms. Only when you click on these links will you be redirected to the platform of the respective social media provider and, if applicable, the referral URL (the information about the page you have accessed on our website) will be transmitted to the provider. We have no influence on this data transfer. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.

If you click on such a link, you leave our website and we have no influence on the data collected and data processing operations, nor are we aware of the full extent of the data collection, the purposes and the storage periods. The respective social media provider processes your data regardless of whether you have an account on this social media platform and are logged in there. If you are logged in, the data collected by the social media provider will be assigned directly to your account. If you do not want the assignment to your social media account, you must log out before clicking on the link.

The social media provider stores your data as a user profile and uses it for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to display customised advertising and to inform other users of the social network about your activities. You have the right to object to the creation of these user profiles, whereby you must contact the respective social media provider to exercise this right.

Further information on the purpose and scope of data collection and its processing by the social media provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

www.linkedin.com/legal/privacy-policy

7. Application form and e-mail contact
An application form is available on our website which can be used for electronic applications. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. It is mandatory to enter your (first) name, your e-mail address, your preferred position and your earliest possible starting date. Further data (telephone number) will only be processed if you provide us with this data voluntarily.

Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy. The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.

Alternatively, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored. The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. The processing of the personal data from the input mask serves us solely to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems. The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

8. Your rights as a data subject
If your personal data is processed when you visit our website, you have the following rights as a “data subject” within the meaning of the GDPR:

8.1 Information
You can request information from us as to whether your personal data is being processed by us. There is no right to information if the provision of the requested information would violate the duty of confidentiality pursuant to Section 83 StBerG or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding this, there may be an obligation to provide information if your interests outweigh the interest in confidentiality, in particular taking into account the threat of damage. The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or exclusively serves the purposes of data backup or data protection control, provided that the provision of information would require a disproportionately high effort and processing for other purposes is excluded by suitable technical and organisational measures. If the right to information is not excluded in your case and your personal data is processed by us, you can request the following information from us:
– Purposes of the processing,
– Categories of personal data processed by you,
– recipients or categories of recipients to whom your personal data is disclosed, in particular in the case of recipients in third countries,
– if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria used to determine the storage period,
– the existence of a right to rectification or erasure or restriction of processing of personal data concerning you or a right to object to such processing, and
this processing,
– the existence of a right to lodge a complaint with a data protection supervisory authority
– if the personal data have not been collected from you as the data subject, the available information on the origin of the data
– where applicable, the existence of automated decision-making, including profiling and meaningful information about the logic involved, as well as the significance and envisaged consequences of automated decision-making.
– if applicable, in the case of transfer to recipients in third countries, unless the EU Commission has decided on the adequacy of the level of protection pursuant to Art. 45 para. 3 GDPR, information on the appropriate safeguards pursuant to Art. 46 para. 2 GDPR for the protection of personal data.

8.2 Correction and completion
If you discover that we have incorrect personal data about you, you can request that we correct this incorrect data immediately. If your personal data is incomplete, you can request that it be completed.

8.3 Erasure
You have the right to erasure (“right to be forgotten”), unless the processing is necessary for exercising the right of freedom of expression, the right to information or for compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following reasons applies:
– The personal data are no longer necessary in relation to the purposes for which they were processed.
– The justification for the processing was solely your consent, which you have withdrawn.
– You have objected to the processing of your personal data, which we have made public.
– You have objected to the processing of personal data that we have not made public and there are no overriding legitimate grounds for the processing.
– Your personal data has been processed unlawfully.
– The deletion of personal data is necessary to fulfil a legal obligation to which we are subject.
There is no right to erasure if, in the case of lawful non-automated data processing, erasure is not possible or only possible with disproportionate effort due to the special type of storage and your interest in erasure is low. In this case, the restriction of processing takes the place of erasure.

8.4 Restriction of processing
You may request that we restrict processing if one of the following reasons applies:
– You contest the accuracy of the personal data. In this case, the restriction may be requested for the period of time that enables us to verify the accuracy of the data.
– The processing is unlawful and you request the restriction of the use of your personal data instead of erasure.
– We no longer need your personal data for the purposes of the processing, but you require it for the establishment, exercise or defence of legal claims.
– You have lodged an objection pursuant to Art. 21 para. 1 GDPR. The restriction of processing can be requested as long as it is not yet clear whether our legitimate reasons outweigh your reasons.

Restriction of processing means that the personal data will only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We are obliged to inform you before we lift the restriction.

8.5 Data portability
You have a right to data portability if the processing is based on your consent (Art. 6 para. 1 sentence 1 letter a) or Art. 9 para. 2 letter a) GDPR) or on a contract to which you are a party and the processing is carried out by automated means. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others You may request to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You have the right to transmit this data to another controller without hindrance from us. Where technically feasible, you can request that we transfer your personal data directly to another controller.

8.6 Objection
If the processing is based on Art. 6 para. 1 sentence 1 letter e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or on Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest of the controller or a third party), you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on Article 6 (1) sentence 1 (e) or (f) GDPR. Once you have exercised your right to object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

You can object to the processing of your personal data for direct marketing purposes at any time. This also applies to profiling in connection with such direct marketing. After exercising this right to object, we will no longer use the personal data concerned for direct marketing purposes. You have the option to inform us informally of your objection by telephone, e-mail, fax or to our postal address listed at the beginning of this privacy policy.

8.7 Revocation of consent
You have the right to withdraw your consent at any time with effect for the future. The revocation of consent can be communicated informally by telephone, e-mail, fax or to our postal address. The revocation does not affect the legality of the data processing that has taken place on the basis of the consent until receipt of the revocation. After receipt of the revocation, the data processing that was based exclusively on your consent will be discontinued.

8.8 Complaint

If you believe that the processing of personal data concerning you is unlawful, you may lodge a complaint with a data protection supervisory authority that is competent for your place of residence or work or for the place of the alleged infringement.

9. Status and updating of this privacy policy
This privacy policy is valid as of 01.08.2024. We reserve the right to update the privacy policy in due course in order to improve data protection and/or adapt it to changes in official practice or case law.

© BARTH ASSOCIATES GmbH