Data privacy

Welcome to our web site, and we would like to thank you for showing an interest in our company. We take the protection of your personal information very seriously. We process your data in accordance with the applicable legal regulations for the protection of personal information, particularly the EU General Data Protection Regulation (EU-DS-GVO) and the country-specific regulations which apply to us. With the aid of this data protection declaration, we provide you with comprehensive information about the processing of your personal information by the Dipl.-Kfm. Michael Härer law firm, and the rights to which you are entitled.

Personal information is the information that makes it possible to identify a natural person. This includes your name, date of birth, address, phone number, e-mail address and IP address.

The information is anonymous if no personal reference to the user can be made.The information is anonymous if no personal reference to the user can be made.

Your rights as an affected person

First of all we would like to inform you about your rights as an affected person. These rights are standardised in Art. 15 - 22 EU-DS-GVO. These include:

• The right to information (Art. 15 EU-DS-GVO),
• The right to deletion (Art. 17 EU-DS-GVO),
• The right to correction (Art. 16 EU-DS-GVO),
• The right to data transferability (Art. 20 EU-DS-GVO),
• The right to restriction of data processing (Art. 18 EU-DS-GVO),
• The right to objection to data processing (Art. 21 EU-DS-GVO).

In order to assert these rights, please contact: This email address is being protected from spambots. You need JavaScript enabled to view it.. The same applies of you have any questions about data processing within our company. You also have the right to complain to a data privacy supervisory authority.

Objection rights

With regard to objection rights, please note the following:

If we process your personal information for the purpose of direct advertising, you have the right to object to this data processing at any time, without giving reasons. This also applies to profiling, provided that is in connection with direct advertising.
If you object to processing for the purpose of direct advertising, we will no longer process your personal information for these purposes. The objection is free of charge and can be made informally, preferably to: This email address is being protected from spambots. You need JavaScript enabled to view it..
If we process your information in order to maintain justified interests, you can object to this processing for reasons resulting from your particular situation at any time; this also applies to profiling which is based upon these provisions.
We will no longer process your personal information unless we can provide proof of compelling and legitimate reasons for the processing which outweighs your interests, rights and freedoms or the processing is for the purpose of asserting, exercising or defending legal rights.

Purposes and legal basis of data processing

The provisions of the EU DS-GVO of the BDSG (Federal Data Protection Act) (new) and all other applicable data protection rights provisions are adhered to in the processing of your personal information. The legal basis for the data processing particularly results from Art. 6 of the EU-DS-GVO.
We use your information to fulfil contractual and legal obligations, to carry out the contractual relationship, to offer products and services and to reinforce the customer relationship, which can also include analyses for marketing purposes and direct advertising.

Data processing for contract fulfilment:
We process the personal information which we are provided with in accordance with Art. 6 Para. 1 lit. b) of the DSGVO for the purpose of contract fulfilment. This also includes use for the purpose of in-depth checking as to whether an order may be accepted at all, and the following client support and the necessary quality assurance. The data that is required for contract fulfilment is not deleted, provided that and as long as mutual claims are still outstanding at the end of the contract and are to be withdrawn if necessary. We also retain all documents which we have gathered for the purpose of a client relationship for the duration of the legal retention period in accordance with section 51b Para. 2 of the WPO (Act on the Professional Code of Conduct of Chartered Public Accountants in Germany), unless something else has been individually agreed in isolated cases.

Data processing for the fulfilment of legal obligations:
If necessary and for as long as required, we will process your data in order to be able to fulfil any legal documentation obligations with regard to tax offices and supervisory authorities, for example. The data processing takes place on the basis of Art. 6 Para. 1 lit. c of the DSGVO. A legal obligation particularly results from section 147 of the AO (General Fiscal Law) and section 51b of the WPO. The information shall be deleted within the periods mentioned in section 147 of the AO and section 51b of the WPO, provided that nothing else has been individually agreed in isolated cases or there is a justified interest in continuing to retain the information.

Data processing for direct advertising:
We shall process your information (if permitted) for the purpose of direct advertising, particularly for sending our advertising such as invitations, product information, event information and the like. In this case, the data processing shall also take place on the basis of Art. 6 Para. 1 lit. f of the DSGVO and in the interest of informing you about new products, events and services. Every customer has the right to object to this processing, the exercising of which will lead to the termination of the processing for the purpose of direct advertising. If information is stored exclusively for the purpose of direct advertising, this will be deleted if an objection is received.

You consent also represents a data privacy law permission regulation. In so doing, we will explain the purposes of the data processing and your right to withdrawal. If the consent also relates to the processing of personal information, we will expressly point this out to you in the consent, Art. 88 Para. 1 of the EU-DS-GVO in conjunction with section 26 Para. 3 of the BDSG (new).

The processing of special categories of personal information in the sense of Art. 9 Para. 1 of the EU-DS-GVO shall only take place if this is required on the basis of legal regulations and there is no reason to assume that your legitimate interest outweighs the exclusion of the processing, Art. 88 Para. 1 of the EU-DS-GVO in conjunction with section 26 Para. 3 of the BDSG (new).

Passing on to third parties

We will only pass your information on to third parties within the scope of the legal provisions or with appropriate consent. Otherwise passing on to third parties shall not take place, unless we are obliged to do so because of mandatory legal regulations (passing to external locations such as supervisory authorities or prosecuting authorities).

Recipient of the information / categories of recipients

Within our company, we ensure that only those persons receive your information who require it to fulfil the contractual and legal obligations.
In many cases, the service providers support our specialist departments in the fulfilment of their tasks. The necessary data privacy agreements have been concluded with all service providers.
We only send your data to third parties (e.g. lawyers for enforcing outstanding claims) if we have a legal data protection transmission authority (e.g. in accordance with the above-mentioned case groups).
We can also pass your information on to external service providers (e.g. IT service providers, companies that destroy or archive your information, Cloud providers, Datev) which support us in the data processing within the scope of order processing strictly subject to directives.
Data processing never takes place outside the EU or the EEA. However, if such data processing becomes necessary in isolated cases, this will take place exclusively on the basis of the EU standard contract clauses or to countries with regard to which an EU appropriateness decision exists and within the scope of order processing. By request, we would be pleased to let you inspect the contract or provide you with a copy.

We will neither sell your personal information to third parties nor market it in any other way.

Third country transmission / third country transmission intention

The transmission of data to third countries (outside the European Union or the European Economic Area) shall only take place if this is needed to fulfil the contractual obligations, is legally prescribed or you have given us your consent.

Duration of storage of the information

We shall store your information for as long as it is needed for the respective purpose of processing. Please note that many retention deadlines require the storage of your data to (have to) continue. This particularly applies to trade law or tax law retention obligations (e.g. commercial code, fiscal code etc.). If no other retention obligations exist, the information will be automatically deleted once the purpose of use has been achieved.
We can also retain information of you have given us your permission or in the event of legal disputes and we make use of evidence within the scope of legal statutes of limitations which can last for up to thirty years; the usual statute of limitations is three years.

Safe transmission of your information

We use appropriate technical and organisation security measures to give the data which we have stored from accidental or deliberate manipulation, loss, destruction or access by unauthorised persons the best possible protection. The security levels are continuously checked in collaboration with security experts and adapted to new security standards.
The exchange of information from and to our web site takes place in encrypted form. We use HTTPS as the transfer protocol for our web presence, using the latest encryption protocols. We also offer our users content encryption within the scope of the contact forms. This data can only be encrypted by us. It is also possible to use alternative methods of communication (e.g. normal mail).

Obligation to provide information

Various items of personal information are needed for the justification, performance and termination of the debit relationship and the fulfilment of the associated contractual and statutory obligations. The same applies to the use of our web site and the various functions which it provides.
We have summarised details of this for you in the point mentioned above. In certain cases, information must also be collected or made available because of legal provisions. Please note that processing of your inquiry or the fulfilment of the underlying contractual relationship is not possible if this information is not provided.

Categories, sources and origin of the information

The data that we process determines the respective context: This depends on whether you submit an order online or enter an inquiry into our contact form, send us an application or submit a complaint.
Please note that we also make information available separately in a suitable location for special processing situations such as when uploading application documents or in the event of a contact inquiry.

We collect and process the following data when our web site is visited:

• Name of Internet Service Provider
• Details of the web site from which you are visiting us
• Web browser and operating system used
• The IP address which your Internet Service Provider has assigned to you
• Requested files, transmitted quantity of data, downloads/file exports
• Details of the web sites which you access via us, including the date and time
• Cookies (see point "Cookies")
• For technical security reasons (particularly for combating attack attempts on our web server) this data is stored in accordance with Art. 6 Para. 1 lit. F of the EU-DS-GVO. After no more than 7 days, anonymisation takes place by shortening the IP address so that no reference to the user is created.

We collect and process the following data as part of a contact inquiry:

• Surname, first name
• Contact data
• Details of your concern

Automated individual case decisions

We do not use any automated processing processes to make a decision.

Links to other providers

Our web site also contains clearly identifiable links to the web sites of other companies. If links to the web sites of other providers are present, we have no influence on the contents thereof. We can therefore not accept any guarantee or liability for this content. The respective provider or operator of the sites is always responsible for the contents of these sites.
The linked sites have been checked at the point in time of linking for possible legal infringements and recognisable legal violations. No illegal content was discovered at the point in time of linking. However, permanent monitoring of the content of the linked sites is not reasonable without specific indications. If we become aware of legal infringements, links such as these will be removed immediately.

Cookies (Art. 6 Para. 1 lit. f of the EU-DS-GVO / Art. 6 Para. 1 lit a of the EU-DS-GVO if consent given)

Our Internet pages use so-called cookies in several locations. These are used to make our site user-friendlier, more effective and more secure. Cookies are small text files which are stored on your computer and stored by your browser (locally on your hard drive).

We can use these cookies to analyse how users use our web sites. In this way we can adapt the web site contents to visitor needs accordingly. Using the cookies we can also measure the effectiveness of a certain ad and have it positioned in accordance with thematic user interests, for example.

The majority of the cookies that we use are so-called “Session Cookies”. These are automatically deleted after your visit. Permanent cookies are automatically deleted by your computer when their period of validity (usually six months) has been reached or you delete them yourself before the period of validity has elapsed.
The majority of web users accept cookies automatically. However, you can usually also change your browser settings if you would prefer not to send the information. You can still use the facilities on our web site without restrictions (exception: configurators).

We use cookies to make our site user-friendlier, more effective and more secure. We also use cookies which allow us to analyse how users use our web pages. In this way we can adapt the contents to visitor needs accordingly. Using the cookies we can also measure the effectiveness of a certain ad and have it positioned in accordance with thematic user interests, for example. Cookies are stored on the user’s computer and and transferred from here to our site. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing your Internet browser settings. Furthermore, cookies which have already been set can be deleted at any time using an Internet browser or other software programs. This is possible with any of the most commonly used Internet browsers.

Please note: If you deactivate the setting of cookies, not all functions of our Internet site may be usable to their full extent.

User profiles / Web tracking procedures

Analysis programs and other techniques for evaluating your usage behaviour are not used on our web site.

Contact form / making contact by e-mail (Art. 6 Para. 1 lit. a, b EU-DS-GVO)

There is a contact form on our web site which can be used for making contact electronically. If you write to us via the contact form, we will process the data provided in the form for making contact and replying to your questions and requests.
The principle of data economy and data avoidance is applied when doing this, in that you only have to provide the data that we really need to contact you. This is your e-mail address and the message itself. For technical reasons and for legal protection, your IP address is also processed. All of the other data consists of voluntary fields and is optional (e.g. for replying to your questions more individually).
If you contact us by e-mail, we will only process the personal information provided in the e-mail for the purpose of replying to our inquiry. If you do not use the provided forms for making contact, no further data will be collected.

Online facilities in the case of children

Persons under the age of 16 may not send any personal information to us or submit a declaration of consent without permission. We would like to ask parents and guardians to be actively involved in the online activities and interests of their children.