This Privacy Policy governs the websites and services of LAMBSDORFF.

Below we inform you about how we process your personal data in connection with the use of our websites and the provision of our legal services and what rights you have in this respect.

1. DATA CONTROLLER | DATA PROTECTION OFFICER

The data controller responsible for processing personal data within the meaning of the EU General Data Protection Regulation (GDPR) is:

LAMBSDORFF Partnerschaft von Rechtsanwälten mbB 
Oranienburger Straße 3
D-10178 Berlin
info@lambsdorff.law

Further information about this Privacy Policy and about exercising your data protection rights can be obtained from our Data Protection Officer, whom you can contact as follows:

LAMBSDORFF Partnerschaft von Rechtsanwälten mbB 
Data Protection Officer
Oranienburger Straße 3
D-10178 Berlin
privacy@lambsdorff.law

2. COLLECTION OF YOUR PERSONAL DATA

We collect your personal data when

• you use our websites,

• you contact us (e.g., via phone, email, social media or contact forms),

• you retain us as counsel,

• you are an employee, representative, advisor or a counterparty of our (potential) clients,

• you apply for a job with our firm, and/or

• third parties provide us with your personal data in accordance with applicable data protection laws.

3. TYPES OF DATA COLLECTED

We may generally collect the following personal data from you:

• Master Data | Your personal information such as name, address, telephone number, email address, date of birth, place of birth, company information and job title.

• Input Data | Information you provide to us when you contact us or information you provide through channels operated by us (including our websites).

• Engagement Data | Information we exchange in the course of our engagement work, including the initiation of the engagement, with you, your employees, representatives or advisors, opposing parties, insurers, courts, authorities or other third parties; information contained in documents you provide in connection with an engagement or its initiation, as well as identifiers such as file/reference numbers that we create in the course of our engagement work or initiation of the engagement.

• Billing Data | Information you provide to us for billing purposes, such as tax numbers and VAT identification numbers, or that we create for billing purposes, such as invoice numbers.

• Application Data | Information you provide to us in connection with your job application, including any attachments and cover letters you include with your application, as well as other publicly available information relevant to your application (e.g., from any profiles on Xing, LinkedIn or similar professional networks). Your Application Data may contain special categories of personal data pursuant to Article 9 (1) GDPR (e.g. information or photographs that may reveal details regarding your ethnic origin, your eyesight, your health, your religion, or your sexual orientation).

• Usage Data | Information about how you use our websites, such as the type, IP address, IP location and device number of your device, the type and version of the browser used on the device and installed browser plug-ins, information about the mobile network used, time zone settings, operating system and platform, and the time and duration of your visit to our websites.

4. PURPOSES OF PROCESSING | LEGAL BASIS OF PROCESSING | LEGITIMATE INTERESTS

We will process your personal data only to the extent permitted under applicable laws.

The following table describes the purposes for which and the legal basis on which we process your personal data and – where the processing is carried out for the purpose of safeguarding our legitimate interests or those of a third party (Art. 6 (1) 1 f) GDPR) – states the respective legitimate interests relevant in each case: 

 The respective legal basis mentioned in the above table is further described as follows:

• Art. 6 (1) 1 (1) a) GDPR – You have given your consent to the processing of your personal data by us.

• Art. 6 (1) 1 b) GDPR – The processing of your personal data is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such contract.

• Art. 6 (1) 1 c) GDPR – The processing of your personal is necessary for compliance with one of our legal obligations.

• Art. 6 (1) 1 f) GDPR – The processing of your personal is necessary for the purposes of our legitimate interests or those of a third party, and your interests or fundamental rights and freedoms that require the protection of personal data do not override those interests.

• Art. 9 (2) a) GDPR – You have given your express consent to the processing of special categories of personal data by us.

• Art. 9 (2) e) GDPR – The processing relates to certain special categories of personal data that you have manifestly made public.

• § 26 (1) 1 German Federal Data Protection Act (BDSG) – The processing of your personal data is necessary for the decision on the establishment of an employment relationship.

5. NO AUTOMATED DECISION-MAKING

No automated decision-making, including profiling, takes place.

6. RECIPIENTS OF YOUR PERSONAL DATA | THIRD-PARTY SERVICES

We will not disclose your personal data to third parties unless such disclosure is described in this Privacy Policy.

For the purposes described in Clause 4 of this Privacy Policy, we may disclose your personal data to the following recipients within the scope of an existing engagement:

• Courts, bailiffs, public authorities, experts,

• Law firms, patent attorney firms, tax advisory or auditing firms,

• External notaries, and/or

• Representatives, insurers and/or other external advisors.

To facilitate the achievement of the purposes for processing your personal data as described in Clause 4 of this Privacy Policy, we may also disclose your personal data to the recipients listed below in connection with services they provide to us. These recipients may process your personal data only on our express instructions and have committed to us to maintain confidentiality and to ensure appropriate technical and organizational data protection measures:

• Courts, bailiffs, public authorities, experts,   

• Email service providers,

• Web hosting providers,

• Cloud service providers,

• IT support service providers,

• Shipping and courier service providers,

• Secretariat service providers,

• Translation service providers,

• Billing solution providers, and/or

• Payroll and financial accounting service providers.

We may also disclose your personal data to other recipients where required by law, e.g. to respond to a court order or regulatory request.

7. DURATION OF STORAGE OF YOUR PERSONAL DATA

We store your personal data for as long as necessary for the purpose for which it was collected (see Clause 4 of this Privacy Policy) or for as long as we have a legitimate interest in retaining such data.

We also store your personal data for a period prescribed by law, by court order or by regulatory requirements. To the extent necessary, we further retain your personal data until the expiry of applicable limitation periods to enforce our own claims.

If your application to us is unsuccessful, we will delete your personal data six (6) months after notifying you of our rejection.

Insofar as you have consented to the inclusion of your personal data in our applicant database, we will store such data for a period of twenty-four (24) months even in the event of a rejection. At the end of this period, we will delete such data.

In the event of a successful application that leads to an employment relationship with us, certain of your personal data may not be deleted but instead transferred to our human resources information system.

8. USE OF COOKIES

We use cookie technology on our websites. Cookies are small data sets containing alphanumeric information.

When you use our websites, a transient cookie may be stored on your device, which is deleted after you close your browser. We use transient cookies to optimize the display of our websites on your device.

Many browsers allow cookies by default. You can disable the setting of cookies in your browser settings. You can also delete cookies set by our websites in your browser settings. Please note that disabling or deleting cookies may result in restrictions on the functionality of our websites.

9. YOUR DATA SUBJECT RIGHTS

You have the following rights under the GDPR regarding the processing of your personal data:

• Right of access (Art. 15 GDPR),

• Right to rectification (Art. 16 GDPR),

• Right to erasure (so called ‘right to be forgotten’) (Art. 17 GDPR),

• Right to restriction of processing (Art. 18 GDPR),

• Right to data portability (Art. 20 GDPR),

• Right to object to processing in certain cases (Art. 21 GDPR),

• Right to lodge of complaint with a supervisory authority (Art. 77 GDPR), and

• Right to withdraw consent at any time if the processing of your personal data is based on such consent. Such withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.

To exercise your rights with us, please contact our Data Protection Officer.

10. VERSION

This is the current version of the LAMBSDORFF Privacy Policy. We reserve the right to adapt this Privacy Policy, in particular in the event of changes to legal requirements or adjustments to our websites.

Changes to this Privacy Policy will be made by updating this page and, where required, communicated to you separately. We recommend that you review this Privacy Policy at regular intervals.