Privacy policy

1. General information and scope of application

The provider (hereinafter also: “we”) collects, uses and stores your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act and the Telemedia Act. Personal data are individual details about the personal or factual circumstances of an identified or identifiable natural person. In the following, we inform you about the type, scope and purpose of the collection and use of personal data by the provider.
This data protection information applies to the processing of the provider with regard to data processing on the website

2. Who is responsible for data processing and who can you contact?

Responsible for data processing is:

Ehmann&Ehmann PartGmbB

Beethovenstraße 23

87435 Kempten

3. Which data is processed and from which sources do they originate?

We process personal data (Art. 4 No. 1 GDPR), which we receive in the context of our activity as a law firm, e.B. in the case of mandate requests. The personal data processed by us includes the following personal data (name, address, e-mail addresses, possibly other data on reservations and communication content). We receive the data by contacting us.

4. For what purpose is the data processed and on what legal bases is the processing based?

We process personal data in accordance with Article 6(1)(b) in order to provide our services as a law firm and to record and process your enquiries. We process personal data in accordance with Article 6 (1) a) in order to draw your attention to our offers. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit.c GDPR. In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. In this case, the processing would be based on Art. 6 I lit. d GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail.

5. Legitimate interests in the processing pursued by the controller or a third party

If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the execution of our business activities and the associated communication with you (Adult 47 GDPR).

6. Data protection for applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of processing the application process on the basis of Article 6 I lit b GDPR. Processing may also be carried out electronically. This is particularly the case if an applicant submits corresponding application documents to the controller electronically, for example by e-mail or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

7. SSL encryption

Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

8. Server Logfiles

Based on Art. 6 para. 1 lit. f GDPR, we collect and store information about the visit to our website in so-called server log files, which your browser automatically transmits to us. These are:
Shortened IP address Browser
Operating system
used Referrer URL (the previously visited page)
Date and time of the server
request Required amount of data of the requesting provider

This data is collected exclusively for statistical purposes. A combination of this data with other data sources is not carried out.

9. Use of cookies

Our website does not use cookies.

10. Duration of storage and routine deletion

We process and store personal data only for the period necessary to achieve the purpose of processing or if this has been provided for in laws or regulations to which the controller is subject. If the storage purpose no longer applies or if a legally prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

11. Is there an automated decision-making process?

We do not use automated decision-making processes pursuant to Article 22 GDPR for the initiation of decisions on the establishment or implementation of the business relationship that would have legal consequences for the data subject or similar significant negative effects on this person.

12. Rights of data subjects

In accordance with Article 15 GDPR, the data subject has the right, upon request, to receive information free of charge about the personal data stored about him  and the purpose of the data processing. In accordance with Articles 16, 17 and 18 GDPR, the data subject also has the right to correct incorrect data as well as to block and delete his or her personal data. Under the conditions specified in Article 20 GDPR, he is also entitled to receive the personal data concerning him that has been stored in a structured, commonly used and machine-readable format and to transmit this data to another controller without hindrance from the provider. In addition, pursuant to Article 21 (1) GDPR, the data subject is entitled to object to the processing of personal data concerning him or her based on Article 6 (1) (e) or (f) GDPR for reasons arising from his or her particular situation. The provider will fulfill the aforementioned rights of the data subject, insofar as the legal requirements for the assertion of the rights are met. Any requests for your personal data should be addressed to the e-mail address or address given in the imprint of our website. Every data subject has the right to lodge a complaint with a data protection supervisory authority about the processing of data when using the website.