Privacy Statement

This statement is to inform you about the processing of your personal data by us and the rights to which you are entitled under the current data protection law.

1. Person responsible for the data processing

Schmid, v. Buttlar & Partner
Rechtsanwälte • Steuerberater mbB
Schloßschmidstr. 3
80639 München (Germany)
Phone: +49 (0)89-55222-0
Fax: +49 (0)89-55222-199

You may contact our external Data Protection Officer under the address below or via email under:

Achim Fimberger, Kathreinweg 33, 81827 München (Germany)
Email: or

2. Type of data processed and data subjects

2.1 About the informational use of the website

When our website is called up by the web browser (or “browser”) used by the user installed by the user on the end device used, the following information is transmitted to the web server used by us:

  • the IP address of the requesting device,

  • date and time when our website is accessed,

  • indication of the time lag between requesting host and the webserver,

  • content of the requested or accessed file transmitted to the user,

  • the access status (successful transmission, error, etc.),

  • the amount of data in byte actually transmitted,

  • the website from where the access by the user has taken place,

  • the browser used by the user, the operating system, the user interface, the language of the browser and the version of the browser software.

We do not use any cookies or analytics and marketing services (such as Google Analytics).

2.2 When you contact us via email

When you contact us via email, we will collect your title, first and last name as well as the name of your company, and the email address.

2.3 When you use our LinkedIn presence

2.3.1 Type of the data processed by LinkedIn

For information about what data is processed by LinkedIn and used for specific purposes, see the Privacy Policy of LinkedIn:

When you use LinkedIn, your personal data is collected, transferred, stored, disclosed, and used by the LinkedIn Corporation. LinkedIn transfers your data in this process from the countries designated in the GDPR to the United States of America (U.S.A.) and back. Currently, the LinkedIn data centers for the storage of the information of their members are located in the U.S.A. and in Singapore.

We have no control over the type and scope of the data processed by LinkedIn, the type of processing and use or the transfer of this data to third parties. In this regard, we also have no effective means of control.

2.3.2 Type of the data processed by us

We do not collect any data about your LinkedIn account ourselves. However, the data entered by you at LinkedIn, in particular your username and the contents published under your account, is processed by us to the effect that we may share or comment on your postings or may also edit own postings that refer to your account. The data published and disseminated freely by you at LinkedIn data is included by us in our service and is made accessible to the LinkedIn followers and subscribers.

As the provider of our LinkedIn page, we do not collect and process any additional personal data from your use of our service. The page exclusively serves the purpose of information and communication.

3. Purposes of the data processing

3.1 Informational use of the website

The data collected is technically required to enable us to correctly display this page and to ensure its stability and security and to provide to the prosecution authorities the information necessary in the event of a cyber attack.

3.2 When you contact us via email

When you contact us via email, we process the data communicated by you for the purpose of processing your request.

3.3 When you use our LinkedIn presence

We use our LinkedIn profile page in order to with communicate with our clients, interested parties, and LinkedIn visitors, and to inform them about our range of services.

4. Legal basis of the data processing

4.1 Informational use of the website

We process your personal data on the basis of the privacy-related provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and all further applicable laws.

The data processing is based on our legitimate interests as provided in Art. 6(1), s. 1, lit. f, of the GDPR.

4.2 When you contact us via email

The data processing is based on your consent that you express by contacting us as provided in Art. 6(1), s. 1, lit. a, of the GDPR

4.3 When you use our LinkedIn presence

The data processing is based on our legitimate interests as provided in Art. 6(1), s. 1, lit. f, of the GDPR.

5. Categories of recipients

We use some contract data processors with whom we have concluded the legally required agreements and who process our data exclusively within the European Union or the European Economic Area in compliance with all statutory requirements.

Your personal data is transferred to third parties only to the extent permitted by law to extent of your prior consent. The recipients of your personal data may also be the data subjects referred to above.

6. Duration of the data storage

6.1 Informational use of the website

The logfiles are stored for a maximum of seven days, with the exception of logfiles logging accesses that are required for the further prosecution of attacks and incidents. In this event, the duration of the storage depends on the statutory limitation periods, which in certain cases may be up to thirty years.

6.2 When you contact us via email

The duration of the storage of personal data collected on the basis of email requests is governed by the purpose of the contact. Email correspondence is archived by us in accordance with the principles of proper keeping and storage of recordings and documents and of data access. Archived emails are deleted after a period of 10 years.

6.3 When using our LinkedIn presence

We do not store any data. LinkedIn stores data until such data is no longer needed, in order to provide the services and LinkedIn products or until the visitor account is deleted, whichever occurs first. This is a case-by-case determination depending on specific criteria such as the type of data, the purpose of the data collection and processing as well as the relevant legal or operational storage requirements.

7. Your rights as a data subject

You may request information about your personal data stored by us (Art. 15 GDPR) at the address referred to above.

Moreover, you have the right to request a correction of incorrect data stored by us about your person (Art. 16 GDPR). You also have the right, taking into account the purposes of the processing, to request the completion of your personal data, where we have stored incomplete data.

In addition, you may under certain condition request the deletion of your personal data (Art. 17 GDPR).

Moreover, you may have right to request that we limit the processing of your data (Art. 18 GDPR) and a right that we surrender the data provided by you; such data must be surrendered by us in a structured, common and machine-readable format (Art. 20 GDPR).

8. Right to object

You have the right to object to the processing of your personal data for purposes of direct advertising.

If we in particular process personal data from you to safeguard legitimate interests, you may object to this processing if reasons arise from your particular situation that speak against the data processing. You may direct your objection informally to our address referred to above.

9. Right to complain

You have the right to complain to the Data Protection Officer referred to above or to a supervisory authority. The supervisory authority responsible for us and our members resident in Germany is:

Bayerisches Landesamt für Datenschutzaufsicht
Postfach 606
91511 Ansbach (Germany)

As of: 24 January 2024