Privacy Policy

DATENSCHUTZERKLÄRUNG 

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection provisions is:

Manitz Finsterwald Patent- und Rechtsanwaltspartnerschaft mbB

Martin-Greif-Str. 1
80336 Munich
Germany
+49 89 21 99 430
manitz@patente.de
www.patente.de

Contacting the data protection officer

The data protection officer of the controller is:

DataCo GmbH
Nymphenburger Str. 86
80636 Munich
Germany
+49 89 7400 45840
www.dataguard.de

Introduction

We are writing to inform you about how we process your personal data on our website. How your data is collected and used depends on your interaction with us. We collect, use and share your data only on a legitimate legal basis.

Legal basis for processing

We process your personal data based on one of the following legal bases:

  1. Consent (Art. 6 para. 1 sentence 1 lit. a GDPR):
    You have given us your consent for a specific purpose. You can revoke this consent at any time. Details can be found in the section “Exercise of your rights”.
  2. Contract (Art. 6 para. 1 sentence 1 lit. b GDPR):
    Your data is necessary for the fulfillment of a contract or pre-contractual measures that take place at your request.
  3. Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR):
    We process your data to fulfill legal requirements.
  4. Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR):
    The data processing protects your or another person's vital interests, e.g. in emergencies.
  5. Public task (Art. 6 para. 1 sentence 1 lit. e GDPR):
    Data is processed in order to perform a task in the public interest or in the exercise of official authority.
  6. Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR):
    Processing is carried out to protect the legitimate interests of us or third parties, provided that these do not outweigh your interests.

Sharing data and international data transfers

We use service providers to support us in providing our services and ensuring the security of your data. We enter into agreements with these service providers that require them to protect your data.
If personal data is transferred outside the EU, we ensure that an adequate level of data protection is in place (e.g. standard contractual clauses of the EU Commission or the EU-US Data Privacy Framework).
You can request a copy of the relevant contractual clauses by email.

Your rights

1. Right of access (Art. 15 GDPR)

You have the right to request confirmation from us as to whether we are processing personal data about you. If this is the case, you can request the following information:

  • The purposes of the processing;
  • The categories of personal data processed;
  • The recipients or categories of recipients;
  • The planned storage period or the criteria for determining it;
  • the existence of the right to request from the controller without undue delay the rectification of inaccurate personal data, or the erasure of personal data, or the restriction of processing of personal data concerning the data subject, or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

2. Right to rectification (Art. 16 GDPR)

You have the right to request the immediate correction of incorrect or incomplete personal data.

3. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

Under certain conditions, you have the right to request the erasure of your personal data. This applies in particular if:

  • The data is no longer necessary in relation to the purposes for which it was collected;
  • you revoke your consent and there is no other legal basis;
  • you object to the processing and there are no overriding legitimate reasons;
  • the processing is unlawful;
  • there is a legal obligation to delete.

4. Right to restriction of processing (Art. 18 GDPR)

Under certain circumstances, you can request that the processing be restricted, e.g. if you dispute the accuracy of your data or if the processing is unlawful.

5. Right to data portability (Art. 20 GDPR)

You have the right to receive your data in a structured, commonly used and machine-readable format or to request its direct transfer to another controller.

6. Right to object (Art. 21 GDPR)

You can object to the processing of your data at any time if it is carried out on the basis of Art. 6 para. 1 sentence 1 e or f GDPR.

7. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

If you believe that the processing of your data violates the GDPR, you can file a complaint with a supervisory authority. In Germany, these are the state data protection authorities. You can find a list at:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Provision of the website and creation of log files

1. Description and scope of the data processing

Every time our website is accessed, our system automatically collects data and information from the accessing computer system.
The following data is collected:

  • Information about the browser type and version used
  • Date and time of access

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose of data processing

The system needs to store the IP address temporarily to enable the website to be delivered to the user's computer. To do this, the user's IP address must be stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

3. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest).

4. Duration of storage

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. If the data is stored to provide the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. It is possible to store the data for a longer period. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign them to the accessing client.

5. Exercising your rights

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. The user can object to this. Whether the objection is successful is to be determined in the context of a balancing of interests.

Email contact

1. Description and scope of the data processing

On our website, it is possible to contact us via the email address provided. In this case, the user's personal data transmitted by email will be stored.

This data is used exclusively for the purpose of processing the conversation.

2. Purpose of data processing

The processing of the data is carried out exclusively for the purpose of processing your request and is based on our legitimate interest in responding to you in the best possible way.

If you contact us with the intention of concluding a contract, the processing of your data serves to carry out pre-contractual measures.

3. Legal basis for data processing

  • Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest) (berechtigtes Interesse)
  • Art. 6 para. 1 sentence 1 lit. b GDPR (performance of a contract, e.g. in the context of application processes) (Vertragserfüllung oder vorvertragliche Maßnahmen)

4. Duration of storage

The data will be deleted as soon as the purpose of the collection no longer applies. In the case of inquiries by e-mail, this usually occurs at the end of the conversation, unless a longer storage period is required by law.

5. Exercising your rights

You can object to the storage of your personal data at any time. In this case, the conversation will be terminated and all stored personal data will be deleted.

Email contact

1. Description and scope of the data processing

On our website, it is possible to contact us via the email address provided. In this case, the user's personal data transmitted by email will be stored.

This data is used exclusively for the purpose of processing the conversation.

2. Purpose of data processing

The processing of the data is carried out exclusively for the purpose of processing your request and is based on our legitimate interest in responding to you in the best possible way.

If you contact us with the intention of concluding a contract, the processing of your data serves to carry out pre-contractual measures.

3. Legal basis for data processing

  • Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest) (berechtigtes Interesse)
  • Art. 6 para. 1 sentence 1 lit. b GDPR (performance of a contract, e.g. in the context of application processes) (Vertragserfüllung oder vorvertragliche Maßnahmen)

4. Duration of storage

The data will be deleted as soon as the purpose of the collection no longer applies. In the case of inquiries by e-mail, this usually occurs at the end of the conversation, unless a longer storage period is required by law.

5. Exercising your rights

You can object to the storage of your personal data at any time. In this case, the conversation will be terminated and all stored personal data will be deleted.

Applying by email and/or using the application form

1. Description and scope of the data processing

Our website includes an application form that can be used for electronic applications. If an applicant uses this option, the data entered in the input mask will be transmitted to us and stored. These data are:

  • Title
  • Surename
  • First name
  • Telephone/mobile number
  • Email address
  • Salary expectations
  • Curriculum vitae
  • Certificates

Alternatively, you can also send us your application by email. In this case, we collect your email address and the data you provide in the email. After sending your application, you will receive an email from us confirming receipt of your application documents.

Your data will not be passed on to third parties. The data will be used exclusively for processing your application.

2. Purpose of data processing

The processing of personal data from the application form is used solely to process your application. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serve to prevent misuse of the application form and to ensure the security of our information technology systems.

3. Legal basis for data processing

The legal basis for the processing of your data is the contract initiation that takes place at the request of the data subject, Art. 6 para. 1 sentence 1 lit. b Alt. 1 GDPR and § 26 para. 1 sentence 1 BDSG.

The legal basis for the processing of data in the context of the applicant pool is the explicit declaration of consent of the applicant, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR. You can revoke your consent at any time with effect for the future.

4. Duration of storage

After completion of the application process, the data will be stored for up to 3 months. At the latest after the expiration of the 3 months, your data will be deleted. In the event of a legal obligation, the data will be stored in accordance with the applicable provisions.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

Use of company profiles in professional networks

1. Scope of data processing

We maintain company profiles on the following professional networks:

  • LinkedIn

These serve to communicate with users, provide information and carry out application processes (active sourcing).

If you are active on our company profile (e.g. with comments, likes or posts), personal data (e.g. your name or profile picture) may become publicly visible.

2. Legal basis for data processing

  • Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest) Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest: communication and provision of information)
  • Art. 6 para. 1 sentence 1 lit. b GDPR (performance of a contract, e.g. in the context of application processes) (Vertragserfüllung, z. B. im Rahmen von Bewerbungsprozessen)

3. Purpose of data processing

Data processing is carried out for the purpose of providing information, communicating with users and carrying out application processes.

4. Duration of storage

The data generated by activities on our company websites are not stored in our own systems.

5. Exercising your rights

You can object to the processing of your personal data at any time. You can find information on how to assert your rights in the data protection declarations of the corresponding platforms:

Hosting

The website is hosted on our own servers. Third parties do not have access to server log files.

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The stored information is:

  • Information about the browser type and version used
  • Date and time of access

This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 sentece 1 lit. f GDPR. Our legitimate interest in processing this data is to present our website error-free and to optimize its functions.

The location of the website server is geographically in Germany.

This data protection declaration was created with the support of DataGuard.