Our Privacy Policy
The protection of your personal data (referred to hereinafter as “data”) is a major and very important cmatter for us. In the following, we would therefore like to inform you in detail about which data is collected when you visit our website or use our offers there and how it is processed or used by us.
Please note that this privacy policy may be updated from time to time due to the implementation of new technologies and/or changes in the law. Of course, we will always take your reasonable interests into account in any changes.
Controller in terms of Art. 4 No. 7 of the General Data Protection Regulation (hereinafter „GDPR“) is
Rickert Rechtsanwaltsgesellschaft m.b.H., Colmantstraße 15, 53115 Bonn.
This law firm is represented by the CEO Thomas Rickert.
You can contact us via e-mail: info@rickert.law.
If you have any questions or comments about this data protection declaration or about data protection on this website in general, please send them to our data protection officer by e-mail to datenschutz@rickert.law or confidentially by post to the attention of the data protection officer at the following address:
Data Protection Officer
c/o Rickert Rechtsanwaltsgesellschaft mbH
Colmantstraße 15
53115 Bonn
Please also have a look at our imprint at https://rickert.law/impressum/
Legal basis for the processing of your data
Unless the legal basis is explicitly stated in the privacy policy, the following applies:
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) Clause 1 lit. a) GDPR serves the legal basis.
When processing personal data is necessary for the performance of a contract, Art. 6 (1) Clause 1 lit. b) GDPR serves the legal basis. This also applies to processing operations which are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subjected, Art. 6 (1) Clause 1 lit. c) GDPR serves the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) Clause 1 lit. d) GDPR serves the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) Clause 1 lit. f) GDPR serves the legal basis for the data processing.
Duration of Storage
The data which is processed by us will be deleted or restricted in its processing in compliance with the statutory provisions, in particular in accordance with Art. 17 and 18 GDPR. Unless it is expressly stated within the scope of this data protection declaration, we delete stored data as soon as it is no longer required for its intended purpose. Beyond the point in time when the purpose ceases to exist, data will only be retained if it is required for other and legally permissible purposes or if the data must continue to be retained due to legal retention obligations. In these cases the processing is restricted, i.e. blocked, and the data is and is no longer processed for other purposes.
Server log data
For the informational use of our website, it is generally not necessary for you to actively provide personal data. In this case we only collect and use those of your data that your Internet browser automatically transmits to us. This includes:
The date and time of the retrieval of one of our web pages;
your browser type;
the browser settings;
the operating system used;
the page you last visited;
the amount of data transferred and the access status (file transferred, file not found, etc.);
your IP address.
The data will be stored on our servers. We do not store this data together with any other personal data than ist specified above. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. In addition we create log-files. The storage of the created log-files is done to ensure the security of our information technology systems. A personal evaluation of the data, in particular for marketing purposes, does not take place.
The processing of the aforementioned data is mandatory for the offer of a website in accordance with Art. 6 (1) Clause 1 lit. b), lit. c), lit. f) GDPR technically necessary to display our website correctly and to ensure the stability and security. In particular, the purpose of creating log-files is to be able to prove attacks on our information technology systems. We delete server log data from our systems after 7 days at the latest.
Contact form
The processing of your data in the context of contacting us via contact form, e-mail or telephone is carried out, depending on the content of the inquiry, in the case of purely informational inquiries on the basis of your (presumed) consent pursuant to Art. 6 (1) Clause 1 lit. a) GDPR, or pursuant to Art. 6 (1) Clause 1 lit. b) GDPR, insofar as the contact is in connection with (pre-) contractual performance obligations. For contacting us via our form, we only require the specification of an e-mail address in order to be able to answer you as quickly as possible. So that we can address you personally, a name can be given voluntarily.
We will delete your contact requests immediately after processing, unless legal retention periods require further storage.
Applications
You
are welcome to send us your application by e-mail to
karriere@rickert.law. In this case, the personal data you transfer to
us (e.g. name, address, etc.) will be processed. The purpose of
processing personal data is to select a suitable applicant and to
subsequently contact him/her. In the event of a successful
application, collected data may be further processed by us for the
purposes of establishing and maintaining the employment relationship.
The legal basis for the processing of personal data in the context of
an online application is Art. 6 (1) Clause 1 lit. b) GDPR in
conjunction with § 26 BDSG (Bundesdatenschutzgesetz). Beyond the
original purpose (selection of a suitable applicant), we retain your
application data for the defense of legal claims for a period of 6
months from the conclusion of the application process. The basis of
the processing is Art. 6 (1) Clause 1 lit. b) GDPR, Art. 17 (3) lit.
e), Art. 6 (1) Clause 1 lit. f) GDPR. At your express request, we
will store your application data in a talent pool in order to
consider you at a later date when filling vacant positions. Your
express consent is required for this. Please contact us for further
information. Please note your request accordingly in your cover
letter. The legal basis for this is Art. 6 (1) Clause 1 lit. a), Art.
7 GDPR. This consent also refers to special categories of data in
accordance with Art. 9 GDPR (e.g. photos, information about severely
disabled persons, etc.), insofar as these have been transmitted to us
by you. You can revoke your consent at any time. In this case, your
data will be deleted immediately. We will delete your data no later
than 3 years after receipt of your application. Please note that for
organizational reasons this is only possible for applicants who are
over 16 years old. Application data of applicants under 16 years of
age will be destroyed after expiry of the above-mentioned deadlines.
Order
processing and recipients of data
In
some cases, we use external service providers who are bound by our
instructions to process your data. These have been carefully selected
and commissioned by us and are regularly monitored. The assignments
are each based on an agreement on commissioned processing in
accordance with Art. 28 GDPR. Independent processing for our own
purposes does not take place through the commissioned processors.
For
the operation of this website, we use a hosting provider who
processes inventory data, contact data, content data, contract data,
usage data, meta data and communication data of visitors to this
website on our behalf and on the basis of our legitimate interests in
an efficient and secure provision of this online offer pursuant to
Art. 6 (1) Clause 1 lit. f), 28 GDPR.
The
provider Stripe Payments Europe Limited (SPEL), 1 Grand Canal Street
Lower, Grand Canal Dock, Dublin, D02 H210 Ireland is used for the
administration of customer and contract data, billing and payment
processing. Stripe is itself responsible for the processing of
payments within the meaning of Art. 4 No. 7 GDPR. Stripe is a service
that is used to record and manage client data via online
registrations, automatically generate and send invoices and process
payments. Clients can use the self-service portal to manage their
data and contract status (e.g. change billing address,
increase/decrease/cancel subscription), change payment methods and
means and download invoices. Client, contract and payment data are
transmitted to Stripe via an encrypted interface from the SeaTable
service or the SeaTable Market store and stored on Stripe’s servers.
Billing takes place automatically at the contractually agreed times.
For payment methods that allow automatic processing (e.g. credit
card), invoice amounts are collected automatically.
The
legal basis for the transfer to the payment service provider is the
fulfillment of the contract pursuant to Art. 6 (1) Clause 1 lit. b)
GDPR and our legitimate interests in secure payment processing and
fraud prevention pursuant to Art. 6 (1) Clause 1 lit. f) GDPR.
The
US parent company Stripe Inc. has joined the EU-US Data Privacy
Framework in the USA. If data is transferred to the USA, this is done
on the basis of the European Commission’s adequacy decision on the
EU-US Data Privacy Framework, Art. 45 GDPR. This certification
confirms that Stripe Inc. complies with the required data protection
regulations and practices. Further information on the functions of
Stripe can be found at https://stripe.com/de/use-cases/saas
You
can find Stripe’s privacy policy at https://stripe.com/de/privacy
Rights
of the data subject
In
accordance with the law you may exercise the following rights
gratuitous against the data controller:
Right
of information (Art. 15 GDPR);
Right
to rectification or erasure (Art. 16 and Art. 17 GDPR);
Right
of restriction of the processing (Art. 18 GDPR);
Right
of data portability (Art. 20 GDPR);
Right
of object to processing (Art. 21 GDPR).
You
also have the right to lodge a complaint with a data protection
supervisory authority about the processing of your personal data by
the controller.
Social
media
We
deliberately refrain from using social media plug-ins on our
websites. In order to provide you with information, we nevertheless
maintain profiles in social networks. Please note that in this
context, only the respective operator of the social network is the
responsible party in terms of data protection law.
Fonts
We
use the service “Google-Fonts” to display fonts on our website.
This is a service of the company Google (service provider: Google
Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Parent company: Google LLC 1600 Amphitheatre Parkway Mountain View,
CA 94043, USA), which does not set cookies (compare the term “cookie”
below under “Use of cookies”).
The
use of Google Fonts is solely for the purpose of displaying the fonts
on our website and is carried out in our legitimate interest (Art. 6
(1) Clause 1 lit. f) GDPR) in a technically secure, maintenance-free
and efficient use of fonts, their uniform display and taking into
account possible restrictions under licensing law for their
integration. Although the tool does not use cookies, your
meta/communication data (IP address, device information if
applicable) is transmitted to Google, as this is technically
necessary to retrieve the fonts.
You
can find further information in the privacy policy of Google:
https://www.google.com/policies/privacy
Use
of cookies
We
use the technology of cookies for our Internet presence. Cookies are
small text files that are sent from our web server to your browser
when you visit our website and are stored on your computer for later
retrieval.
You
can determine yourself whether cookies can be set and retrieved by
means of the settings in your browser. You can e.g. completely
deactivate the storage of cookies in your browser, restrict it to
certain web pages or configure your browser so that it automatically
informs you as soon as a cookie is to be set and asks you for
feedback on this. For the full functionality of our website, however,
it is necessary to allow cookies for technical reasons.
Cookies
are needed to save settings on the website. This includes in
particular the selected language. The functional duration for these
cookies is one year.
The
legal basis for the use of cookies is Art. 6 (1) Clause 1 lit. f)
GDPR, unless otherwise stated.
Data
security
We
use technical and organizational security measures to protect
personal data that we receive or collect, in particular against
accidental or intentional manipulation, loss, destruction or against
attack by unauthorized persons. Our security measures are
continuously improved in line with technological developments.
matomo tracking
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.