Skip to content

Privacy Policy

Our Privacy Policy

Our Privacy Policy

The protection of your personal data (referred to hereinafter as “data”) is a major and very important cmatter for us. In the following, we would therefore like to inform you in detail about which data is collected when you visit our website or use our offers there and how it is processed or used by us.

Please note that this privacy policy may be updated from time to time due to the implementation of new technologies and/or changes in the law. Of course, we will always take your reasonable interests into account in any changes.

Controller in terms of Art. 4 No. 7 of the General Data Protection Regulation (hereinafter „GDPR“) is

Rickert Rechtsanwaltsgesellschaft m.b.H., Colmantstraße 15, 53115 Bonn.

This law firm is represented by the CEO Thomas Rickert.

You can contact us via e-mail: info@rickert.law.

If you have any questions or comments about this data protection declaration or about data protection on this website in general, please send them to our data protection officer by e-mail to datenschutz@rickert.law or confidentially by post to the attention of the data protection officer at the following address:

Data Protection Officer

 c/o Rickert Rechtsanwaltsgesellschaft mbH

Colmantstraße 15

53115 Bonn

 

Please also have a look at our imprint at https://rickert.law/impressum/

 

Legal basis for the processing of your data

 

Unless the legal basis is explicitly stated in the privacy policy, the following applies:

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) Clause 1 lit. a) GDPR serves the legal basis.

When processing personal data is necessary for the performance of a contract, Art. 6 (1) Clause 1 lit. b) GDPR serves the legal basis. This also applies to processing operations which are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subjected, Art. 6 (1) Clause 1 lit. c) GDPR serves the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) Clause 1 lit. d) GDPR serves the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) Clause 1 lit. f) GDPR serves the legal basis for the data processing.

 

Duration of Storage

The data which is processed by us will be deleted or restricted in its processing in compliance with the statutory provisions, in particular in accordance with Art. 17 and 18 GDPR. Unless it is expressly stated within the scope of this data protection declaration, we delete stored data as soon as it is no longer required for its intended purpose. Beyond the point in time when the purpose ceases to exist, data will only be retained if it is required for other and legally permissible purposes or if the data must continue to be retained due to legal retention obligations. In these cases the processing is restricted, i.e. blocked, and the data is and is no longer processed for other purposes.

 

Server log data

For the informational use of our website, it is generally not necessary for you to actively provide personal data. In this case we only collect and use those of your data that your Internet browser automatically transmits to us. This includes:

 

The date and time of the retrieval of one of our web pages;

your browser type;

the browser settings;

the operating system used;

the page you last visited;

the amount of data transferred and the access status (file transferred, file not found, etc.);

your IP address.

 

The data will be stored on our servers. We do not store this data together with any other personal data than ist specified above. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. In addition we create log-files. The storage of the created log-files is done to ensure the security of our information technology systems. A personal evaluation of the data, in particular for marketing purposes, does not take place.

 

The processing of the aforementioned data is mandatory for the offer of a website in accordance with Art. 6 (1) Clause 1 lit. b), lit. c), lit. f) GDPR technically necessary to display our website correctly and to ensure the stability and security. In particular, the purpose of creating log-files is to be able to prove attacks on our information technology systems. We delete server log data from our systems after 7 days at the latest.

 

Contact form

The processing of your data in the context of contacting us via contact form, e-mail or telephone is carried out, depending on the content of the inquiry, in the case of purely informational inquiries on the basis of your (presumed) consent pursuant to Art. 6 (1) Clause 1 lit. a) GDPR, or pursuant to Art. 6 (1) Clause 1 lit. b) GDPR, insofar as the contact is in connection with (pre-) contractual performance obligations. For contacting us via our form, we only require the specification of an e-mail address in order to be able to answer you as quickly as possible. So that we can address you personally, a name can be given voluntarily.

 

We will delete your contact requests immediately after processing, unless legal retention periods require further storage.

Applications

You are welcome to send us your application by e-mail to karriere@rickert.law. In this case, the personal data you transfer to us (e.g. name, address, etc.) will be processed. The purpose of processing personal data is to select a suitable applicant and to subsequently contact him/her. In the event of a successful application, collected data may be further processed by us for the purposes of establishing and maintaining the employment relationship. The legal basis for the processing of personal data in the context of an online application is Art. 6 (1) Clause 1 lit. b) GDPR in conjunction with § 26 BDSG (Bundesdatenschutzgesetz). Beyond the original purpose (selection of a suitable applicant), we retain your application data for the defense of legal claims for a period of 6 months from the conclusion of the application process. The basis of the processing is Art. 6 (1) Clause 1 lit. b) GDPR, Art. 17 (3) lit. e), Art. 6 (1) Clause 1 lit. f) GDPR. At your express request, we will store your application data in a talent pool in order to consider you at a later date when filling vacant positions. Your express consent is required for this. Please contact us for further information. Please note your request accordingly in your cover letter. The legal basis for this is Art. 6 (1) Clause 1 lit. a), Art. 7 GDPR. This consent also refers to special categories of data in accordance with Art. 9 GDPR (e.g. photos, information about severely disabled persons, etc.), insofar as these have been transmitted to us by you. You can revoke your consent at any time. In this case, your data will be deleted immediately. We will delete your data no later than 3 years after receipt of your application. Please note that for organizational reasons this is only possible for applicants who are over 16 years old. Application data of applicants under 16 years of age will be destroyed after expiry of the above-mentioned deadlines.

 

Order processing and recipients of data

In some cases, we use external service providers who are bound by our instructions to process your data. These have been carefully selected and commissioned by us and are regularly monitored. The assignments are each based on an agreement on commissioned processing in accordance with Art. 28 GDPR. Independent processing for our own purposes does not take place through the commissioned processors.

For the operation of this website, we use a hosting provider who processes inventory data, contact data, content data, contract data, usage data, meta data and communication data of visitors to this website on our behalf and on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 (1) Clause 1 lit. f), 28 GDPR.



The provider Stripe Payments Europe Limited (SPEL), 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210 Ireland is used for the administration of customer and contract data, billing and payment processing. Stripe is itself responsible for the processing of payments within the meaning of Art. 4 No. 7 GDPR. Stripe is a service that is used to record and manage client data via online registrations, automatically generate and send invoices and process payments. Clients can use the self-service portal to manage their data and contract status (e.g. change billing address, increase/decrease/cancel subscription), change payment methods and means and download invoices. Client, contract and payment data are transmitted to Stripe via an encrypted interface from the SeaTable service or the SeaTable Market store and stored on Stripe’s servers. Billing takes place automatically at the contractually agreed times. For payment methods that allow automatic processing (e.g. credit card), invoice amounts are collected automatically.

The legal basis for the transfer to the payment service provider is the fulfillment of the contract pursuant to Art. 6 (1) Clause 1 lit. b) GDPR and our legitimate interests in secure payment processing and fraud prevention pursuant to Art. 6 (1) Clause 1 lit. f) GDPR.

The US parent company Stripe Inc. has joined the EU-US Data Privacy Framework in the USA. If data is transferred to the USA, this is done on the basis of the European Commission’s adequacy decision on the EU-US Data Privacy Framework, Art. 45 GDPR. This certification confirms that Stripe Inc. complies with the required data protection regulations and practices. Further information on the functions of Stripe can be found at https://stripe.com/de/use-cases/saas

You can find Stripe’s privacy policy at https://stripe.com/de/privacy



Rights of the data subject

In accordance with the law you may exercise the following rights gratuitous against the data controller:

Right of information (Art. 15 GDPR);

Right to rectification or erasure (Art. 16 and Art. 17 GDPR);

Right of restriction of the processing (Art. 18 GDPR);

Right of data portability (Art. 20 GDPR);

Right of object to processing (Art. 21 GDPR).

You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data by the controller.

Social media

We deliberately refrain from using social media plug-ins on our websites. In order to provide you with information, we nevertheless maintain profiles in social networks. Please note that in this context, only the respective operator of the social network is the responsible party in terms of data protection law.

Fonts

We use the service “Google-Fonts” to display fonts on our website. This is a service of the company Google (service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Parent company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA), which does not set cookies (compare the term “cookie” below under “Use of cookies”).

The use of Google Fonts is solely for the purpose of displaying the fonts on our website and is carried out in our legitimate interest (Art. 6 (1) Clause 1 lit. f) GDPR) in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible restrictions under licensing law for their integration. Although the tool does not use cookies, your meta/communication data (IP address, device information if applicable) is transmitted to Google, as this is technically necessary to retrieve the fonts. 

You can find further information in the privacy policy of Google: https://www.google.com/policies/privacy 

 Use of cookies

We use the technology of cookies for our Internet presence. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored on your computer for later retrieval.

You can determine yourself whether cookies can be set and retrieved by means of the settings in your browser. You can e.g. completely deactivate the storage of cookies in your browser, restrict it to certain web pages or configure your browser so that it automatically informs you as soon as a cookie is to be set and asks you for feedback on this. For the full functionality of our website, however, it is necessary to allow cookies for technical reasons.

Cookies are needed to save settings on the website. This includes in particular the selected language. The functional duration for these cookies is one year.

The legal basis for the use of cookies is Art. 6 (1) Clause 1 lit. f) GDPR, unless otherwise stated.

 Data security

We use technical and organizational security measures to protect personal data that we receive or collect, in particular against accidental or intentional manipulation, loss, destruction or against attack by unauthorized persons. Our security measures are continuously improved in line with technological developments.