Header

Privacy policy

1. Name and contact details of the person responsible

This privacy policy provides information about the processing of personal data on the website of the law firm of:
Markus Stefani
Tax consultant
Stuttgarter Straße 58
74321 Bietigheim-Bissingen
Phone: 07142 91562-0

2. Scope and purpose of the processing of personal data

2.1 Calling up the website

When this website sh-steuerberater.de is accessed, data is automatically sent to the server of this website by the Internet browser used by the visitor and stored in a log file for a limited period of time. Until automatic deletion, the following data is stored without further input by the visitor:

  • IP address of the visitor’s end device,
  • Date and time of access by the visitor,
  • Name and URL of the page accessed by the visitor,
  • Website from which the visitor reaches the law firm’s website (so-called referrer URL),
  • Browser and operating system of the visitor’s end device as well as the name of the access provider used by the visitor.

The processing of this personal data is justified in accordance with Art. 6 para. 1 sentence 1 letter f) GDPR. The law firm has a legitimate interest in data processing for this purpose,

  • quickly establish the connection to the law firm’s website,
  • to enable a user-friendly use of the website,
  • recognise and ensure the security and stability of the systems and
  • to facilitate and improve the administration of the website.

The processing is expressly not carried out for the purpose of gaining knowledge about the person visiting the website.

2.2 Contact form

Visitors can send messages to the law firm via an online contact form on the website. In order to receive a reply, it is necessary to provide at least a valid e-mail address. All other information can be provided voluntarily by the person making the enquiry. By sending the message via the contact form, the visitor consents to the processing of the personal data transmitted. Data processing is carried out exclusively for the purpose of processing and responding to enquiries via the contact form. This is done on the basis of the voluntarily granted consent in accordance with Art. 6 para. 1 sentence 1 letter a) GDPR. The personal data collected for the use of the contact form will be automatically deleted as soon as the enquiry has been dealt with and there are no reasons for further storage (e.g. subsequent commissioning of our law firm).

3. Forwarding of data

Personal data is transferred to third parties if

  • the data subject has expressly consented to this pursuant to Art. 6 (1) sentence 1 (a) GDPR,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 letter f) GDPR is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that the data subject has an overriding legitimate interest in the non-disclosure of their data,
  • for data transmission pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR there is a legal obligation, and/or
  • this is necessary for the fulfilment of a contractual relationship with the data subject pursuant to Art. 6 para. 1 sentence 1 letter b) GDPR.

In other cases, personal data will not be passed on to third parties.

4. Integration of YouTube videos

YouTube videos are integrated on this website. In order to make this compliant with data protection regulations, YouTube videos are integrated using the WP Youbube Lyte plugin. This ensures that no connection to YouTube is initially established when the website is loaded. Only when you click on the video is a connection to the Google servers established and data sent to Google. The connection is established via the domain youtube-nocookie.com. Google’s privacy policy applies.

5. Your rights as a data subject

If your personal data is processed when you visit our website, you have the following rights as a „data subject“ within the meaning of the GDPR:

5.1 Information

You can request information from us as to whether your personal data is being processed by us. There is no right to information if the provision of the requested information would violate the duty of confidentiality pursuant to Section 57 (1) StBerG or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding this, there may be an obligation to provide information if your interests outweigh the interest in confidentiality, in particular taking into account the threat of damage. The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or exclusively serves the purposes of data backup or data protection control, provided that the provision of information would require a disproportionately high effort and processing for other purposes is excluded by suitable technical and organisational measures. If the right to information is not excluded in your case and your personal data is processed by us, you can request the following information from us:

  • Purposes of processing, categories of personal data processed by you,
  • Recipients or categories of recipients to whom your personal data is disclosed, in particular recipients in third countries,
  • if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining the storage period,
  • the existence of a right to rectification or erasure or restriction of processing of personal data concerning you or a right to object to such processing,
  • the existence of a right to lodge a complaint with a data protection supervisory authority,
  • if the personal data have not been collected from you as the data subject, the available information on the origin of the data,
  • where applicable, the existence of automated decision-making including profiling and meaningful information about the logic involved, as well as the significance and envisaged consequences of automated decision-making,
  • if applicable, in the case of transfer to recipients in third countries, provided that no decision of the EU Commission on the adequacy of the level of protection pursuant to Art. 45 para. 3 GDPR exists, information on the appropriate safeguards pursuant to Art. 46 para. 2 GDPR for the protection of personal data.

5.2 Correction and completion

If you discover that we have incorrect personal data about you, you can demand that we correct this incorrect data immediately. If your personal data is incomplete, you can request that it be completed.

5.3 Cancellation

You have the right to erasure („right to be forgotten“), unless the processing is necessary for exercising the right of freedom of expression, the right to information or for compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following reasons applies:

  • The personal data are no longer necessary for the purposes for which they were processed.
  • The justification for the processing was exclusively your consent, which you have revoked.
  • You have objected to the processing of your personal data that we have made public.
  • You have objected to the processing of personal data not made public by us and there are no overriding legitimate grounds for the processing.Your personal data has been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation to which we are subject.

There is no right to erasure if, in the case of lawful non-automated data processing, erasure is not possible or only possible with disproportionate effort due to the special type of storage and your interest in erasure is low. In this case, the restriction of processing takes the place of erasure.

5.4 Restriction of processing

You can demand that we restrict processing if one of the following reasons applies:

  • You dispute the accuracy of the personal data. In this case, the restriction may be requested for the period of time that enables us to verify the accuracy of the data.
  • The processing is unlawful and you request the restriction of the use of your personal data instead of erasure.
  • We no longer need your personal data for the purposes of processing, but you need it for the establishment, exercise or defence of legal claims.
  • You have lodged an objection pursuant to Art. 21 (1) GDPR. The restriction of processing can be requested as long as it has not yet been determined whether our legitimate reasons outweigh your reasons.

Restriction of processing means that the personal data will only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We are obliged to inform you before we lift the restriction.

5.5 Data portability

You have a right to data portability if the processing is based on your consent (Art. 6 para. 1 sentence 1 letter a) or Art. 9 para. 2 letter a) GDPR) or on a contract to which you are a party and the processing is carried out using automated procedures. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others You may request to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You have the right to transmit this data to another controller without hindrance from us. Where technically feasible, you can request that we transfer your personal data directly to another controller.

5.6 Objection

If the processing is based on Art. 6(1)(e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or Art. 6(1)(f) GDPR (legitimate interests of the controller or a third party), you have the right to object, at any time, on grounds relating to your particular situation, to the processing of your personal data. This also applies to profiling based on these provisions. After an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or the processing is necessary for the establishment, exercise, or defense of legal claims.

You may object at any time to the processing of your personal data for direct marketing purposes. This also applies to profiling related to such direct marketing. After exercising this right to object, we will no longer use your personal data for direct marketing purposes.

You can submit your objection informally by telephone, e-mail, possibly by fax, or by writing to the postal address of our law firm provided at the beginning of this Privacy Policy.

5.7 Withdrawal of Consent

You have the right to withdraw your consent at any time with effect for the future. The withdrawal of consent can be communicated informally by telephone, e-mail, possibly by fax, or by writing to our postal address. The lawfulness of the data processing carried out on the basis of the consent until its withdrawal remains unaffected. After receiving the withdrawal, we will stop processing data that was based solely on your consent.

5.8 Complaint

If you believe that the processing of your personal data is unlawful, you may lodge a complaint with a supervisory authority for data protection that is responsible for your place of residence, workplace, or the place of the alleged infringement.

6. Matomo Analytics Tool

We use Matomo (formerly „PIWIK“) on our website. This is an open-source analytics software that enables us to analyze the use of our website. Your IP address, the website(s) of our internet presence that you visit, the website from which you were referred to our website (referrer URL), your time spent on our website, and the frequency of your visits are processed.

This data is stored exclusively on our server. No transmission to third parties occurs. Additionally, no cookies are set on your device. The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the analysis and optimization of our website.

However, we use Matomo with the anonymization function „Automatically Anonymize Visitor IPs.“ This function shortens your IP address by two bytes, making it impossible to associate it with you or the internet connection you use.

If you use the opt-out option, a cookie will be stored on your device via your internet browser to prevent further analysis. Please note that if you delete the cookies stored on your device, you must click the above link again to reactivate the opt-out.

7. Status and Updates of this Privacy Policy

This Privacy Policy is current as of May 25, 2018. We reserve the right to update the Privacy Policy in due course in order to improve data protection and/or adapt it to changes in official practice or case law.