Right in the middle
With this Privacy Notice, we would like to inform you about the collection and processing of personal data by Greenfort. We collect and process personal data in different situations in compliance with the applicable data protection regulations.
This Privacy Notice explains how Greenfort collects and processes personal data in connection with your visit of our website www.greenfort.de, your requests or applications (via the contact form on our website, e-mail or letter) and legal services we provide to you or others.
Information about the Controller and the Data Protection Officer
Pursuant to Art. 4 para 7 of the General Data Protection Regulation (GDPR), Greenfort Partnerschaft von Rechtsanwälten mbB, Arndtstraße 28, D-60325 Frankfurt am Main, is the controller. See Imprint for further information.
Our Data Protection Officer is Dr. Pascal M. Ludwig. You may contact him via e-mail (email@example.com) or via letter to our postal address with the addition “the Data Protection Officer”.
Collection and Storage of personal data while using our website
When visiting our website www.greenfort.de, the browser used by you on your device automatically transfers information to our website’s server. This information is temporarily stored in a so-called log file. The following information is stored until automatic deletion:
– The IP-address of the requesting processor,
– Date and time of access,
– Name and URL of the requested file,
– Website that linked you to our website (referrer-URL)
– Used browser and, as the case may be, the operating system on your device as well as the name of your access-provider.
The IP-address is always stored in anonymized form. On the webserver level, this is realized by storing a shortened IP-address (e.g. 123.123.123.XXX) instead of the original IP-address (e.g. 22.214.171.124). The replaced digits (in this case XXX) take a random value between 1 and 254 which makes any identification of a specific person impossible.
We process the mentioned data for the following purposes:
– to ensure a smooth connection establishment of the website,
– to ensure a comfortable use of our website,
– the evaluation of the system security and stability and
– for statistical purposes.
The legal basis of the data processing is Art. 6 para 1 sub. 1 lit. f GDPR. Our legitimate interest results from the above-mentioned purposes. We never use the collected data to gather information about you as a person.
To some extent, our website uses so called cookies. Cookies are small files sent to your computer and stored by your browser. The cookies which we use store information specific to the used device, and at least a code (cookie-ID). This does not mean that we directly gain knowledge of your identity.
While you visit our website, we use session cookies to ensure the functionality of our website. These session cookies are automatically deleted once you close your browser.
The data processed by cookies are necessary for the above-mentioned purposes of our and third parties’ legitimate interests pursuant to Art. 6 para 1 sub. 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser in a way that it doesn’t store any cookie on your computer or that a notice shows up every time a new cookie has been created. If you block all cookies in your browser settings, you may not be able to use all of the features of our website.
You have several possibilities to get in touch with us, in particular via e-mail or letter. On our website we also provide a special contact form for the purpose of an application for possibly vacant positions.
When you contact us we collect your name and e-mail-address as well as all other data you provide to us voluntarily. We only use this data to process your request.
If you contact us to apply or to conclude a contract, the data processing is in accordance with Art. 6 para 1 sub. 1 lit. b GDPR or (in case of an application) Art. 88 GDPR in connection with Sec. 26 para. 1 of the German Federal Data Protection Act. In every other case the data processing is based on Art. 6 para 1 sub. 1 lit. a GDPR or, if we have asked you for your consent in connection with an application, Art. 88 GDPR in connection with Sec. 26 para. 2 of the German Federal Data Protection Act, based on your voluntarily given consent. You can withdraw your consent at any given time. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before the withdrawal.
The personal data you provide to us will be stored as long as it is necessary with regard to the purposes they are processed for. They will be deleted afterwards unless you have given your consent to a further processing or a contractual relationship has been established between us. Though, we reserve the right to store the data as long as it is necessary to comply with a legal obligation or for the pursuit of of our legitimate interests (assertion, exercise or defense of legal claims).
Collection and processing of personal data for purposes of legal or notarial services
We collect personal data when you retain our legal or notarial services in your own name or on behalf of another person or legal entity. This data includes, inter alia, title, first and last name, valid e-mail-address, postal address, phone number (mobile and/or fixed) and any further information necessary for the assertion and defense of our client’s rights or interests based on the contract for legal services, or for legal purposes (e.g. the Money Laundering Act).
The data collection is made in order to establish and execute the contractual relationship between us and our client. The data processing is made upon your or our client’s request and is necessary for the provision of legal or notarial services and the fulfillment of our contractual obligations. The legal basis is either Art. 6 para 1 sub. 1 lit. b GDPR (if your are our client) or our legitimate interests according to Art. 6 para 1 sub. 1 lit. f GDPR to process for the afore-mentioned purposes (if our client is another person or legal entity).
In the context of the formation and performance of the contract for legal or notarial services, we may collect and process personal data from further persons. The data processing is necessary for adequately providing legal or notarial services and the fulfillment of our contractual obligations pursuant to Art. 6 para 1 sub. 1 lit. b GDPR or Art. 6 para 1 sub. 1 lit. f GDPR (legitimate interests).
The personal data collected in the context of the formation and performance of the contract for legal services will be stored until the expiry of the legal retention period for lawyers (6 years after the end of the calendar year in which the client-lawyer relationship ended, see Sec. 50 BRAO) and will be deleted afterwards, unless we are under a legal obligation pursuant to Art. 6 para 1 sub. 1 lit c GDPR to retain the data longer than that (e.g. pursuant to provisions of the German Commercial Code, Criminal Code or Tax Code) or if the data subject has given consent in accordance with Art. 6 para. 1 sub. 1 lit. a GDPR.
With respect to the period for storing notarial documents, the following applies pursuant to Sec. 5 para. 4 DONot:
– Roll of deeds, inheritance register, list of names for the roll of deeds and for the collection of deeds including the separately stored inheritance contracts: 100 years,
– Custody ledger, mass book, list of names for the mass book, list of escrow accounts, general files: 30 years,
– Ancillary files: 7 years; the notary may, with the last content-related process at the latest, determine a longer storage term if necessary, e.g. for a disposition of property upon death or in case or a recourse risk; the determination may be valid for some kind of legal businesses in general, e.g. for dispositions of property upon death,
– Compendiums for bill and check protests: 5 years.
Transcriptions of dispositions of property upon death put into the ancillary files in accordance with Sec. 16 para 1 sub. 5 DONot in its version valid from January 1st, 1985 on, have to be stored – contrary to sentence 1 – for 100 years. Documents produced before January 1st, 1950, have to be stored – contrary to sentence. 1 no°1 and sentence 2 – permanently until further notice; a duty to preserve them does not exist. The retention period starts with the first day of the calendar year following the last content-related processing. The documents shall be destroyed after expiry of the retention period, unless further storage is required in individual cases.
We reserve the right to store the data as long as it is necessary for legal purposes or our own legitimate interests (assertion, exercise or defense of legal claims).
We transmit personal data to third parties if:
– the data subject has given his/her explicit consent in accordance with Art. 6 para. 1 sub. 1 lit. a GDPR,
– the transmission is, pursuant to Art. 6 para. 1 sub. 1 lit. f GDPR, necessary to assert, exercise or defend legal claims and these interests are not overridden by the interest of the data subject in not transmitting the data,
– in accordance with Art. 6 para. 1 sub. 1 lit. c GDPR, a legal obligation to transmit the data exists.
In accordance with Art. 6 para. 1 sub. 1 lit. b GDPR, personal data may be transmitted to third parties for the performance of the contract for legal services. Amongst others, data may be transmitted to the defendant or other parties involved in a specific matter (e.g. in case of a transaction or contract negotiations) and their representatives (in particular their lawyers) as well as to courts, other public authorities and bodies for the purposes of correspondence as well as for the assertion, exercise or defense of our client’s legal claims and interests.
To the extent legally permitted, we reserve the right to employ service providers to process personal data, especially processors, e.g. regarding storage capacities and hosting-services.
The attorney-client privilege or the specific confidentiality obligation of notaries remains unaffected. The transmission of personal data being subject to the attorney-client privilege or specific confidentiality obligation of notaries only occurs in accordance with the applicable statutory provisions.
You have the right to
– obtain, in accordance with Art. 15 GDPR, information about your personal data;
– obtain, without undue delay and in accordance with Art. 16 GDPR, the rectification of inaccurate or the completion of incomplete personal data;
– obtain, in accordance with Art. 17 GDPR, the erasure of personal data;
– obtain, in accordance with Art. 18 GDPR, the restriction of processing the data;
– receive, in accordance with Art. 20 GDPR, the personal data which you have provided to us, in a structured, commonly used and machine-readable format or demand the transmission to another controller;
– withdraw, in accordance with Art. 7 para. 3 GDPR, your consent to the personal data processing at any time. In consequence, we cannot continue the personal data processing originally based on this consent, and
– lodge a complaint, in accordance with Art. 77 GDPR, with a supervisory authority.
If the processing of your personal data is based on Art. 6 para. 1 sub. 1 lit. f GDPR, you have the right to object to the processing on grounds relating to your particular situation or to the fact that the data are processed for direct marketing purposes. In the latter case, you have a general right to object that we have to implement unconditionally. In any case, we do not use the personal data which you have provided to us for any direct marketing purposes.
Restrictions to your rights may result from the applicable data protection regulations, e.g. regarding to data which is subject to the attorney-client privilege or specific confidentiality obligation of notaries.
If you have any further questions or if you would like to exercise your rights, please contact our Data Protection Officer (via e-mail to firstname.lastname@example.org or via letter to our postal address with the addition “the Data Protection Officer”).