Data Protection // Privacy Statement
1. Personal data
Personal data is any information relating to an identified or at least identifiable living person. Those personal data that we process from you may include name, title and gender, education and profession, academic degree, identification data, postal address, email address, telephone number, fax number, date and place of birth, bank details, company registration number, trade register number, social security number, UID number, as well as special categories of data such as, in particular, data in connection with criminal proceedings or health data. Likewise, we may make image and/or sound recordings of you with your consent, for example by recording video conferences or meetings for documentation purposes.
The specific data we process from you depends largely on the subject of our business relationship and the order placed with us.
2. Use of your personal data
We collect, process and use your personal data only (i) in the case of a mandate for the purposes agreed with you or (ii) for other purposes, provided that you agree to this separately (e.g. for sending newsletters) or (iii) if there is another legal basis in accordance with the GDPR, for example because we are subject to tax retention obligations after the conclusion of a mandate. In doing so, we comply with all applicable data protection laws and all other applicable legal provisions. We only collect personal data that is required for the performance and processing of our legal services or that you have voluntarily provided to us or consented to the processing of.
We use some of your data for statistical purposes, provided you consent to this or the data provided has been anonymized. This enables us to evaluate our services, to make our service offer more customer-oriented and to take and check marketing measures.
3. Transfer of data to third parties
In order to fulfill your order, it may be necessary to forward your personal data to courts, authorities or third parties (e.g. your legal protection or liability insurance, the opposing party or to subcontractors). Your data will be forwarded exclusively on the basis of the GDPR, in particular to fulfill the order placed with us or on the basis of your prior consent.
In addition, it regularly happens that information concerning you is collected from third parties (e.g. from the Company Register, the Land Register, the Central Register of Residents or from creditor protection associations) in the course of our legal advisory and representation activities.
It may be that some of the above-mentioned recipients of your personal data are located outside your country or process your personal data outside your country. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection, or we take reasonable steps to ensure that all recipients have an adequate level of data protection.
4. Data security
We strive to protect your personal data to the best of our ability. This is done through appropriate organizational and technical precautions that we have taken, including, for example, the use of industry-standard virus protection and an industry-standard firewall. These precautions serve in particular to protect against unlawful or accidental access to your personal data by third parties. In addition, we take organizational and technical precautions against data loss, including, for example, the digitization of all essential data and its regular mirroring on a second storage facility located outside our offices.
Notwithstanding our efforts to maintain an appropriately high level of due diligence at all times, it cannot be ruled out that personal data may be viewed and processed by other persons (e.g. by way of a hacking attack). In this case, our company will only be liable if such an incident is based on an illegal, causal and intentional or grossly negligent act of our company, while liability for slightly negligent acts of our company is excluded.
5. Electronic communication
We will communicate with you primarily using the telephone number and email address you have provided to us. We will use simple (i.e. not encrypted) telephone connections and e-mails. We will transmit large amounts of data to you using cloud hosting service providers. If you do not wish to communicate via simple (i.e. non-encrypted) telephone connections and emails or via cloud hosting service providers, please inform us in writing.
Social media services are not suitable communication channels for professional exchange between lawyers and clients. Therefore, please do not transmit any client-related information to us using social media services such as WhatsApp, Messenger or Instagram. Please also note that numerous social media services do not guarantee data security that complies with the requirements applicable in Austria, in particular with regard to the lawyer's duty of confidentiality.
6. Disclosure of data breaches
Despite all measures taken by us, data mishaps cannot be completely ruled out. However, we take measures to identify data mishaps at an early stage, to rectify them quickly and, if necessary, to report them to you and the competent supervisory authority without delay, including the respective categories of data affected.
7. Data retention
We process your personal data for the duration of the current client relationship and then store them electronically for seven years from the end of the year in which the client relationship with us ended; this applies mutatis mutandis if we were allowed to advise you in an initial meeting without subsequently establishing a client relationship beyond this. Within this period, you have the option of requesting copies of your files, which we usually provide electronically.
We will only retain your personal data for a longer period if (i) this is necessary to comply with our legal or contractual obligations, (ii) this is necessary to enforce or defend against legal claims or (iii) you have consented to this in the individual case.
8. Your rights as data subject
As a client or generally as a data subject, you have the following central rights with regard to your personal data processed by us:
- Right to information, insofar as this does not conflict with the lawyer's duty of confidentiality.
- Right to correction or deletion
- Right to restrict processing
- Right to object to processing
- Right to data portability, insofar as this does not cause disproportionate effort.
Should you wish to exercise such rights, please contact us at the address given in section 10. of this statement.
If you are of the opinion that the processing of your personal data by us violates applicable data protection law or that your data protection rights have been violated in some other way, you have the option of complaining to the competent supervisory authority. In Austria, the data protection authority is responsible for this.
9. Website use
The following provisions concern the use of our website https://rechtampunkt.at.
For further information, please see our corresponding German website, which, in section 9.1, contains dynamic content tailored to you only available in German language.
9.2 Server log files
In order to optimize our website in terms of system performance, user-friendliness and provision of useful information about our services, the provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider, date and time of your visit. We do not combine this data with other personal data.
We reserve the right to check the above data, in particular the IP address of website users, retrospectively if we become aware of specific indications of unlawful use of our website.
9.3 Google Analytics
Google Analytics offers us the possibility to record how many users use which pages of our website, how long users stay on the individual pages of our website, and which demographic characteristics the users of our website have. Within the scope of these statistics, however, it is not possible for us to establish a personal reference to individual users of our website.
You can find out which data is collected by Google and what this data is used for in detail on Google's website.
On our website you will find buttons from Facebook that link our company pages on Facebook.
If you click on these Facebook buttons, data will be transmitted from your browser to the respective social media service provider and processed by it. We have no access to this data, which is processed by the social media service provider. If you yourself have a user account with Facebook, your usage behavior will be assigned to your account. If you wish to prevent this, please log out of your user account with Facebook.
We also use Facebook Pixel on our website. This means that a code is implemented on this website that evaluates the usage behavior of those website users who have reached our website via Facebook ads. This gives us the opportunity to make Facebook advertising more customer-friendly and efficient. If you have a Facebook account and are logged in to it, your visit to this website will be assigned to your Facebook user account. You can change your Facebook ad settings at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, provided you are logged into Facebook.
10. Contact details
The protection of your data is important to us. We are available for you at any time under the contact details listed below:
Schmelz Rechtsanwälte OG ("Schmelz lawfirm")
1090 Vienna, Währinger Street 16 Top 14