Skip to main content

Data Protection // Privacy Statement

1. Personal data

Personal data is any information relating to an identified or at least identifiable living person. Those personal data that we process from you may include name, title and gender, education and profession, academic degree, identification data, postal address, email address, telephone number, fax number, date and place of birth, bank details, company registration number, trade register number, social security number, UID number, as well as special categories of data such as, in particular, data in connection with criminal proceedings or health data. Likewise, we may make image and/or sound recordings of you with your consent, for example by recording video conferences or meetings for documentation purposes.

The specific data we process from you depends largely on the subject of our business relationship and the order placed with us.

2. Use of your personal data

We collect, process and use your personal data only (i) in the case of a mandate for the purposes agreed with you or (ii) for other purposes, provided that you agree to this separately (e.g. for sending newsletters) or (iii) if there is another legal basis in accordance with the GDPR, for example because we are subject to tax retention obligations after the conclusion of a mandate. In doing so, we comply with all applicable data protection laws and all other applicable legal provisions. We only collect personal data that is required for the performance and processing of our legal services or that you have voluntarily provided to us or consented to the processing of.

We use some of your data for statistical purposes, provided you consent to this or the data provided has been anonymized. This enables us to evaluate our services, to make our service offer more customer-oriented and to take and check marketing measures.

3. Transfer of data to third parties

In order to fulfill your order, it may be necessary to forward your personal data to courts, authorities or third parties (e.g. your legal protection or liability insurance, the opposing party or to subcontractors). Your data will be forwarded exclusively on the basis of the GDPR, in particular to fulfill the order placed with us or on the basis of your prior consent.

In addition, it regularly happens that information concerning you is collected from third parties (e.g. from the Company Register, the Land Register, the Central Register of Residents or from creditor protection associations) in the course of our legal advisory and representation activities.

It may be that some of the above-mentioned recipients of your personal data are located outside your country or process your personal data outside your country. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection, or we take reasonable steps to ensure that all recipients have an adequate level of data protection.

4. Data security

We strive to protect your personal data to the best of our ability. This is done through appropriate organizational and technical precautions that we have taken, including, for example, the use of industry-standard virus protection and an industry-standard firewall. These precautions serve in particular to protect against unlawful or accidental access to your personal data by third parties. In addition, we take organizational and technical precautions against data loss, including, for example, the digitization of all essential data and its regular mirroring on a second storage facility located outside our offices.

Notwithstanding our efforts to maintain an appropriately high level of due diligence at all times, it cannot be ruled out that personal data may be viewed and processed by other persons (e.g. by way of a hacking attack). In this case, our company will only be liable if such an incident is based on an illegal, causal and intentional or grossly negligent act of our company, while liability for slightly negligent acts of our company is excluded.

5. Electronic communication

We will communicate with you primarily using the telephone number and email address you have provided to us. We will use simple (i.e. not encrypted) telephone connections and e-mails. We will transmit large amounts of data to you using cloud hosting service providers. If you do not wish to communicate via simple (i.e. non-encrypted) telephone connections and emails or via cloud hosting service providers, please inform us in writing.

Social media services are not suitable communication channels for professional exchange between lawyers and clients. Therefore, please do not transmit any client-related information to us using social media services such as WhatsApp, Messenger or Instagram. Please also note that numerous social media services do not guarantee data security that complies with the requirements applicable in Austria, in particular with regard to the lawyer's duty of confidentiality.

6. Disclosure of data breaches

Despite all measures taken by us, data mishaps cannot be completely ruled out. However, we take measures to identify data mishaps at an early stage, to rectify them quickly and, if necessary, to report them to you and the competent supervisory authority without delay, including the respective categories of data affected.

7. Data retention

We process your personal data for the duration of the current client relationship and then store them electronically for seven years from the end of the year in which the client relationship with us ended; this applies mutatis mutandis if we were allowed to advise you in an initial meeting without subsequently establishing a client relationship beyond this. Within this period, you have the option of requesting copies of your files, which we usually provide electronically.

We will only retain your personal data for a longer period if (i) this is necessary to comply with our legal or contractual obligations, (ii) this is necessary to enforce or defend against legal claims or (iii) you have consented to this in the individual case.

8. Your rights as data subject

As a client or generally as a data subject, you have the following central rights with regard to your personal data processed by us:

  • Right to information, insofar as this does not conflict with the lawyer's duty of confidentiality.
  • Right to correction or deletion
  • Right to restrict processing
  • Right to object to processing
  • Right to data portability, insofar as this does not cause disproportionate effort.

Should you wish to exercise such rights, please contact us at the address given in section 10. of this statement.

If you are of the opinion that the processing of your personal data by us violates applicable data protection law or that your data protection rights have been violated in some other way, you have the option of complaining to the competent supervisory authority. In Austria, the data protection authority is responsible for this.

9. Website use

The following provisions concern the use of our website

9.1 Cookies

Our website uses cookies to make our offer more user-friendly, effective and secure. A cookie is a small text file that we transfer via our web server to the cookie file of the browser on the hard drive of your computer. This enables our website to recognize you as a user when a connection is established between our web server and your browser. Cookies help us to determine the frequency of use and the number of users of our web pages. The content of the cookies we use is limited to an identification number that no longer allows any personal reference to the user. The main purpose of a cookie is to recognize visitors to the website.

For further information, please see our corresponding German website, which, in section 9.1, contains dynamic content tailored to you only available in German language.

9.2 Server log files

In order to optimize our website in terms of system performance, user-friendliness and provision of useful information about our services, the provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider, date and time of your visit. We do not combine this data with other personal data.

We reserve the right to check the above data, in particular the IP address of website users, retrospectively if we become aware of specific indications of unlawful use of our website.

9.3 Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Analytics uses cookies. The information collected using cookies about your use of this website (including your IP address and the URLs of the websites you visit) is transferred to Google servers in Ireland and stored there. We do not store any of your data ourselves that is collected in connection with Google Analytics. Our website uses the IP anonymization option offered by Google. Your IP address is therefore shortened or anonymized by Google as soon as Google receives your IP address and the data linked to it. From this point on, the usage statistics collected can no longer be assigned to a specific website user.

Google Analytics offers us the possibility to record how many users use which pages of our website, how long users stay on the individual pages of our website, and which demographic characteristics the users of our website have. Within the scope of these statistics, however, it is not possible for us to establish a personal reference to individual users of our website.

You can find out which data is collected by Google and what this data is used for in detail on Google's website.

9.4 Facebook

On our website you will find buttons from Facebook that link our company pages on Facebook.

If you click on these Facebook buttons, data will be transmitted from your browser to the respective social media service provider and processed by it. We have no access to this data, which is processed by the social media service provider. If you yourself have a user account with Facebook, your usage behavior will be assigned to your account. If you wish to prevent this, please log out of your user account with Facebook.

We also use Facebook Pixel on our website. This means that a code is implemented on this website that evaluates the usage behavior of those website users who have reached our website via Facebook ads. This gives us the opportunity to make Facebook advertising more customer-friendly and efficient. If you have a Facebook account and are logged in to it, your visit to this website will be assigned to your Facebook user account. You can change your Facebook ad settings at, provided you are logged into Facebook.

10. Contact details

The protection of your data is important to us. We are available for you at any time under the contact details listed below:

Schmelz Rechtsanwälte OG ("Schmelz lawfirm")
1090 Vienna, Währinger Street 16 Top 14
This email address is being protected from spambots. You need JavaScript enabled to view it.

Here you can find us


  •  Währinger Strasse 16 Top 14, 1090 Wien
  •  +43 1 946 11 60
  •  This email address is being protected from spambots. You need JavaScript enabled to view it.