1. Name and contact details of the controller
This data protection information applies to data processing by:
QIVIVE Rechtsanwaltsgesellschaft mbH, Konrad-Adenauer-Ufer 71, D-50668 Cologne, managing director: Dr. Christophe Kühl, HR: HRB 74204 Cologne, Tel: +49 (0)221 1 39 96 96 0. Email: email@example.com.
2. Name and contact details of the Data Protection Officer
The Data Protection Officer of the controller is:
Dr. jur. Andreas Pinheiro
Berrenrather Str. 274, D-50937 Cologne
Tel +49 221 99989 030
3. Collection and retention of personal data and nature and purpose of their use
- Visiting the website
When you access our website www.qivive.com information is automatically sent to our website’s server by the browser used on your terminal device. Such information is temporarily stored in a so-called logfile. In the course of this procedure, the following information is captured, without any action on your part, and stored until it is automatically deleted:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which access takes place (referrer URL),
- browser used and, where appropriate, your computer’s operating system and the name of your access provider.
The indicated data are processed by us for the following purposes:
- ensuring the establishment of a smooth connection to the website,
- ensuring comfortable use of our website,
- evaluating system security and stability, and
- other administrative purposes.
Under no circumstances do we use the collected data for the purpose of drawing conclusions about you as a person.
- Registering for our newsletter
This data is used exclusively for the purpose of sending the newsletter. Your data will not be shared with third parties and will not be used for other internal purposes. The newsletter registration system, which includes an additional confirmation message with a link to the final registration (double opt-in), is designed to ensure that you and not a third party have requested the newsletter. When you register, your data is stored on our servers and a confirmation message with a link to the final registration is generated and sent to the e-mail address provided. The data will be deleted after 24 hours if you do not confirm the registration by clicking the link in that e-mail. Only after you confirm the link in the e-mail will the data used to send the newsletter be stored for the duration of your use of our offer.
If you no longer agree to the retention of your data for this purpose and therefore no longer wish to take advantage of our offer, you can unsubscribe from our newsletter at any time. Every newsletter contains a link that you can click on to unsubscribe. You can also unsubscribe at any time by sending an e-mail to firstname.lastname@example.org. The personal data you provided for the newsletter subscription will then be deleted.
- Registering for a webinar
You can attend our webinars. The data entered for registration to our webinars is stored and used for sending newsletters on legal topics. The legal basis for this is Art. 6(1), sentence 1, point a of the GDPR and Art. 6(1), point f of the GDPR.
Our webinars are conducted using Zoom. Zoom presents webinar participants with various options for customising their visibility in the webinar. If you do not want to make your real name publicly visible, you can change it using a clearly visible function next to your name. This means that you can decide for yourself whether you want to make use of it. You can also disable your computer’s audio and video connections.
In addition to conducting webinars, participant data can also be post-processed for sending the webinar documentation to the participants.
Zoom is certified under the EU-U.S. Privacy Shield.
- Using our contact form
Should you have questions of any kind, we offer you the possibility of contacting us using a form provided on the website. This requires providing a valid email address so that we know who the source of the enquiry is and so that we can respond to it. Further information can be provided voluntarily.
The data processing for the purpose of contacting us takes place under Art. 6(1), sentence 1, point a of the GDPR on the basis of your voluntarily given consent.
The personal data that we collect when you use the contact form are automatically deleted after your enquiry has been handled, unless the Law Firm is obliged under Art. 6(1), sentence 1, point c of the GDPR to store them for a longer period owing to retention and documentation obligations, or you have consented to longer storage under Art. 6(1), sentence 1, point a of the GDPR.
- For an application
If you submit an employment application to us, we will process your contact data, CV, cover letter, certificates and internal notes on job interviews.
We process your personal data for the purpose of your employment application, to the extent that this is necessary for the decision to establish an employment relationship with us. The legal basis for this is § 26(1) in conjunction with paragraph 8, sentence 2 of the German Federal Data Protection Act (BDSG). We may also process personal data about you if this is necessary to defend against legal claims asserted against us in the application process. The legal basis for this is Art. 6(1), point f of the GDPR; a legitimate interest is, for example, the obligation to provide evidence in proceedings under the German General Act on Equal Treatment (AGG).
If an employment relationship arises between you and us, we may, pursuant to § 26(1) BDSG, further process your personal data for the purposes of the employment relationship if this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of employee representation arising from a law.
- For other communication of personal data
We collect personal information when you voluntarily choose to provide it, such as when you contact us by email, telephone or otherwise.
A communication of your contact data takes place expressly on voluntary basis and with your consent. If this involves information on communication channels (e.g. e-mail address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request.
You can of course revoke your declarations of consent at any time in the future. Please contact email@example.com.
4. Legal grounds of data processing
The processing of personal data collected by the law firm is based on the following legal grounds:
- you have granted your express consent to that under Art. 6(1), sentence 1, point a of the GDPR;
- the processing is necessary under Art. 6(1), sentence 1, point f of the GDPR for the protection of the law firm’s legitimate interests pursuant to;
- there is a legal obligation to process under Art. 6(1), sentence 1, point c of the GDPR, and
- processing is permitted by law and necessary for the execution of contractual relations with you under Art. 6(1), sentence 1, point b of the GDPR.
According to Art. 6(1), sentence 1, point f of the GDPR, the legitimate interests of the law firm on the basis of which personal data can be processed:
- the pursuit of our business activities, which includes, among other things, informing our contact persons, whose data we process, about legal innovations and services of the law firm. In this regard, there is a right of objection according to Art. 21 of the GDPR,
- the guarantee of a smooth connection of the website, as well as a comfortable use of our website,
- the evaluation of system security and stability,
- the assertion, exercise or defence of legal claims.
5. Purpose and legal grounds of the disclosure of data
Your personal data are not transmitted to third parties for any purposes other than those specified in the following.
We disclose your personal data to third parties only if:
- you have granted your express consent to that under Art. 6(1), sentence 1, point a of the GDPR,
- the disclosure is necessary under Art. 6(1), sentence 1, point f of the GDPR for the establishment, exercise or defence of legal claims and there is no reason to consider that you have an overriding legitimate interest in the nondisclosure of your data,
- there is a legal obligation to disclose under Art. 6(1), sentence 1, point c of the GDPR, and
- disclosure is permitted by law and necessary for the execution of contractual relations with you under Art. 6(1), sentence 1, point b of the GDPR.
The cookie contains information about the specific terminal device in use. However, this does not mean that we directly gain knowledge of your identity through cookies.
The purpose of cookies is, on the one hand, to make your use of our offerings more pleasant. We use so-called session cookies to detect whether you have previously visited individual pages on our website. Such cookies are automatically deleted after you leave our site.
In order to optimise user-friendliness, we also use temporary cookies, which are stored on your terminal device for a specific defined time. If you visit our site again in order to make use of our services, the fact that you were there previously is automatically recognised, together with your entries and settings, thus avoiding the need to re-enter them.
The data processed by cookies are necessary for the indicated purposes of our legitimate interests and those of third parties under Art. 6(1), sentence 1, point f of the GDPR.
Most browsers accept cookies automatically. However, you can configure your browser not to retain cookies on your computer or to always have a prompt appear before a new cookie is stored. Fully deactivating cookies could, however, mean that you are unable to use all of our website’s functions.
7. Analytical tools
The tracking measures that we use as indicated in the following are carried out on the basis of Art. 6(1), sentence 1, point f of the GDPR. The intention behind our use of these tracking measures is to ensure that our website is designed in keeping with the users’ needs and can be continually optimised. On the other hand, we use tracking measures to track statistics on the use of our website and to evaluate such use for the purpose of optimising our offerings for you. These interests must be regarded as legitimate within the meaning of the above provision.
The respective data processing purposes and data categories can be inferred from the corresponding tracking tools.
- Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The use includes the “Universal Analytics” operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and to analyse the activities of a user across devices.
You can prevent the storage of cookies by configuring your browser software accordingly; please note, however, that in that case you may not be able to fully use all of this website’s functions. You can also prevent the recording of the data generated by the cookie relating to your use of the website (incl. your IP address) and the processing of such data by Google by downloading and installing the browser add-on. Opt-out cookies prevent future collection of your information when you visit this website. To prevent Universal Analytics from collecting data across multiple devices, you must opt-out on all systems in use. If you click here, the opt-out cookie will be set: Disable Google Analytics
- Google AdWords Conversion Tracking
In order to track statistics on the use of our website and evaluate such use for the purpose of optimising our offerings for you, we also use Google Conversion Tracking. Through this, a cookie (cf. section 4) is set on your computer by Google AdWords if you have reached our website via a Google ad.
These cookies expire after 30 days and do not identify you personally. If the user visits certain pages of the AdWords customer’s website before the cookie has expired, Google and the customer can tell that the user clicked on the ad and was directed to that page.
Each AdWords customer receives a different cookie. Therefore, cookies cannot be traced across the websites of AdWords customers. The information obtained using the conversion cookie is used to generate conversion statistics for AdWords customers that have opted for conversion tracking. The AdWords customers learn the total number of users who have clicked on their ad and who were directed to a page containing a conversion tracking tag. However, they receive no information with which users can be personally identified.
If you do not wish to take part in the tracking procedure, you can also refuse the setting of a cookie necessary for this – for example, through a browser setting that deactivates the setting of cookies in general. You can also deactivate cookies for conversion tracking by configuring your browser to block cookies.
- Google Tag Manager
We use Google Tag Manager. Google Tag Manager is a solution that enables marketers to manage website tags through a single interface. Google Tool Manager only implements tags. This means that: No cookies are used and no personal data is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If you deactivate it at the domain or cookie level, this deactivation will remain in effect for all tracking tags that are implemented with Google Tag Manager. https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
- Google Ads remarketing
We use the Google Ads remarketing function on our website. This function is used to present interest-related ads to visitors to our website on other websites within the Google advertising network.
You can disable participation in this tracking process in a number of ways: a) by adjusting your browser software settings accordingly, in particular by disabling third-party cookies, which will prevent you from receiving third-party ads; b) by installing the plug-in provided by Google; c) by permanently deactivating it in your Firefox, Internet Explorer or Google Chrome browser, d) by using the appropriate cookies setting. Please note that in this case you may not be able to make use of the full extent of the functions of this offer.
Google has complied with the EU-US Privacy Shield.
8. Social media plugins
Based on Art. 6(1), sentence 1, point f of the GDPR, we use social plugins of the LinkedIn, Xing, Facebook and Instagram social networks on our website to make our Law Firm better known by those means. The underlying promotional purpose must be regarded as a legitimate interest within the meaning of the GDPR. The responsibility for operating in conformity with data protection requirements must be borne by the respective providers. We integrate these plugins using the so-called two-click method in order to offer our website visitors the best possible protection.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you access one of our pages containing LinkedIn functions, a connection is established to LinkedIn’s servers. LinkedIn is informed that you have visited our Internet pages with your IP address. If you click the LinkedIn “recommend button” and you are logged into your LinkedIn account, it is possible for LinkedIn to assign your visit on our Internet site to you and your user account. Please note that as provider of the pages we have no knowledge of the contents of the transmitted data or of their use by LinkedIn.
Further information can be found in the LinkedIn privacy statement.
Our website uses functions of the Xing network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Every time you access one of our pages containing Xing functions, a connection is established to Xing’s servers. To our knowledge, no personal data are retained through this process. In particular, no IP addresses are retained and there is no evaluation of usage behaviour.
Further information on data protection and the Xing share button can be found in the Xing privacy statement.
We operate a law firm presence on the Instagram platform.
We are jointly responsible on this social media platform with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
The Instagram data protection officer can be reached via a contact form.
We have set out the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR.
The legal basis for the subsequent processing of personal data is Art. 6(1), point f of the GDPR. We have a legitimate interest in the analysis, communication, sales and promotion of our products and services.
The legal basis may also be the user’s consent to the platform operator in accordance with Art. 6(1), point a of the GDPR. In accordance with Art. 7(3) of the GDPR, the user can revoke this consent at any time for the future by notifying the platform operator.
When accessing our online presence on the Instagram platform, Facebook Ireland Ltd., as operator of the platform in the EU, processes user data (e.g. personal information, IP address, etc.).
This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. For example, these profiles allow Facebook Ireland Ltd. to promote the interests of users within and outside of Instagram. If the user is logged into his or her account on Instagram at the time of access, Facebook Ireland Ltd. may also link the data to the respective user account.
If the user makes contact via Instagram, the user’s personal data entered at that time will be used to process the request. We will delete the user’s data provided that the user’s enquiry has been conclusively answered and no legal retention obligations, e.g. in the case of subsequent contract processing, conflict with our doing so.
If the user objects to such processing, he/she can prevent the setting of cookies by changing the browser settings accordingly. Cookies that have already been set can also be deleted at any time. The settings for this depend on the browser. The processing of Flash cookies cannot be prevented by adjusting the settings of the browser, but by changing the settings of the Flash player accordingly. If the user prevents or restricts the installation of cookies, this may result in the partial or complete unavailability of Facebook functions.
Details on processing activities, their prevention and the deletion of data processed by Instagram can be found in the Instagram data policy.
Processing by Facebook Ireland Ltd. may also take place via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the US.
Facebook Inc. has complied with the EU-US Privacy Shield and therefore declares that it complies with EU data protection regulations when processing data in the US.
9. Links to websites of other providers
Our websites may contain links to websites of other providers. Please note that this privacy statement applies exclusively to the www.qivive.com website. We have no influence over and do not verify whether other providers comply with the applicable data protection provisions.
10. Rights of data subjects
You have the right:
- to obtain, pursuant to Art. 15 of the GDPR, information about your personal data that are being processed by us. In particular, you can request information about the purposes of the processing, the category of the personal data, the categories of recipients to which your data have been or will be disclosed, the envisaged storage time, the existence of the right to rectification, erasure, restriction of processing or objection, the existence of the right to lodge a complaint, the source of their data in the case of data not collected by us, and the existence of automated decision-making, including profiling, and where applicable meaningful information about the particulars thereof;
- to obtain, pursuant to Art. 16 of the GDPR, without undue delay the rectification of inaccurate personal data stored by us or to have incomplete personal data completed;
- to obtain, pursuant to Art. 17 of the GDPR, the erasure of your personal data stored by us, if the processing is no longer necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, on the grounds of public interest or for the establishment, exercise or defence of legal claims;
- to obtain, pursuant to Art. 18 of the GDPR, the restriction of processing of your personal data, if the accuracy of the data is contested by you, the processing is unlawful but you oppose their erasure and we no longer need the data but they are required by you for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Art. 21 of the GDPR;
- to receive, pursuant to Art. 20 of the GDPR, your personal data that you have provided to us in a structured, commonly used and machine-readable format or to obtain transmission to another controller;
- to withdraw at any time, pursuant to Art. 7(3) of the GDPR, your consent granted to us. This means that from that time on we are no longer allowed to continue the data processing based on that consent and
- to lodge a complaint with a supervisory authority pursuant to Art. 77 of the GDPR. As a rule, you can do so with the supervisory authority in your habitual residence or place of work or where our firm has its registered office.
11. Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6(1), sentence 1, point f of the GDPR, you have the right, pursuant to Art. 21 of the GDPR, to object to the processing of your personal data if there are grounds for doing so relating to your particular situation or the objection relates to direct marketing. In the latter case, you have a general right to object, which is implemented by us without specification of a particular situation.
If you wish to exercise your right to withdraw or to object, an email sent to firstname.lastname@example.org is sufficient.
12. Storage period
The criterion for the storage period of personal data is the respective legal retention period. After the expiry of this period, the corresponding data will be deleted, provided that they are no longer required for the achievement of the purpose, fulfilment of the contract or contract initiation.
13. Data security
We employ appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised third-party access. Our safety measures are continually improved in keeping with technological advances.
14. Status of and changes in this privacy statement
This privacy statement is up to date as of April 2020.
Enhancements in our website and offerings or changes in statutory or regulatory requirements can make it necessary to amend this privacy statement.