1. Name and contact details of the controller and the company data protection officer
Controller for personal data processing within the meaning of Article 4 No. 7 GDPR:
Potsdamer Platz 1
Tel +49 30 818 550 0
Fax +49 30 818 550 100
Raue LLP is a Limited Liability Partnership under English law, registered in England and Wales under No. 353949. The members are not personally liable for the liabilities of the partnership. Registered Office: 42-50 Hersham Road, Walton-on-Thames, Surrey, KT12 1RZ.
You can contact our company data protection officer at:
– data protection officer –
Potsdamer Platz 1
Tel +49 30 818 550 303
Fax +49 30 818 550 106
2. Collection and storage of personal data as well as nature and purpose of their use
a) When visiting the website
When you visit our website www.raue.com, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
IP address of the requesting computer,
date and time of access,
name and URL of the retrieved file,
website from which access is made (“referrer URL”),
the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The mentioned data will be processed by us for the following purposes:
ensuring a smooth connection of the website,
ensuring comfortable use of our website,
evaluation of system security and stability as well as
for other administrative purposes.
The legal basis for data processing is Article 6 no. 1 lit. f) GDPR. Our legitimate interest follows from the purposes listed above for data collection. The log files are deleted after the end of the respective browser session, at the latest after seven days, unless their further storage is required for the above-mentioned purposes.
b) For your inquiries
If you have any questions, we offer you the opportunity to contact us by e-mail, telephone or fax.
We process your personal data transmitted on the basis of Article 6 no. 1 lit. b) GDPR (requests within the scope of an attorney-client relationship or other contract or for the initiation of a contract) or Article 6 no. 1 lit. f) GDPR (requests outside a contract and the initiation of a contract). Our legitimate interest is to answer your questions.
3. Transmission of Data
Your personal data will not be transmitted to third parties for purposes other than those listed below.
We will only transmit your personal data to third parties if:
you have given your express consent according to Article 6 no. 1 lit. a) GDPR,
the transmission according to Article 6 no. 1 lit. f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not transmitting your data,
in the event that a legal obligation exists for the transmission according to Article 6 no. 1 lit. c) GDPR, and
this is permitted by law and is required by Article 6 no. 1 lit. b) GDPR for the performance of a contract with you.
4. Storage time of data
If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a client relationship or other contract. It should be noted that our business relationship is generally a continuing obligation which is intended for years.
In addition, we are subject to various storage and documentation obligations arising, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are 6 years for correspondence in connection with the conclusion of a contract and 10 years for accounting documents (Sections 238, 257 (1) and (4) HGB, Sections 147 (1) and (3) AO).
Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but can, in certain cases, also be up to thirty years.
After expiry of the storage and documentation obligations and the relevant limitation periods, we delete the data.
Log files and cookies are deleted within the periods specified in sections 1 and 5.
5. Cookies, tracking measures and analysis tools (Google Analytics)
Information is stored in the cookie that results in each case in connection with the specifically used terminal device. However, this does not mean that we immediately become aware of your identity.
In addition, we also use temporary cookies that are stored on your end device for a specified period of time to optimize usability. If you visit our website again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again. The cookies are deleted after the end of the respective browser session, at the latest after seven days, unless their further storage is necessary for the above-mentioned purposes.
The data processed by cookies is required for the mentioned purposes in order to protect our legitimate interests and those of third parties according to Article 6 no. 1 lit. f) GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to the fact that you cannot use all functions of our website.
Tracking measures and analysis tools (Google Analytics)
We use Google Analytics, a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). In this context, pseudonymised user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website such as
operating system used,
referrer URL (the previously visited page),
host name of the accessing computer (IP address),
time of the server request,
are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports about the website activities and to provide further services associated with website use and Internet use for the purposes of market research and demand-oriented design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized using the Google Analytics extension “anonymizeIp()”, so that an assignment is not possible (IP masking).
The transfer of your information to a third country outside the EU is covered by an adequacy decision of the Commission (C/2016/4176 of 12 July 2016) within the meaning of Article 45 GDPR, because Google has undertaken to comply with the principles of the EU-US Privacy Shield. Google will act for us as a processor within the meaning of Article 28 GDPR.
You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing a browser add-on.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set which prevents future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Information on data protection in connection with Google Analytics can be found in the Google Analytics Help.
6. E-mail marketing
If you have expressly consented according to Article 6 no. 1 lit. a) GDPR, we will use your e-mail address for informing you by e-mail about developments in selected sectors or legal areas as well as Raue LLP and to invite you to events.
To receive such e-mails, it is sufficient to provide an e-mail address as well as your first and last name.
You can unsubscribe at any time, for example via the link “Newsletter and unsubscribe invitations” at the end of each e-mail. Alternatively, you are welcome to send your unsubscription request at any time to email@example.com by e-mail. In this case your e-mail address will be deleted from our e-mail distribution list and added to our blacklist. The withdrawal of your consent will only take effect in the future. Processing carried out before the withdrawal is not affected by this.
Please note that we evaluate the behaviour of the recipients of our e-mails using pseudonymous usage statistics. For this purpose, the e-mails contain so-called web beacons or tracking pixels and links, which are each linked with an individual ID. Thus we record the time of opening and forwarding the e-mail as well as the clicking of the links contained therein, the IP address (to determine the country of retrieval) and the e-mail program used. This data is not linked to your e-mail address or other personal data. The evaluation is based on aggregated usage statistics (delivery rate, opening rate, click rate, number of redirects, number of clicks on the links contained in the e-mail, e-mail programs used, openings and clicks according to time of day and date, country of retrieval). Only in the event of cancellations or failed deliveries will we additionally receive information about the name and e-mail address. This is (also) in your interest, so that we can immediately delete you from our e-mail distribution list or correct the delivery problem. The pseudonymous evaluation of usage behaviour serves to check the success of our e-mail marketing and to constantly improve it. For these purposes, we have a legitimate interest in data processing. The legal basis is Article 6 no. 1 lit. f) GDPR. You can object to the evaluation at any time according to Article 21 no. 2 GDPR by unsubscribing from the newsletter (e.g. via the link at the end of an e-mail); an isolated objection only against the evaluation is (currently) technically impossible. We store your pseudonymous usage data until you object to the evaluation.
b) Acquisition of existing customers
If, as a client, you have already made use of a paid service of Raue LLP, we inform you from time to time by e-mail or letter about similar services of Raue LLP (e.g. updates on current developments in selected sectors or legal areas, invitations to events), if you have not objected to this.
The legal basis for data processing is Article 6 no. 1 lit. f) GDPR. Our legitimate interest lies in direct marketing (Recital 47 GDPR).
You can object to the use of your e-mail address and postal address for advertising purposes at any time without additional costs, for example via the link at the end of each e-mail or by e-mail to firstname.lastname@example.org.
We use social media plugins from the following providers on our website:
XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland („XING“),
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA (“LinkedIn”) and
Twitter Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA („Twitter”).
We use the so-called two-click solution. This means that when you visit our website, generally no personal data is passed on to the providers of the plug-ins. We offer you the possibility to communicate directly with the provider of the plugin via the button. You can recognize the provider of the plugin by the name of the respective plugin and the logo. Only if you click on the button and thereby activate it, will the plugin provider be informed that you have accessed the corresponding website of our online offer. In the case of XING, the IP address is anonymized immediately after collection, according to the provider. By activating the plugin, personal data is transferred from you to the respective plugin provider and stored there (for US providers in the USA). The transfer of your information to a third country outside the EU is covered by a Commission adequacy decision (C/2016/4176 of 12 July 2016) within the meaning of Article 45 GDPR, because LinkedIn and Twitter have submitted to the EU-US Privacy Shield.
We have no influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
The plugin provider stores the data collected about you as user profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (also for not logged in users) for the representation of demand-fair advertisement and in order to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plugins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user.
The legal basis for the use of the plugins is Article 6 no. 1 lit. f) GDPR. The plugins serve to make our law firm better known through selected social media channels. This advertising purpose is our legitimate interest in data processing, which you yourself trigger by a conscious action (click on the button).
The data transfer is independent of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plugin provider, your data collected on our website will be directly assigned to your existing account with the plugin provider. If you click the activated button and, for example, link the page, the plugin provider will also save this information in your user account and communicate it to your contacts publicly. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can thus avoid being assigned to your profile with the plugin provider.
Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the following privacy policies of these providers. There you will also receive further information about your rights in this regard and setting options for the protection of your privacy.
8. Google Maps
We do not collect and store any data in connection with your use of the Google Maps functions embedded on our website.
9. Your data protection rights
With regard to your personal data stored by us, you have the following rights: access (Article 15 GDPR, section 34 BDSG), rectification (Article 16 GDPR), restriction of processing (Article 18 GDPR), erasure (Article 17 GDPR, section 35 BDSG) and data portability in a structured, current and machine-readable format (Article 20 GDPR).
If we process your personal data on the basis of legitimate interests according to Article 6 no. 1 lit. f) GDPR, you have the right to object to the processing of your personal data according to Article 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed to direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If we process your personal data on the basis of your consent according to Article 6 no. 1 lit. a) GDPR, you have the right according to Article 7 no. 3 GDPR to withdraw your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future.
You can assert all these rights by e-mail to email@example.com or contact us at the contact details mentioned in section 1.
Regardless of this, you have the right to lodge a complaint with a supervisory authority – in particular in the EU Member State of your habitual residence, place of work or place of the alleged infringement – if you consider that the processing of your personal data infringes applicable data protection regulations (Article 77 GDPR, section 19 BDSG).
10. Data security
We use the common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
This data protection declaration is currently valid and has the status as of May 2018.
You can call up and print out the current data protection declaration at any time on the website under https://raue.com/en/privacypolicy/.