Data Protection Statement
1. Purpose of this data protection statement
Thank you for your interest in our internet presence and the information provided on these web pages.
The protection of your personal data (hereinafter referred to as “data”) is of great importance to us. We would therefore like to inform you in detail about what data is collected while you are using our website and how we process this data. We would also like to inform you about your rights and the technical and organisational measures we take to protect your data.
2. Name and address of the data controller and service provider
The controller within the meaning of the EU General Data Protection Regulation (GDPR) and also the service provider within the meaning of the Telemedia Act (DDG) is GRÜNECKER Patent- und Rechtsanwälte PartG mbB, Leopoldstr. 4, 80802 Munich (hereinafter referred to as “GRÜNECKER” or “we”).
If you have any questions or comments about this privacy statement or data protection in general, please contact datenschutz@grunecker.de
You can contact the data protection officer at GRÜNECKER at: dsb@tec4net.com
3. Collection and use of your data
You can use our website without having to provide any personal data.
We only collect and use data that your Internet browser automatically transmits to us, such as:
- date and time of access to one of our Internet pages
- your browser type
- the browser settings
- the screen resolution
- the operating system used
- the last page you visited
- the transferred data volume and the access status (file transferred, file not found, etc.) as well as
- Your IP address.
We need this data in order to enable trouble free use of the sites and to ensure that the site is optimally displayed in your browser. We use the IP address only for the duration of your visit. The data is then stored in anonymous form for logging purposes. This is done by shortening the IP address so that no assignment is possible. This processing is carried out on the legal basis of Art. 6 Para. 1 (f) EU GDPR; it being in our interest to be able to display our website to you as reliably and trouble-free as possible.
4. Use of cookies
a. Which cookies do we use?
We use cookie technology on our website. Cookies are small text files which are generated by your browser when visiting our website, and which are stored on your computer, tablet or smartphone to later retrieve the information stored within.
On our websites, we use the following cookies:
| Name | Description | Lifetime | Provider |
| pll_language | Function: This cookie is used to store the selected language version of our website and contains the option you have selected. The cookie is stored for one year. The cookie is a so-called first-party cookie, which is controlled from our website. | 1 year | Grünecker |
Additional cookies may be set by third parties via their plugins. Information about these cookies can be found under the respective sub-sections of this data protection statement as well as under the data protection statements of the respective third party providers linked there.
b. Disabling cookies
The setting and retrieval of cookies can be determined by the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, limit it to certain websites or configure your browser so that it automatically informs when a cookie is about be set and asks for your confirmation. You can also block or delete individual cookies. For technical reasons, however, this can sometimes limit the functionality of our website.
5. Google Maps
On our contact page, we use content from Google Maps to display a map of our locations.
You can consent to the use of Google Maps by clicking the activate button. Data for displaying Google Maps can only be accessed by Google once you have given consent.
Pursuant to Google‘s Terms of Service (as of: May 22, 2024), the Google Maps service is offered to you by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), if your main residence is within the European Economic Area (EEA) or Switzerland. If you have your main residence in another country, the Google Maps service is offered to you by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) instead.
The Google service provider responsible for your main residence (Google LLC or Google Ireland Limited) receives the information that you have called up the corresponding page of our website. The data listed in section 3 will also be transmitted.
Please note that when you use Google Maps, your personal data may be transferred to Google companies in countries outside the European Economic Area. To ensure an adequate level of data protection, Google LLC has EU-U.S. Data Privacy Framework certification. The EU-U.S. Data Privacy Framework is a data protection agreement designed to ensure an adequate level of data protection for data transfers to certified U.S. companies. The EU Commission determined the adequacy of the guaranteed level of data protection in accordance with the EU-U.S. Data Privacy Framework in its decision of July 10, 2023 (Ref. C(2023) 4745).
You can view the EU Commission’s decision here:
https://commission.europa.eu/system/files/2023-07/Adequacy%20decision%20EU-US%20Data%20Privacy%20Framework_en.pdf
The current status of Google LLC’s certification under the EU-U.S. Data Privacy Framework is available via the following link: https://www.dataprivacyframework.gov/list
Further information on the protective measures taken by Google for data transfers to third countries can be found at https://policies.google.com/privacy/frameworks.
You can stop further data transmission to Google at any time simply by leaving our contact page.
For more information on the purpose and scope of data collection and processing by Google, please see Google’s privacy policy: https://policies.google.com/privacy?hl=de&gl=de
They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
Your data will be used on the basis of Art. 6 Para. 1 (a) EU GDPR in connection with your consent to the use of the Google Maps service.
6. Involvement of service providers and transfer of data to third parties
Your data will be passed on to the technical service providers (e.g. website hosting and support) who provide support for the provision of this. These providers have been carefully chosen and commissioned in writing.
The service providers are bound by our instructions and are regularly monitored by us.
Your data will only be passed on to other third parties if this is expressly stated in this data protection statement or if we are legally obliged to do so.
7. Additional information about our LinkedIn company presence
Joint controllers for the processing
We operate the LinkedIn corporate presence of Grünecker Patent- und Rechtsanwälte PartG mbB on the social media platform linkedin.com, which is provided to us by the service provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as “LinkedIn”).
When you visit or interact with our LinkedIn company page, LinkedIn processes personal data from your profile, such as your role, country, industry, length of service, company size and employment status data. In addition, LinkedIn processes information about how you have interacted with our company page, e.g. whether you follow it.
LinkedIn provides us with statistics on the use of our corporate presence on the basis of this data (so-called Page Insights). These statistics do not contain any personal data of visitors to our LinkedIn company presence, but only aggregated data. It is therefore not possible for us to assign information from the statistics to individual persons.
Together with LinkedIn, we are joint controllers within the meaning of data protection laws for the processing of data to compile these statistics. We have therefore concluded an agreement with LinkedIn in accordance with Art. 26 para. 1 GDPR, in which we have regulated who fulfills which data protection obligations. You can view this agreement at the following link: https://legal.linkedin.com/pages-joint-controller-addendum
We have essentially regulated the following obligations in this agreement:
- LinkedIn has undertaken to assume responsibility for the provision of Page Insights under the General Data Protection Regulation (GDPR) and to comply with all applicable obligations under the GDPR in relation to the data processing of Page Insights. This includes, among other things, that LinkedIn will inform you as a data subject about the processing of your data and provide you with ways to exercise your rights. In addition, LinkedIn ensures the security of your personal data.
- We are committed to complying with applicable legal obligations, including any obligations arising from our use of Page Insights under the GDPR.
LinkedIn’s information on the processing of your data and your rights in this regard can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy
The information contained in this section of our privacy policy therefore only applies in addition to the information provided by LinkedIn.
Contact details of the controller and data protection officer
The contact details of Grünecker Patent- und Rechtsanwälte PartG mbB and our data protection officer can be found in section 2 of this data privacy policy.
Processed data categories
You can react to our posts, write comments or send us messages via our company presence on LinkedIn.
We process the following categories of data from visitors to our LinkedIn company presence, depending on whether you are a registered user of the LinkedIn platform or a non-registered visitor.
Data that we process from registered visitors to our LinkedIn company presence:
- User ID (user name) under which you have registered
- Released profile data (e.g. name details, photo, profession, address, contact details, activities, professional experience, interests and any other profile information)
- Data generated when sharing content, exchanging messages and communicating
- Data required in the context of initiating a contract at your request or for contract processing
In addition, we process pseudonymized data from registered visitors such as:
Statistics and insights into how our LinkedIn company presence, the posts, pages, videos and other content provided via it are interacted with (page activity, page views, “likes”, reach, general demographic, location, interest and activity-related information). This pseudonymized data is provided to us by LinkedIn in the form of statistics and cannot generally be merged by us with the corresponding personal data (assignment features such as name details).
Data that we process from non-registered visitors to our LinkedIn company presence:
Pseudonymized data such as statistics and insights into how our LinkedIn company presence, the posts, pages, videos and other content provided via it are interacted with (page activities, page views, “Like” information, reach, general demographic, location, interest and activity-related information). This pseudonymized data cannot be merged by us with the corresponding personal data (assignment features such as name details). It is therefore not possible for us to identify individual visitors. They remain anonymous to us.
Origin of the data
We collect the data directly from you as the data subject or receive it from LinkedIn as the platform operator.
Purposes of data processing
We process the data for external presentation and to keep the information on our LinkedIn company presence attractive and relevant for our customers and interested parties. In addition, we process the data for communication with you and, if necessary, for contract initiation or contract processing.
Legal basis
Data processing for the purpose of external presentation as well as for attractive and relevant design for our customers and interested parties is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (legitimate interests) and in our interest in providing a platform with up-to-date information, improving our offer and our website and the presentation of our company.
Data processing for communication with you via our LinkedIn company presence is carried out on the legal basis of Art. 6 para. 1 sentence 1 b) GDPR (contract initiation and execution), insofar as the content relates to an existing contractual relationship or you are interested in concluding a contract. Otherwise, data processing is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (legitimate interests) and in our interest in effective communication with users in the event of questions and other concerns.
Storage period
The above-mentioned data is stored exclusively by the platform operator LinkedIn; we do not store it additionally. Data storage and deletion is therefore based on LinkedIn’s specifications. You can find more information on this in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy
Categories of recipients
The data processed by us can only be accessed by our employees in the relevant departments and, if applicable, by service providers commissioned by us for the above-mentioned purposes. If you post your data publicly on our LinkedIn company page, it can be viewed by other registered and possibly also non-registered visitors worldwide at any time.
8. Additional information about our Instagram company presence
We operate the Instagram corporate presence of Grünecker Patent- und Rechtsanwälte PartG mbB on the social media platform instagram.com, which is provided to us by the service provider Meta Platforms Ireland Ltd, Sperentine Avenue, Block J, Dublin 4, Ireland (hereinafter referred to as “Meta”).
When you visit or interact with our Instagram company page, Meta processes personal data from your profile, such as age/gender group, country/city. In addition, Meta processes information about how you have interacted with our company page, e.g. whether you follow it.
Based on this data, Meta provides us with statistics on the use of our company website (so-called page insights). These statistics do not contain any personal data of visitors to our Instagram company website, but only aggregated data. It is therefore not possible for us to assign information from the statistics to individual persons.
Together with Meta, we are joint controllers within the meaning of data protection laws for the processing of data to compile these statistics. We have therefore concluded an agreement with Meta in accordance with Art. 26 para. 1 GDPR, in which we have regulated who fulfills which data protection obligations. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum
Under this link you will also find information on the processing of your data both by Meta and by us when you access and interact with our Instagram corporate presence. You will also find information about your rights and settings options in relation to the processing of your data. The information contained in this section of our privacy policy therefore only applies in addition to the information provided by Meta.
Contact details of the data protection officer
The contact details of Grünecker Patent- und Rechtsanwälte PartG mbB and our data protection officer can be found in section 2 of this data privacy policy.
Processed data categories
You can react to our posts, write comments or send us messages via our company presence on Instagram.
We process the following categories of data from visitors to our Instagram company presence, depending on whether you are a registered user of the Instagram platform or a non-registered visitor.
- User ID (user name) under which you have registered
- Released profile data (e.g. name details, profession, address, contact details, photos and any other profile information)
- Data generated when sharing content, exchanging messages and communicating
- Data required in the context of initiating a contract at your request or for contract processing
In addition, we process pseudonymized data from registered visitors such as:
Statistics and insights into how our Instagram company presence, the posts, pages, videos and other content provided via it are interacted with (page activity, page views, “likes”, reach, general demographic, location, interest and activity-related information). This pseudonymized data is provided to us by Meta in the form of statistics and cannot generally be merged by us with the corresponding personal data (assignment features such as name details).
Data that we process from non-registered visitors to our Instagram company presence:
Pseudonymized data such as statistics and insights into how our Instagram page, the posts, pages, videos and other content provided on it are interacted with (page activities, page views, “Like” information, reach, general demographic, location and interest-related information on age, gender, country, city, language). This pseudonymized data cannot be merged by us with the corresponding personal data (assignment features such as name details). It is therefore not possible for us to identify individual visitors. They remain anonymous to us.
Origin of the data
We collect the data directly from the data subject or receive it from the platform operator.
Purposes of data processing
We process the data for external presentation and to keep the information on our Instagram corporate presence attractive and relevant for our customers and interested parties. In addition, we process the data for communication with you and, if necessary, for contract initiation or contract processing.
Legal basis
Data processing for the purpose of external presentation as well as for attractive and relevant design for our customers and interested parties is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (legitimate interests) and in our interest in providing a platform with up-to-date information, improving our offer and our website and presenting our company.
Data processing for communication with you via our Instagram company presence is carried out on the legal basis of Art. 6 para. 1 sentence 1 b) GDPR (contract initiation and execution), insofar as the content relates to an existing contractual relationship or you are interested in concluding a contract. Otherwise, data processing is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (legitimate interests) and in our interest in effective communication with users in the event of questions and other concerns.
Storage period
Due to the agreement concluded with the platform operator in accordance with Art. 26 para. 1 GDPR, the platform operator is obliged to store and delete the data. You can find more information on this under the following link: https://privacycenter.latest.instagram.com
Categories of recipients
The data processed by us can only be accessed by our employees in the responsible departments and, if applicable, by service providers commissioned by us for the above-mentioned purposes. If you post your data publicly on our Instagram company page, it can be viewed by other registered and possibly also non-registered visitors worldwide at any time.
9. Your Rights
You have the right to request confirmation from us as to whether we have processed your personal data; if this is the case, you have a right receive information about this data as specified in Art. 15 GDPR.
You have the right to request us to correct without delay any incorrect personal data concerning you and, if necessary, to complete personal data that is incomplete (Art. 16 GDPR).
You have the right to request us to delete without delay any personal data relating to you if one of the reasons listed in Art. 17 GDPR applies: e.g. if the data is no longer required for the purposes pursued (right of deletion).
You have the right to request us to restrict processing if one of the conditions listed in Art. 18 GDPR is met, for example if you have filed an objection to the processing, for the duration of our investigation.
You have the right to object at any time for reasons arising from your particular circumstances, to the processing of personal data concerning you under Article 6(1) (e) or (f) GDPR. We will then no longer process the personal data unless we can prove compelling reasons to continue that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 GDPR).
You have the right to revoke any consent you have given us at any time with effect for the future (right of revocation).
You have the right to receive the data in a structured, common machine-readable format. You can also transfer this data to other locations or have it transferred by us (right to data transferability).
To exercise your rights, please contact dsb@tec4net.com
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority if you believe that your personal data is being used contrary to the GDPR (Art. 77 GDPR). In Bavaria, the competent supervisory authority is: The Bavarian State Office for Data Protection Supervision, P.O. Box 1349, 91504 Ansbach, https://www.lda.bayern.de
10. Data security
We also use technical and organisational security measures to protect personal data, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorised persons. Our security measures are being continuously improved in line with technological developments.
When using our website, your personal data is encrypted using SSL/TLS technology to prevent access by unauthorized third parties.
Note on the right of objection:
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data on the basis of Art. 6 para. 1 (e) or (f) GDPR (Art. 21 GDPR)
We will then no longer process your personal data unless we can prove compelling reasons to continue that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
May 2024
GRÜNECKER Patent Attorneys and Attorneys at Law PartG mbB