The provider (hereinafter also: "we") collects, uses and stores your personal data in accordance with the provisions of the EU Data Protection Regulation (GDPR), the Federal Data Protection Act and the Telemedia Act. Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person. In the following, we inform you about the type, scope and purpose of the collection and use of personal data by the provider.

1. Who is responsible for data processing and whom can you contact?

The person responsible for data processing is: Jens Forster, Attorney-at-Law, Waltherstrasse 29, 80337 Munich, Germany, jens.forster@forster-legal.de.

2. What data is processed and from which sources does it originate?

We process personal data (Art. 4 No. 1 GDPR) that we receive in the course of our activities as a law firm, e.g. in connection with client inquiries. The personal data we process includes the following personal data: Name, address, email addresses, telephone (landline/mobile), position in the company/your organization, signing authority, power of attorney, as well as, if applicable, information that is necessary for the assertion and defense of your rights within the scope of the mandate. We obtain the data by you contacting us.

3. For what purpose is the data processed and on what legal basis is the processing based?

We process personal data pursuant to Art. 6 (1)b GDPR in order to provide our services as a law firm and to receive and process your requests. We process personal data pursuant to Art. 6 para. 1a GDPR in order to be able to draw your attention to our offers. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. Then the processing would be based on Art. 6 I lit. d GDPR. Finally, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.

4. legitimate interests in processing pursued by the controller or a third party.

If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the performance of our business activities and the related communication with you (recital 47 GDPR).

5. data protection for applications and in the application process.

The controller collects and processes the personal data of applicants for the purpose of handling the application procedure on the basis of Article 6 I lit. b GDPR. The processing may also take place electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

6. SSL encryption

Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

7. server log files

On the basis of Art. 6 (1) lit. f GDPR, we collect and store information about visits to our website in so-called server log files, which your browser automatically transmits to us. These are:

Shortened IP address

browser type/version

Operating system used

Referrer URL (the previously visited page)

Date and time of server request

Amount of data transferred

the requesting provider

This data is collected exclusively for statistical purposes. A combination of this data with other data sources is not made.

8. use of cookies

Our website uses so-called cookies on the basis of Art. 6 (1) lit. f GDPR. A cookie is a file that stores certain information related to the device on the user's access device (PC, tablet, smartphone, etc.). If our website is accessed by the user's corresponding device, the server of our website contains cookies back. The server can evaluate the information stored in the cookie in various ways. For example, cookies can be used to tailor advertisements to the user behavior captured by the cookie and to collect statistical data on website usage. You can allow or disable cookies via the settings in your browser. However, not all features of our website may be available if you disable cookies.

9. Duration of storage and routine deletion

We process and store personal data only for the period of time necessary to achieve the purpose of the processing or if this has been provided for in laws or regulations to which the controller is subject. If the storage purpose ceases to apply or if a legally prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

10. Google Analytics

This website uses functions of the web analytics service Google Analytics on the basis of Art. 6 (1) lit. f GDPR. The provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser Plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at this link.

You can find more information on how Google Analytics handles user data in the Privacy Policy of Google.

11. is there an automated decision-making process?

We do not use any automated decision-making processes pursuant to Art. 22 GDPR to initiate decisions on the establishment or performance of the business relationship that would have legal consequences for the data subject or similar significant negative effects on that person.

12. revocation of consent given.

If you have given us consent (including via the contact form on the website) in accordance with Art. 7 GDPR, § 7 UWG to contact you by email, you can revoke this consent at any time free of charge. A revocation can be made, for example, by email or by mail.

13. rights of the data subject

Pursuant to Art. 15 GDPR, the data subject has the right, upon request and free of charge, to receive information about the personal data stored about him or her and the purpose of the data processing. In accordance with Art. 16, 17 and 18 GDPR, the data subject also has the right to have inaccurate data corrected and to have his personal data blocked and deleted. He is also entitled, under the conditions specified in Art. 20 GDPR, to receive the personal data concerning him that has been stored in a structured, common and machine-readable format and to transmit this data to another responsible party without hindrance from the provider. In addition, the data subject is entitled pursuant to Art. 21 (1) GDPR to object to the processing of personal data relating to him which is carried out on the basis of Art. 6 (1) lit. e or f GDPR for reasons arising from his particular situation. The provider will fulfill the aforementioned rights of the data subject to the extent that the legal requirements for the assertion of the rights are met. Any requests concerning your personal data should be addressed to the e-mail address or address given in the imprint of our website. Every data subject has the right to lodge a complaint with a data protection supervisory authority about the processing of data when using the website.