1. PRIVACY AT GLANCE
Personal data (usually referred to just as "data" below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.*
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the "GDPR"), "processing" refers to any operation or set of operations such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.*
Data collection on our website.
Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. Its contact details can be found in the imprint of this website.
How do we collect your data?
Your data will be collected on the one hand, that you tell us. This may be e.g. to trade data that you enter in a contact form.
Other data is collected automatically when visiting the website through our IT systems. These are above all technical data (for example Internet browser, operating system or time of the page call). The collection of this information is automatic as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure a flawless provision of the website. Other data can be used to analyse your user behaviour.
What rights do you have regarding your data?
At any time you have the right to obtain free information about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction, blocking or deletion of this data. For this purpose, as well as for further questions about data protection you can contact us at any time at the address given in the imprint. Furthermore, you have a right of appeal to the competent supervisory authority.
Analysis tools and third-party tools
Overview: The rights of users and data subjects:*
With regard to the data processing to be described in more detail below, users and data subjects have the right:
To confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
To correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
To the immediate deletion of data concerning them (cf. also Art. 17 GDPR), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
To receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
To file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).
2. GENERAL INFORMATION AND MANDATORY INFORMATION
Please note that data transmission over the Internet (for example, when communicating by e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible.
Note to the responsible body:
The responsible data processing company on this website is:
LUMA, Marcus Lukic-Walther
Malmöer Str. 17
Data Protection Officer at the provider is:
Malmöer Str. 17
Responsible entity is the natural or legal person who, alone or in partnership with others, decides on the purposes and means of processing personal data (such as names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and direct email (Article 21 GDPR)
If your personal data is processed to operate direct email, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct email. If you object, your personal data will then no longer be used for the purpose of direct advertising (objection under Art. 21 (2) GDPR).
Right of appeal to the competent supervisory authority
In the case of violations of the GDPR, the persons concerned have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right of appeal is without prejudice to any other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process on the basis of your consent or in fulfilment of a contract automatically, in itself or to a third party in a standard, machine-readable format. If you require the direct transfer of the data to another person in charge, this will only be done to the extent technically feasible.
Information, blocking, deletion and correction
Within the scope of the applicable legal provisions, you have the right at any time to provide free information about your stored personal data, their origin and recipient and the purpose of the data processing and, if necessary, a right to correct, block or delete this data. For further information on personal data, please contact us at any time at the address given in the imprint.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the Imprint. The right to restrict processing exists in the following cases:
If you deny the accuracy of your personal information stored with us, we usually need time to verify this. For the duration of the audit you have the right to request the restriction of the processing of your personal data. If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion.
If we no longer need your personal information, but you need it to accomplish, defend or apply legal claims, you have the right to request that your personal information be restricted instead of being deleted.
If you have filed an objection under Art. 21 (1) GDPR, a balance must be made between your interests and ours. As long as it is not clear whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest the European Union or a Member State.
3. DATA COLLECTION ON LUMA WEBSITE
a) Session cookies
b) Third-party cookies
c) Disabling cookies
Server log files*
For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.
The data thus collected will be temporarily stored, but not in association with any other of your data
The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website
The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
The processing of the data entered into the contact form takes place exclusively on the basis of your consent (Art. 6 (1) lit. GDPR). You can revoke this consent at any time. An informal message by email to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The information you provide in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or lose the data storage purpose (for example, after your request has been processed). Mandatory statutory provisions - especially retention periods - remain unaffected.
Inquiry by e-mail or telephone
If you contact us by e-+mail or telephone, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not share this information without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the performance of a contract or is required to carry out pre-contractual action. In all other cases, the processing is based on your consent (Article 6 (1) GDPR) and / or on our legitimate interests (Article 6 (1) lit. (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The data sent by you to us via contact requests remains with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage is omitted (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
4. SOCIAL MEDIA
Functions of the service of Instagram are integrated on our sides. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, United States. If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit of our pages with your user account. We point out that we as the provider of the pages do not receive any knowledge of the content of the transmitted data and their use by Instagram.
5. ANALYSIS TOOLS AND ADVERTISING
Hotjar web analytics*
We use Hotjar on our website. This is a web analytics service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, hereinafter referred to as "Hotjar". Hotjar is used to analyse how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation, and economic operation of our site. Hotjar allows us to monitor your usage behaviour on our website, such as logging and evaluating your mouse movements or mouse clicks. However, your visit to our website will be anonymised. In addition, information about your operating system, your internet browser, incoming or outgoing links, the geographical origin of your access, and the type and resolution of the device you are using are evaluated by Hotjar and processed for statistical purposes. Hotjar can also obtain direct feedback from you. Hotjar offers further information about its data protection practices at https://www.hotjar.com/privacy. In addition, you have the option of terminating the analysis of your usage behaviour by opting out. By confirming the link https://www.hotjar.com/opt-out a cookie is stored on your device via your browser to prevent any further analysis. Please note, however, that you must click the above link again if you delete the cookies stored on your end device. Model Data Protection Statement for Anwaltskanzlei Weiß & Partner.
Google AdWords with Conversion Tracking*
Our website uses Google AdWords and conversion tracking. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google). Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. Google guarantees that it will follow the EU's data protection regulations when processing data in the United States. We use conversion tracking to provide targeted promotion of our site. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimisation, and economic operation of our site. If you click on an ad placed by Google, the conversion tracking we use stores a cookie on your device. These so-called conversion cookies expire after 30 days and do not otherwise identify you personally. If the cookie is still valid and you visit a specific page of our website, both we and Google can evaluate that you clicked on one of our ads placed on Google and that you were then forwarded to our website. The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. In addition, we receive information about the number of users who clicked on our advertisement(s) as well as about the pages on our site that are subsequently visited. Neither we nor third parties who also use Google AdWords will be able to identify you from this conversion tracking. You can also prevent or restrict the installation of cookies by making the appropriate settings in your browser. Likewise, you can use the browser to delete cookies that have already been stored. However, the steps and measures required vary, depending on the browser you use. If you have any questions, please use the help function or consult the documentation for your browser or contact its maker for support.
In addition, Google provides further information with regard to its data protection practices at
in particular information on how you can prevent the use of your data.
6. PAYMENT PROVIDER
Payments are processed through the following payment service providers:
7. ORDER PROCESSING*
The data you submit when ordering goods and/or services from us will have to be processed in order to fulfil your order. Please note that orders cannot be processed without providing this data. The legal basis for this processing is Art. 6 Para. 1 lit. b) GDPR. After your order has been completed, your personal data will be deleted, but only after the retention periods required by tax and commercial law. In order to process your order, we will share your data with the shipping company responsible for delivery to the extent required to deliver your order and/or with the payment service provider to the extent required to process your payment. The legal basis for the transfer of this data is Art. 6 Para. 1 lit. b) GDPR.
Newsletter via WhatsApp*
Paragraphs marked „*“: Model Data Protection Statement for Anwaltskanzlei Weiß & Partner