Privacy Policy | PLUTA Rechtsanwalts GmbH
We Help Companies.

Data Privacy

1. About us

PLUTA with all companies:PLUTA Rechtsanwalts GmbH, PLUTA Poland sp. z o.o., PLUTA Abogados y Administradores Concursales, SLP, PLUTA Management GmbH, PLUTA Management Restructuring, S.L., hereafter referred to as PLUTA, ist responsible for the collection, processing and storage of your data. You can find details about our company at: https://www.pluta.net/information/impressum.html.

The careful handling of your personal data has the highest priority for us. In processing, we comply with the statutory provisions, e.g. the General Data Protection Regulation (GDPR) and the associated national provisions.

This data protection declaration applies to all of our company websites that can be accessed under our domains (www.pluta.net). If you switch to websites of other operators within the scope of our offer, their own data protection policies apply and for the content of which the respective operators of these websites are responsible.

Since we would like to give you a comprehensive overview of the processing of personal data in our group of companies, below you will find an overview of all our services in the context of which we collect and process personal data.

If separate or additional conditions apply to individual services or we ask you for your consent, we will point this out to you separately before using the respective service.

We also take various security measures to protect your personal data. For example, transmission between your web browser and our servers is always transport encrypted; in addition, we maintain a variety of technical and organisational measures to always protect your data.

2. Why we process your data

In principle you can use our website without disclosing your identity. If you wish to register for one of our personalised services, we will ask you for your name and other personal information. It is your free decision whether you enter this (extended) data. Data that we absolutely need from you to provide our services are marked as such.

Your personal data is collected and processed for the following purposes on the basis of the following legal bases:

  • Contract initiation pursuant to Art. 6 para. 1(a) and (b) of the GDPR
  • Execution of the contract in accordance with Art. 6 para. 1 (b) of the GDPR
  • Customer management according to Art. 6 para. 1 (b) and (c) of the GDPR.
  • Communication and data exchange in accordance with Art. 6 para. 1 (a), (b), (c) and (f) of the GDPR
  • External presentation and advertising pursuant to Art. 6 para. 1 (a) and (f) of the GDPR.
  • Implementation of declarations of consent in accordance with Art. 6 para. 1 (a) of the GDPR
  • Ensuring the proper operation of a data processing system in accordance with
    Art. 6 para. 1 (c) and (f) of the GDPR
  • Applicant selection procedures within the framework of personnel and resource management pursuant to Art. 6 para. 1 (b) of the GDPR in conjunction with Article 26 BDSG (German Federal Data Protection Act) (new)

3. Which of your data we collect and process

We collect different categories of personal data from you.

The term 'personal data' captures all information relating to an identified or identifiable natural person, i.e. something about a reference person (Art. 4 No. 1 GDPR). Information says something about a reference person if it can be directly or indirectly attributed to a specific or identifiable natural person: name information (e.g. first and last name), identification number (e.g. car registration number, account number, telephone number), location data (e.g. address, GPS data), online identification (e.g. e-mail address with name component, static and dynamic IP address), characteristics that are expressions of physical (e.g. pictorial material), physiological, genetic, psychological, economic (e.g. income, job title), cultural or social identity (e.g. date of birth).

Statistical information that cannot be directly or indirectly associated with a natural person - such as the popularity of individual websites from our offer or the number of website visitors to a site - is not personal data.

In both cases, data will only be collected to the extent necessary; the data will only be processed for the purposes stated under point 2. It is your decision whether you want to transmit data to us that optimises the use of our services for you, but is not necessary for this. Corresponding data fields are marked as 'voluntary' or 'optional'.

We immediately collect data from you

  • when contacting us, e.g. via the (web) forms
  • when participating in our marketing program
  • in the selection procedure

We indirectly collect data from you

  • in securing our web servers
  • by the software used for website tracking as well as cookies

4. Protection of minors

Our services and thus our website are not directed at minors, and we do not knowingly collect personal data from minors.
If persons under the age of 16 transmit personal data to us, this is only permitted if the parent/guardian has consented or has approved the consent of the young person. For this purpose, in accordance with Art. 8 para. 2 GDPR, in order to convince us of the consent or approval of the legal guardian. This data as well as the data of the minor will then be processed in accordance with this privacy policy.

If we determine that a minor under the age of 16 has sent us personal data without parental consent or agreement to the consent of the minor, we will delete the data immediately.

5. Who has access to your data and to whom we transmit your data

5.1. Access

Access to your personal data stored by us is limited to our employees and the service providers commissioned by us, who have to deal with this personal data due to their tasks.
If third parties gain access to your data, we have obtained your permission or there is a legal basis for this.
We also use service providers to provide services and to process your data. Insofar as these special provisions apply, we have carried them out for you in the following for the respective service. The service providers process the data exclusively on our instructions and are obliged to comply with the applicable data protection regulations. All contractors have been carefully selected and will only have access to your data to the extent and for the time required to provide the services or to the extent to which you have consented to the processing and use of your data.

5.2. Data exchange within the group of companies

Data exchange within the group of companies to which we belong takes place exclusively within the EU/EEA and serves only internal administrative purposes. By group of companies we mean affiliated companies within the meaning of Art. 4 No. 19 GDPR.

5.3. Transfer to third countries and legal basis

The servers of some of the service providers we use are located in the USA and other countries outside the European Union. Companies in these countries are subject to a data protection law that does not generally protect personal data to the same extent as is the case in the Member States of the European Union. If your data is processed in a country that does not have a recognised high level of data protection such as the European Union, we use contractual regulations or other recognised instruments to ensure that your personal data is adequately protected. We expressly point this out to you again within the scope of the individual services.

Insofar as a transfer of personal data takes place in third countries, this takes place on the basis of the EU Commission's decision of appropriateness to the EU-U.S. Privacy Shield pursuant to Art. 45 GDPR or the EU Standard Treaty 2010 pursuant to Art. 46 para. 2 (c) of the GDPR in conjunction with the decision of the EU Commission of 05.02.2010 (2010/87/EU) or on the basis of your consent pursuant to Art. 49 para. 1 (a) of the GDPR.

5.4. Transmission to law enforcement and criminal investigation authorities

In exceptional cases we transmit personal data to law enforcement and criminal investigation authorities. This is done on the basis of corresponding legal obligations, e.g. from the Code of Criminal Procedure, the Fiscal Code, the Money Laundering Act or state police laws.

6. Storage periods

We store personal data within the framework of legal regulations or your consent.

We use the following criteria to determine the specific storage period:

We store personal data until the purposes for which it was collected cease to apply (e.g. upon termination of a contractual relationship or through the last activity, if there is no continuing obligation, or in the event of a revocation of your consent for the specific data processing).

Further data will only be stored if

  • legal storage obligations (e.g. according to AO (Fiscal Code) and HGB (Commercial Code)) exist;
  • the data is still needed to assert and exercise legal claims or to defend against legal claims, e.g. due to technological and forensic requirements to defend against attacks on our web servers and their prosecution;
  • the deletion would be contrary to the legitimate interest of the data subjects;
    or
  • any other exception pursuant to Art. 17 para. 3 GDPR applies.

7. Data Subject Rights

7.1. Right to information and data transfer

You have a right of access to personal data concerning you and processed by us at any time in accordance with Art. 15 GDPR.
If the data processing is based on your consent or according to Art 6 para. 1 (b) GDPR is based on a contract, you may, pursuant to Art. 20 para. 1 GDPR receive the personal data stored about you in a structured, current and machine-readable format, or to have it transferred to a system of a third party. You are therefore entitled to direct forwarding of your data.

7.2. Right to rectification, limitation and deletion

Furthermore, in accordance with Articles 16 to 18 GDPR, you may request us to correct, restrict (block) or delete your personal data if we have processed the data incorrectly, if there is a reason to restrict further data processing, or if data processing has become illegal for various reasons, or if its storage is inadmissible for other legal reasons. We would like to point out that your right to deletion may be restricted by legal retention periods.

7.3. Right of objection

If our data processing is based exclusively on our legitimate interest in accordance with
Art. 6 para. 1 (f) GDPR, you may object to this processing pursuant to Art. 21 para. 1 GDPR. We will then stop processing your data unless we can provide evidence of legitimate reasons for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend a legal claim. Furthermore, you always have the right to object to the use of your data for the purpose of direct advertising with effect for the future pursuant to Art. 21 para. 2 GDPR.

7.4. Right of revocation

If you have allowed us to process your personal data by giving your consent, you are entitled to revoke your consent pursuant to Art. 7 para. 3 GDPR effect for the future.

7.5. Right of appeal to the supervisory authority

You are free to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates the European General Data Protection Regulation or other national and international data protection laws, Art 77 GDPR.

The contact details of the supervisory authority responsible for us are as follows:

supervisory authority
NameDer Landesbeauftragte für den Datenschutz Baden-Württemberg (The State Commissioner for Data Protection of the State of Baden-Wuerttemberg)
AdressPO box 10 29 32 70025 Stuttgart ; Königstrasse 10a 70173 Stuttgart
Phone Number07 11 / 61 55 41 - 0
Email adresspoststelle@lfd.bwl.de
Web adresshttps://www.baden-wuerttemberg.datenschutz.de/

7.6. Contact data

To exercise your rights, you can send us an informal message to the following contact details. Please also address the revocation of your consent to the following contact details, indicating which declaration of consent you would like to revoke:

Contact data
Company name & legal form:PLUTA Rechtsanwalts GmbH
Adress:PLUTA Rechtsanwalts GmbH Datenschutz Karlstrasse 33 89073 Ulm
Email:privacy@pluta.net

8. Securing the web server

When you visit our website, for the purpose of securing our web server and guaranteeing the functionality of our online services, the web servers save the connection data of the requesting computer, the web pages you visit on our site, the date and duration of your visit, the identification data of the browser and operating system type used and the website from which you are visiting us. The legal basis is Art. 6 para. 1 (c) in connection with Art. 32 GDPR, Art. 6 para. 1 (f) GDPR.

This data set consists of:

  • the page which is requested from the file,
  • the name of the file
  • the date and time of query,
  • the amount of data transferred,
  • the access status (file transferred, file not found, etc.)
  • the description of the type of browser used
  • the IP address of the requesting computer, shortened by the last eight digits.

This data is stored anonymously. The creation of personal user profiles is thus excluded.

9. Data transmission via web form

Using the web form at https://www.pluta.net/information/kontakt we request the following data:

  • Name (required)
  • Your email (required)
  • Company / official affiliation (voluntary declaration)
  • Phone number (optional)
  • Message text (required)
  • Selection of PLUTA location (required)

Data that you send us via the web form is used for the purposes of communication and data exchange as well as for contract initiation and processing in accordance with Art. 6 para. 1 (a), (b) and (f) of the GDPR. This data is stored as long as its processing is necessary for these purposes or until the expiry of any subsequent retention periods.

10. The selection procedure

Under https://www.pluta.net/karriere.html you can view our job advertisements.

In the application process we request the following application data:

  • Name
  • Private address
  • Contact details (email address, telephone number if applicable)
  • Curriculum Vitae
  • Work References
  • Certificates of professional qualifications and further training, if applicable
  • School, university and vocational education and training certificates, if applicable
  • Salary expectation / request
  • Possible starting date

The data is used for the purpose of contract initiation, for the execution of pre-contractual measures as well as for personnel and resource management in accordance with Art. 6 para. 1 (b) GDPR in conjunction with Article 26 BDSG.

You can send us your application by email or by post. Please note that applications that you send us by email will be sent to us un-encrypted.

Your application data and the corresponding documents will be received by the personnel department and only forwarded to the department responsible for the respective position or to the persons entrusted with the processing. All participants treat your application data as well as the corresponding documents with the necessary care and absolute confidentiality.

After completion of the applicant selection process, we will keep your application data and the corresponding documents for another 3 months and then delete or destroy any copies if we have not concluded an employment contract with you.

Should we include your data in our applicant pool, we will notify you accordingly. In the notification you can actively consent to the further storage of your documents. To do this, you provide the following declaration of consent:

Dear applicant,

….. (general rejection letter)

However, we would like to store your application documents in our talent pool for a further 12 months so that we can contact you for a position of interest to you. After the end of the
the 12 months your documents will then be permanently deleted.

If you agree, please reply to this letter with your consent.
Your application documents will then be stored in our talent pool. You can revoke your consent at any time to the contact data mentioned in this letter , with the consequence that your documents will be deleted immediately.

If you do not want to be included in the talent pool, you can ignore this letter. Your application documents will then be deleted within the next 3 months. …

If you consent, your personal data will be used for the implementation of your declaration of consent in accordance with Art. 6 para. 1 (a) of the GDPR for a further 12 months and finally deleted after expiry of the 12 months.

11. Insolvency Proceedings

11.1. Disclosure of Data in Insolvency Proceedings

We disclose data on insolvency proceedings at https://insoweb.pluta.net/cgi-bin/start.cgi. This data is publicly accessible (cf. www.insolvenzbekanntmachungen.de).

  • Information on the creditor
    • Name (first name, surname)
    • Address
    • Industry
    • Financial circumstances
    • Time details (date)
  • Information on the administrators and the members of their teams
    • Name (first name, surname)
    • Function, job title
    • Business contact details (e.g. telephone number, email address)
    • Business address
  • Information on the staff of public entities mentioned in the orders issued by the insolvency court

The data will be disclosed based on the legitimate interests of the person / entity responsible and a third party (creditor) pursuant to Article 6, para. 1, item f of the European Union’s General Data Protection Regulation (GDPR), for the following purposes:

  • Workflow management, internal administration: structured implementation of the entire enforcement proceedings so as to meet legal requirements (e.g. serving the insolvency court’s orders on the creditors pursuant to section 8, subs. 3 of the German Insolvency Code (InsO))
  • Communication and data exchange
  • Creditor / debtor management

A special search function for several search terms has been established to attenuate any threats to the data subject’s interests meriting protection:

  • The data cannot be found using conventional search engines (such as Google) as the website has not been registered for this
  • The website users must enter the name (for private individuals: the first name and surname) or the file reference so that the search results will be presented to them

The data on insolvency proceedings will only be disclosed during the time in which this data is publicly accessible and will then be erased from the website within the periods granted for erasing by section 3 of the German Regulation on Public Internet Announcements in Insolvency Proceedings (InsoBekV).

11.2. Access to Proceedings for Creditors – Filing Claims

If you are a creditor, you may file your claims in the insolvency proceedings concerned at https://insoweb.pluta.net/. You can access the online form by clicking on “Filing Claims” in the top right-hand area of this web page. In this context, we need the following information:

  • Information on the creditor
    • Name / company name (mandatory information)
    • Name of the managing director / general partner (optional information)
    • File reference for creditors (optional information)
    • Name of the filing person (mandatory information)
    • Name of the person to contact (mandatory information)
    • Address (mandatory information)
    • Email address (optional information)
    • Telephone number (mandatory information)
    • Fax number (optional information)
    • Bank (optional information)
    • Account holder (optional information)
    • IBAN (optional information)
    • BIC (optional information)
    • Main claim in EUR (mandatory information)
    • Subject matter of the claim (mandatory information)
    • Amount of interest
    • Rate of interest
    • Basis for interest calculation
    • Costs
    • Reason for incurring the costs
    • Sum total (mandatory information)
    • Acc. to inv. / judgment (mandatory information)
    • Remark (optional information)
    • Indicate whether separate satisfaction is claimed with claim filed simultaneously in event of nonsatisfaction (optional information)
    • Claim justification (optional information)
    • Detailed statement of grounds – Yes / No (mandatory information)

Yes / No statement relating to claims based on intentional tort, on arrears of mandatory maintenance which the debtor intentionally failed to pay despite being obliged to do so, or on a debtor-creditor relationship if the debtor was convicted in this context by final judgment for a tax crime pursuant to sections 370, 373 or 374 of the German Fiscal Code (Abgabenordnung) (section 302 no. 1 InsO).

  • Information on the creditor’s representative
    • Name / company name (optional information)
    • Addition (optional information)
    • File reference for creditor’s representatives
    • Address (optional information)
    • Telephone number (optional information)
    • Fax number (optional information)
    • Power of attorney sent by mail (mandatory information)
    • Bank (optional information)
    • Account holder (optional information)
    • IBAN (optional information)
    • BIC (optional information)

You may also fill in and print out the Word form at https://www.pluta.net/forderungsanmeldung.html#downloads and send it to us by fax or mail.

We will use the data you disclose to us via the web form or the Word form for the following purposes in accordance with Article 6, para. 1, items c and f of the GDPR:

  • Meeting legal requirements: serving the insolvency court’s orders on the creditors pursuant to section 8, subs. 3 of the InsO, satisfaction of the creditors from the insolvency estate pursuant to section 38 of the InsO
  • Workflow management, internal administration: structured processing of the claims filed and of the entire enforcement proceedings
  • Communication and data exchange
  • Creditor / debtor management

The data will be stored for the time required to process it for the purposes mentioned above or until the end of any subsequent periods of statutory retention.

11.3. Creditors’ Access to Proceedings – Additional Information for Creditors

If you are a creditor, you may obtain additional information concerning the individual insolvency proceedings by clicking on “Additional Information for Creditors” in the top right-hand area of the page https://insoweb.pluta.net/cgi-bin/start.cgi. In this way, you my check whether the claims you filed have been recognised or denied in the verification meeting. In this context, we need the following information:

  • Creditor’s name (as stated when filing the claims)
  • Amount originally claimed (mandatory information)

Once you have entered this data you may retrieve the following information:

  • Information on the debtor
    • Name (first name, surname)
    • Address
    • Industry
    • Financial circumstances
    • Time details (date)
  • Information on the creditor
    • Name / company name (mandatory information)
    • Name of the managing director / general partner (optional information)
    • Address (mandatory information)
    • Data disclosed when filing the claims
    • Status of claim verification and determination
  • Information on the administrator and case handlers
    • Name (first name, surname)
    • Function, job title
    • Business contact details (e.g. telephone number, email address)
    • Business address
  • Information on the staff of public entities mentioned in the orders issued by the insolvency court
  • Documents relating to the proceedings (court orders)

The data will be disclosed based on the legitimate interests of the person / entity responsible pursuant to Article 6, para. 1, item f of the GDPR, for the following purposes:

  • Workflow management, internal administration: structured implementation of the entire enforcement proceedings so as to meet legal requirements (e.g. serving the insolvency court’s orders on the creditors pursuant to section 8, subs. 3 of the German Insolvency Code (InsO), satisfaction of the creditors from the insolvency estate pursuant to section 38 of the InsO)
  • Communication and data exchange
  • Creditor / debtor management

A special search function for several search terms has been established to attenuate any threats to the data subject’s interests meriting protection:

  • The data cannot be found using conventional search engines (such as Google) as the website has not been registered for this
  • The website users must enter the name / company name stated when filing their claims as well as the amount originally claimed so that the search results will be presented to them

After entering incorrect details two times in succession, the search function will be blocked for 1 hour.

The data will be stored for the time required to process it for the purposes mentioned above or until the end of any subsequent periods of statutory retention.

11.4. Insolvency Courts’ Access to Proceedings

If you are a member of staff of an insolvency court, you may obtain detailed information concerning the individual insolvency proceedings at https://insoweb.pluta.net/cgi-bin/gericht.cgi:

In this context, we need the following information:

  • User name (mandatory information)
  • Password (mandatory information)

Once you have entered this data you may retrieve the following information:

  • Statistical data on the court’s proceedings involving PLUTA
  • Information on creditors
    • Name (first name, surname)
    • Address
    • Industry
    • Time details (date)
  • Information on the insolvency schedule:
    • Creditor’s name
    • Verification meetings
    • Claims subject to verification (amounts claimed, recognised, in the event of nonsatisfaction, denied, result of verification, adjustments)
  • Information on the administrator and case handlers
    • Name (first name, surname)
    • Function, job title
    • Business contact details (e.g. telephone number, email address)
    • Business address
  • Information on the staff of public entities mentioned in the orders issued by the insolvency court
  • Time details relating to the proceedings (dates)
  • Additional information on the proceedings
  • Status of proceedings based on the tasks accomplished by the administrator
  • Documents relating to the proceedings (orders and reports)
  • Current balance of escrow accounts

The data will be processed to meet legal requirements and based on the legitimate interests of the person / entity responsible and a third party (insolvency court) pursuant to Article 6, para. 1, items c and f of the GDPR, for the following purposes:

  • Workflow management: structured implementation of the entire enforcement proceedings so as to meet legal requirements (e.g. serving the insolvency court’s orders on the creditors pursuant to section 8, subs. 3 of the German Insolvency Code (InsO), satisfaction of the creditors from the insolvency estate pursuant to section 38 of the InsO)
  • Communication and data exchange
  • Creditor / debtor management

The data will be stored for the time required to process it for the purposes mentioned above or until the end of any subsequent periods of statutory retention.

12. Data processing and use for external presentation and advertising purposes

We also use your data as described in more detail below for the purposes of external presentation and advertising pursuant to Art. 6 para. 1 (a) and (f) GDPR.

12.1. Registration for upcoming events

You can register for events that we organise at https://www.pluta.net/plutaevents.html . For this we need the following information from you:

  • Code (so-called invitation code, mandatory field)

For the purpose of event management (e.g. sending invitations, admission control), we require the following additional information depending on the form and type of event: salutation, title, first/last name, company affiliation, possibly also postal address.
The legal basis is Art. 6 para. 1 (a) and (f) GDPR. This data is stored as long as its processing is necessary for these purposes or until the expiry of any subsequent retention periods.

12.2. Review of past events

You can find out about past events in which you have participated at https://www.pluta.net/plutaevents.html . For this we need the following information from you:

  • Code (required)

No further data processing takes place.

12.3. Press Materials

At https://www.pluta.net/presse/pressematerial.html information is made available for press purposes.

If you contact us for further press material, we collect and process personal data (name, function / job title, company affiliation, company address, company contact data) from you in this context. The personal data provided to us by you will be used exclusively for the purpose of communication and data exchange in accordance with Art. 6 para. 1 (a) and (f) of the GDPR. This data is stored as long as its processing is necessary for these purposes or until the expiry of any subsequent retention periods.

12.4. Postal advertising

To the extent permitted by law, we may also use your name and the postal address known to us to send you advertising for our own offers. The legal basis is Art. 6 para. 1 (f) in conjunction with Recital 47 of the GDPR. Our legitimate interest is to promote sales or demand from our existing customers. Of course, you can object to the processing of your data for advertising purposes at any time in the future. A message in text form to the above-mentioned contact data is sufficient. We will then delete your data from our mailing list. The data proving your objection will subsequently be kept for another 6 years in accordance with Art. 17 para. 3 (b), (e) of the GDPR. During this period, however, your personal data will be blocked for further processing.

12.5. Telemarketing

To the extent permitted by law, we may also use your name, company affiliation and telephone number provided for business customers to inform you about our own offers, assuming your presumed interest. The legal basis is Art. 6 para. 1 (f) in conjunction with Recital 47 of the GDPR, Art 7 para. 2 No. 2 UWG (Unfair Competition Act). Our legitimate interest is to promote sales or demand from our existing customers. Of course, you can object to the processing of your data for advertising purposes at any time in the future. A message in text form to the above-mentioned contact data is sufficient. We will then delete your data from our mailing list. The data proving your objection will subsequently be kept for another 6 years in accordance with Art. 17 para. 3 (b), (e) of the GDPR. During this period, however, your personal data will be blocked for further processing.

12.6. Marketing Program

At your express request, we will send you information on industry topics, news from PLUTA projects and processes or invitations to lectures and network events, provided you register at https://pluta.events/pluta-marketing-programm/ . For this purpose, we request the following data:

  • Your email (required)
  • Salutation (optional)
  • Title (optional)
  • Names (optional)

PLUTA Rechtsanwalts GmbH and PLUTA Management GmbH, Barthstrasse 16, 80339 Munich, are jointly responsible for data processing (Tel. +49 89 858963-3, email: management@pluta.net). The legal basis for the processing of this personal data is Art. 6 para. 1 (a) of the GDPR. Please note that delivery can only take place after you have expressly confirmed your subscription request again within the scope of our double opt-in procedure: to confirm your email address and your consent, you will receive a separate email after sending the registration form (confirmation email). We will not register your consent until you have confirmed the activation link contained in this email. Otherwise your data provided via the registration form will be deleted after 2 weeks. By confirming your registration under this activation link, you agree that we may send you, as the owner of this email address, information on industry topics, news from PLUTA projects and procedures or invitations to lectures and network events.

Your email address collected during registration and any other personal data you voluntarily provide will be used exclusively for the purpose of sending and personalising our letters as part of the PLUTA Marketing Program with the contents listed above. You can revoke your consent to the use of your data for sending the above information at any time with effect for the future, by clicking the unsubscribe link at the end of each advertising email or by notification in text form to the above contact data. Furthermore, you always have the right to object to the use of your data for the purpose of direct advertising with effect for the future pursuant to Art. 21 para. 2 GDPR. If you withdraw your consent or revoke the use of your data for the purpose of direct advertising, we will delete your data from our mailing list so that no more marketing information will be sent to you. The data records that prove your consent, as well as the revocation of your consent, will then be kept in accordance with Art.17 para. 3 (b) and (e) of the GDPR, for another 6 years. During this period, however, your personal data will be blocked for further processing.

12.7. Profiling (cookies and web tracking procedures)

12.7.1. Basic information on cookies and opt-out options

We use so-called cookies in some areas of our website, e.g. to recognise the preferences of visitors and to be able to design the website accordingly. They make navigation easier and offer a high degree of user-friendliness on a website. Cookies also help us to identify particularly popular areas of our website. Cookies are small files that are stored on a visitor's hard drive. They allow information to be stored for a certain period of time and to identify the visitor's computer. For better user guidance and individual service presentation, we use permanent cookies.

We also use session cookies, which are automatically deleted when you close your browser. You can set your browser to notify you before a cookie is saved. This will make their use apparent to you. This is done to verify the authorisation of actions and the authentication of the requesting user of our services. The legal basis is Art. 6 para. 1 (c) in connection with Art. 32 GDPR and Art. 6 para. 1 (f) GDPR. Our legitimate interest is to secure our web server, for example to defend ourselves against attacks, and to ensure the functionality of our services.

We only set non-technically necessary cookies after your express consent, Art. 6 Para. 1 (a) GDPR, which you can of course revoke at any time.

As part of our cookie information on our website, you have agreed to the following statement in this regard:

this website uses cookies and analysis software to provide you with the full functionality of our website and thus a better online experience. For more information about the cookies and web tracking methods we use, please see our Privacy Policy. However, the cookies of the analysis software are only activated after you have given us your consent. We therefore ask you to give us your consent for this data processing by clicking on the "I agree" button.

If you completely exclude the use of cookies, you cannot use certain functions of our website - including the possibility of cookie-based opt-out from tracking. Please allow the opt-out cookies of those services for which you wish to prevent tracking.

Please also note that deleting all cookies will also delete opt-out cookies. You may therefore have to reset them. Cookies are also browser-bundled, i.e. they must be set separately for each browser you use on each device you use. You will find the necessary links in the description of the respective service below.

The following cookies are used by us - if you allow this and have not set one or more opt-out cookies - for a more detailed purpose:

The name of the cookie

Intended Use

Storage Duration

Technically Necessary

Possibility of revocation of consent

_gat_UA-*

This cookie is used by Google Analytics to control the frequency of requests.

1 day

no

See below

_gid

This cookie is used by Google Analytics to distinguish between users.

1 day

no

See below

_ga

This cookie is used by Google Analytics to distinguish between users.

2 years

no

See below

PHPSESSID

This session cookie is used internally to protect forms.

Session expiry

yes

-

12.7.2. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files stored on your computer which enable your website use to be analysed. Cookie-generated information about your use of this website is usually transmitted to and stored on a Google server in the USA. However, if IP anonymisation is activated on this website, your IP address will be truncated by Google within the member states of the European Union or in other countries that are contracting parties to the Agreement in the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, for compiling reports on website activity, and for providing us other services relating to website activity and internet usage. The IP address that your browser transmits within the scope of Google Analytics will not be associated with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please be advised that if you opt out of using cookies, you may not be able to use all the features of this website. You can additionally prevent the collection of data produced by the cookie and associated with your use of the website (including your IP address), its transmission to, and its processing by Google, by downloading and installing the browser plugin available at the following link: The current link is: https://tools.google.com/dlpage/gaoptout?hl=de.

Receiver of the data: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

12.2.3. Google Tag Manager

The Google Tag Manager is a product of Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which enables us to manage website tags of applications such as Google Analytics via one interface. The Tag Manager is a cookie-less domain and does not collect any personal data.

Opt-Out

You have the option to disable the above analysis services:

13. Data security

We maintain various security measures within the meaning of Art. 32 GDPR (technical and organisational measures) to protect your personal data.

For the secure transmission of the data you send us, we offer you SSL/TLS encryption with the current TLS v1.2 encryption protocol on our website. We would like to point out that the comprehensive encryption of the transmission path also depends on your Internet browser. We therefore recommend that you keep your Internet browser up to date, so that encryption according to TLS v1.2 is automatically established when you visit our website.

Should you want to contact us by email, we would like to advise you that the confidentiality of the information cannot be guaranteed. The content of emails may be viewed by third parties. We therefore recommend that you send us confidential information by post or via https-encrypted contact form.

Ulm, October 4, 2018

PLUTA Rechtsanwalts GmbH