Data Protection Notice

of the self-employed attorneys Markus Stender, Martin Deuretsbacher, Heinz Heher, Reinhard Prugger, Georg Koller, Gino Koschier and Christoph Gratl, (sdh – attorneys at law), as the respective responsible controller within the meaning of the GDPR

  1. Personal data – processed data catagories

We collect, process and use your personal data only with your consent resp. mandate or your order for the purposes agreed with you or if there is another legal basis for the processing in accordance with the GDPR and in compliance with data protection and civil law provisions. We only collect personal data that is necessary for the execution and processing of our legal services or that you have voluntarily provided us with. Personal data are all data containing individual details about personal or factual circumstances, for example name, address, e-mail-address, telephone number, date of birth, age, sex, social security number, video recordings, photos, voice recordings of persons as well as biometric data such as fingerprints. Sensitive data such as health data or data relating to criminal proceedings may also be included.

  1. Your rights in connection with your personal data

As a client or generally as a data subject, you have the rights (under the conditions set out in applicable law and respecting the attorney-client confidentiality), to check whether and what kind of personal data we hold about you and to request copies of such data, to request correction, supplementation or deletion of your personal data that is inaccurate or processed in non-compliance with applicable requirements, and to request us to restrict the processing of your personal data, in certain circumstances, to object for legitimate reasons to the processing of your personal data or to revoke consent previously granted for the proccessing, to request data portability and to know the identities of third parties to which your personal are transferred. Your request for information, rectification, erasure, restriction, objection and/or data portability, in the latter case, provided that this does not involve a disproportionate effort, can be sent to the address of the law firm listed in point 7 of this declaration. If you are of the opinion that the processing of your personal data by us violates the applicable data protection law or your data protection rights have been violated in any other way, you have the possibility to lodge a complaint with the competent data protection authority (for Austria).

  1. Data security

We have taken appropriate technical and organisational measures in accordance with the data protection regulations in order to protect the data against unauthorised, illegal or even accidental access, processing, loss, use and manipulation. Notwithstanding our efforts to maintain a high level of due diligence and data security at all times, it cannot be ruled out that information that you provide us with electronically may be viewed and used by other persons. Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission that cannot be attributed to us and/or unauthorised access by third parties (e.g. hacking attacks on e-mail accounts or telephone, interception of faxes).

  1. Use of the data – data transfer to third parties

Use of the data: We will process the data made available to us only for the purposes covered by the client-attorney relationship or by your consent or otherwise by a provision in accordance with the GDPR. An exception to this is the use of anonymised data for statistical purposes (e.g. anonymous sample collection).

Data transfer: In order to fulfil your order, it may be necessary to pass on your data to third parties (e.g. opposing party, substitutes, insurance companies, service providers that we use and to whom we make data available, etc.) or courts/authorities. This is done exclusively in accordance with the GDPR, in particular to fulfil your order or on the basis of your prior consent. Furthermore, we would like to inform you that within the scope of our legal representation and support, we regularly obtain factual and case-related information about you from third parties. Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not correspond to that of Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients provide an adequate level of data protection, for which purpose we conclude Standard Contractual Clauses (2010/87/EC and/or 2004/915/EC).

  1. Notification of data breaches – Storage of data

Data breaches: We make every effort to ensure that data breaches are detected at an early stage and, if necessary or required, that you and/or the data protection authority are immediately notified about the respective categories of data affected.

Retention period: We will not store data for longer than necessary to fulfil (assert) our contractual or legal obligations (rights) and to avert possible liability claims.

  1. Webside

In order to optimize the website with regard to system performance, user-friendliness and the provision of useful information about our services, the provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language settings, operating system, Referrer URL, your Internet service provider and date/time. These data are not combined with personal data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.

The website also contains a cookie that makes the site usable/functional by enabling basic functions such as page navigation and access to secure areas of the website. This is a small file that is stored on the access device (PC, mobile phone etc) and contains a characteristic string (cookie ID) to identify the access device. The cookie registers whether JavaScript is disabled in the browser and is deleted when the browser is closed.

  1. Our contact details

The protection of your data is highly important to us. You can reach us at any time for your questions or your revocation under the following contact details:

post:   sdh-Datenschutz, Oppolzergasse 6, 1010 Wien        e-mail:            tel:           +43 1 533 2404