Privacy Policy

The protection of privacy and compliance with the applicable data protection laws are of utmost importance to Hüttig & Kollegen Collections Rechtsanwälte GmbH (“Hüttig & Kollegen Collections”). Personal data includes all data by which you can be personally identified. Therefore, we use your information in compliance with the strict requirements of the applicable data protection law, in particular the EU General Data Protection Regulation (GDPR).

With our Privacy Policy, we wish to inform you transparently and comprehensively about which personal data is collected on our websites and app, for what purposes, and how it is processed.

If you have any questions, suggestions and/or criticisms regarding our services, please contact us at:

Hüttig & Kollegen Collections Rechtsanwälte GmbH

Kienberger Allee 4, 12529 Schönefeld, Germany

Tel: +49 30 25770 6900 or via e-mail: info@huettig-collections.de.

Last updated: 28.08.2023

 

I. Name and Contact Details of the Controller

The controller within the meaning of the GDPR and other national data protection laws of the Member States as well as other data protection provisions is:

Hüttig & Kollegen Collections Rechtsanwälte GmbH
Kienberger Allee 4, 12529 Schönefeld

Telephone: +49 30 25770 6900
E-mail: info@huettig-collections.de

www.huettig-collections.de

(hereinafter “Hüttig & Kollegen Collections”)

Further information can be found in our Imprint.

 

II. Contact Details of the Data Protection Officer

You may contact the data protection officer of Hüttig & Kollegen Collections at the above address, attention: Data Protection Officer, or via e-mail: info@huettig-collections.de.

 

III. Right to Lodge a Complaint

If you believe that your rights in connection with your data protection are being violated, you have a statutory right to lodge a complaint with the competent supervisory authority. This is always the state data protection officer of the federal state where the company is located. The list of data protection officers and their contact details can be found here.

 

IV. Data Collection When Visiting Our Website

When you use our website solely for informational purposes—that is, if you do not register or otherwise provide us with information—we only collect such data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically required for displaying the website: the website accessed; date and time of access; the amount of data sent in bytes; source/reference from which you accessed the page; the browser used; the operating system used; the IP address (if applicable: in anonymized form).

Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or otherwise used. However, we reserve the right to review the server log files retrospectively should there be concrete evidence of illegal use.

 

V. Data Processing

As part of the operation of our website and app, we process data. This also includes disclosure by transmission to third parties and, if applicable, to so-called third countries outside the European Union (“EU”) and the European Economic Area.

In the event of data transfers to the USA, the EU Commission has issued an adequacy decision (the so-called “EU-US Privacy Shield”). In doing so, the EU Commission certifies that the guarantees for the transfer of data to the USA under the EU-US Privacy Shield correspond to the data protection standards in the EU. Insofar as we transfer data to the USA, we have indicated our service providers’ participation in the EU-US Privacy Shield.

a) Server Log Files

We log access to our servers. In order to display the content of the app, each use of the app also triggers an access to our servers. During this process, the following data is processed: date and time of access, amount of data transferred, the app version, the operating system used by you, your IP address, and the requesting provider. This is necessary to ensure the security of the servers. We process these data pursuant to our legitimate interests under Art. 6(1)(f) GDPR to ensure the security of the servers. The log file will be deleted after seven days, unless it is needed to clarify or prove specific legal violations that become known within the retention period.

b) Hosting

As part of hosting, all data processed in connection with the operation of this app is stored. We process such data based on our legitimate interest under Art. 6(1)(f) GDPR to enable the operation of the app. To provide our online services, we use services of web hosting providers to whom we transmit the aforementioned data.

c) Contacting Us

If you contact us, your data (name, contact details provided by you) and your message will be processed solely for the purpose of handling and managing your inquiry. We process this data on the basis of Art. 6(1)(b) GDPR for contractual performance and/or for the fulfillment of our pre-contractual obligations or on the basis of our legitimate interests under Art. 6(1)(f) GDPR in processing your inquiry.

d) Profile Data

You can use the app both without registration and with registration. However, if you do not register, not all functions of the app will be available to you. If you create a user account, you consent to the storage of your existing data (name, address, e-mail address) as well as your usage data (username, password). This enables us to identify you as a customer and for you to use all functions of the app. Data processing is carried out on the basis of Art. 6(1)(b) GDPR for contractual performance.

e) Organizational Data

If you use our services as an organization, we generally process data of the organization and not of private individuals. However, personal data may still be included (e.g., contact details of the person in charge, telephone number). These data are processed for the purpose of displaying the organizational profile. We process this data on the basis of Art. 6(1)(b) GDPR for contractual performance.

 

VI. Cookies

  1. Cookies and Cookie Function Groups

Cookies are small text files that are stored on your hard drive by the browser you use and assigned to it, through which certain information is transmitted to the party setting the cookie (in this case, us). Cookies cannot execute programs or transmit viruses to your computer system.

We distinguish cookies into the following functional groups:

  1. a) Technical Cookies

These cookies are necessary for us to display the website to our users and to provide essential basic functions, such as site navigation.

The following data is stored and transmitted in the cookies:

  • Language settings
  • Site settings
  • Other state information

The purpose of using technically necessary cookies is to simplify the user’s website experience. We also use cookies to identify you on subsequent visits. Moreover, some functions of our website cannot be offered without the use of cookies. For this purpose, it is necessary that the browser is recognized again after a page change.

  1. b) Cookies for User Preferences

These cookies are used to recognize our users and their selected settings when they return to the website. This allows us, for example, to greet users by name, save preferences and searches, or display targeted product suggestions.

  1. c) Cookies for Performance and Statistics

These cookies are used to analyze the use of the website and the behavior of the users. This enables us to understand how our website is used and where errors occur. Based on this information, we can, for example, make the website more user-friendly or better tailor information and services to our users.

  1. d) Marketing Cookies

These cookies are used to analyze the visit of our users on the website (e.g., which links were clicked, which subpages were visited). We use this information to more closely target advertising on the website to the interests of our users.

  1. Cookie Management
  2. a) Cookie Consent Tool

In order for you to control the use of cookies, a cookie consent tool is implemented on the website. It displays a list of cookies grouped by function, explains the purpose of the cookie function groups and the individual cookies as well as their storage duration.

For the use of the cookie consent tool, the storage of a cookie is technically required.

  1. b) Settings via the Cookie Consent Tool

On your first visit, the cookie consent tool is displayed as a pop-up window on the website. Here, you can activate the cookies grouped by function by clicking the corresponding box. Please note that technical cookies are stored as soon as the website is accessed and the corresponding box is preset.

If you deselect technical cookies, the use of the website or individual functions on the website may be restricted or impossible.

  1. c) Your Cookie Settings

If you wish to check or change your cookie settings, click on “Privacy Settings” (located in the lower left on the website via the CMP icon) and then make the corresponding settings in the cookie consent tool.

  1. Withdrawal/Opt-out Options
  2. a) Settings via the Cookie Consent Tool

If you have consented to the use of cookies on your visit to this website, you may withdraw your consent by accessing the cookie consent tool (see above, Cookie Settings) and deselecting the category of cookies in question.

  1. b) Directly with the Cookie Provider

In addition to the withdrawal option via the cookie consent tool, you can disable cookies directly with a cookie provider or prevent the processing of data via browser plug-ins. If a cookie provider offers such options, we have provided an appropriate link in the respective notices.

  1. c) Browser Settings/Plug-ins

An additional possibility for controlling the use of cookies is to use the corresponding settings in browsers with such configuration options.

  1. Description of the Cookies Used and Technically Necessary Cookies
  2. a) Google Analytics
  3. aa) Our website uses functions of the web analytics service Google Analytics. The provider of the web analytics service is Google Inc., 160 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses cookies. These are small text files that your web browser stores on your device and that enable an analysis of the website usage. Information generated via cookies about your use of our website is transmitted to a server of Google and stored there. The server location is generally the USA. The setting of Google Analytics cookies is based on Art. 6(1)(f) GDPR. As the operator of the website, we have a legitimate interest in analyzing user behavior to optimize our web offering and, if applicable, advertising.

  1. bb) IP Anonymization

We use Google Analytics in conjunction with IP anonymization. This ensures that Google shortens your IP address within Member States of the EU or other contracting states of the European Economic Area before the transfer to the USA. There may be exceptional cases in which Google transmits or shortens the full IP address on a server in the USA. On our behalf, Google uses this information to evaluate your use of the website, to create reports on website activities, and to provide further services related to website and Internet usage. The IP address transmitted by Google Analytics is not combined with other data held by Google.

  1. cc) Objection to Data Collection

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will then be set which prevents the collection of your data on future visits to our website. For instructions on how to disable this as well as further details on Google Analytics, particularly regarding data protection, please follow this link:
https://support.google.com/analytics/answer/6004245?hl=en

  1. dd) Data Processing Agreement

To fully comply with the statutory data protection requirements, we have concluded a data processing agreement with Google Analytics.

  1. ee) Demographic Features in Google Analytics

Our website uses the “demographic features” function of Google Analytics. With it, reports can be generated that contain statements about the age, gender, and interests of the website visitors. These data are derived from interest-based advertising by Google as well as from visitor data provided by third parties. It is not possible to assign these data to specific individuals. You can disable this function at any time. This can be done via the ad settings in your Google account or by generally prohibiting the collection of your data by Google Analytics as explained under “Objection to Data Collection.”

  1. b) Google Firebase

Our app utilizes technologies from Google Firebase. Google Firebase is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Firebase is a development platform and offers various services. An overview of the services offered by Google Firebase can be found at: https://firebase.google.com/terms/.

In part, the Google Firebase services use so-called “Instance IDs.” Instance IDs are uniquely assigned identifiers that are provided with a timestamp and enable the linking of different events or processes in connection with the app. These data are used to analyze and optimize user behavior, for example in evaluating crash reports. According to Google, Instance IDs do not process any personally identifiable data.

For further information on the use of Instance IDs and on managing the affected data, please visit: https://firebase.google.com/support/privacy/manage-iids

In connection with Google Firebase, we use the following services:

Firebase Analytics

We use the analytics service Firebase Analytics to observe and analyze the user behavior of our app. In mobile apps there are no cookies. Instead, identifiers (advertising IDs) are used which are issued by the operating system of the mobile device and can be reset by the user. These advertising IDs are used to capture user activities and for advertising purposes.

When using Firebase Analytics in the standard version, the following data types are processed: number of users and sessions, session duration, operating systems, device models, region, first starts, app executions, app updates, and in-app purchases.

A complete listing of automatically captured events and user properties in Google Firebase can be found at:
https://support.google.com/firebase/answer/6318039
and at: https://support.google.com/firebase/answer/6317486?hl=de.

The data obtained through the use of Firebase Analytics is processed on the basis of our overriding interest in optimally marketing our online offering pursuant to Art. 6(1)(f) GDPR.

You can object to the data collection by Google at any time with future effect by deactivating data collection for Firebase Analytics in the app settings or by restricting the use of the advertising ID in your mobile device’s settings.

For Android devices, please proceed as follows in your device’s menu: Settings > Google > Ads > Reset advertising ID.

For iOS devices, select “Limit Ad Tracking” under Settings > Privacy > Advertising.

In the context of using Firebase Analytics, it cannot be ruled out that processed data is also transferred to the USA.

Further information on data protection can be found at https://policies.google.com/privacy?hl=de&gl=de.

 

VII. Contacting Us

When you contact us (for example via the contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form is apparent from the respective form. This data is stored and used solely for the purpose of answering your inquiry or for contacting you and for the technical administration involved. In order to comply with the principle of data minimization stipulated in Art. 5(1)(c) GDPR, the required data entry fields in the contact forms are marked with an asterisk (*). The other fields can be filled out at your discretion. In addition, your consent is obtained before submission and you are informed about our Privacy Policy.

Your data will, for the above-mentioned purpose, be passed on, if necessary, to our supporting service providers (hosters, service providers, operators of communication applications, etc.), whom we have carefully selected and who are bound by our instructions. These are particularly technical service providers who support us in providing our services. The legal basis for processing this data is our legitimate interest in responding to your inquiry pursuant to Art. 6(1)(f) GDPR. If your contact is intended to conclude a contract, then the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after your inquiry has been fully processed. This is the case when it is apparent from the circumstances that the matter in question has been conclusively clarified and if no statutory retention obligations exist.

Please note that no confidential information should be sent via unencrypted e-mail.

 

VIII. Data That Is Transferred Unsolicited

If you provide us with personal data unsolicited (for example, business cards, brochures, presentations, etc.), such data may be stored for the purpose of initiating a business relationship. This is done on the basis of Art. 6(1)(f) GDPR. Data will be deleted if you explicitly request it and if no retention obligations exist.

 

IX. Scope of Processing of Personal Data

We process personal data only in compliance with the applicable data protection regulations. This means that the data is only processed if there is a legal basis for doing so. In particular, if data processing is necessary for the provision of our contractual services and online services or is legally prescribed, if consent is given, or if it is based on our legitimate interests (i.e. interest in analysis, optimization, and the economic operation and security of our online offering in the sense of Art. 6(1)(f) GDPR, in particular for reach measurement, creation of profiles for advertising and marketing purposes, as well as the collection of access data and the use of third party services).

The legal basis for the consent is Art. 6(1)(a) and Art. 7 GDPR; the legal basis for the processing for the fulfillment of our services and execution of contractual measures is Art. 6(1)(b) GDPR; the legal basis for processing for the fulfillment of our legal obligations is Art. 6(1)(c) GDPR; and the legal basis for processing for the purposes of our legitimate interests is Art. 6(1)(f) GDPR

 

X. Disclosure of Data to Third Parties

  1. We only disclose your data to third parties if you have given us your consent pursuant to Art. 6(1)(a) GDPR.
  2. We only disclose your data to third parties if, for example, this is necessary for contractual purposes based on Art. 6(1)(b) GDPR or can be justified on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR.
  3. In the event that we employ subcontractors to provide our services, we take appropriate legal as well as technical and organizational measures to ensure the protection of personal data in accordance with the applicable statutory requirements.
  4. Your personal data will not be transferred to a third party for purposes other than those specified below:
    a) As far as this is required for the processing of mandate relationships with you on the basis of Art. 6(1) sentence 1(b) GDPR, your personal data will be disclosed to third parties. This includes in particular the disclosure to opposing parties and their representatives (in particular their attorneys) as well as courts and other public authorities for the purposes of correspondence and asserting or defending your rights. The data disclosed may only be used by the third party for the purposes stated.
    b) Your personal data will be transferred to commissioned service providers (processors). Our service providers (scanning services, hosters, and other IT service providers as well as external administrators, service centers) have access to the data for processing activities (maintenance and remote maintenance, disposal of files/data carriers).
    c) Attorney-client privilege shall always remain unaffected. If the data is subject to attorney-client privilege, disclosure to third parties shall only occur in consultation with you.
  5. It is not planned to transfer your personal data to a third country or an international organization.

 

XI. Rights of the Data Subject

Under the GDPR, you have the following rights:

  • If your personal data is processed, you have the right to obtain information about the personal data stored about you (Art. 15 GDPR).
  • If incorrect personal data is processed, you have the right to have it corrected (Art. 16 GDPR).
  • If the legal requirements are met, you can request the deletion or restriction of processing as well as object to the processing (Art. 17, 18 and 21 GDPR).
  • If you have consented to the processing of your data or if a contract for data processing exists and the data processing is carried out by automated procedures, you may have the right to data portability (Art. 20 GDPR).
  • You can lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. In general, you may contact the supervisory authority of your usual place of residence or work or that of our registered office.
  • If your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1) sentence 1(f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR.