Data protection

January 2024 Privacy Statement

This privacy policy explains to you what data we collect, process and use, and for which purposes, when you access and use our website

1. Responsibility and data protection officer

The responsibility for the lawful collection, processing and use of the data vests in

HARTE-BAVENDAMM Rechtsanwälte Partner­schaftsgesellschaft mbB,
Am Sandtorkai 77, 20457 Hamburg, Germany, email:,
Tel: +49 (0)40-60 56 29 30, Fax: +49 (0)40-60 56 29 399.

Our data protection officer is Ruven Appelkamp, Attorney at Law. He may be contacted by email at and under above address.

2. Processed data and purposes of processing

a) Visiting our website

During your visit to our website, certain data that the device you are using automatically transmits to the server of our website are recorded and temporally stored in a log file until such file is automatically deleted. This includes the time of access, the Internet protocol address (IP address), the website by which access is made (referrer URL), the Internet service provider, the webpages or files accessed and the browser and operating system used.

These data are not processed to identify you or to draw any other conclusions about you identity. Rather, we process these data only for administrative purposes, in particular to ensure a trouble-free connection and a comfortable use of our website as well as to monitor, evaluate and continuously improve the general system security and stability.

The legal basis for the processing of these data is Article 6(1) point (f) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). Our legitimate interest follows from the purposes listed above.

b) Contacting us

You can contact us via the e-mail addresses and other contact options shown on our website and send us enquiries or, for example, job applications. If you contact us by e-mail, we record your e-mail address so that we can reply to you. Your e-mail address and any other personal data that you send us in this way will be used only to process your respective enquiry.

Legal basis for the processing of these data are Article 6(1) point (b) or point (f) GDPR and, in the case of voluntary consent, Article 6(1) point (a) GDPR.

3. Detailed information on the processing of personal data

Personal data is collected for the following purposes using the following services:

a) Analytics

With the services listed in this section, the provider can monitor and analyze traffic and track user behavior.

Google Analytics

Google Analytics is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the provider manages data processing, (“Google”). Google uses the collected data to track and study how this application is being used, to write reports on its activities and to share them with other Google services.
Google can use the collected data to contextualize and personalize the ads on its own advertising network.

Personal Data processed: Usage Data; Tracker.

Place of processing: United States — Privacy statementOpt Out; Ireland — Privacy statementOpt Out.

b) Platform services and hosting

The purpose of these services is to host and operate main components of the application for this application so that this application can be offered from a uniform platform. Such platforms provide the provider with a whole range of tools — such as analysis and comment functions, user and database management, e-commerce and payment processing — which include the processing of personal data.
Some of these services work with geographically distributed servers, making it difficult to determine where the personal data is stored.

Webflow (Webflow, Inc.)

Webflow is a platform provided by Webflow, Inc., which allows the owner to build, host, and operate this application. Webflow can be personalized in many ways and can host websites with content ranging from simple blogs to complex e-commerce platforms.

Personal Data processed: usage data; trackers; various types of data as described in the service's privacy policy.

Place of processing: United States — Privacy statementOpt out.

c) Tag management

These types of services help the provider centrally manage the tags or scripts needed for this application. This results in the user's data flowing through these services and possibly being stored.

Google Tag Manager

Google Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on how the provider manages data processing.

Personal Data processed: Usage Data; Tracker.

Place of processing: United States — Privacy statement; Ireland — Privacy statement.

d) Managing contacts and sending messages

These types of services allow you to manage a database of email contacts, phone numbers, or any other contact information to communicate with the user. The services may also collect data about the date and time the message was read by the user, as well as when the user interacts with incoming messages, for example by clicking on links contained therein.

Mailing "Distribution" List or Newsletter

By signing up to the mailing list or newsletter, the user's email address is added to the contact list of people who may receive email messages with commercial or promotional information related to this application. In addition, your email address may be added to this list when you sign up for this application.

Personal data processed: email address; last name; first name.

MailerLite (UAB “Mailerlite”)

MailerLite is a service provided by UAB “Mailerlite” for managing email addresses and sending messages.

Personal Data processed: email address; gender; country; last name; company name; physical address; phone number; tracker; first name.

Place of processing: Lithuania — Privacy statement.

4. Cookies

We use cookies to optimize user-friendliness and as part of the security architecture of our website. Cookies are small files that your Internet browser automatically creates and saves when you access our website. The cookies placed by us do not cause any damage to your devices and do not contain viruses, Trojans or other malware.

Specifically, we use the following cookies:

[automatically generated list of used cookies; automatically displayed after going live]

Most browsers are set by default to accept cookies automatically. However, you can configure your browser to accept no or only certain cookies or to display a message before a new cookie is stored. You can also delete stored cookies manually or have them deleted automatically at any time. Instructions to manage cookies usually can be found via the help function integrated in your browser. Please note that not all functions of our website may be available if you deactivate the acceptance of cookies.

The processing of data by means of cookies for the above-mentioned purposes has its legal basis in Article 6(1) point (f) GDPR as it is necessary for the purposes of legitimate interests pursue.

5. Passing on of data

For certain technical processes of data processing we use the support of external service providers (e.g. for programming, maintenance and hosting of our website). Our service providers have been carefully selected and they process data only on our behalf and in accordance with our instructions.

Otherwise, your personal data will not be transmitted to third parties for purposes other than those listed below. We will only pass on your personal data to third parties, if and to the extent

  • you have given consent pursuant to Article 6(1) point (a) GDPR; or
  • it is necessary pursuant to Article 6(1) point (b) GDPR for the performance of a contract with you or in order to take steps at your request prior to entering into a contract; or
  • it is necessary pursuant to Article 6(1) point (c) GDPR for compliance with a legal obligation; or
  • it is necessary pursuant to Article 6(1) point (f) GDPR for the purposes of the legitimate interests pursued, as it may be the case when establishing, exercising or defending legal claims, and there is no reason to assume that you have an overriding legitimate interest that your data is not being passed on.

6. Term of storage

Personal data we collect during your visit of our website will be deleted or blocked as soon as the purpose of storage ceases to apply. Data may be stored for a longer period of time if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which we are subject. These data will also be blocked or deleted if a storage period set forth by any of the aforementioned provisions expires, unless there is a need to store the data longer in view of concluding or performing a contract.

7. User’s rights

You have the right:

  • pursuant to Article 15 GDPR, to request information about your personal data that is processed by us. In particular, you can request information on the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed; the envisaged period for which the personal data will be stored; the right to request rectification or erasure or restriction of processing or to object to processing; the right to lodge a complaint; the source of data, where the personal data are not collected from you; and the existence of automated decision-making, including profiling, and about the logic involved, as well as the significance and the envisaged consequences;
  • pursuant to Article 16 GDPR, to obtain without undue delay rectification of incorrect or completion of incomplete personal data stored by us;
  • pursuant to Article 17 GDPR, to demand the erasure of your personal data stored by us, except where processing is required for the exercise of the right to freedom of expression and information; for compliance with a legal obligation; for reasons of public interest in the area of public health; for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes; or for the establishment, exercise or defense of legal claims;
  • pursuant to Article 18 GDPR, to demand the restriction of the processing of your personal data where the accuracy of the personal data is contested by you; the processing is unlawful and you oppose the erasure; we no longer need the data and you need it for for the establishment, exercise or defense of legal claims; or you have objected to processing in accordance with Art. 21 GDPR;
  • pursuant to Article 20 GDPR, to receive the personal data that you provided to us in a structured, commonly used and machine-readable format and the right to transmit those data without hindrance from us to another controller;
  • pursuant to Article 7(3) GDPR, to withdraw your consent to us at any time with the result that we will not continue processing data based on this consent in the future; and
  • pursuant to Article 77 GDPR, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

8. Right to object and withdrawal of consent

In accordance with Article 21 GDPR, you have the right to object at any time to the processing of personal data concerning you,

  • where our processing is based on legitimate interests pursuant to point (e) or (f) of Article 6 GDPR, but there are conflicting grounds relating to your particular situation; or
  • where the processing is for direct marketing purposes, in which case no particular grounds have to exist to implement your objection.

If you would like to exercise your right of objection or withdraw any consent given to us, you can send an email to

9. Data security and location of processing

We use the common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the status bar of your browser.

We also apply suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Unless otherwise described herein, your personal data will be processed on systems located within the territorial scope of the GDPR.

10. Status and changes

This privacy policy is up-to-date and in force since January 2024.

Future changes to our website and offers or to the legal or regulatory requirements may make it necessary to also amend this privacy policy.  We will always publish the most current privacy policy to our website at, from where you can review and print it.

Für innovative Unternehmen in Deutschland und weltweit: HARTE-BAVENDAMM ist spezialisiert auf das Recht des geistigen Eigentums und das Wettbewerbsrecht.