I. Name and Address of the Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States as well as other data protection regulations is:
Ammersbach Wachinger Rechtsanwälte PartGmbB
Prinz-Ludwig-Straße 7
80333 Munich
T: +49 89 285 000 -0
F: +49 89 285 000 -99
Email: wal.w-a@ielznak
Website: www.a-w.law
II. General Information on Data Processing
1. Scope of the processing of personal data
We generally process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users is regularly carried out only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.
2. Legal basis for the processing of personal data
Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6(1)(a) GDPR serves as the legal basis.
When processing personal data is necessary for the performance of a contract to which the data subject is party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
If processing personal data is necessary to comply with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.
If processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of a legitimate interest pursued by our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not override that interest, Art. 6(1)(f) GDPR serves as the legal basis.
3. Data erasure and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose for storage ceases to apply. Storage may take place beyond this if provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted when a storage period prescribed by these regulations expires, unless continued storage is required for the conclusion or fulfilment of a contract.
III. Provision of the Website and Creation of Log Files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the accessing computer system.
The following data are collected:
Information about the browser type and version used
User’s operating system
User’s Internet Service Provider
User’s IP address
Date and time of access to our website
Websites from which the user’s system reaches our website
Websites accessed by the user’s system via our website.
These data are also stored in the log files of our system. No storage of these data together with other personal data of the user takes place.
2. Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6(1)(f) GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to deliver the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
Storage in log files is done to ensure the functionality of the website. Additionally, the data help us optimize the website and ensure the security of our IT systems. No analysis of the data for marketing purposes takes place in this context.
4. Duration of storage
The data are deleted as soon as they are no longer required to fulfil the purpose of their collection. In the case of storage in log files, this is the case after no more than seven days. Extended storage is possible. In this case, the users’ IP addresses are deleted or anonymized so that attribution of the accessing client is no longer possible.
IV. Rights of the Data Subject
If your personal data are processed by the controller, you are a data subject within the meaning of the GDPR and have the following rights:
1. Right of access
You may request confirmation from the controller as to whether personal data concerning you are being processed.
If such processing exists, you may request the following information from the controller:
– the purposes for which the personal data are processed;
– the categories of personal data processed;
– the recipients or categories of recipients to whom your personal data have been or will be disclosed;
– the planned duration of storage, or criteria used to determine this duration;
– the existence of a right to rectification or deletion of your personal data, a right to restriction of processing, or a right to object to such processing;
– the existence of a right to lodge a complaint with a supervisory authority;
– any available information about the origin of the data, if they were not collected from the data subject.
2. Right to rectification
Under Art. 16 GDPR, you have the right to obtain immediate rectification and/or completion of inaccurate or incomplete personal data concerning you.
3. Right to restriction of processing
Under Art. 18 GDPR, you may request restriction of processing of your personal data if:
– you contest the accuracy of the data for a period enabling the controller to verify their accuracy;
– the processing is unlawful and you refuse deletion and request restriction instead;
– the controller no longer needs the data, but you require them for the establishment, exercise, or defence of legal claims;
– you object to processing under Art. 21(1) GDPR, pending verification of whether the controller’s legitimate grounds override yours.
If processing has been restricted, such data may only be processed, apart from storage, with your consent or for legal claims or the protection of another natural or legal person or important public interest.
You will be informed before the restriction is lifted.
4. Right to erasure
a) Obligation to erase
You may request immediate erasure of your personal data under Art. 17(1) GDPR if:
– the data are no longer necessary for their original purposes;
– you withdraw consent and there is no other legal basis;
– you object to processing and there are no overriding legitimate grounds;
– the data were unlawfully processed;
– erasure is necessary to comply with a legal obligation;
– the data were collected in relation to information society services under Art. 8(1) GDPR.
b) Information to third parties
If the controller has made your personal data public and is obliged to erase them, reasonable measures will be taken to inform other controllers that you request deletion of all links, copies, or replications.
c) Exceptions
The right to erasure does not apply when processing is necessary
– for freedom of expression and information;
– to comply with legal obligations;
– for reasons of public health;
– for archiving, research, or statistical purposes where erasure would seriously impair these aims;
– for legal claims.
5. Right to notification
If you have exercised your rights to rectification, erasure, or restriction, the controller must inform all recipients of your data unless impossible or disproportionate.
You have the right to be informed about such recipients.
6. Right to data portability
Under Art. 20 GDPR, you have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transmit those data to another controller without hindrance where the processing is based on consent or contract and carried out by automated means.
You also have the right to have the data transmitted directly from one controller to another, where technically feasible.
7. Right to object
Under Art. 21 GDPR, you may object at any time, on grounds relating to your particular situation, to processing based on Art. 6(1)(e) or (f) GDPR, including profiling.
The controller will no longer process the data unless compelling legitimate grounds exist.
If your data are processed for direct marketing, you may object at any time; the data will no longer be processed for this purpose.
8. Right to withdraw consent
You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
9. Rights regarding automated decision-making, including profiling
You have the right not to be subject to decisions based solely on automated processing, except when necessary for a contract, permitted by law, or carried out with your explicit consent.
In such cases, safeguards are implemented to protect your rights, including the right to human intervention.
10. Right to lodge a complaint
You may lodge a complaint with a supervisory authority, particularly in your Member State of residence, workplace, or where the alleged violation occurred.
V. Data Security
Your personal data are protected through appropriate technical and organizational measures against accidental or intentional manipulation, loss, destruction, and/or unauthorized access by third parties.
VI. Contact via Email
1. Description and scope of data processing
Our website provides an email address for electronic contact. If you contact us by email, the data you submit are transmitted to us and stored.
No disclosure to third parties occurs. The data are used solely for processing the conversation.
2. Legal basis
If the user has given consent, Art. 6(1)(a) GDPR applies.
For data transmitted via email, Art. 6(1)(f) GDPR applies.
If the email aims to conclude a contract, Art. 6(1)(b) GDPR also applies.
3. Purpose
The data are used exclusively to process the contact request. Our legitimate interest lies in this processing.
4. Storage duration
Data are deleted when no longer required. For email communication, this is the case when the conversation has ended.
5. Right to object
You may withdraw consent at any time. You may also object to storage of your personal data at any time; the conversation cannot continue in this case. All stored personal data will then be deleted.
VII. Cookies
1. Scope of data processing
The controller uses cookies on the website. These are text files stored in or by the browser on the user’s system.
Cookies enable browser identification upon revisiting.
The following data may be stored:
Language settings
Additionally, cookies may track user behavior, such as:
Search terms entered
Use of website functions.
2. Legal basis and purpose
The legal basis for technically necessary cookies is Art. 6(1)(f) GDPR.
Cookies serve to make the website more user-friendly and functional.
Analytical cookies help improve quality and content.
3. Storage duration and objection
Users control cookie usage through their browser settings. Stored cookies can be deleted at any time. If cookies are disabled, some website functions may not work fully.
VIII. Status of the Privacy Policy
This privacy policy is currently valid and dated October 2025. We reserve the right to update it due to legal or factual changes.