Please note, that this Data Protection Declaration has been translated form the respective German version (Datenschutzerklärung). In case of any deviations, the German Datenschutzerklärung shall prevail.
Acting as a lawyer is closely related to the use of confidential data. Thus, your trust is very important for us in order to be able to provide you with advice and representation in an optimum manner. The trust you place in your lawyer is also recognized and protected by law, in particular by means of the attorney-client privilege (Art. 15 Lawyers Act, Rechtsanwaltsgesetz, RAG). Needless to say, that we take the protection of your confidence serious in case of automated processing of your confidential personal data.
Therefore, we only process the data necessary for the performance of our tasks and services. We process your data with due diligence and we take appropriate measues to protect your data from any possible misuse.
Hereinafter, you will find information about the processing of your data and your rights according to the GDPR (General Data Protection Regulation, DSGVO, Datenschutz-Grundverordnung) and the DPA (Data Protection Act, Datenschutzgesetz).
1. Name and contact information of the controller
Law Office Mag. iur. Sabine Fröhlich
Sabine Fröhlich, Rechtsanwältin
2. Categories of collected personal data, purposes and lawfulness of processing
As a law firm we, Mag. iur. Sabine Fröhlich, attorney at law (hereinafter: “we” or “us”), collect, process and use your personal data only with your consent, your mandate or if it is necessary to execute our legal services or if there is another legal basis in accordance with the GDPR and the DPA as amended from time to time; furthermore, all data processing operations are in compliance with national data protection and civil law provisions.
We only collect personal data necessary for the performance and processing of our legal services or which you voluntarily provided to us. We possibly process data we did not directly collect from you, but for example from third parties, from publicly accessible sources or from other data subjects.
Within the scope of our mandate from the Client we collect and process the following personal data:
Personal data, such as gender, tax numbers or other official numbers which allow to identify the person behind it, video recordings, photos, voice recordings of persons may also be included as well as sensitive data, such as biometric data, fingerprints, health data or data related to criminal proceedings.
We collect these data
Your personal data are processed on the basis of Article 6 (1) (a)-(c), (e) and (f) GDPR.
Generally, the processing of your data is caused by your request for legal advice and/or representation, is based upon your agreement (Article 6 (1) (a) GDPR) and is necessary for the adequate handling of the mandate and for the mutual fulfilment of obligations arising from the client relationship (Article 6 (1) (b) GDPR). In addition, other legal duties may require to process your data (Article 6 (1) (c) GDPR). In particular, we are obliged to comply with the provisions laid down in the Lawyers Act (Rechtsanwaltsgesetz, RAG) and the provisions concerning due diligence, anti-money laundering and prevention of financing of terrorism). Furthermore, the processing of your personal data can be necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Article 6 (1) (e) GDPR). This applies in cases where our legal services provided are not based on a respective agreement with a Client, but are caused by an appointment by the competent authorities, e.g. the court in cases of appointment as curator, liquidator, etc….
In addition, your data can be processed to protect our legitimate interests or legitimate third parties interests (Art. 6 (1) (f) GDPR) for specifically defined purposes, in particular to assert or enforce and to defend against claims.
Die Verarbeitung Ihrer Daten kann aber auch zur Wahrnehmung einer Aufgabe erforderlich sein, die im öffentlichen Interesse liegt (Art. 6 Abs. 1 lit e DSGVO), z.B. wenn die anwaltliche Tätigkeit nicht auf Vertrag, sondern auf einer amtlichen Bestellung beruht (z.B. Kurator, Masseverwalter, etc.). Darüber hinaus werden Ihre Daten auch zur Wahrung berechtigter Interessen Dritter oder aufgrund unserer eigenen berechtigten Interessen zur Anspruchsdurchsetzung oder Anspruchsabwehr verarbeitet (Art. 6 Abs. 1 lit. f DSGVO).
Please note, that the processing of personal data within the scope of our clients mandate is not limited to the clients data but also comprises personal data of any party /data subject involved, as long as this is necessary to fulfil the obligations arising from the client relationship.
3. Use of data
We will not process data made available for purposes other than those covered by your consent or otherwise by a provision in accordance with the GDPR and the DPA, except for the use for statistical purposes, provided that data made available was anonymized before.
4. Recipients or categories of recipients of the personal data
The execution of your mandate may require us to transfer your data to third parties (e.g. counterparties, substitute lawyers, insurance companies and service providers we may use and to whom we provide data, etc.), courts or authorities.
Furthermore, we would like to inform you that information relating to the specific circumstances of your case may regularly be sourced from third parties (e.g. search engines, the commercial registry, the land register, the Central Register of Residents, your website) in connection with our legal services.
Weiters informieren wir Sie darüber, dass im Rahmen unserer rechtsanwaltlichen Vertretung und Betreuung regelmässig auch sachverhalts- und fallbezogene Informationen von dritten Stellen bezogen werden.
5. Transfer of personal data to a third country
Some of the above-mentioned recipients of your personal data are located abroad or outside the EEA (European Economic Area) and process your personal data there. For this reason, we will transfer your personal data only to countries outside the EEA (to so-called third countries) which the European Commission has attested an appropriate level of data protection, or if this is necessary for the implementation of pre-contractual measures or the performance of a contract, if you have given us your explicit consent, if the transfer is necessary for important reasons of public interest or is otherwise stipulated by law.
6. Period of storage of the personal data
Generally, we will store the data collected
7. Rights of data subjects
Pursuant to the General Data Protection Regulation you have the following rights:
If you wish to make use of your right to revoke your consent or object to the processing of your personal data please use the contact details given above under 1.
In case of any change of your personal data, we politely ask for an according notice.
8. Provision of the website (server logfiles)
Our system records data and information about the computer used by the user automatically and with every visit on our website.
The following data is collected:
This storage is done in compliance with the applicable legal provisions. We process the data due to security reasons and to ensure the stability and integrity of our systems. We will delete your data as soon as the storage and processing is not necessary anymore to fulfil the purpose mentioned above.
We only store and analyze anonymized IP-addresses of visitors to our website. It is not possible to establish the true identity of the visitor.
Legal basis for the processing of data through cookies is Article 6 (1) (f) GDPR.
10. Google Analytics
Additionally, we ensure that your IP address is anonymized before it is transmitted to Google.
Legal basis for the usage of Google Analytics is Article 6 (1) (f) GDPR.
11. Contact form (optional)
If you fill out a contact form, send us an email or another form of electronic message, your data will only be used to process your inquiry and possible further questions you might have.
Legal basis for the processing of your inquiry is Article 6 (1) (b) GDPR.
12. Data security
We use the common encryption technology “SSL” in connection with the highest encryption levels that are supported by your browser. If a page on our website was/is being transmitted encrypted it is shown by the lock symbol in the address bar of your browser.
Additionally, we use appropriate technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or complete loss, destruction, or to prevent unauthorized access by third parties. Our security measures are continuously upgraded according to the latest technological developments.