activelaw Offenhausen.Wolter PartmbB
The data controller within the meaning of the General Data Protection Regulation (GDPR), other national data protection laws of the Member States, and any other applicable data protection provisions is:
activelaw Offenhausen.Wolter PartmbB
Hans-Böckler-Allee 26
30173 Hannover, Germany
Tel.: +49 511 / 547 470
E-Mail: info@activelaw.de
Website: www.activelaw.de
Data Protection Officer
Attorney Marion Albrecht
activelaw Offenhausen.Wolter PartmbB
Hans-Böckler-Allee 26
30173 Hannover
Tel: +49 511 / 547470
E-Mail: datenschutz@activelaw.de
We collect and use personal data of our users solely to the extent necessary for providing a fully functional website as well as our content and services. We treat your personal data confidentially and in accordance with applicable data protection laws and this Privacy Policy. In general, the use of our website is possible without providing personal data.
Where personal data (such as name, address, or e-mail address) is collected on our website, this is always done on a voluntary basis wherever possible. Such data will not be disclosed to third parties without your explicit consent. Please note that data transmission over the Internet (e.g., via e-mail communication) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.
The collection and use of personal data from our users generally only occurs with the user’s consent. An exception applies in cases where obtaining prior consent is not feasible for practical reasons and the processing of data is permitted by statutory provisions.
Where we obtain your consent for processing operations of personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing.
For the processing of personal data necessary to fulfill a contract with you, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
Where the processing of personal data is necessary to comply with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party, and your interests, fundamental rights, and freedoms do not override this interest, Article 6(1)(f) GDPR serves as the legal basis for processing.
Your personal data will be deleted or blocked as soon as the purpose for storing it no longer applies. Further retention may occur if required by European or national legislation in Union regulations, laws, or other provisions to which the data controller is subject. Blocking or deletion of data also takes place if the storage period prescribed by the aforementioned provisions expires, unless further storage of the data is necessary for concluding or fulfilling a contract.
Each time our website is accessed, our system automatically collects data and information from the computer system of the requesting device. The following data are recorded in this process:
The log files may contain IP addresses or other data that allow a link to a specific user. This could, for example, occur if the link to the website from which the user arrives at our website, or the link to the website the user visits afterward, contains personal data. These data are also stored in the log files of our system. However, no storage of these data together with other personal data of the user takes place.
The legal basis for the temporary storage of data and log files is Article 6(1)(f) GDPR.
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. Storage in log files serves to ensure the functionality of the website. Furthermore, the data are used to optimize the website and to ensure the security of our information technology systems. Evaluation of the data for marketing purposes does not take place in this context. These purposes also constitute our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR.
The data will be deleted as soon as they are no longer required for the purpose for which they were collected. In the case of data collection for website provision, this is when the respective session ends. For data stored in log files, this occurs no later than seven days after collection. Further storage may be possible; in such cases, the IP addresses of users will be deleted or anonymized so that the requesting client can no longer be identified.
The collection of data for the provision of the website and the storage of data in log files is strictly necessary for the operation of the website. Consequently, users do not have the option to object.
Our website uses cookies to simplify usage, optimize the website, and provide functions such as analytics tools.
All data collected are pseudonymized and are not combined with other personal data. Analytics cookies are only set following explicit user consent.
We use Finsweet Consent Pro as a Consent Management Platform (CMP) to manage your consents in compliance with the GDPR. Your consents are stored in a Cloudflare KV Store at the following endpoint: https://new-worker.marketing-68c.workers.dev/
Cloudflare acts as a data processor pursuant to Article 28 GDPR and ensures an adequate level of data protection based on the EU-US Data Privacy Framework.
You may also at any time disable or restrict the transmission of cookies via your browser settings. Cookies already stored can also be deleted at any time. Please note that this may result in some website functions not being fully available.
It is possible to contact us via the provided e-mail address. In such cases, the personal data transmitted via e-mail are stored. There is no disclosure of these data to third parties. The data are used exclusively for the purpose of processing the correspondence.
The legal basis for processing the data, where your consent is present, is Article 6(1)(a) GDPR. The legal basis for processing the data transmitted in the course of sending an e-mail is Article 6(1)(f) GDPR. If the e-mail contact is aimed at concluding a contract, Article 6(1)(b) GDPR additionally serves as a legal basis for processing.
In the case of contact via e-mail, the processing of data is also justified by our legitimate interest in handling the correspondence.
The data will be deleted as soon as they are no longer required for the purpose for which they were collected. For personal data sent via e-mail, this is the case once the respective correspondence with you has concluded. A correspondence is considered concluded when the circumstances indicate that the relevant matter has been definitively resolved. Personal data additionally collected during the sending process will be deleted no later than seven days afterward.
You may withdraw your consent to the processing of personal data at any time. If you contact us via e-mail, you may object to the storage of your personal data at any time. In such cases, the correspondence cannot be continued, and all personal data stored in the course of the contact will be deleted.
Our website provides the option to subscribe to a free newsletter. When registering for the newsletter, the data entered in the registration form are transmitted to us. The data transmitted include your e-mail address, as well as your first and last name, if provided. In addition, the following data are collected during registration:
(a) IP address of the accessing device
(b) Date and time of registration
For the processing of these data, your consent is obtained during the registration process, with reference to this Privacy Policy. No data are disclosed to third parties in connection with the processing of data for sending newsletters. The data are used exclusively for the purpose of sending the newsletter.
For sending the newsletter, we use the service of Mailchimp (https://mailchimp.com/de/gdpr/). Your personal data are transmitted to this service provider for the purpose of sending and managing the newsletters. We have concluded a data processing agreement with this service provider in accordance with Article 28 GDPR.
The legal basis for processing the data after a user subscribes to the newsletter is Article 6(1)(a) GDPR, where user consent is present.
The collection of the user’s e-mail address is intended to enable delivery of the newsletter. The collection of other personal data during registration serves to prevent misuse of the service or the e-mail address provided.
The data will be deleted as soon as they are no longer required for the purpose for which they were collected. The user’s e-mail address will be stored as long as the newsletter subscription remains active. Other personal data collected during the registration process are generally deleted after a period of seven days.
If personal data concerning you are processed, you are considered a data subject within the meaning of the GDPR and are entitled to the following rights:
You have the right to obtain confirmation from us as to whether personal data concerning you are being processed. If such processing occurs, you may request information regarding the following:
You also have the right to request information as to whether personal data concerning you are transferred to a third country or to an international organization, and, in this context, to be informed about the appropriate safeguards pursuant to Article 46 GDPR relating to such transfers.
You have the right to request the correction and/or completion of personal data concerning you if the processed personal data are inaccurate or incomplete. The controller shall rectify such data without undue delay.
You may request the restriction of the processing of personal data concerning you under the following conditions:
Where processing of personal data concerning you has been restricted, such data may only be processed—with the exception of storage—with your consent, for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State. You will be informed before the restriction is lifted.
You may request the immediate deletion of personal data concerning you, and we are obliged to erase such data without undue delay if one of the following reasons applies:
If we have made personal data public and are obliged under Article 17(1) GDPR to delete it, we shall take reasonable measures, taking into account available technology and implementation costs, including technical measures, to inform controllers processing these personal data to delete all links, copies, or replications of such data.
The right to erasure does not apply insofar as processing is necessary:
If you have exercised your rights to rectification, erasure, or restriction of processing, we are obliged to inform all recipients to whom the personal data concerning you were disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.
You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format. You also have the right to transmit such data to another controller without hindrance from the controller to whom the personal data were provided, provided that:
In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, insofar as technically feasible, without affecting the rights and freedoms of others. The right to data portability does not apply to processing necessary for performing a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you based on Articles 6(1)(e) or (f) GDPR. We will no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to establish, exercise, or defend legal claims.
If personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes, including profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or the location of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR. The supervisory authority where the complaint is lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
Supervisory Authority Responsible for Us in Lower Saxony
The State Commissioner for Data Protection
Denis Lehmkemper
Prinzenstraße 5
30159 Hannover, Germany
Most of the third-party services used on our website are based in the United States. We use these services to enhance the use of our website, provide functions, and perform statistical analyses.
The European Commission has adopted the EU-US Data Privacy Framework, which ensures that personal data transferred from the EU to US companies enjoy an adequate level of protection, comparable to that of the EU.
You may disable or restrict the storage of cookies in your browser. Please note, however, that some functions of our website may not be fully usable. For Google Analytics, you can also download the browser add-on to deactivate tracking: https://tools.google.com/dlpage/gaoptout.
| Cookie / Tool | Purpose | Type | Legal Basis | Retention | Opt-Out |
|---|---|---|---|---|---|
| _cf_bm (Cloudflare) | Protection against bad bots, security functions | Technically necessary | Art. 6(1)(f) GDPR | 30 minutes of inactivity | N/A |
| Google Analytics | Generation of usage statistics, website optimization | Analytics | Consent Art. 6(1)(a) GDPR | Up to 14 months | Cookie banner or browser settings |
| Webflow Analyze | Statistical analysis of page views, clicks, and form interactions | Analytics | Consent Art. 6(1)(a) GDPR | Up to 13 months | Cookie banner or browser settings |
We use services from Google Inc.; for the EU, Google Ireland Limited is responsible. Their use requires your consent, which is obtained via our cookie banner. More information: https://policies.google.com/privacy.
Google Analytics collects anonymized data about user behavior on our website to improve our services and make them more user-friendly. The following information is collected:
The Google Tag Manager is used solely for managing tracking codes (e.g., Google Analytics, Google Ads). No data are stored or cookies set by the Tag Manager itself. It only forwards the data of integrated tags to the respective services.
Our website uses the _cf_bm cookie from Cloudflare to detect and block automated traffic. This enhances the security and stability of our website.
Webflow Analyze helps us optimize the website by analyzing pseudonymized visitor data.
To provide our online service securely and efficiently, we utilize the services of one or more web hosting providers, from whose servers (or servers managed by them) the online service can be accessed. For these purposes, we may make use of infrastructure and platform services, computing capacity, storage space, database services, as well as security and technical maintenance services.
The data processed in connection with the provision of hosting services may include any information concerning users of our online service that arises during usage and communication. This typically includes the IP address, which is necessary to deliver the content of online services to browsers, as well as any entries made within our online service or on web pages.
We ourselves (or our web hosting provider) collect data for each access to the server (so-called server log files). Server log files may include the addresses and names of accessed web pages and files, the date and time of access, the amount of data transmitted, notifications of successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), and usually the IP addresses and requesting provider.
Server log files may be used for security purposes, such as preventing server overload (particularly in the event of abusive attacks, e.g., DDoS attacks), and to ensure the performance and stability of the servers.
We use the content delivery network (CDN) of jsDelivr (www.jsdelivr.com) to embed scripts more quickly and efficiently. A CDN is a network of globally distributed servers that hold replicated content. jsDelivr states that it does not use cookies or tracking services. Nevertheless, your browser may transmit personal data to jsDelivr (e.g., IP address, browser type, etc.).
Before using this service, we obtain your consent via our cookie pop-up. This consent constitutes the legal basis for the processing of personal data in accordance with Article 6(1)(a) GDPR.
We use Webflow services to create static websites, which may also include online forms.