Privacy Policy - PFKA attorneys at law

1. General Information

We, Petsch Frosch Klein Arturo Rechtsanwälte OG, as the controller under data protection law, take the protection of your personal data seriously. Therefore, we process your data exclusively on the basis of the statutory provisions (in particular the GDPR).

Your personal data is protected by the applicable data protection regulations. Personal data is any information relating to an identified or identifiable natural person (e.g. name, e-mail address, IP address).

In this data privacy policy, we inform you which of your personal data we process when you visit our website, why we need this data, how we use it, whom you can contact if you have any questions and which rights you are entitled to.

2. Name and address of the controller

Petsch Frosch Klein Arturo Rechtsanwälte OG
Schubertring 14
1010 Wien
Austria

There is no data protection officer designated in the company of the controller.

3. Data processing in connection with the visit of our websiterer Webseite

3.1. Collection and storage of personal data and type and purposes of use

When you visit our website and view a single page, you retrieve individual files that make up this page to establish the connection. The following data is automatically processed and stored until it is automatically deleted after 14 days:

Browser type and version as well as other information transmitted by the browser (e.g. operating system, access location, language settings, etc.)
IP address of your end device that retrieved the file
Date and time of your visit
Website from which the access was made (referrer URL)

We process this data for the following purposes:

Providing a comfortable use of the website
Ensuring a smooth connection to our website
Evaluation the security and stability of our system

Legal basis: We base this processing of personal data on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the technical maintenance of the operation of the website, improvement of the services offered on the website and the prevention of misuse.

Storage period: The data processed as part of your visit to the website is stored for two weeks and then deleted.

3.2. Webhosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, in particular, IP addresses, website accesses and other data generated by the website.

The use of the hoster is in accordance with Art. 6 para. 1 lit. f GDPR due to our legitimate economic interest in publicly presenting our law firm and its services on this website. In order to ensure data processing in compliance with data privacy law, we have concluded a data processing agreement with our hoster.

We use the following hoster:
World4You Internet Services GmbH
Hafenstraße 35
4020 Linz
Austria
https://www.world4you.com/

The servers of our hoster are all located in Europe and all data is stored exclusively in Europe.

4. Transfer of personal data to third parties

We only pass on your personal data to third parties if

you have given your express consent to this in accordance with Art. 6 para. 1 lit. a GDPR or
there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR.

5. Transfer of personal data to third countries

In some cases, when you visit our website, personal data is transferred to third countries, i.e. countries outside the European Economic Area (EEA). This only takes place under the conditions of Art. 44 et seq. GDPR.

In this data privacy policy, we inform you when and how we transfer personal data to third countries and under what conditions such a transfer is permitted.

The EU Commission can determine that certain countries outside the European Economic Area offer an adequate level of protection for personal data by means of a so-called adequacy decision in accordance with Article 45 GDPR. If such an adequacy decision exists, the controller may transfer data to this third country without the need for further safeguards in accordance with Article 46 et seq. GDPR.

If there is no adequacy decision by the EU Commission for a third country in accordance with Article 45 GDPR (so-called unsafe third countries), we will only transfer your personal data under the conditions of Article 46 or Article 49 GDPR, for example if

sufficient safeguards are provided by the recipient in accordance with Art. 46 GDPR for the protection of the personal data or
you have expressly consented to the transfer, after we have informed you about the risks, in accordance with Art. 49 para. 1 lit. a GDPR

Safeguards in the sense of Art. 46 GDPR can be so-called standard contractual clauses. In these standard contractual clauses, the recipient ensures that the data is adequately protected and thus guarantees a level of protection comparable to that of the GDPR.

– Transfer of data in the USA

With the adequacy decision within the meaning of Article 45 GDPR of 10.07.2023 (so-called EU-U.S. Data Privacy Framework), the EU Commission has determined that the United States guarantees an adequate level of protection – comparable to that of the European Union – for personal data.

Data can be transferred to US companies or other data recipients in the US on the basis of this adequacy decision without the need to introduce additional data protection safeguards if the US company to which the data is transferred is listed in the so-called Data Privacy List (available here). If a recipient in the US is not listed in the Data Privacy List, a transfer based on Art. 45 GDPR is not permitted.

To be included in the Data Privacy List, the recipient must undertake to comply with detailed data protection obligations. The US Department of Commerce processes the certification applications and monitors whether the participating companies fulfill the certification requirements.

More information about the EU-US Data Privacy Framework can be found here.

6. Cookies

Our website uses cookies. These are small text files that are temporarily stored on your end device with the help of the browser. Cookies have different functions. Some cookies are technically necessary, as certain functions of our website would not work without them. Other cookies help us, for example, to improve your user experience by identifying the frequency and type of use of our website. Other cookies help us to evaluate your behaviour on our website and to recognize which of our content you are interested in.

Different types of cookies can be categorized as follows:

Essential cookies (also referred to as “functional” or “technically necessary” cookies): These are cookies that are necessary for the operation of our website because they ensure that our website functions properly.

Statistical and marketing cookies: Cookies are used, for example, to record the interests of a user or to store their behaviour on individual websites in a user profile. This process is referred to as “tracking”. The setting of statistics and marketing cookies is only permitted if you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Cookies can also be categorized according to how long they remain on your end device:

Session-Cookies: Such cookies are automatically deleted after you leave our website.

Temporary cookies: Such cookies are stored on your end device for a specific, fixed period of time. They enable us to recognize your browser on your next visit and improve the presentation of our website.

Some of the cookies we use on our website are essential cookies, which are necessary for the operation of our website and serve to ensure that our website functions properly. The legal basis for the processing of personal data in the context of essential cookies is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in maintaining and ensuring a functional website.

We also use statistical and marketing cookies and external media (Google Maps). However, we only use these if you have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR.

In the following list, we inform you about which cookies we place on our website, about their function and how long they are stored:

Cookie: Borlabs Cookie

Provider: Owner of this website
Description: Borlabs Cookies is used to store your consent regarding the use of cookies.
Category: Essential cookies
Storage: 60 days

Cookie: _ga

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Description: Used to distinguish users and to store and count page views / set by Google Analytics
Category: Statistical and marketing cookies
Storage: 2 years

Cookie: _gid

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Description: Used to distinguish users and to store and count page views / set by Google Analytics
Category: Statistical and marketing cookies
Storage: 24 hours

Cookie: _gat

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Description: Used to distinguish users from bots / is set by Google Analytics
Category: Statistical and marketing cookies
Storage: 1 minute

Cookie: NID

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Description: Used to unblock Google Maps content.
Category: External media
Storage: 6 months

Cookie: _icl_*, wpml_*, wp-wpml_* / Name: WPML

Provider: Owner of this website
Description: Saves the current language of the website
Category: Essential cookies
Storage: 1 day

You can manage your consent settings at any time in the .

You can also configure the browser you are using (e.g. Internet Explorer, Google Chrome, Firefox) in a way so that the setting of cookies is only permitted in individual cases or is generally not permitted and you can specify the automatic deletion of cookies. If you do not allow the setting of cookies that are essential for the operation of our website, the functionality of our website may be restricted.

7. Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google LLC. (“Google”). For the member states of the European Union, the company Google Ireland Limited (Gordon House, Barrows Street Dublin 4, Ireland) is responsible for all Google services. Google Analytics uses so-called cookies (see point 6. of this data privacy policy), i.e. text files that are stored on your end device to enable an analysis of the use of the website. For example, information on the operating system, the browser, your IP address, the website you previously visited (referrer URL) and the date and time of your visit to our website are collected. The information generated by the cookies is transferred to a Google server and stored there.

We use the information generated by Google Analytics to evaluate the use of the website in order to compile reports about the activities on our website. We use this information solely for the purposes of our own market research and to optimize the design of the website. The IP address is anonymized so that it is not possible to connect it to a user. The user data collected via cookies is automatically deleted after 14 months.

The information may be transferred to third parties if this is required by law or if third parties process this data on our behalf. The processed data may be transferred to servers in the USA and insecure third countries and processed there.

Legal basis: We only use Google Analytics on our website if you have given your express consent to this in accordance with Art. 6 para. 1 para. 1 lit. a GDPR. . You can revoke your consent in the at any time.

Data transfer abroad: Google processes your data in the USA, among other places.

With the adequacy decision within the meaning of Art. 45 GDPR of 10.07.2023, the EU Commission has determined that the United States guarantees an adequate level of protection – comparable to that of the European Union – for personal data. Data can be transferred to US companies on the basis of this adequacy decision without the need to introduce additional data protection safeguards if the US company to which the data is transferred is listed in the so-called Data Privacy List (available here).

To be included in the Data Privacy List, the company must undertake to comply with detailed data protection obligations. The US Department of Commerce processes the certification applications and monitors whether the participating companies fulfill the certification requirements.

The provider of Google Analytics, Google LLC, has undertaken to comply with extensive data protection obligations in accordance with the EU Commission’s adequacy decision of 10.07.2023, and has accordingly been certified and included in the Data Privacy List administered by the US Department of Commerce.

For more Information on data processing by Google, please see the Google Privacy Policy & Terms of Use.

– Data Processing Agreement (DPA) Google Analytics

We have concluded a data processing agreement (DPA) with Google in accordance with Article 28 of the General Data Protection Regulation (GDPR).

Such an agreement is required by law because Google processes personal data on our behalf. This agreement clarifies that Google may only process data that it receives from us in accordance with our instructions and must comply with the GDPR. You can find the link to the data processing agreement (DPA) here.

8. Google Maps

We use Google Maps from Google LLC on our website to display the locations of our law firm on an interactive map. For the member states of the European Union, the company Google Ireland Limited (Gordon House, Barrows Street Dublin 4, Ireland) is responsible for all Google services.

If you click on a map from Google Maps on our website, information about your use of this website and your IP address will be transmitted to a Google server in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. Your data will be deleted as soon as it is no longer required for the purpose of processing.

Further information on the purpose and scope of data collection and its processing by Google can be found here. The transmitted data are only pseudonyms; it is not possible to draw conclusions about your name.

Legal basis: We only use Google Maps on our website if you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time in the .

Data transfer abroad: Google processes your data in the USA, among other places. With the adequacy decision within the meaning of Art. 45 GDPR of 10.07.2023, the EU Commission has determined that the United States guarantees an adequate level of protection – comparable to that of the European Union – for personal data. Data can be transferred to US companies on the basis of this adequacy decision without the need to introduce additional data protection safeguards if the US company to which the data is transferred is listed in the so-called Data Privacy List (available at).

The provider of Google Maps, Google LLC, has undertaken to comply with extensive data protection obligations in accordance with the EU Commission’s adequacy decision of 10.07.2023, and has accordingly been certified and included in the Data Privacy List administered by the US Department of Commerce.

9. Borlabs Cookie

On our website we use the cookie consent technology of Borlabs Cookie.

Provider of the Borlabs Cookie consent technology:

Borlabs GmbH
Hamburger Str. 11
22083 Hamburg
Germany

Borlabs’ consent technology helps us to obtain your consent to the use of cookies and similar technologies. Furthermore, Borlabs’ consent technology helps us to manage, store and document your cookie consents. This information is stored by Borlabs in your browser with the help of cookies. This data is not passed on to Borlabs GmbH.

Storage: The data collected by the cookie consent technology is deleted when the purpose of the data processing no longer applies. You can find more information on data processing by Borlabs Cookie here.

Legal basis: We use Borlabs’ cookie consent technology so that we can obtain the legally required consent for the use of cookies. This processing of personal data is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to be able to obtain the legally required consents.

10. Automated individual decision making (including Profiling)

We do not use any decision-making based on automated processing – including profiling – on our website within the meaning of Article 22 GDPR.

11. Your rights

The General Data Protection Regulation grants you extensive rights with regard to your data. You can assert these rights, for example, in writing by sending an e-mail to pfka@pfka.eu. However, you are not obliged to assert your rights against us as the controller by means of this e-mail address.

You have a right of access (Art 15 GDPR) about whether and if so, which and how we process your personal data. You have a right to rectification (Art 16 GDPR) or completion of your inaccurate or incomplete personal data. Under certain circumstances, you have a right to erasure (Art 17 GDPR), a right to restriction of processing (Art 18 GDPR), a right to data portability (Art 20 GDPR) and a right to object (Art 21 GDPR).

If you have given your consent to the processing of data, you have the right to revoke it at any time. A revocation does not affect the lawfulness of the processing based on the consent until the revocation.

12. Right to lodge a complaint with the competent authority

You have the right to lodge a complaint (Art 77 GDPR) with the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, or another supervisory authority if you believe that the processing of your personal data violates data protection law or your rights under data privacy law have been violated in any other way.

13. Contact details of the controller

Petsch Frosch Klein Arturo Rechtsanwälte OG
Schubertring 14, 1010 Vienna
Austria
Email: pfka@pfka.eu
Phone: +43 15862180