Data Protection Declaration

The protection of your data is a high priority for OPPENLÄNDER.

We inform you below of the nature and extent of the processing of personal data in the course of the use of our Internet presentation (under II.), in dealing with a case (under III.), for direct marketing purposes (under IV.) and job applications (under V.).

I. Name and contact data of the processor (the party responsible for processing) and the data protection officer

Responsible for processing personal data is:

OPPENLÄNDER Rechtsanwälte Partnerschaft mbB
Börsenplatz 1 (Friedrichsbau )
70174 Stuttgart
Telephone: +49 (0)711/60187-0

OPPENLÄNDER’s data protection officer can be reached under the above address and by e-mail under datenschutz(at)

II. Data processing for our Internet presence

The use of our website is possible, in principle, without giving personal data. We collect your personal data only if that is necessary for providing our Internet services. In the following cases, processing of personal data occurs:

1. Accessing our Website

On logging on to our website, information in Server Log Files which your browser automatically transmits to us is collected and saved due to the system design. That information is:

  • the IP address of the device logging on,

  • the date and time of retrieval,

  • the name and URL of the file accessed,

  • notice whether the log on was successful,

  • quantity of data transmitted,

  • referrer URL (website from which the access is conducted) or the name of the access provider,

  • the browser and operating system used.

The above data cannot be attributed by us to specific persons, we cannot draw conclusions as to your identity. The data of the log files are always saved separately from other personal data. Combination with other data sources does not take place.

The above data are processed on the basis of Art. 6 (1) f) General Data Protection Regulation (GDPR) to facilitate the provision of the content of our website and to ensure the functionality of our IT systems, to optimise our website and to evaluate the security and stability of the system. The data are saved for a maximum of seven days and then deleted.

2. Online registration for events

On our website, you have the opportunity from time to time to register online for selected events. For that purpose, you must enter your name, first name, your e-mail address and your company in an application form (mask). You can also voluntarily enter other data (telephone number or position).

We process the data provided by you on the basis of Art. 6 (1) sentence 1, b) or f) GDPR in order to register your participation in the desired event, to inform you of any changes of time or location of the event and to send you after the event as the case may be documents from the event in electronic form.

We also reserve the right, on the basis of Art. 6 (1) sentence 1, f) GDPR to process the data provided to us by you in order to inform you of other OPPENLÄNDER Rechtsanwälte events and of new legal developments and amendments. If you do not wish to receive any event invitations or information from us, you can, at any time, without stating grounds and with effect for the future, object to the processing of your data for those purposes by notice to the contact data stated at I. above. Further information on that right to object according to Art. 21 GDPR is provided under VII. below.

3. Use of Cookies

No cookies are used on our website. Your visit to our website is not tracked nor are user profiles made with the use of pseudonyms.

III. Case-related data processing

In the course of case acquisition or receiving instructions, we collect personal data of the client or contact persons specified by our client, in particular the name, first name and contact data (telephone number, e-mail address, fax) of the client and/or contact partner. In addition, we collect the information necessary for enforcing and defending the rights of our client in the course of the case.

The data collected by us is processed by us for purposes of collision testing and the decision to accept the case, processing the case, issuing invoices, defending or dealing with any liability claims and making any claims of ours arising out of the handling of the case.

The legal basis for the processing consists of the following:

  • Art. 6 (1) sentence 1 b) GDPR:
    processing of your data is necessary for the acceptance and processing of the case and the fulfilment of mutual obligations arising from the engagement agreement.

  • Art. 6 (1) sentence 1 f) GDPR:
    processing is necessary for the purposes of our legitimate interests in particular for enforcing and defending legal claims arising in the course of the case.

The personal data collected by us will be saved for as long as that is necessary to achieve the objective for which the data were collected. That point is usually reached when the case is concluded and possible warranty claims have expired and we are no longer subject to further retention obligations arising from lawyers‘ professional law or tax or commercial law provisions or explicit consent to further retention of data has not been given according to Art. 6 (1) sentence 1, a) GDPR.

If we have received consent to speak about individual cases to relevant sector services for commercial law firms (e.g. JUVE, Legal500, Chambers), we reserve the right to name clients and/or contact partners as reference persons and for that purpose to transmit names and first names, company and position, postal address, e-mail address and telephone number of the reference persons to the relevant sector services. Those data may be used by the sector services in order to contact the persons concerned and to ask them about the cooperation with OPPENLÄNDER. The legal basis for that is Art. 6 (1) sentence 1 f) GDPR.

Publication of personal data in the course of reporting on individual cases on our website takes place only if the persons concerned have expressly consented thereto.

IV. Data processing for purposes of direct marketing

We reserve the right to process personal data which has been provided to us in the course of dealing with a case – i.e. family name, first name, postal address and possibly other information provided voluntarily to us (position, industry, legal area) – in order to send to our clients and/or contact persons invitations by post to OPPENLÄNDER events relevant to him/her and information on legal developments. The legal basis for that is Art. 6 (1) f) GDPR.

We use the e-mail addresses provided to us for direct marketing only if the person concerned has expressly consented thereto. The legal basis for that is Art. 6 (1) a) GDPR.

Any client and/or contact partner can, at any time free of charge and with effect for the future, object or revoke consent to the processing of personal data relating to him/her for the purposes of direct marketing by mail to the contact data stated under I. above or through a link provided for that purpose in an e-mail sent by us.

V. Data processing in the course of job applications

In the case of job applications to OPPENLÄNDER, we process personal data provided to us by applicants, in particular personal data (name, date and place of birth, possibly photograph or other personal data), address and contact data (address, e-mail, telephone, mobile telephone), evidence of qualifications (school reports, examinations, degrees, references, certificates of further training) and CV data. The data will be processed at OPPENLÄNDER exclusively for dealing with the application, in particular conducting the application process and deciding on employment. The legal basis for that are section 26 BDSG and Art. 6 (1) sentence 1 b) GDPR.

Data of applicants who have not been employed are deleted regularly and retained for at most twelve months unless the applicant has explicitly consented to retention beyond that time.

VI. Data processing when participating in events

We reserve the right, in the course of selected OPPENLÄNDER Rechtsanwälte events, to make photographic or video recordings in order to capture impressions of the event. The images produced will be processed exclusively for the purposes of event documentation and reports of the event (inter alia, in print media or on the Internet page of OPPENLÄNDER Rechtsanwälte). If a participant does not agree that he/she be photographed during the event or be recognisable in reports of the event, that person may object to the processing of his/her data under Art. 21 (1) GDPR (cf. under VII.), inter alia by informing a contact person of OPPENLÄNDER Rechtsanwälte or the photographer directly at the event accordingly.

VII. Passing on personal data to third parties

Personal data is not, in principle, passed on to third parties – unless previously stated. In particular, we do not pass on personal data to recipients based outside the European Union or the European Economic Area unless that is necessary in connection with processing a case.

To the extent that is necessary for processing a case, according to Art. 6 (1) sentence 1 b) GDPR personal data will be passed on to third parties. That includes, in particular, passing on to opponents and their representatives (in particular, their lawyers) and courts and other official authorities for the purposes of correspondence and enforcing and defending the rights of our clients.

To some extent, we avail of outside service providers to process personal data in the course of contract processing under Art. 28 GDPR (e.g. in the areas of IT services, translations or file destruction). These service providers have been carefully selected and instructed by us, are bound by our instructions and are regularly checked.

At most in exceptional cases and only within the legal provisions, personal data may be passed on to regulatory or criminal investigation authorities if required to prevent and reveal cases of fraud and other crimes. The legal basis for that is Art. 6 (1) c) and f) GDPR.

VIII. Rights of those affected

To the extent that we process personal data, those affected have the following rights:

Right of objection

If the processing is supported by Art. 6 (1) f) GDPR (“purposes of legitimate interests”), the affected person can, according to Art. 21 GDPR, object to the processing of his/her personal data. Objection to the processing of personal data for advertising/marketing purposes can be invoked at any time – without stating grounds. The data concerned will then no longer be processed for advertising/marketing purposes.

Revocation of consent

If personal data have been provided to us on the basis of a consent, the persons concerned have the right to revoke their consent at any time without stating grounds, by notice to the contacts stated at I. above. That applies, in particular, to consent to the processing of personal data for e-mail and telephone marketing. By the revocation of consent, the legality of processing on the basis of the consent up to the time of the revocation is not affected.

Furhter rights of those affected

In addition, persons affected can – if the statutory conditions are satisfied – avail of the following rights:

  • the right to information about the processing of their personal data, the purposes of the processing, the categories of data and their origin, if the data are not directly collected, the categories of recipients of personal data, the planned duration of storage and the rights of the person affected,

  • the right to rectification of incorrect or incomplete personal data,

  • the right to deletion of personal data in particular if the data are no longer required for the purpose for which they were collected and we are not obliged by law or contract to retain the data,

  • the right to restrict the processing of personal data,

  • the right to data transmissibility with regard to the personal data provided to us by affected persons in a usual, machine legible format and/or to transmit those data to another responsible person.

Persons affected also have the right to complain to a regulatory authority.

IX. Data security/encryption of e-mail communication

We take reasonable technical measures to protect data entrusted to us from loss, destruction, disclosure and access by unauthorised persons and revise these measures in accordance with technical developments. We point out, however, that the transmission of data through the Internet (e.g. in the course of e-mail communication) can be subject to security gaps. Complete security of data from third party access is not possible.

In particular, to our clients we offer as standard that case-related e-mail is communicated exclusively in encrypted form. We are glad to provide additional information thereon on request.

X. Links to third party websites

We provide links to websites of other providers with which we are not associated (third parties). We point out that we have no influence on what data are processed by those providers if you click on the links. Since data processing by others is outside our control, we cannot accept any responsibility for it. You may obtain further information on data processing by these third parties from their data protection information in each case.

XI. Amendment of data protection information

We will revise our information on the processing and protection of your personal data from time to time in accordance with the state of technology or changed conditions. We recommend that you therefore regularly take note of changes on our websites.


Februray 2019