Preamble
The protection of your personal data is a high priority for the law firm Maier (hereinafter “Maier”).
Maier is already obliged to maintain confidentiality due to its professional obligations.
It is therefore a particular concern of ours to comply with all data protection regulations when using your personal data, in particular those of the EU General Data Protection Regulation (as amended “GDPR”)¹ and all other applicable national and European regulations.
The following explains for what purposes and on what legal basis your data is processed by Maier and how you can make use of your rights granted by the GDPR.
The version of this data protection declaration is dated March 2024.
Personal data and processing purposes
Maier processes your personal data only if you have given your consent, if it is necessary to fulfill contractual or legal obligations or to protect the legitimate interests of Maier² and in accordance with all applicable national and European regulations.
If you have not provided Maier with your personal data yourself, we have received it from clients, business partners, service providers or cooperation partners for whom you may be working as a representative or employee.
Maier will always process your personal data in accordance with all applicable national and European legislation
In particular, Maier processes your personal data for the following purposes:
In addition, Maier processes your personal data if there is another legal basis in accordance with the GDPR; this is done in compliance with data protection and civil law and all other applicable provisions.
We only collect personal data that is necessary for the performance and processing of our legal services or that you have voluntarily provided to us. Please note that the non-provision or incomplete provision of your personal data, which is necessary for the performance and processing of legal services, may lead to the rejection of the mandate under certain circumstances.
Personal data is all data that contains individual details about personal or factual circumstances, such as name, address, email address, telephone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of people and biometric data such as fingerprints. Special categories of data, such as health data or data in connection with criminal proceedings, may also be included.
Please also note that Maier may generally carry out a balancing test with Maier's legitimate interests when processing personal data.⁴
Further information on this balancing test carried out by Maier is available on request.
Maier does not process your data on the basis of a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects or is likely to significantly affect you.
Client relationship
Within the scope of its mandate, Maier is obliged to represent your rights with diligence, loyalty and conscientiousness. Maier is therefore legally obliged, in your interest, to collect all personal data about you that is necessary for conscientious representation.
Maier also processes your personal data on the basis of the mandate agreement, your consent, legal and/or contractual obligations and other purposes covered by data protection regulations.
Maier will only use your personal data for statistical purposes after it has been anonymized.
Website
The use of maierlaw.at, including access to the publicly accessible content on it, is generally possible without providing your personal data.
Only the information provided by your internet provider is collected, including in particular the IP address assigned to you and the duration and time of your visit. This information is stored by us for the duration of your visit to the website; it is analyzed exclusively for statistical purposes by Maier and while maintaining the anonymity of the individual personal data relating to your person and is also collected if you have voluntarily and explicitly entered such data when visiting this website in connection with the use of the services offered on the website (e.g. press releases and newsletters, career portal, etc.).
Such information is used by Maier exclusively for the corresponding purpose and in compliance with the applicable legal provisions.
The legal basis for the aforementioned processing of your personal data is therefore, on the one hand, our legitimate interest in ensuring the functionality, security, etc. of Maier's website and, on the other hand, the consent you have given to the processing of your personal data, which you can revoke at any time with immediate effect.⁵
Press releases and newsletters
We would be delighted if you would register to receive press releases and newsletters from Maier.
Our press releases inform you about the latest news. Maier's newsletter provides you with information on current legal developments, recurring publications and current cases.
The legal basis for the aforementioned processing of personal data is the consent given by you, which you can revoke at any time with immediate effect, or a legitimate interest of Maier to maintain business contacts and to inform existing and potential clients, etc., insofar as permitted under applicable national law.⁶
Video surveillance
To protect Maier's office premises and in particular to protect the information entrusted to us by our clients, the entrance area is monitored by video recording.
When you visit the office premises, images are taken of you. These recordings are stored in encrypted form for a maximum of fourteen days.
However, these images will only be accessed if there is a special reason (e.g. a criminal offense occurs directly in the field of vision of one of our video systems).
The legal basis for the aforementioned processing of your personal data is the legitimate interest in protecting the premises of Maier's law firm so that Maier can protect its property and the data of its clients and, if necessary, provide appropriate evidence.
Contact management (Client Relationship Management “CRM”)
Your contact details are stored in our databases if you have made contact with us.
The processing of your contact data serves the fulfillment of contractual and legal obligations or is in the legitimate interest of Maier for the optimization of contact management, whereby you can of course object to the further processing of your data for the optimization of contact management at any time with immediate effect.
In the event of your justified objection, Maier will examine the situation and will either discontinue or adjust the data processing or point out to you compelling reasons worthy of protection which make it necessary to continue the data processing.
Data security
Your personal data is protected by appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, unlawful or accidental access, processing, loss, use and manipulation.
Notwithstanding our efforts to maintain an appropriately high standard of due diligence at all times, it cannot be ruled out that information that you disclose to us via the Internet may be viewed and used by other persons.
Please note that Maier accepts no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacking of email accounts or telephone, interception of faxes).
Use of the data
If you enter into a client or contractual relationship with Maier, you will provide us with personal data and, if applicable, also company and business secrets of yourself, your relatives, employees or other third parties. In all these cases, Maier generally assumes that you are authorized to disclose this data. We use your data and the data of third parties named by you to the extent that this is necessary for the proper establishment and processing of our client or contractual relationship.
Maier will not process the data provided for purposes other than those covered by the mandate agreement, by your consent or by any other provision in accordance with the GDPR.
Excluded from this is the use for statistical purposes, provided that the data provided has been anonymized.
Transmission of data to third parties
Maier will only transfer your data to third parties if there is a valid legal basis and the transfer does not violate the professional duty of confidentiality.
Data will only be transmitted to the extent that it is necessary for the respective purpose, is prescribed by applicable standards, there is a legitimate interest or you have given your express consent.
In order to fulfill your order, it may be necessary for Maier to forward your data to third parties (e.g. opposing parties, substitutes, insurance companies, service providers with whom Maier cooperates and to whom Maier makes data available), courts or authorities.
In addition, international case processing within the scope of a mandate may make it necessary to exchange data within Maier's law offices.
In particular, your data may be forwarded to the following possible recipients:
other Maier Offices;
independent lawyers who work with Maier;
Courts and authorities;
opponents and their legal representatives;
the relevant bar associations;
Tax advisors and auditors;
banks and insurance companies; and
Service providers (e.g. travel agencies, cab services, hotels) etc.
Some of the above recipients of your personal data are located outside Austria, Liechtenstein or outside the EU/EEA and your personal data will be processed there.
The level of data protection in these countries may not correspond to the level of data protection in Austria. We ensure that the European level of data protection and the European data security standards are maintained.
Therefore, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or Maier takes measures to ensure that all recipients have an adequate level of data protection, for which Maier concludes standard contractual clauses (2010/87/EC and/or 2004/915/EC).
Maier's service providers (so-called “processors”) also process your personal data. These processors are, in particular, IT service providers and providers of other software tools and similar services. Maier's processors will only process your data on our behalf, in accordance with Maier's instructions and for the purposes set out in this Privacy Policy.
Some of these processors are located outside the EU/EEA. However, in all cases where processors are used, Maier always ensures that the European level of data protection and European data security standards are maintained.
Furthermore, Maier informs you that in the context of legal representation and support, factual and case-related information about you is regularly obtained from third parties (e.g. search engines, social networks, your company's website).
It may be the case that Maier must disclose your personal data to authorities or courts at their request. In all these cases, Maier always ensures that the legal requirements are met and that your data is protected.
Retention of data
Maier will not store your data for longer than is necessary to fulfill contractual or legal obligations and to defend against any liability claims. If Maier no longer needs your data, this data will be deleted or anonymized to ensure that there is no longer any connection between the data.
Depending on the respective processing purpose, a different retention period is required for different data (categories). We will be happy to provide you with specific information on the storage of your respective transmitted data on request.
Cookies
This website maierlaw.at, maierlaw.li and maierlaw.ch uses “cookies” to make the use of the website more user-friendly.
A “cookie” is a small text file that Maier's web server stores on your computer's hard disk via the browser you are using. This enables Maier's website to recognize you as a user when a connection is established between Maier's web server and your browser.
Cookies help Maier to determine the frequency of use and the number of users of the Internet pages. The content of the cookies used by Maier is limited to an identification number that does not enable the personalization of a user.
Two types of cookies are used on Maier's websites:
Session cookies: These are temporary cookies that remain on the user's computer until the browser is closed and are then automatically deleted.
Persistent cookies: For better user-friendliness, cookies remain stored on your end device and allow Maier to recognize your browser on your next visit.
Persistent cookies: For better user-friendliness, cookies remain stored on your end device and allow Maier to recognize your browser on your next visit.
Server Log-Files
In order to optimize Maier's website in terms of system performance, user-friendliness and the provision of useful information about Maier's services, the website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to Maier.
This includes your internet protocol address (IP address), browser and language setting, operating system, referrer URL, your internet service provider and date/time. These server log files must be processed by us in order to ensure the functionality, stability and security of the Maier website.
This data is not merged with personal data sources. Maier reserves the right to check this data retrospectively if specific indications of unlawful use become known. The legal basis for the aforementioned processing of your personal data is a legitimate interest in the functionality, stability and security of Maier's website.
Events
At Maier events, workshops and lectures, you will receive detailed information on the latest developments in various areas of law.
Maier will only use your contact details to send you invitations. In addition, Maier processes your name, your company and your position in its legitimate interest in order to optimize contact management.
You will be invited to Maier events if you have registered.
In this case, the legal basis for processing your data is the invitation and your consent, which you can revoke at any time with immediate effect.
If you are or have been in a client relationship with Maier, it is in Maier's legitimate interest to invite you to events as part of its client relationship management. You can object at any time with the effect that you no longer wish to receive invitations.
Rights and personal data
As a client or generally as a data subject within the meaning of the GDPR, you have the right to information about your stored personal data, its origin and recipients, its storage period and the purpose of the data processing - subject to the lawyer's duty of confidentiality.⁷
If Maier processes data about you that is incorrect or incomplete, you can request that it be corrected or completed.⁸
You can also request the deletion of unlawfully processed data. Please note, however, that this only applies to incorrect, incomplete or unlawfully processed data or otherwise if the legal requirements are met.
If it is unclear whether the data processed about you is incorrect or incomplete or is being processed unlawfully, or if it is otherwise unclear to what extent the requirements for deletion of your data are met, you can request that the processing of your data be restricted until this question has been finally clarified.
You may also request that the processing of your data be restricted if your personal data is no longer required for the purposes of processing but is required for the establishment, exercise or defense of legal claims or if you have objected to processing pending the verification whether Maier's legitimate grounds for further processing override your grounds.
Please note that these rights complement each other, so that you can only request either the correction or completion of your data or its deletion. Any such request made by you must contain sufficient justification as to why the data should be rectified, erased or restricted so that we can assess whether the respective legal requirements are met. In the case of rectification, the request must also state the correct wording of the data.
If the processing of personal data is based on your consent, you have the right to withdraw this consent at any time with immediate effect. You have been informed that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
As described above, you have the right to object to the processing of your personal data if this data processing is based on the legal basis of our legitimate interest. If you exercise your right to object, we will ask you to explain your reasons.⁹
In certain cases, you also have the right to receive the data processed by us concerning your person in a machine-readable format specified by Maier or to instruct us to transmit this data directly to a third party of your choice, whereby any data portability must not conflict with any unreasonable effort or legal or other confidentiality obligations or confidentiality considerations (right to data portability).
For all your concerns in connection with the processing of your personal data by Maier, we would like to ask you to contact Maier's data protection officer, whereby we always ask you to provide proof of your identity, for example by sending an electronic copy of your identity card.
You can find Maier's contact details under point 16 of this data protection declaration.
Even if Maier makes every effort to protect your data, differences of opinion about the way in which your data is used cannot be ruled out. If you believe that we are using your data in an unauthorized manner, you have the right to lodge a complaint with the Austrian Data Protection Authority. Maier politely requests that you make contact as a first step so that any concerns can be resolved.
Miscellaneous
Maier reserves the right to update this data protection declaration under certain circumstances in order to take account of legal and/or technical requirements or changes or changes to our business activities.
We will endeavor to inform you promptly of any such updates.
The date of the last update can be found on the first page of this data protection declaration.
Contact details
Verordnung (EU) Nr 679/2016 des europäischen Parlaments und des Rates vom 27.04.2016 zum Schutz natürlicher Personen bei der Verarbeitung personenbezogener Daten, zum freien Datenverkehr und zur Aufhebung der Richtlinie 95/46/EG (Datenschutz-Grundverordnung).
Rechtliche Grundlagen hierfür sind Art 6 Abs 1 lit a, b, c und f DSGVO.
AML4 (Richtlinie (EU) Nr 849/2015), AML5 (Richtlinie (EU) Nr 843/2018) und AML6 (Richtlinie (EU) Nr 1673/2018).
Art 6 Abs 1 lit f DSGVO.
Art 6 Abs 1 lit a und f DSGVO.
Art 6 Abs 1 lit a und/oder lit f DSGVO.
Art 15 DSGVO.
Art 16 DSGVO
Art 21 DSGVO.