Dr Markus Frank, attorney at law
Last update: 7.11.2018
This information describes why we collect your personal data and how we process it. It is aimed at visitors to our website and interested parties (Section 3.1), our clients (Section 3.2), suppliers and business partners (Section 3.3), applicants (Section 3.4) as well as opponents of our clients and other persons such as information providers (Section 3.5).
What is personal data?
Personal information is information that relates to individuals whose identity is identified or identifiable (e.g., your name, contact information, photos, billing information, IP address).
How are your personal data processed by us?
Depending on whether you visit our website or are our client etc., we process your data differently:
3.1 Processing the data of visitors to our website and interested parties:
We process your personal data above all
+ to protect our legitimate interests (Art. 6 para. 1 lit f GDPR), namely to ensure the
operation, security and optimisation of our website, or
+ for the processing of enquiries which you send to us by e-mail or telephone
(Art. 6 para. 1 lit a and b GDPR).
You give us your consent by submitting your inquiry to us.
Collection of personal data when you visit our website
Server log files
If you do not otherwise provide us with information, only the personal data that your browser automatically transmits to us will be collected. The provider of our website collects and stores the following data, which is technically necessary to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f GDPR):
+ IP address
+ date and time of the request
+ domain name
+ content of the request (concrete page)
+ access status/HTTP status code
+ website from which the request comes
+ browser type
For the processing of inquiries, we may disclose your data to various recipients (Art. 4 Z 1 GDPR), in particular to our providers of website hosting, Internet and telephone services, our suppliers of (remote) maintenance, web design and e-mail servers; also to cooperation partners (lawyers, tax consultants and auditors, management consultants, experts, etc.), insofar as this is necessary for the processing of an inquiry. These recipients are in principle located within the European Economic Area (EEA), unless the transfer to a third country is necessary to process a request.
Social media plug-ins
We currently do not use any so-called “social media plugins” on our pages (e.g. “Facebook Like-Button”).
3.2 Processing the data of clients:
We process your personal data above all
+ to carry out pre-contractual measures or to fulfil our contract (Art. 6 para. 1 lit b DSGVO) within the framework of the mandate relationship,
+ to fulfil our legal and professional obligations (Art. 6 para. 1 lit c DSGVO),
+ based on your express consent (Art 6 para 1 lit a DSGVO) e.g. for your mention as reference.
The processing of your data primarily serves the implementation and processing of our legal services. If you do not wish to provide us with your data, we cannot enter into a client relationship with you.
We can disclose your data to various recipients, in particular to our providers of hosting, Internet and telephone services, our suppliers of training, support and (remote) maintenance of our IT systems including our lawyer software and our hosted e-mail server, to our external payroll accounting, bookkeeping and tax consultancy, the Vienna Bar Association (to fulfil our legal and professional obligations, e.g. in the case of trust orders), to a data exchange and data storage platform agreed with you; to other clients, courts, opponents, experts and cooperation partners (lawyers, tax consultants, auditors, business and IT consultants, credit institutions), insofar as this is necessary within the framework of processing the business cases.
The beneficiaries are located within the European Economic Area (EEA). On a case-by-case basis, transmission outside the EEA is necessary – above all to fulfil the mandate (e.g. on the basis of Art 45 (1) DSGVO or Art 49 (1) lit b, c and e DSGVO).
You may object at any time to the processing of your data for the purpose of direct advertising on the basis of our legitimate interest (Art. 6 para. 1 lit f DSGVO); without giving reasons, by letter to us or by e-mail to firstname.lastname@example.org. We will process your data for this purpose as long as you do not object, but only for three years after termination of the contract. The processing of your personal data for the purpose of direct advertising is not necessary for the processing of our contractual relationship.
For other forms of direct advertising, we will only process your data if you have expressly consented to the processing of your data (Art. 6 para. 1 lit a DSGVO). If you have consented to data processing, you can revoke this consent without giving reasons by sending a letter to us or by sending an e-mail to email@example.com The revocation shall not affect the lawfulness of the previous processing.
You can revoke your consent to the naming of your reference at any time.
3.3 Processing of data from suppliers and business partners:
We process your personal data above all
+ to carry out pre-contractual measures or to fulfil our contractual obligations (Art. 6 para. 1 lit b GDPR);
+ to fulfil our legal obligations (Art. 6 para. 1 lit c GDPR).
The processing of your data primarily serves to initiate, maintain and process our contracts for goods and services. If you do not provide us with your data, we cannot enter into a business relationship with you.
We may disclose your information to various recipients, including but not limited to our providers of hosting, Internet and telephone services, our suppliers of training, support and (remote) maintenance of our IT systems, including our attorney software and our hosted email server, our external payroll, accounting and tax consulting services, a data exchange and storage platform agreed with you, clients, courts, adversaries, experts and other cooperation partners (attorneys, tax advisors, auditors, business and IT consultants, credit institutions), to the extent necessary to process the transactions.
The beneficiaries are located within the European Economic Area (EEA). On a case-by-case basis, a transmission outside the EEA – above all to fulfil the mandate – is necessary (e.g. on the basis of Art 45 (1) GDPR Art 49 (1) lit b, c and e GDPR).
3.4 Processing of applicants’ data:
We process your personal data either
+ for the implementation of pre-contractual measures and the conclusion of a service contract (Art. 6 para. 1 lit. b GDPR),
+ based on your express consent (Art 6 para 1 lit a GDPR), if we would like to keep you as an applicant on record,
+ to fulfil our legal obligations (registration as an employee with social insurance, Art. 6 para. 1 lit c GDPR).
The processing of your data serves to process the application procedure and to register with the social insurance when we hire you. If you do not provide us with your data, we will not be able to process your application.
Your consent to the keeping of your data on file is not required for the processing of your application.
We may disclose your information to various recipients, including but not limited to our hosting, Internet and telephone service providers, our suppliers of training, support and (remote) maintenance of our IT systems, including our attorney software and hosted email server, our external payroll, accounting and tax advisors (where required in the application process and for registration with social security), and the Vienna Bar Association (to register as an associate).
The beneficiaries are located within the European Economic Area (EEA). On a case-by-case basis, a transmission outside the EEA – above all to fulfil the mandate – is necessary (e.g. on the basis of Art 45 (1) GDPR or Art 49 (1) lit b, c and e GDPR).
3.5 Processing the data of (potential) opponents, parties involved and other persons in connection with the support of our clients:
We also process personal data of potential adversaries of our clients or parties and other persons involved in connection with the support of our clients.
As a rule, we collect this data directly from our clients or their business partners or agents, also from the Internet or other available public sources as well as other persons providing information (see also point 3.6).
A separate, concrete information about the data processing will not take place as a rule; also not, if we step with you in your capacity as opponent, with involved party or information person into direct contact. If this is required by the lawyer’s right to secrecy in order to ensure the protection of the party or the rights and freedoms of other persons or the enforcement of civil law claims, opponents, parties involved and other persons providing information have no right to information, disclosure etc. vis-à-vis us as the lawyer. in accordance with Art. 12 to 22 and Art. 34 GDPR) as well as to keep their personal data confidential in accordance with Art. 1 DSG (Art. 9 para. 3 a RAO, Art. 305 no. 4 ZPO and Art. 321 no. 4 ZPO, Art. 144 para. 2 in conjunction with Art. 157 para. 2 StPO in conjunction with Art. 14 para. 5 lit. d GDPR).
3.6 Collection of personal data from sources other than the data subject himself (Art. 14 GDPR)
In principle, we collect data directly from you during processing in accordance with points 3.2 to 3.4.
In individual cases we also obtain data from other sources. The latter is publicly accessible information that we obtain from the Internet or from authorized credit agencies or detective agencies, or from your employer or client or companies affiliated with or otherwise connected to them, etc..
We can process publicly accessible data about applicants’ education and professional careers as well as about works written by you. Usually, however, we ask you directly whether you can provide us with this information if you did not appear in your application documents.
These processing operations are based on our legitimate interest in receiving complete information about you for the purposes of professional communication or the execution of the mandate, business relationship or application process, depending on the relationship we have with you (Art. 6 para. 1 lit. f GDPR).
How long will your data be stored?
We will keep your data for as long as is necessary to fulfil our contractual or legal obligations and to ward off any liability claims.
The protection of your personal data takes place through appropriate organisational and technical precautions. These arrangements concern in particular the protection against the destruction, loss, alteration or unauthorised disclosure, whether accidental or unlawful, of, or access to, personal data transmitted, stored or otherwise processed.
What rights do you have to process your personal data?
You have the right of access to personal data concerning you (art. 15 DSGVO), rectification (art. 16 DSGVO) and cancellation of your data (art. 17 DSGVO), limitation of the processing of your data (art. 18 DSGVO), notification of the aforementioned processing (art. 19 DSGVO). You may exercise your right to data transfer (Art 20 DSGVO) and object to data processing based on our legitimate interest (Art 21 DSGVO).
If we process your data on the basis of your consent, you have the right to revoke this consent at any time by e-mail to firstname.lastname@example.org or by post to RA Dr Markus Frank, Neustiftgasse 3/5, A-1070 Vienna. This does not affect the lawfulness of the data processing carried out up to this point in time (Art. 7 para. 3 DSGVO).
You have the right to lodge a complaint with the Austrian data protection authority or with another data protection supervisory authority in the EU, in particular at your place of residence or work.
If there are any changes to your personal data, please let us know.
In the unlikely event that, despite our obligation to process your data lawfully, your right to lawful processing of your data is violated, please contact us by post or e-mail at email@example.com so that we can find out about your concerns and deal with them.
Should you have any further questions regarding the processing of your data, you are welcome to contact us directly by email at firstname.lastname@example.org or by post at RA Dr Markus Frank, Neustiftgasse 3/5, A-1070 Vienna.
Up-to-dateness and modification of this data protection information
Due to the further development of our website and our offers or due to changed legal or official requirements, it may become necessary to change this data protection information. You can call up the current data protection information at any time on the website at http://www.frank-law.at/datenschutz// .
Our contact details
Dr Markus Frank, attorney at law
phone: +43 1 5234402
telefax: +43 1 5234402-10
Vienna Bar Association
(see also Imprint)