Regulation (EU) 2016/79 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation)
Personal data
any information relating to an identified or identifiable natural person [...]; (Article 4(1) of the GDPR)
Controller
the [...] legal person [...] which, alone or jointly with others, determines the purposes and means of the processing of personal data [...]; (Article 4(7) of the GDPR)
third party
means a natural or legal person, public authority, agency or any other body other than the data subject, controller, processor and persons who, under the direct authority of the controller, are authorized to process personal data; (Article 4(10) of the GDPR)
The terms used in this data protection declaration are used in accordance with the definitions given in Article 4 of the GDPR, insofar as these are defined therein.
In the following also referred to as “RAW-Partner”
2 Preface, summary
You can visit our website anonymously at any time. We respect your freedom to decide for yourself what
information you wish to provide. We therefore only process personal data if the processing is necessary (e.g.
to provide our services) and/or you have given us your consent. Personal data will be deleted as soon as
possible and will never be used or passed on without your consent.
If the information here is insufficient or not understandable, please do not hesitate to contact our data
protection officer.
We keep personal data such as names, addresses, telephone numbers, e-mail addresses and other individual details in a secure place. This also means that the people who come into contact with such data at our company are obliged to protect it and are instructed accordingly. Personal data that does not have to be published by law or contract is treated confidentially. Confidential data is only passed on to third parties if
such disclosure is necessary for the performance of agreed services or
you have given your express prior consent or
we are legally obliged to do so.
4 General purpose and scope of processing
Personal data is collected for specific purposes and sparingly.
We process personal data in order to
provide and enforce the services offered in accordance with the agreement;
comply with legal or statutory obligations;
defend ourselves against claims arising from (protective) rights violations and avert dangers;
to prevent and take action against the illegal or improper use of our services;
to optimize our services, adapt them to customer or user requirements and
to provide information about changes, improvements, innovations in the range of services or about events, provided and for as long as consent has been given.
We process the following personal data:
name(s), communication address(es) and usage data, if
you have provided us with this information voluntarily (e.g. in the contact or newsletter subscription form),
it arises in the context of the fulfillment of a contract and
insofar and for as long as it is necessary for our respective range of services or your consent has been given.
We process the IP address (Internet Protocol address) or comparable data exclusively for technically necessary or statistical purposes, for error detection and correction, for improving usability and for preventing the misuse of our services.
This data is processed separately from other data in terms of content and organization, does not contain any elements with a direct personal reference and cannot be linked to the personal data of an individual user.
Personal data is processed exclusively for the purpose for which it is intended. We will only use data for other purposes or link it to other data if you have given us your prior consent.
We are tax advisors, auditors and lawyers. We have selected service providers who are familiar with the operation of the website, the hosting of the mail server and the sending of the newsletter. Even though we have bound them by contractual measures, they are still recipients within the meaning of data protection.
5 Data storage – server log files
The provider* of the pages automatically collects and stores information that your browser automatically
transmits to us in so-called server log files. These are essentially:
Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address (this information is absolutely necessary, otherwise we cannot deliver the website to you)
*) The service provider who provides us with the technology to operate this website.
We see the access to our website as fulfillment of the contract. The legal basis for the processing is Art. 6 (1) b GDPR.
This data is not merged with other data sources.
The IP address is automatically anonymized after seven days (e.g. deletion of the last octet in the case
of an IPv4), unless the further storage of individual IP addresses is necessary for the defense against
unlawful use.
The processing is carried out on the basis of Art. 6 (1) f GDPR in order to ensure the security of our
systems and to prevent or take action against their misuse.
6 Third country
When communicating via the internet, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible for a message to be routed via a server in an unsafe third country on its way from us to you or vice versa. As far as possible, we have therefore taken appropriate technical and organizational measures to ensure the security of the processing.
7 Data security
We have taken technical and organizational measures to protect our data processing systems from unauthorized access. Personal data is also protected against unauthorized access by third parties.
Our website is hosted on servers in Germany, some of which are in certified cloud environments. Personal data is always transmitted using a secure protocol. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. TLS) via HTTPS.
However, it must be remembered that data transmission over the internet is not (absolutely) secure and that it is not possible to exclude the possibility that third parties may gain unauthorized access to the transmitted data, for example during data transmission over the internet.
Various security measures are used to protect data from loss, misuse and manipulation. If you have any questions about this, please contact our data protection officer.
Incorrect or invalid data can be modified at any time.
Within the framework of the applicable legal provisions, you have the right at any time to have your personal data stored by us modified, deleted or to have its processing restricted. If there is no legal or statutory obligation to the contrary, data to be deleted will be deleted, otherwise restricted.
If personal data is no longer required for the purposes for which it was collected, we will delete it, provided that there are no legal obligations to the contrary, otherwise it will be restricted (unless you have expressly consented to a different type of use).
We carry out regular data backups; data is therefore only completely deleted with the next data backup.
Access to data that has been blocked instead of deleted can only take place within the framework of the regulations that have made blocking necessary (i.e. if data may not be deleted due to a tax retention period, the restricted data may only be used for this tax purpose).
You can find different storage periods for newsletters (registration, consent and deregistration) under point 9 Newsletter.
9 Newsletter
We send out newsletters to subscribers to provide them with the latest news.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you, as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. This information is absolutely necessary, otherwise we cannot send you a newsletter. Further data is not collected, or only on a voluntary basis. We use this data exclusively for sending and personalizing the requested information and do not pass it on to third parties.
After registering for the newsletter on the RAW partner website, we send a confirmation e-mail to the e-mail address provided (so-called double opt-in procedure). The registration is only complete after the link contained in this e-mail has been activated.
For this purpose, we work with the service provider CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede.
You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Please send a withdrawal to info@raw-partner.de. You also have the option of withdrawing your consent by using the unsubscribe link in every newsletter.
The registration, consent and unsubscription are logged in accordance with Art. 7 (1) in conjunction with Art. 5 (2) GDPR. According to established case law, the logs must be kept for three years after unsubscription and are then deleted.
10 Web statistics (Matomo)
We use the software “Matomo” for the statistical evaluation of website visits, which is installed locally on our server. Therefore, no data is transferred to third parties or outside the EU. The software sets/uses cookies (see point 12) on/from your computer, which can be used to recognize your browser. The following data is processed:
The anonymized IP address of the user (the last two bytes are deleted)
The page accessed and the time of access
The referring page, if applicable
Browser type and version
Operating system and version
Screen resolution and window size
The (approximate) length of time spent on the website
The pages that are accessed from the page that was called up
Technical and organizational measures ensure that this statistical data cannot be linked to personal data, e.g. the entries in forms, or enriched with such data under any circumstances. No profiling takes place, nor are individual visits recorded (visit logs), nor is data exported to/in customer databases or similar systems.
We use the statistical data to obtain qualified information about the regions from which the visitor streams originate (for example, to be able to offer further language options), which pages are well visited or which pages need to be improved (e.g. high number of so-called page cancellations). Such statements are only meaningful if larger numbers of visits are assessed in summary. We are not interested in the behavior of individuals.
In order to recognize the typical movement patterns within the website, the individual page visits are linked to a session cookie. In order to determine whether it is a first or repeat visit, the software uses a permanent cookie if you have given your consent. You can revoke this consent with effect for the future by
deleting all cookies,
delete the consent cookie,
remove any tick in the following selection box (click on the box) or
activate the “Do not track” signal in your browser, provided that it offers this function.
If your browser is configured to send a “Do-not-Track” signal, the statistical data will not be processed.
11 Use of script and font libraries
In order to display our content correctly and in a graphically appealing way across all browsers, we use script and font libraries on this website.
Script or font libraries are called up from our own server, so that no data is transmitted to third parties.
12 Cookies
Like many other websites, we also use so-called “cookies”. Cookies are small text files that are stored on your device. This automatically provides us with the data stored in the cookie, such as a session ID.
Cookies cannot be used to start programs or transfer viruses to a computer. The information contained in cookies can be used to make navigation easier for you and to enable the correct display of our websites.
If you reject the use of cookies in the cookie consent banner on our website, we will only use two technically necessary cookies, one of which stores your selection in this regard. If you delete this cookie or have completely deactivated cookies via your browser settings, you will have to make your selection again each time.
Of course, you can also view our website without cookies. Internet browsers are usually set to accept cookies. In general, you can disable the use of cookies at any time via your browser settings. Please use the help function of your internet browser to find out how to change these settings. Please note that some functions of our website may not work if you have completely disabled the use of cookies.
We also use cookies to measure when your browser last visited our site. This enables us to recognize whether it is a repeat visit (repeat visitors typically have a different, usually very specific interest in content). We also want to measure whether the content of our pages is interesting enough for you and whether or where we should increase our commitment to it.
Please also note the information above under point 10 Web statistics.
We use the following cookies:
Cookie Name(s)
Purpose
Server
Duration
_pk_testcookie
Matomo Statistics
raw-partner.de
< 1 second
_pk_id.1.d2a4
Matomo Statistics
raw-partner.de
13 months
_pk_ses.1.d2a4
Matomo Statistics
raw-partner.de
30 minutes
PHPSESSID*
Security (authentication)
raw-partner.de
Session
mtm_consent...*
Consent status Cookies
raw-partner.de
1 year
* technically necessary cookie as defined by § 25 (2) 2 TDDDG
You have the option at any time to decide for yourself whether and which cookies are allowed or not allowed on your computer. You can control this in the cookie consent banner or use the settings of your web browser. In the latter case, however, functional restrictions or error messages may occur in exceptional cases if you completely disable cookies.
13 Rights of the data subject
You have the following rights as a “data subject” whose data we process:
Right of access according Art. 15 GDPR,
Right to rectification according Art. 16 GDPR,
Right to erasure (“right to be forgotten”) according Art. 17 GDPR,
Right to restriction of processing according Art. 18 GDPR,
Right to data portability according Art. 20 GDPR,
Right to object according Art. 21 GDPR.
If we process your personal data for specific purposes on the basis of your consent, you have the right to withdraw your consent at any time in accordance with Art. 7 (3) GDPR. After receiving your withdrawal, we will stop processing the data for the purposes for which you have given us your consent. The lawfulness of the processing before you withdrew your consent remains unaffected.
Right to object: If we process your personal data to safeguard legitimate interests within the meaning of Art. 6 (1) (f) GDPR, you have the right to object to this processing for reasons arising from your particular situation in accordance with Art. 21 (1) GDPR. You may object to the processing of your data for direct marketing purposes at any time without giving reasons in accordance with Art. 21 (2) GDPR. To exercise your right of objection, simply send us an informal message stating which data processing you object to and, if applicable, the reasons for your objection.
Please send requests for information, revocation and objection declarations to:
RAW-Partner
Elsenheimerstraße 43
80687 Munich
or by email to: muc@raw-partner.de
No other fees than the basic rates apply for exercising the right of revocation or objection by telephone.
14 Right of complaint
If you have any complaints, data protection violations or if you believe that the processing of your personal data violates the GDPR, you can contact the relevant department(s), the management or our data protection officer at any time.
effiZERT GmbH
Mr. Michael Schlagintweit
Amselweg 3
D-82335 Berg
We will respond to your request as soon as possible. Of course, you also have the option of complaining to a data protection supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us is:
We may have created profiles on external social networks – for example Xing, LinkedIn, Kununu, Facebook, SlideShare and/or YouTube – that can be used in particular to find out about us and the latest news. We only use these networks; please note the terms of use and data protection conditions that apply there. We have no influence on the behavior of the individual providers.
Some pages of our website are linked to external social networks. The link is indicated by a clickable button, but is not activated until the page has loaded. The connection to the external network is only established when you click on the button.
This ensures that personal data such as your IP address only reaches the external network if you expressly wish it to. Please bear in mind that the IP address of your browser session can be linked to your own profile on the respective social network if you are logged in there at the time. Likewise, your visit to our website can be linked to your profile on the social network if it recognizes you via a cookie from the social network that was previously set and is still present on your computer.
16 Links to external offers
We provide links to external offers. These websites are not our responsibility. Please note that the offers to which we link here may change at any time without our knowledge or involvement.
When we first created the link, we carefully checked the linked page for legal violations. However, a different result may apply at a later date. If you notice (subsequent) legal violations, please let us know (e.g. by e-mail to: muc@raw-partner.de). We will check this immediately and either remove the link in question or, if we consider the link to be necessary, draw your attention to the risk separately.
17 Automated decision-making
RAW-Partner does not use automated decision-making, including profiling*, with your personal data. However, we use so-called spam or junk filters and systems for detecting attacks in electronic communication to protect our systems. These include the sender, time, content, character set and origin, which are used to automatically sort out unwanted e-mails. If you have the feeling that your e-mails have not arrived or have been rejected, please contact us using a different communication channel (telephone, fax or letter).
*) Combining individual data to gain insights into important aspects of personality.
18 Changes to our privacy policy
We reserve the right to amend this privacy policy to ensure that it always complies with the latest legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.
19 Questions for the data protection officer
If you have any questions about data protection or if you believe that your data is not being processed correctly, please send us an e-mail or contact our data protection officer directly:
effiZERT GmbH
Mr. Michael Schlagintweit
Amselweg 3
D-82335 Berg
RAW-Partner is pleased that you have visited our careers page and are interested in our company. The protection of your privacy when processing personal data is an important concern for us, which we take into account in our business processes.
We process personal data in the employment context exclusively for the following purposes:
to fulfill your request, e.g. processing and distribution of your application within the company;
for administrative processing, e.g. invitation;
to track the status of your application;
to communicate with you regarding matters concerning your application;
to create a contract;
to fulfill our legal and regulatory obligations, to respond to legal proceedings or to provide information to government agencies or other third parties, or to detect or prevent illegal and fraudulent activities and to protect your and our rights and the rights of third parties.
The legal basis for data processing is
Art. 6 (1) (b) GDPR in conjunction with § 26 (1) BDSG (Bundesdatenschutzgesetz - German Federal Data Protection Act ) (implementation of (pre-)contractual measures),
for data that you wish to be stored for longer than six months (application pool), Art. 6 (1) (a) GDPR (consent),
Art. 6 (1) (f) GDPR in the event of legal defense.
3 Data types and data subjects
We process the following types of personal data about you
Title, first and last name(s)
E-mail and communication addresses
All information that you provide to us in your application letter, CV and copies of certificates
Records of your job interview and the associated impressions.
The data subject is you as an applicant.
4 Recipients
Your personal data will be transmitted to the internal departments that are dealing with your application. In principle, it will not be passed on to third parties.
We are tax advisors, auditors and lawyers, and we have chosen service providers who are familiar with the host of the mail server. Even though we have bound them by contractual measures, they are still recipients within the meaning of data protection.
5 Third country
Your personal data will not be transferred to a third country or an international organization outside the EEA.
When communicating via the internet, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible for a message to be routed via a server in an insecure third country on its way from us to you or vice versa. Wherever possible, we have therefore taken appropriate technical and organizational measures to ensure the security of the processing.
We recommend that you use the postal service for particularly sensitive data.
6 Storage period
The data will be stored for the duration of the application process and deleted after six months. If you give your consent, we will store your data in our applicant pool for a maximum of 18 months.
7 Rights of the data subject
You have the following rights as a “data subject” whose data we process:
Right of access according Art. 15 GDPR,
Right to rectification according Art. 16 GDPR,
Right to erasure (“right to be forgotten”) according Art. 17 GDPR,
Right to restriction of processing according Art. 18 GDPR,
Right to data portability according Art. 20 GDPR,
Right to object according Art. 21 GDPR.
If we process your personal data for specific purposes on the basis of your consent, you have the right to withdraw your consent at any time in accordance with Art. 7 (3) GDPR. After receiving your withdrawal, we will stop processing the data for the purposes for which you have given us your consent. The lawfulness of the processing before you withdrew your consent remains unaffected.
Please send any requests for information, revocations and objections to:
RAW-Partner
Elsenheimerstraße 43
80687 Munich
or by email to: muc@raw-partner.de
No fees other than the basic rates will be charged for exercising the right of revocation or objection by telephone.
8 Right of complaint
If you have any complaints, data protection violations or if you believe that the processing of your personal data violates the GDPR, you can contact the relevant department(s), the management or our data protection officer at any time.
effiZERT GmbH
Mr. Michael Schlagintweit
Amselweg 3
D-82335 Berg
We will respond to your request as soon as possible. You are also entitled to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us is:
The provision of requested data is necessary for an employment relationship to be examined. You are therefore obliged to provide this personal data. Failure to provide this data in full or in part will result in the application being rendered invalid.
10 Automated decision-making
RAW-Partner does not use automated decision-making, including profiling*, with your personal data. However, we use so-called spam or junk filters and systems for detecting attacks in electronic communication to protect our systems. These filters use, among other things, the sender, time, content, character set and origin to automatically sort out unwanted e-mails. If you have the feeling that your e-mails have not arrived or have been rejected, please contact us via another communication channel (telephone, fax or letter).
*) Combining individual data to gain insights into essential aspects of personality.
Date of privacy policy: August 2024
Privacy policy for communication partners
1 Controller
The controller is:
Rath, Anders, Dr. Wanner & Partner mbB Auditing company
Tax consultants Auditors Lawyers
The personal data is used for communication with you. This is usually to fulfill or initiate a contract, i.e. to answer your questions or to carry out communication as agreed in the contract.
In these cases (contractual communication), the legal basis for the processing is Art. 6(1)(b) GDPR.
In all other cases (voluntary communication), you provide personal data voluntarily, i.e. with your consent in accordance with Art. 6(1)(a) GDPR.
If you violate our rights or the rights of third parties in the course of communication, we may process the data in accordance with Art. 6 (1) (f) GDPR for the purpose of legal defense.
Processing for the purpose of detecting and defending against attacks is a legitimate interest (see recital 49 of the GDPR). The legal basis for the processing is Art. 6 (1) (f) GDPR.
3 Types of data and data subjects
The following personal data is processed during contractual communication: name(s), contact details, server and IP addresses, as well as all information that you provide to us or that is necessary for us to fulfill our obligations.
Data subjects: you as our communication partner, other recipients and, if applicable, other persons with whom we communicate with you.
In the case of voluntary communication, you yourself determine the scope of the personal data. You are also free to use data that does not reveal your identity.
4 Recipients
All persons/entities involved in the communication in accordance with its purpose. In the case of e-mail communication, all servers used for message transport receive at least sender and recipient information; however, the content is only readable if it is not encrypted. This data is also received by all persons who also receive the e-mail (TO, CC and BCC fields).
We are tax advisors, auditors and lawyers. We have selected service providers who are familiar with this area to operate the website, host the mail server and send the newsletter. Even though we have bound them by contractual measures, they are still recipients within the meaning of data protection.
5 Third country
When communicating via the internet, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible for a message to be routed via a server in an unsafe third country on its way from us to you or vice versa. As far as possible, we have therefore taken appropriate technical and organizational measures to ensure the security of the processing.
We recommend using the postal service for particularly sensitive data.
6 Rights of the data subject
You have the following rights as a “data subject” whose data we process:
Right of access according Art. 15 GDPR,
Right to rectification according Art. 16 GDPR,
Right to erasure (“right to be forgotten”) according Art. 17 GDPR,
Right to restriction of processing according Art. 18 GDPR,
Right to data portability according Art. 20 GDPR,
Right to object according Art. 21 GDPR.
If we process your personal data for specific purposes on the basis of your consent, you have the right to withdraw your consent at any time in accordance with Art. 7 (3) GDPR. After receiving your withdrawal, we will stop processing the data for the purposes for which you have given us your consent. The lawfulness of the processing before you withdrew your consent remains unaffected.
Right to object: If we process your personal data to safeguard legitimate interests within the meaning of Art. 6 (1) (f) GDPR, you have the right to object to this processing for reasons arising from your particular situation in accordance with Art. 21 (1) GDPR. You may object to the processing of your data for direct marketing purposes at any time without giving reasons in accordance with Art. 21 (2) GDPR. To exercise your right of objection, simply send us an informal message stating which data processing you object to and, if applicable, the reasons for your objection.
Please send requests for information, revocations and objections to:
RAW-Partner
Elsenheimerstraße 43
80687 Munich
or by email to: muc@raw-partner.de
No fees other than the basic rates will be charged for exercising the right of revocation or objection by telephone.
7 Right of complaint
If you have any complaints, data protection violations or if you believe that the processing of your personal data violates the GDPR, you can contact the department(s), the management or our data protection officer at any time.
effiZERT GmbH
Mr. Michael Schlagintweit
Amselweg 3
D-82335 Berg
We will respond to your request as soon as possible. Of course, you also have the option of complaining to a data protection supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us is:
You are responsible for providing your data. We can only respond to your request if we process your data.
9 Automated decision-making
Please understand that we use a so-called spam or junk filter and systems for attack detection to protect our systems. In doing so, the sender, time, content, character set and origin are used to sort out unwanted e-mails. If you have the feeling that your e-mails have not arrived or have been rejected, please contact us via another communication channel (telephone, fax or letter).
Date of privacy policy: August 2024
Annex to the client agreement Privacy policy for clients
1 Controller
The controller is:
Rath, Anders, Dr. Wanner & Partner mbB Auditing company
Tax consultants Auditors Lawyers
We process personal data exclusively for the purposes of
executing and handling the client relationship, including correspondence,
fulfilling our contractual and legal obligations as tax advisors, auditors and lawyers,
processing in the context of mutual claims arising from the client contract (e.g. invoicing, claims for services, remuneration and liability, etc.).
The legal basis for data processing is
Art. 6 (1) (b) GDPR for the fulfillment of the mandate contract,
Art. 6 (1) (c) GDPR for the fulfillment of the legal obligations to which we are subject as tax advisors, auditors and lawyers,
Art. 6 (1) (f) GDPR, insofar as the data processing is necessary to safeguard the legitimate interests of us or a third party,
Art. 6 (1) (a) GDPR, insofar as you have given us your consent to process your personal data for certain purposes.
4 Data types and data subjects
We process the following types of personal data:
First and last name(s), title, if applicable
Postal address(es)
Telephone number(s) and fax number(s), if applicable
E-mail address(es)
Form of business organization
Tax number and identification number
Other information required for the proper execution of the mandate, such as
Tax-relevant information
Accounting data
Annual financial statements
5 Recipients
Personal data will only be transferred to third parties on your behalf and with your consent. We will disclose personal data to the following recipients within the scope of the mandate relationship:
Financial authorities and courts
Social insurance agencies (statutory health and pension insurance funds, miners' social insurance)
Bundesanzeiger Verlag GmbH
Federal Employment Agency
Banks, credit institutions, insurance companies and professional associations
Contract processors (e.g. data centers, IT service providers, printing service providers, waste disposal companies, etc.), whose services we only use to the extent that they are obliged to maintain our professional secrets as a person involved in accordance with Section 203 (3) of the German Criminal Code
to other recipients, depending on the order, which we will coordinate with you in advance.
We are tax advisors, auditors and lawyers. We have selected service providers who are familiar with the operation of the website, the hosting of the mail server and the sending of the newsletter. Even though we have bound them by contractual measures, they are still recipients within the meaning of data protection.
6 Third country
Data is only transferred to third countries (countries outside the EU or the European Economic Area (EEA)) if this is necessary to fulfill the mandate agreement (e.g. payment orders), if you have given us your consent or if this is otherwise legally permissible. In this case, we take measures to ensure the protection of your data, for example by means of appropriate contractual provisions. We only transfer data to recipients who ensure the protection of your data in accordance with the provisions of the GDPR for the transfer to third countries (Art. 44 to 49 GDPR).
When communicating via the internet, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible for a message to be routed via a server in an unsafe third country on its way from us to you or vice versa. As far as possible, we have therefore taken appropriate technical and organizational measures to ensure the security of the processing.
We recommend using the postal service for particularly sensitive data.
7 Storage period
We store personal data for the duration of the statutory retention periods. As a rule, these are 10 years plus a waiting period of a further 4 years to cover cases of possible suspension of the statute of limitations. After 14 years, we will check whether there are reasons for further storage (e.g. ongoing proceedings).
8 Rights of the data subject
You have the following rights as a “data subject” whose data we process:
Right of access according Art. 15 GDPR,
Right to rectification according Art. 16 GDPR,
Right to erasure (“right to be forgotten”) according Art. 17 GDPR,
Right to restriction of processing according Art. 18 GDPR,
Right to data portability according Art. 20 GDPR,
Right to object according Art. 21 GDPR.
If we process your personal data for specific purposes on the basis of your consent, you have the right to withdraw your consent at any time in accordance with Art. 7 (3) GDPR. After receiving your withdrawal, we will stop processing the data for the purposes for which you have given us your consent. The lawfulness of the processing before you withdrew your consent remains unaffected.
Right to object: If we process your personal data to safeguard legitimate interests within the meaning of Art. 6 (1) (f) GDPR, you have the right to object to this processing for reasons arising from your particular situation in accordance with Art. 21 (1) GDPR. You may object to the processing of your data for direct marketing purposes at any time without giving reasons in accordance with Art. 21 (2) GDPR. To exercise your right of objection, simply send us an informal message stating which data processing you object to and, if applicable, the reasons for your objection.
Please send requests for information, revocations and objections to:
RAW-Partner
Elsenheimerstraße 43
80687 Munich
or by email to: muc@raw-partner.de
No other fees than the basic rates apply for exercising the right of revocation or objection by telephone.
9 Right of complaint
If you have any complaints, data protection violations or if you believe that the processing of your personal data violates the GDPR, you can contact the department(s), management or our data protection officer at any time:
effiZERT GmbH
Mr. Michael Schlagintweit
Amselweg 3
D-82335 Berg
We will respond to your request as soon as possible. You are also entitled to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us is:
Rath, Anders, Dr. Wanner & Partner mbB does not use automated decision-making, including profiling*, with your personal data. However, we use so-called spam or junk filters and systems for attack detection in electronic communication to protect our systems. These systems use, among other things, the sender, time, content, character set and origin to automatically sort out unwanted e-mails. If you have the feeling that your e-mails have not arrived or have been rejected, please contact us via another communication channel (telephone, fax or letter).
*) Combining individual data to gain insights into key aspects of a person's personality.