Data Privacy Statement

1. Personal Data 

1.1 We take the protection of your data very seriously. We handle your personal data confidentially and in accordance with the legal data protection regulations and the content of this data privacy policy.

1.2 We collect, process and use your personal data only with your permission, mandating or appointment for the purposes agreed with you or if any other legal basis in accordance with the GDPR or the Austrian Data Protection Act (DSG) is existing; this is in compliance with data protection, civil law regulations and codes of professional conduct. 

1.3 The visit of our website is usually possible without specification of personal data. If personal data (e.g. name, address or e-mail) is collected, this regularly occurs on a voluntary basis as far as possible. As a matter of cause, these data will not be forwarded to third parties without your prior explicit permission. We point out that data transmission via internet (e.g. communication via e-mail) may have security vulnerability. A complete protection against access by third parties is not possible.

1.4 Only such personal data is collected which is required for the implementation and processing of our legal services on a contractual or legal base or for using our website or which has been provided voluntarily. 

1.5 Personal data means individual details about personal or factual circumstances, e.g. name, address, e-mail, telephone number, date of birth, age, gender, social insurance number, video recording, photos, voice records and biometric data like fingerprints. Sensitive data like health data or information in connection with criminal proceedings might be included, too. 

2. Information and Deletion 

2.1 The data subject has the right to information about logged personal data, it’s origin, it’s recipient and the purpose of the data processing as well as the right to adjustment, data transmission, objection, restriction of processing and blocking or deletion of incorrect or inadmissibly processed data while complying with the professional non-disclosure requirements applicable to attorneys at law.

2.2 If there are any changes of your personal data, we ask for appropriate notification. 

2.3 You are entitled to revoke your consent to use your personal data at any time. Your filing for disclosure, deletion, adjustment, objection and/or data transmission, provided that this – in the latter case – does not cause a disproportionate effort. This submission may be filed to the address of the responsible person stated below in this privacy notice.

2.4 If you believe that the processing of your personal data violates applicable law or your data protection rights are violated otherwise, you may complain to the competent regulatory authority. This data protection authority is the 

Austrian Data Protection Authority
Barichgasse 40-42
A-1030 Vienna

3. Data Security

3.1 The security of your personal data is ensured through adequate organisational and technical measures. These measures relate in particular to the protection against unauthorized, unlawful or random access, processing, loss, usage or manipulation. 

3.2 Notwithstanding our continuous efforts to adhere to the highest adequate standards of our diligence, it can not be completely ruled out that information provided over the internet can be seen or used by third parties.

3.3 Please note that we cannot assume any liability for the disclosure of information due to error during data transfer or unauthorized access by third parties (e.g. hacker attack on email-account, cellular phone, interception of telefaxes).

4. Cookies

4.1 So-called cookies are partly used on our website. Cookies don’t do any harm to your computer and do not contain computer viruses. They serve the purpose of making our service more user-friendly, effective and safe. Cookies are small text files that can be stored on your computer and saved by your browser.

4.2 Most of the cookies on our website are so-called session-cookies. They are automatically deleted when you leave our website again. Permanent cookies, however, remain on your computer until you delete them manually in your browser. Such permanent cookies are used in order to recognize you again when you next visit our website. 

4.3 You can select your browser settings so that you receive notification when a website wants to save cookies, you can allow cookies only in the individual case, block the acceptance of cookies for certain cases or generally or activate the automatic deletion of cookies when closing the browser. Please note, that blocking or deletion of cookies could prevent you from making full use of our website.

5. Server Log Files

5.1 The provider of our website collects and automatically saves information in so-called server log files which are automatically transferred from your browser to our website. This information is in particular IP-address of the visiting computer, date and time of access, accessed web-URL, referrer URL, type of browser and version of browser and used operating system. 

5.2 Such data cannot directly be retraced to a natural person. A consolidation with data from other sources will not be effected. We reserve the right to verify such data upon concrete indications of an illegal use. 

6. Embedding of Services und Contents of third Parties

It may occur that our online-offers integrate services or contents of third parties, e.g. city maps or font types of other websites. The embedding of contents from third parties makes it necessary that the IP-address of the user is available for the third party, otherwise the contents cannot be sent to the user from the relevant browser. Content providing requires a valid IP-address. Further, content providers may use their own cookies and process data for their own requirements, e.g. by using processed data for assembling user profiles. We will use these contents on the basis of data avoidance and data economy as far as possible and exclusively corporate with reliable third parties with regard to data security. 

7. Usage of Data

We will only use provided data for the purposes as indicated through the mandate agreement, through your consent by using our website or through a regulation in accordance with the purposes as set forth by GDPR. The only exception is the use for statistical purposes if provided data is anonymized. 

8. Transfer of Data to third Parties 

8.1 To fulfil the mandate agreement it may be necessary to transfer your data to third parties (e.g. opposing party, substitute, insurances, service providers), courts or authorities. Any transfer of data is exclusively based on the grounds of GDPR, the fulfilment of the mandate agreement or your prior consent. 

8.2 We inform you that within the scope of your representation and the fulfilment of the mandate agreement factual and case related information will be transferred to third parties (e.g. courts, authorities). 

8.3 Some of the recipients of personal data have their seat and process your data outside Austria. It cannot be granted that the data protection level in other countries is equal to that provided in Austria. We will only transfer your data to countries whose data protection level – according to rulings by the EU Commission – is adequate. Otherwise we will implement adequate measures to assure that all recipients are subject to an adequate data protection level by using standard contractual clauses (2010/87/EC, 2004/915/EC).

9. Notification of Data Breach

We endeavour to ensure that eventual data breaches are recognized in time and notified to you and the competent regulatory authority including the respective data category. 

10. Data Retention

Data will not be stored longer than this is required by our contractual and legal duties and eventual civil law claims. 

11. Your Rights according to GDPR

11.1 The data subject is entitled to immediate deletion of concerned personal data and the controller shall be required to delete personal data immediately if one of the following conditions applies:

      1. Personal data is not required anymore for the initial purposes;
      2. The data subject recalls his consent if the processing was based on art 6 para 1 item a or art 9 para 2 item a GDPR and there is no other legal basis for the processing;
      3. The data subject objects to the processing of data according art 21 para 1 GDPR and no other imperative reasons for the processing exist or the data subject objects to the processing according to art 22 para 2 GDPR;
      4. Personal data are processed on an unlawful basis;
      5. The deletion of personal data is required due to a legal obligation according European Union law or the law of a member state which the controller is subject to;
      6. Personal data were collected in regard of information society services according art 8 para 1 GPDR.

11.2 If the controller has made personal data public and if he is required to delete such data, he will be required to meet adequate measures taking account of the available technologies and the cost of implementation including technical measures to inform that the data subject has required the deletion of all links, copies or replications of such data.

11.3 Art 11.1 is not applicable if the processing is required for 

      1. the exercise of the right of freedom of expression and information;
      2. the fulfilment of a legal obligation according to the law of the European Union or the law of a member state which the controller is subject to or the performance of a task carried out in the public interest or the exercise of official authority granted to the controller;
      3. grounds of public interest in the field of public health according to art 9 para 2 item h and art 9 para 3 GDPR;
      4. public interest archive purposes, scientific or historic research purposes or statistic purposes acc art 89 para 1 GDPR if the above mentioned right would adversely affect or even make impossible the processing purposes or 
      5. for the exercise or defence of legal claims.


12. Our Contact, Controller

The protection of your data is particularly important to us. You can reach us under the address below for queries or revocation. 

Dr. Christoph H. Hackl
Rudolfsplatz 12/DG
A-1010 Vienna
Tel: 01/53 23 600
Fax: 01/53 23 600-10

13. Amendment of this Data Privacy Notice

We reserve the right to change this data protection statement at any time in order to adapt it to the change of legal requirements, a change of the rendered or supplied services or data processing. This applies only with regard to statements concerning the data processing. If the consent of the data subject is required or parts of this notice contain regulations concerning the contractual relationship with the data subject, amendments may only be carried out with consent of the data subject.

You are requested to regularly gather information on the actual content of our data privacy notice.

status: September 2020