Data Protection

Data protection policy

Welcome to the website of BOEHMERT & BOEHMERT Anwaltspartnerschaft mbB Patentanwälte Rechtsanwälte (hereinafter: “BOEHMERT & BOEHMERT”). We provide this Data Protection Policy to give you information and advice on how BOEHMERT & BOEHMERT processes personal data.

If you have any questions in this regard, please contact us. You can find our contact information in our Legal Notice. The current version of the information in this Policy can be accessed any time on our website.

Overview:

Data processing when visiting our website
Data processing when working on client matters and other persons with a client relationship
Data processing for applicants

Data processing when visiting our website

In the following, we inform you about the processing of your personal data when visiting our website. During your visit to our website, we collect and process the information sent to us through technically automated means and/or personal data which you voluntarily to us, in particular via our contact form or when ordering the publication, “B&B-Bulletin”.

1. Data controller and data protection officer

The data controller is Boehmert & Boehmert Anwaltspartnerschaft mbB, Patent Attorneys, Attorneys at Law, Hollerallee 32, 28209 Bremen, Germany, Tel.: +49 (0)421 3409 0, Facsimile: +49 (0)421 3491768.

You can contact our Data Protection Officer at BOEHMERT & BOEHMERT Anwaltspartnerschaft mbB, Patent Attorneys, Attorneys at Law, Hollerallee 32, 28209 Bremen, Germany, Tel.: +49 (0)421 3409 0, email: datenschutzbeauftragter@boehmert.de.

2. Automated processing of data when using the website

2.1. IP address and log files

a) Explanation and purpose of processing:

We automatically process the following information every time you visit our website:

The IP address of your computer or other end device (e. g. tablet or smartphone) and the request(s) sent by your browser
the volume of data transmitted, the type and version of browser used, the screen resolution and the operating system used.

The IP address and information on the request(s) from your internet browser are necessary, for technical reasons, for you to visit and use the website; without this data being processed, webpages cannot be accessed and cannot be displayed. The processing of the IP address is anonymized by way of abbreviation or deleted once it is no longer required for technical reasons for you to access or to use the website.

In addition, the above-mentioned data will be processed by us for the following purposes:

ensuring a smooth connection to the website,
ensuring our website can be used in a convenient manner,
analysis of system security and stability and
other administrative purposes.

Information on the volume of data transmitted, the type and version of browser used, the screen resolution and the operating system used is collected and processed in order to optimize how content is displayed, to determine the system capacity and to make future modifications and improvements to the website, on the basis of statistical analyses (where applicable).

b) Legal basis:

The legal basis for this processing of data is Art. 6 (1) f) GDPR. The legitimate interest in processing the relevant data is that it makes accessing the website technically possible, optimizes how the content is displayed for the user and enables the continued improvement or optimization of the internet service in the future.

2.2. Use of cookies by our server

a) Explanation and purpose of processing:

We use cookies on our website.

Cookies are small text files which are stored locally, during each visit to our website, on the user’s end device (e.g. PC, smartphone, tablet). They can contain a range of information about the end device used as well as about usage behavior. This information is sent back to the cookie-setting web server with the aim of recognizing a returning user and their settings. You can prevent cookies being stored by adjusting your browser settings accordingly; moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may render, in some circumstances, the use of certain functions of the website impossible or inconvenient.

Specifically, the following cookies are set by our server when our website is accessed:

cookieconsent_dismissed: This cookie stores the information as to whether you have clicked on “ok” on the cookie notice banner and prevents it from appearing again when a user returns to the website later. It is automatically deleted after 12 months.
PHPSESSIONID: This cookie is a so-called session cookie, which is required for the administration of our website. It is immediately deleted when the user leaves the website.

b) Legal basis:

The legal basis for this processing of data is Art. 6 (1) f) GDPR. The legitimate interest in processing the data is that it enables the use of the website and its functions.

2.3. Contact form

a) Explanation and purpose of processing:

You can contact us with any questions or requests via our online contact form or by email. In doing so, the personal data transmitted by you will be processed by us electronically for answering your question or dealing with your request. If you use the online contact form, you must provide a valid email address so that we know who has sent the enquiry. First and last name are not marked as required fields.

The personal data collected in this context will be processed exclusively for the purpose of communicating with you and will be deleted when its storage is no longer necessary or, to the extent legal obligations to retain records exist, its processing is limited, unless further processing is regulated by law.

b) Legal basis:

The legal basis is Art. 6 (1) b) GDPR, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures. Otherwise, the legal basis of the processing is our legitimate interest (communication with third parties) according to Art. 6 (1) f) GDPR.

2.4. B&B-Bulletin

a) Explanation and purpose of processing:

You have the possibility, via our website, to register for receiving our regular publication, the B&B Bulletin, which is sent out up to four times per year by email. This publication contains short articles written by the attorneys of BOEHMERT & BOEHMERT covering current legal issues, developments in case law, changes in legislation or official practice and events. In order to register to receive that publication, a separate declaration of consent is required, including the provision of an email address, which is stored solely for the purpose of sending that publication to the specified email.

b) Consent

The e-mails are sent to the e-mail address you have provided based on your prior consent. The consent given by you when registering for the Bulletin has the following content:

I consent to the use and storage of the above data by BOEHMERT & BOEHMERT for the purpose of sending the B&B Bulletin with short articles written by lawyers of BOEHMERT & BOEHMERT on current legal topics, developments in jurisdiction, innovations in legislation or official practice and events via the e-mail. I am aware that I can unsubscribe from the B&B Bulletin at any time, and I can revoke my consent with effect for the future.

Consenting to the subscription to the B&B Bulletin is voluntary and the consent can be revoked at any time with effect for the future by means of a simple declaration (also by e-mail to bulletin@boehmert.de). Each issue of the Bulletin also contains a link at the end which allows you to unsubscribe from the e-mail distribution list and thereby revoing your consent. A revocation has no influence on the legality of the processing carried out based on the consent up to the revocation. It is not possible to obtain the publication without consent.

c) Legal basis:

The legal basis for this processing of data is Art. 6 (1) a) GDPR.

3. Recipients of personal data

The sending of the B&B Bulletin is carried out by an external service provider, to whom the data provided in the application to subscribe to the publication is transmitted based on a controller-processor-agreement (Art. 28 GDPR).

4. Your data subject rights

As a data subject, you have the following rights under the GDPR. You are entitled to these rights under the conditions of the respective data protection regulations:

Right of access (Art.15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to lodge a complaint with the respectively competent data protection supervisory authority (Art. 77 GDPR)
Right to object to processing (Art. 21 GDPR)

In the case of an objection, BOEHMERT & BOEHMERT will no longer process the personal data, unless

the processing serves the assertion, exercise or defense of legal claims or
BOEHMERT & BOEHMERT can prove necessary, legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject.

5. Automated decision-making including profiling

Automated decisions in individual cases including profiling within the meaning of Art. 22 GDPR do not take place in connection with visiting our website.

This Data Protection Policy was last updated on 01.02.2023 and may in future be modified according to changing circumstances, in particular to conform to amendments to legal requirements, the practice of public authorities or case law.

Version: 01.02.2023

The processing of personal data when working on client matters and other persons with a client relationship

In the following, we inform you about the type, extent and purpose of data processing by BOEHMERT & BOEHMERT in relation to the receipt of an instruction to act and the handling of a client matter as well as in relation to other activities of BOEHMERT & BOEHMERT.

1. Data controller and data protection officer

The data controller is Boehmert & Boehmert Anwaltspartnerschaft mbB, Patent Attorneys, Attorneys at Law, Hollerallee 32, 28209 Bremen, Germany, Tel.: +49 (0)421 3409 0, Fax: +49 (0)421 3491768.

2. The processing of clients’ personal data

When we receive an instruction to act as attorneys, we collect and process the name, address and other contact information (e. g. email addresses, telephone and fax numbers etc.) of the requesting party as well as information related to any facts provided by them, which could also contain personal data. In the course of working on client matters, further personal data could also be stored.

The collection and further processing of this data is carried out for the purposes of establishing and performing the contract of engagement and to carry out pre-contractual steps at the request of the Data Subject, as well as for the purposes of billing the services provided.

The legal basis for this processing of data is Art. 6 (1), b) GDPR.

3. The processing of the personal data of others

In the course of providing its services, BOEHMERT & BOEHMERT also processes personal data of third parties, e.g. those of opposing parties, representatives of opposing parties, contact persons in public authorities, courts and service providers, business contacts etc. This includes in particular contact data (names, addresses, telephone numbers and fax numbers, email addresses etc.) as well as information relating to client matters, which could also contain personal data. Some of this data is collected directly from the Data Subject, some is collected by other means, specifically for the purpose of providing legal advice and representation services to clients of BOEHMERT & BOEHMERT, including the related correspondence and documentation, for the purpose of business communications and in relation to establishing a possible working relationship in the future (e. g. recording contact details of translators, research institutes or other service providers; personal contact details in the course of prior business encounters etc.).

The legal basis for this processing of data is Art. 6 (1), f) GDPR. The legitimate interest is in the proper and effective provision of legal advice and representation services to clients.

To the extent that contractual agreements exist between the data subject and BOEHMERT & BOEHMERT and the processing of personal data occurs in the performance of those agreements, the basis for that processing is Art. 6 (1) b) GDPR. The processing may also be necessary in order to comply with a legal obligation; the basis for processing in that case is Art. 6 (1) c) GDPR.

4. Recipients of personal data / transmission to third countries

In the course of the administrative handling of client matters, personal data is sent to service providers who process that data for a specific purpose on behalf of BOEHMERT & BOEHMERT within the meaning of Art. 28 GDPR on the basis of a contractual agreement for third party processing as per Art. 28 (3) GDPR. Primary examples of this are IT service providers, in particular in respect of the attorney software and technical infrastructure used, and service providers for financial bookkeeping and accounting. All service providers engaged by BOEHMERT & BOEHMERT have signed a contractual agreement with BOEHMERT & BOEHMERT in which they undertake to maintain confidentiality where they come into or could come into contact with information covered by a confidentiality undertaking.
Depending on the type of client matter, personal data may also be transferred in the course of working on the matter to third parties who are not processors. This may include, in particular, recipients in the following categories: opposing parties and representatives thereof, courts, authorities, bailiffs, correspondence attorneys and external counsel, translation service providers, research service providers, consulates, embassies etc.

Such a transmission to third parties will only occur if and to the extent that

the transmission is necessary for the performance of the contract of engagement (legal basis: Art. 6 (1) b) GDPR) or
this is covered by the client’s consent (legal basis: Art. 6 (1) a) GDPR), or
the transmission of data is required to preserve the legitimate interests of BOEHMERT & BOEHMERT or a third party, in particular a client, and these are not overridden by the interests or fundamental rights and freedoms of the Data Subject, which require the protection of personal data (legal basis: Art. 6 (1) f) GDPR).

In connection with the work on client matters, personal data may be transmitted, depending on the individual case concerned, to third countries, namely countries outside the European Union and the European Economic Area (EEA), or international organizations (e. g. authorities, opponents and their representatives, correspondent attorneys etc.). This includes transmission to countries in relation to which the European Commission has not decided that the country ensures an adequate level of protection (Art. 45 (3) GDPR) and possibly also transfers for which no safeguards under Art. 46 GDPR are provided.

To the extent that an adequacy decision has not been adopted and/or suitable safeguards have not been provided, a transmission of that kind will only be made in exceptional cases as per Art. 49 (1) point GDPR, in particular if and to the extent that

this is necessary for the performance of the contract of engagement between the client and BOEHMERT & BOEHMERT or to carry out precontractual steps at the request of the client,
this is necessary for the conclusion or performance of a contract entered into in the interests of the client by BOEHMERT & BOEHMERT with another natural or legal person,
this is necessary for the assertion, exercise and defence of legal claims,
an express consent within the meaning of Art. 49 (1) a) GDPR, or
the transmission is from a register within the meaning of Art. 49 (1) g) GDPR (e. g. the German Trade Mark and Patent Register).

5. Duration of retention

The mandatory retention period for files by attorneys at law and patent attorneys is currently six years, commencing upon expiry of the calendar year in which the concrete case ended; moreover, the general tax and/or commercial retention periods apply. BOEHMERT & BOEHMERT will store the personal data related to clients and client matters for at least the duration of these time limits.

In addition, BOEHMERT & BOEHMERT will, in individual cases, processes, on the basis of Art. 6 (1) f) GDPR, personal data related to clients and client matters also beyond these statutory retention periods, to the extent that this is appropriate and necessary, in particular in the case of open ended client relationships, for the ongoing maintenance, monitoring, preservation and defense of intellectual property rights and other legal interests. In this regard, in the case of open ended client relationships, the data related to individual matters will not be deleted prior to the end of the client relationship to enable information from completed matters to be taken into account in respect of the advice on current and future matters. Moreover, processing beyond the statutory data retention periods is carried out for the purpose of identifying and preventing conflicts of interest before working on new cases as well as for providing information to clients, including in relation to concluded matters.

Contact data not related to a specific client and/or client matter, concerning, for example contact persons at service providers (e. g. research providers, translators, survey institutes etc.) is stored for as long as this is needed for the purposes described above.

6. Your data subject rights

As a data subject, you have the following rights under the GDPR. You are entitled to these rights under the conditions of the respective data protection regulations:

Right of access (Art.15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to lodge a complaint with the respectively competent data protection supervisory authority (Art. 77 GDPR)
Right to object to processing (Art. 21 GDPR)

In the case of an objection, BOEHMERT & BOEHMERT will no longer process the personal data, unless

the processing serves the assertion, exercise, or defense of legal claims or
BOEHMERT & BOEHMERT can prove necessary, legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject.

7. Automated decision-making including profiling

Automated decisions in individual cases including profiling within the meaning of Art. 22 GDPR do not take place in connection with our consulting activities.

Version: 01.02.2023

Data processing for applicants

The data you provide to us as part of your application will only be used to process your application.

1. Data controller and data protection officer

The data controller is Boehmert & Boehmert Anwaltspartnerschaft mbB, Patent Attorneys, Attorneys at Law, Hollerallee 32, 28209 Bremen, Germany, Tel.: +49 (0)421 3409 0, Fax: +49 (0)421 3491768.

2. Processing of personal data of applicants

The data required for the application process is processed for the purpose of carrying out an application procedure in compliance with the general data protection regulation.

The legal basis is Art. 6 (1) b) GDPR and Art. 88 (1) GDPR in conjunction with Sec. 26 (1) BDSG (Federal Data Protection Act).

If the data is special categories of personal data (such as health data), which you yourself provide to us, the processing is carried out on the legal basis of Art. 9 (2) b) GDPR in conjunction with Sec. 26 (3) BDSG (Federal Data Protection Act).

Rejected applicants have the option of being accepted into our talent pool. In the event of inclusion, all documents and details from your application will be transferred to the talent pool so that we can contact you by e-mail or telephone in the event of suitable job offers. Inclusion in the talent pool is based exclusively on your consent (Art. 6 (1) a) GDPR). Providing your consent is voluntary and can be revoked at any time with effect for the future without giving reasons at: career@boehmert.de. If you do not provide your consent, you will not be assigned to the talent pool.

3. Recipients of personal data

We only pass on the personal data of applicants within our company to those areas and persons who require this data to fulfill contractual and legal obligations and to implement our legitimate interests. In addition, we use the service providers who support us in the areas of applicant management, IT support and with whom separate contracts for order processing have been concluded as part of order processing.

4. Duration of storage

If the application is unsuccessful, the data will be automatically deleted after six months from the date of rejection. If an employment relationship is established, we will store your application data for as long as it is required for the employment relationship.

Your unsolicited application, which we have received with your consent, will also be deleted after six months from the date of rejection.

Upon submission of a consent for inclusion in the talent pool, we store your personal data for a further 12 months provided following the consent.

5. Your Data subject Rights

As a data subject, you have the following rights under the GDPR. You are entitled to these rights under the conditions of the respective data protection regulations:

Right of access (Art.15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to lodge a complaint with the respectively competent data protection supervisory authority (Art. 77 GDPR)
Right to object to processing (Art. 21 GDPR)

In the case of an objection, BOEHMERT & BOEHMERT will no longer process the personal data, unless

the processing serves the assertion, exercise, or defense of legal claims or
BOEHMERT & BOEHMERT can prove necessary, legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject.

6. Automated decision-making including profiling

Automated decisions in individual cases including profiling within the meaning of Art. 22 GDPR do not take place in connection with our application process.

Version: 01.02.2023

Informations

Legal Areas