Data privacy statement

Preamble

Your interest in our company is very much appreciated. The Patent Attorney Office Dr. C. Steiniger attaches great importance to data protection.

Using the internet pages of the Patent Attorney Office Dr. C. Steiniger is generally possible without providing any personal data. Insofar as a person concerned wants to make use of special services of our company via our website, it may, however, be necessary to process personal data. If the processing of personal data is necessary, it is effected in accordance with Art. 6, paragraph 1 b and c GDPR.

The processing of personal data, for example of the name, the address, e-mail address or telephone number of a person concerned is always made in accordance with the General Data Protection Regulation and in accordance with the Federal Data Protection Act. By means of this data privacy statement, our company aims to inform the public about the nature, scope and purpose of the personal data having been collected, used and processed by us. Furthermore, persons concerned are informed on the rights granted to them by means of this data privacy statement.

As controller, the Patent Attorney Office Dr. C. Steiniger has taken numerous technical and organizational measures in order to ensure a protection of the personal data processed via this website as complete as possible. In general, however, internet-based data transfers can have safety gaps, so that an absolute protection cannot be guaranteed. For that reason, each person concerned is free to transmit personal data to us through alternative channels, such as per telephone.  

Definitions

The data privacy statement of the Patent Attorney Office Dr. C. Steiniger is based on the terminology used by the European issuer and regulator when issuing the General Data Protection Regulation (GDPR). Our data privacy statement is supposed to be easily readable and comprehensible both for the public as well as our clients and business partners. In order to ensure this, we want to explain the used terminology in advance.

Amongst others, we use the following terms in this data privacy statement:

a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “person concerned”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Person concerned
The person concerned is each identified or identifiable natural person, whose personal data are processed by the controller.

c) Processing
The processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of the processing
Restriction of the processing means the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

f) Pseudonymisation
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) Third party
A third party means a natural or legal person, public authority, agency or body other than the person concerned, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process personal data.

k) Consent
Consent of the person concerned means any freely given, specific, informed and unambiguous indication of the concerned person 's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Name and address of the controller

The controller according to the General Data Protection Regulation, the Federal Data Protection Act and other regulations of a data-protecting nature is:

Proprietor:
Dr.-Ing. Carmen Steiniger

Patent Attorney Office
Dr. C. Steiniger
Reichsstr. 37
D-09112 Chemnitz
Germany

Phone: +49(0)371.464 00 66
Fax: +49(0)371.464 00 67
Mail: office@steiniger-patent.de
Web: www.steiniger-patent.de

Due to the company size and the category of the personal data processed by us, we are under no obligation to appoint operational company data protection officer. You are invited to submit any data protection related queries via office@steiniger-patent.de.

Cookies

The website of the Patent Attorney Office Dr. C. Steiniger uses cookies. Cookies are text files, which are set and stored on a computer system via an internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie-ID. A cookie-ID is a unique identification of the cookie. It consists of a character string, by which websites and servers can be allocated to the specific internet browser, in which the cookie was saved. Thereby, the visited websites and servers are enabled to differentiate the individual browser of the person concerned from other internet browsers, which contain other cookies. A certain internet browser can be recognized and identified by the unique cookie-ID.

By using cookies, the Patent Attorney Office Dr. C. Steiniger can provide user-friendly services for the users of this website, which would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized with the interest of the user. As mentioned above, cookies enable us to recognize the users of our website. The purpose of this recognition is to simplify the use of our website for the users. The user of a website, which uses cookies, for example does not need to re-enter his or her login details at each visit of the website, because this is taken over by the website and the cookie set on the computer system of the user.

The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting of the used internet browser and thus permanently reject to the use of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programmes. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the used internet browser, not all functions of our website may be usable to the full extent.

Usage of web fonts

On these websites external fonts, google fonts, are used. Google fonts is a service of Google Inc. (“Google”). The integration of these web fonts takes place via a server call, usually a server of Google in the USA. Hereby, it is being communicated to the server, which of our websites you have visited. The IP address of the browser of the terminal device of the visitor of these websites is also saved by Google. For further information, please check the data privacy notices of Google, which you can retrieve here:

www.google.com/policies/privacy/
https://fonts.google.com/about

Collection of general data and information

The website of the Patent Attorney Office Dr. C. Steiniger collects a range of general data and information with each call up of the website by a person concerned or an automatized system. These general data and pieces of information are stored in the log files of the server. (1) The used browser types and versions, (2) the operating system used by the accessing system, (3) the website, from which an accessing system reaches our website (so-called referrers), (4) the subpages on our website, which are accessed via an accessing system, (5) the date and the time of an access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and pieces of information, which serve to prevent danger in case of attacks to our information technological systems, can be collected.

When using these general data and pieces of information, the Patent Attorney Office Dr. C. Steiniger does not draw conclusions to the person concerned. These pieces of information are rather required in order (1) to correctly deliver the contents of our website, (2) to optimize the contents of our website as well as their advertisement, (3) to guarantee the permanent functionality of our information technological systems and the technology of our website as well as (4) to provide the law enforcement authorities with the information necessary for prosecution in case of a cyber attack. These anonymously collected data and pieces of information are therefore on the one hand statistically analyzed by the Patent Attorney Office Dr. C. Steiniger and are furthermore analyzed with the aim of increasing the data protection and data safety in our company, in order to eventually guarantee an ideal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned.

Server log files

The server log files are anonymized data, which are collected when you access our website. These pieces of information do not allow any conclusions to you personally, but are indispensable for technical reasons and the delivery and representation of our contents. They furthermore serve for our statistics and the continuous optimization of our contents. Typical log files are the date and time of access, the amount of data, the browser used for access and its version, the used operating system, the domain name of the provider authorized by you, the page, from which you have reached our offer (referrer URL) and your IP address. Log files furthermore enable a detailed examination on suspicion of an unlawful use of our website.

SSL encryption

Our website uses an SSL encryption when the transmission of confidential or personal contents of our users is involved. This encryption is for example activated when handling payment transactions as well as inquiries, which you send to us via our website. Please make sure that the SSL encryption is activated on your part during corresponding activities. The use of the encryption can be easily recognized: the indication in your browser line changes from “http://” to “https://”. Data that has been encrypted via SSL cannot be read by third parties. Only transmit your confidential information at an activated SSL encryption and, in case of doubt, contact us.

Options of contact via the website

Due to legal requirements, the website of the Patent Attorney Office Dr. C. Steiniger contains information, which allows for a quick electronic contact to our company as well as a direct communication with us, which also comprises a general address of the so-called electronic post (e-mail address). Insofar as a person concerned contacts the controller via e-mail or via a contact form, the personal data transmitted by the person concerned are automatically stored. Such personal data, transmitted on a voluntary basis by the person concerned to the controller, are stored for purposes of handling or contacting the person concerned. These personal data will not be disclosed to third parties.

Routine deletion and blocking of personal data

The controller processes and stores personal data of the person concerned only for the period of time, which is necessary for reaching the storage purpose or, insofar as this has been provided in laws or rules by the European issuer and regulator or another legislator, which the person in charge of processing is subject to.

If the storage purpose lapses or a deadline set by the European issuer and regulator or another responsible legislator expires, the personal data are routinely blocked or deleted according to the legal requirements.

Rights of the person concerned

a) Right to obtain confirmation
Each person concerned has the right, which is granted by the European issuer and regulator, to demand a confirmation from the controller whether the respective personal data are processed. If a person concerned wants to make use of this confirmation right, he or she can contact the above-mentioned e-mail address at any time.

b) Right to access to information
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to obtain free-of-charge information on the stored personal data related to him or her by the controller at any time and to receive a copy of this disclosure.

Furthermore, the person concerned has a right of disclosure on whether personal data have been transmitted to a third country or to an international organization. Insofar as this is the case, the person concerned furthermore has the right to obtain information on the appropriate guarantees in connection with the transmittal. 

If a person concerned wants to make use of this right of disclosure, he or she can contact the above-mentioned e-mail address at any time.

c) Right to correction
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to demand the immediate correction of incorrect personal data relating to him or her. Taking into account the purposes of processing, the person concerned furthermore has the right to demand the completion of incomplete personal data – also by means of a complementary declaration.

If a person concerned wants to make use of this right of correction, he or she can contact the above-mentioned e-mail address at any time.

d) Right to deletion (right to be forgotten)
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to demand that the personal data relating to him or her are immediately deleted by the controller, insofar as one of the following reasons applies and insofar as the processing is not necessary:

The personal data have been collected for such reasons or are processed in any other way, for which they are no longer necessary.

The person concerned revokes his or her permission, on which the processing according to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR was based and another legal basis for the processing is missing. The person concerned files an objection against the processing according to Art. 21 (1) GDPR and there are no primarily justified reasons for the processing or the person concerned files an objection against the processing according to Art. 21 (2) GDPR. The personal data were unlawfully processed.

The deletion of the personal data is necessary for complying with a legal obligation according to the Union law or the law of the Member States, which the controller is subject to.

The personal data were collected with regard to services offered by the information society according to Art. 8 (1) GDPR.

Insofar as one of the above-mentioned reasons applies and a person concerned wants to arrange for the deletion of personal data, which are stored with the Patent Attorney Office Dr. C. Steiniger, he or she can contact the above-mentioned e-mail address at any time. The data protection officer will arrange for the deletion demand to be immediately fulfilled.

e) Right to limitating the processing
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to demand the limitation of the processing by the controller if one of the following conditions applies:

The correctness of the personal data is denied by the person concerned, namely for a period of time which enables the controller to check for the correctness of the personal data.

The processing is unlawful, the person concerned refuses the deletion of the personal data and instead demands the limitation of the usage of the personal data.

The controller no longer needs the personal data for the purposes of processing, the person concerned, however, needs them for asserting, exercising or defending legal claims.

The person concerned has filed an objection against the processing according to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the person concerned.

Insofar as one of the above-mentioned conditions applies and a person concerned wants to demand the limitation of the personal data which are stored with the Patent Attorney Office Dr. C. Steiniger, he or she can contact the above-mentioned e-mail address at any time. The data protection officer will arrange for the limitation of the processing.

f) Right to data portability
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to receive the personal data relating to him or her, which have been provided to a controller by the person concerned, in a structured, common and machine-readable format. He or she furthermore has the right to transmit these personal data to another person in charge without an obstruction by the person in charge who was provided with the personal data, insofar as the processing is based on the consent according to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract according to Art. 6 (1) (b) GDPR and the processing takes place by means of automatized methods, insofar as the processing is not necessary for the performance of a task, which is in the public interest or takes place in the exercise of public authority, which was assigned to the controller.

When exercising his or her right to data portability according to Art. 20 (1) GDPR, the person concerned furthermore has the right to obtain for the personal data to be directly transmitted from one person in charge to another person in charge, insofar as this is technically feasible and insofar as no rights or liberties of other persons are hereby impaired.

For asserting the right to data portability, the person concerned can contact the above-mentioned e-mail address at any time.

g) Right to opposition
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to file an objection against the processing of personal data relating to him or her which takes place based on Art. 6 (1) (e) or (f) GDPR at any time for reasons which arise from their special situation. This also applies for a profiling based on these regulations.

In case of an objection, the Patent Attorney Office Dr. C. Steiniger does not process the personal data any longer, unless we can prove compelling legitimate grounds for the processing, which outweigh the interest, rights and liberties of the person concerned, or the processing serves for asserting, exercising or defending legal claims.

For asserting the right to objection, the person concerned can contact the above-mentioned e-mail address at any time.

h) Right to revoking a data protection declaration of consent
Each person affected by the processing of personal data has the right, which is granted by the European issuer and regulator, to revoke a declaration of consent for processing personal data at any time.

If the person concerned wants to assert his or her right to revoking a declaration of consent, he or she can contact the above-mentioned e-mail address at any time.

i) Right to lodging a complaint with a supervisory authority
Each person concerned has the right to lodge a complaint with a supervisory authority if the person concerned believes that the processing of the personal data relating to him or her violates the GDPR. The supervisory authority responsible for the Patent Attorney Office Dr. C. Steiniger is incumbent upon the Saxon Data Protection Commissioner. For information, please visit https://www.saechsdsb.de.

Legal basis of the processing

The processing of personal data takes place in order to fulfill a contract, whose contracting party is the person concerned. This for example takes place during processing operations, which are necessary for a supply of goods or the provision of any other service or return service. The processing is thus based on Art. 6 (1) (b) GDPR. The same applies for such processing operations, which are necessary for the implementation of pre-contractual measures, such as in cases of inquiries regarding our products or services. Our company is furthermore subject to a legal obligation by which a processing a personal data becomes necessary, such as for the fulfillment of tax obligations. The processing is thus based on Art. 6 (1) (c) GDPR.

Period of time for which the personal data are being stored

The criterion for the duration of the storage of personal data is the respective legal retention period. After the expiration of this period, the corresponding data are routinely deleted insofar as they are no longer necessary for the fulfillment of a contract or the initiation of a contract.

Statutory or contractual provisions for providing the personal data; necessity for concluding the contract; obligation of the person concerned to provide the personal data; possible consequences of failure of provision

We are informing you that the provision of personal data is partially prescribed by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). When concluding a contract, it may sometimes be necessary that a person concerned provides us with personal data, which subsequently need to be processed by us. The person concerned is for example obligated to provide us with personal data when our company concludes a contract with him or her. Failing to provide the personal data would result in the contract not being concluded with the person concerned. Before a provision of personal data by the person concerned, the person concerned needs to contact the above-mentioned e-mail address. Our data protection officer informs the person concerned on a case-by-case basis whether the provision of the personal data is legally or contractually prescribed or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and which consequences failing to provide the personal data would have.

Existence of an automated decision making

As a responsible company, we forgo an automated decision making or a profiling.