Informationen zum Datenschutz - Hartmann + Keutner Partnerschaft von Patentanwälten mbB

Privacy policy.

Preliminary remark

Welcome to our website. These privacy policy explanations are based, among other things, on the EU's General Data Protection Regulation (GDPR). Our website treats your personal data confidentially and processes your personal information solely in accordance with statutory provisions. Protecting your personal data is very important to us. Therefore, it is generally possible to access the information on our website without providing personal data such as your name, address, phone number, or email address.

In the event that you use advanced services, such as contacting us via email or using a form, the processing of personal data may be necessary. In such cases where the processing of personal information is required, we strictly adhere to legal regulations. If the processing falls outside legally regulated boundaries, we obtain permission from the affected individuals before collecting and processing their personal data.

If we process personal data—such as first name and last name, address, telephone or mobile number, or email address—this is done exclusively in compliance with the provisions of the General Data Protection Regulation (GDPR) and the national data protection regulations applicable to us. The purpose of these privacy policy explanations is to inform you about the type, scope, and purpose of data collection and the further use and processing of personal data. We also aim to publicly inform you about the rights to which every affected person is entitled regarding data protection.

Responsible for the processing of personal data are Jan Nils Hartmann and Christoph Keutner. To ensure the most comprehensive and complete protection of personal data collected and processed through our website, we have implemented appropriate organizational and technical measures. However, data transmission when visiting websites or contacting us via email can never be entirely free of security vulnerabilities. Absolute protection from access by third parties cannot be guaranteed. Therefore, we offer every individual the option to transmit personal data to us via alternative means, such as postal mail or telephone.

1) Definition of terms

Both the privacy regulations of the European General Data Protection Regulation (GDPR) and national data protection regulations use terms on which these privacy policy explanations are based. To make our privacy policy explanations understandable and easy to read for all visitors to our website, the terms are listed and explained below.

The following terms are used in our privacy policy explanations, among others:

1.1 Personal data
This is all information that relates to an identified or identifiable natural person (hereinafter referred to as ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.2 Person concerned
All natural persons who are identified or identifiable and whose personal data are processed by the data controller.

1.3 Processing
This is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.4 Restriction of processing
The marking of stored personal data with the aim of restricting its future processing.

1.5 Profiling
Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

1.6 Pseudonymisation
Where personal data are processed in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

1.7 Person responsible for data processing
Is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

1.8 Processor
This is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

1.9 Recipient
Is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients.

1.10 Third party
‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

1.11 Agreement
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2) Designation of the data controller for the processing of data

We are responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation, other data protection laws applicable in the EU member states and other directives relating to data protection:

Jan Nils Hartmann
Boltensternstraße 7
40239 Düsseldorf
Phone: +49 (0)176 353 67 447
Email: mail@hartmann-keutner.de
Website: hartmann-keutner.de

Christoph Keutner
Kurfürstenstraße 20
47906 Kempen
Phone: + 49 (0)151 591 869 58
Email: mail@hartmann-keutner.de
Website: hartmann-keutner.de

3) Use of cookies

This website does not use any so-called ‘cookies’. These are small, pure text files that do not contain any potential for damage. They cannot damage a device accessing this website, nor do they contain viruses. The accessing browser stores cookies locally on the accessing device to enable functions when communicating with websites. This can be, for example, login information, the contents of a shopping basket, the settings in the email account that call up a specific folder and much more. Without cookies, websites will not be usable in many areas.

Most of these cookie text files are automatically deleted when the website is left or the calling browser is closed (so-called ‘session cookies’). There are also some cookies that are stored permanently so that a new visit can be recognised and functions can be made available again. This means that once settings have been selected, they do not need to be made again when accessing websites.

Cookies are used on almost all websites these days. Most of these cookies contain a unique ID number. This ID number consists of an identifier that enables the browser used to be clearly assigned to the websites that have been visited. This allows website operators to clearly identify the browser and distinguish it from other browsers. This allows the calling browser programme to be clearly identified and recognised.

Every browser has functions for restricting or deactivating cookies. Due to the large number of possible browser programmes, it is not possible to provide general instructions for deactivating cookies here. A search with any search service (Google, Bing, etc.) for the name of the browser used and the term ‘deactivate cookies’ will return precise and up-to-date instructions for deactivating cookies in the browser programme used.

4.1) Information on the hosting provider and order processing

I host the contents of our website with STRATO. The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin. When you visit my website, STRATO collects various log files, including your IP addresses. For details, please refer to Strato's Privacy Policy: https://www.strato.de/datenschutz/.

The use of Strato is based on Art. 6(1)(f) GDPR. We have a legitimate interest in presenting our website as reliably as possible. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) as defined by the TTDSG. This consent can be revoked at any time.

I have concluded a Data Processing Agreement (AVV or DPA) for the use of the aforementioned service. This is a contract required by data protection law that ensures the service provider processes the personal data of my website visitors only according to my instructions and in compliance with the GDPR.

4.2) Information automatically stored on the server (server log files)

When this website is accessed, the provider on whose server the web pages are stored and made available automatically stores information that the accessing processing device transmits to the server when these web pages are accessed. This transmission is necessary so that the server can adapt to the individual technology used.

This information includes, among other things:

The browser used and its version
The operating system used
The link to the website accessed (‘referrer URL’)
The name of the calling network device in the network (‘Hostname’)
The exact time of the call

This data is purely anonymised technical information that is used for communication between the accessing device and the Internet server. Jan Nils Hartmann and Christoph Keutner do not link this information with other data.

It is generally possible to use this data for identification purposes. For example, law enforcement authorities can use this transmitted data to identify the provider of the accessing device - only if there is a concrete suspicion of an illegal offence.

5) Secure transmission through SSL encryption

To ensure the security and protection of confidential data, this website uses an encryption method ("SSL encryption") for data transmission between the calling device and the server. This is indicated by a corresponding notice from the browser, usually a lock symbol before the internet address in the address bar and the abbreviation https:// instead of http://. This encryption is used to prevent unauthorized third parties from monitoring or storing the data transmission between the calling device and these web pages.

6) Data processing when making contact

Legal regulations require Jan Nils Hartmann and Christoph Keutner to provide information that enables rapid communication with us. In addition to information about the registered office of the company (address), this also includes information about telephone availability and the possibility of communication via electronic mail (e-mail address).

If the possibility of electronic communication via an e-mail address with Jan Nils Hartmann and/or Christoph Keutner is used by a data subject, the personal information and data transmitted by the data subject are automatically stored. This voluntarily, knowingly and intentionally transmitted personal data is provided by the data subject solely for the purpose of contacting us. This data is therefore stored and processed by us exclusively for the purpose of processing the contact. We do not pass this data on to third parties in any form or at any point.

7) Customary deletion and blocking of collected personal data

Personal data of data subjects are stored and processed exclusively for the period necessary to fulfil the desired purpose. If the purpose of the storage and processing is fulfilled or if a deadline set by the European legislator or another legislative body at European or national level expires, the personal data collected and processed will be automatically and habitually deleted or blocked in accordance with the legal requirements.

8) Rights of data subjects in terms of data protection law

8.1 Right of confirmation
Data subjects have the right to obtain confirmation from the controller as to whether or not personal data and information concerning them is being processed and stored. For this purpose, data subjects can contact the controller responsible for the processing of personal data at any time.

8.2 Right of Access
All individuals affected by the storage and processing of personal data have the right to obtain information from the controller about the personal data stored about them and related information at any time, free of charge. This information shall be provided to the affected individuals in copy form upon request.

In addition, the European legislator has provided for information on the following stored and processed information:

the purposes of processing;
the categories of personal data that are processed;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
the existence of a right of appeal to a supervisory authority;
if the personal data are not collected from the data subject, all available information about the origin of the data;
the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, persons affected by the storage and processing of personal data have the right to obtain information as to whether their personal data has been transferred to a third country or an international organisation. If this is the case, all data subjects also have the right to information about suitable guarantees in connection with the transfer to third parties. To exercise this right of access, data subjects can contact the controller at any time.

8.3 Right of rectification
All persons affected by the collection and processing of personal data have the right to immediate correction of incorrect personal data concerning them; this also applies in particular to the completion of incomplete personal data, including with a supplementary declaration. Um das Recht auf Berichtigung in Anspruch zu nehmen kann jederzeit der für die Datenverarbeitung Verantwortliche kontaktiert werden.

8.4 Right to erasure (right to be forgotten)
For certain reasons, data subjects affected by the processing of personal data have the right to obtain from the controller the erasure of personal data concerning them without undue delay. Insofar as the processing of this personal data is not necessary, these are the following reasons:

As the purpose of the collection of personal data no longer applies, further storage or processing is no longer necessary.
The consent given for the storage and processing of personal data within the meaning of Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR is revoked by the data subject and there is no other legal basis for processing or storage.
In accordance with Art. 21 (1) GDPR, the data subject objects to the storage and processing of their personal data and there are no overriding legitimate grounds for the storage and processing of the personal data.
Pursuant to Art. 21 (2) GDPR, the data subject objects to the storage and processing of personal data concerning him or her.
The collected personal data of the data subjects were processed unlawfully.
The controller is subject to the obligation to erase the personal data collected in accordance with Union or national law.
The personal data of data subjects were collected in relation to information society services offered in accordance with Art. 8

In order to obtain the erasure of personal data concerning him or her, the data subject may, at any time, contact the controller responsible for the processing of personal data, Jan Nils Hartmann and/or Christoph Keutner. The latter will ensure that the request for erasure is complied with immediately.

In cases where Jan Nils Hartmann and Christoph Keutner are obliged to delete personal data that has been made public in accordance with Art. 17 para. 1 GDPR, we will take all necessary measures to inform other data controllers who process the personal data we have made public that the data subject has requested the deletion of all personal data concerning them if their processing is not necessary, taking into account the necessary costs and technology. This also applies in particular to all links to the personal data as well as copies and replications of this personal data. All necessary steps will be taken by the controller responsible for data processing at Jan Nils Hartmann und Christoph Keutner.

8.5 Right to restriction of processing
The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
The data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

If one of these conditions is met, the data controller will arrange for the restriction of personal data if a person affected by the processing of personal data requests this.

8.6 Right to data portability
The European legislator grants all data subjects affected by the processing of personal data the right to receive all personal data provided by the data subject to a controller in a structured, commonly used and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) and the processing is carried out by automated means. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

In exercising his or her right to data portability, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights of third parties.

In order to exercise the right to data portability, any person affected by the processing of personal data may contact one of the persons responsible for the processing of personal data, Jan Nils Hartmann and/or Christoph Keutner.

8.7 Right of objection
The European legislator grants all persons affected by the processing of personal data the right to object at any time to the processing of personal data concerning them for reasons arising from their particular situation if this data was collected on the basis of Article 6(1)(e) or (f) GDPR. This also expressly applies to profiling based on these provisions.

If Jan Nils Hartmann and Christoph Keutner cannot demonstrate compelling legitimate grounds for the processing of personal data which override the rights, freedoms or interests of the data subject, the processing will be terminated. This does not apply to the exercise, assertion or defence of existing legal claims.

Any person affected by the processing of personal data has the right to object to the processing if the processing of personal data concerning them is used for the purpose of direct marketing. This also applies in particular to profiling used for direct marketing purposes. If the data subject objects to the processing of their personal data for the purpose of direct marketing, the processing of personal data for this purpose will cease.

Where personal data are collected and processed by Jan Nils Hartmann und Christoph Keutner for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, every data subject has the right to object to the processing of personal data concerning him or her, unless the processing of such personal data is necessary for the performance of a task carried out for reasons of public interest.

In order to object to the processing of personal data, data subjects may contact one of the data controllers Jan Nils Hartmann and Christoph Keutner. Notwithstanding Directive 2002/58/EC, data subjects are also free to exercise their right to object in connection with the use of information society services by means of automated procedures using technical specifications.

8.8 Automated decisions in individual cases including profiling
All persons affected by the processing of personal data are granted the right by the European legislator not to be subject to a decision that depends on fully automated processing - including profiling - if this decision has a legal effect on the data subject or significantly affects them in a similar manner. This only applies if the decision is necessary for the conclusion or performance of a contract between the data subject and the controller or is authorised by Union or Member State legislation to which the controller is subject and that legislation contains appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject or with the express consent of the data subject.

In all decisions necessary for entering into, or the performance of, a contract between the controller and a data subject, or with the explicit consent of the data subject, Jan Nils Hartmann and Christoph Keutner shall implement suitable measures to safeguard the data subject's freedoms, rights and legitimate interests. This includes at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

In order to assert rights in relation to automated decisions in individual cases, including profiling, data subjects can contact the controller.

8.9 Right to withdraw consent under data protection law
The European legislator grants every person affected by the processing of personal data the right to withdraw their consent to the processing of their personal data at any time. In order to revoke a given consent, data subjects can contact the controller.

9) Data protection provisions about the application and use of LinkedIn

Some of the components integrated on this website realise a direct connection to the social network LinkedIn. LinkedIn serves people as a career network and virtual meeting place on the Internet to be mutually and interactively networked, to exchange opinions, experiences and experiences. In addition, both private and, in particular, business information can be made publicly accessible. The essence of social networks is networking with other user profiles via a personal profile. Various types of data (photos, videos, etc.) can be stored in these user profiles and made publicly accessible.

The operating company of the social network LinkedIn is LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. The controller for the processing of personal data is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, provided that the data subject is located within the European Union (EU), the European Economic Area and/or Switzerland.

The technologies used on this website to connect to the LinkedIn social network are usually recognisable by LinkedIn symbols, such as the LinkedIn company logo. This LinkedIn website provides you with an overview of various plugins:
https://developer.linkedin.com/product-catalog/plugins

When visiting my website, a direct connection is established between the information technology system of the data subject and LinkedIn via the plugin used. LinkedIn may receive information about which specific subpage of our website was visited, as well as the network address of the visiting device at the time of access. If these pages are linked via the techniques used in the LinkedIn profile of the data subject while logged into LinkedIn, LinkedIn can assign the visit from this website to the user account.

As providers, Jan Nils Hartmann and Christoph Keutner have no knowledge of the type and scope of the data transmitted to LinkedIn. Information about LinkedIn's privacy policy can be found on the following websites:
https://de.linkedin.com/legal/privacy-policy and https://de.linkedin.com/legal/privacy/eu

In this LinkedIn privacy policy, a person affected by the processing of personal data will find details on the type and scope of the collection, storage and processing of personal data concerning them when using this website and the LinkedIn components implemented therein.

If a person affected by the processing of personal data is simultaneously connected to their own LinkedIn user account on the same data-processing information technology device when visiting this website, information may be passed on to LinkedIn even without interaction in their own user account. If a person affected by the processing of personal data does not wish to be associated with their own LinkedIn user account when visiting our website, they must log out of their LinkedIn user account before visiting our website.

10) Legal bases of the processing

10.1 Art. 6 I lit. a GDPR serves as the legal basis for obtaining consent for the processing of personal data of a data subject for a specific processing purpose.

10.2 If the processing of personal data of a data subject serves to fulfil a contract and one of the contracting parties is the data subject, the processing of personal data is based on Art. 6 I lit. b GDPR. This is regularly the case for the delivery of goods or the provision of a service or consideration. This also applies to processing operations that are necessary in the context of pre-contractual measures. These can be, for example, enquiries about goods or services or contact in the context of ordering processes.

10.3 The processing of personal data is based on Art. 6 I lit. c GDPR if this is necessary for Jan Nils Hartmann and Christoph Keutner to fulfil a legal obligation, such as the statutory tax obligation.

10.4 If the processing of personal data of a data subject is urgently required to protect the life or limb of the data subject or third parties, the legal basis for this is Art. 6 I lit. d GDPR. This is the case, for example, if the data subject has an accident on the premises of Jan Nils Hartmann and Christoph Keutner and important information must be passed on to a doctor, a hospital or other authorised rescue services.

10.5 For all other processing operations, the legal basis is Art. 6 I lit. f GDPR, provided that legitimate interests or statutory rights and freedoms of the data subject do not prevail and the processing is necessary to safeguard the legitimate interests of Jan Nils Hartmann and Christoph Keutner or a third party. This right to processing is specifically mentioned by the European legislator. In particular, a legitimate interest may be assumed if the data subject is in a contractual relationship with the controller for the processing of personal data (Recital 47 Sentence 2 GDPR).

11) Legitimate interests in the processing pursued by the controller or a third party

In cases where the processing of personal data is based on Article 6 I lit. f GDPR, the legitimate interest is the performance of business activities for the benefit of our employees and our shareholders.

12) Duration of storage of personal data

The currently valid statutory retention period is the basis as a criterion for the duration of the storage of personal data of data subjects. All data that is not required for the fulfilment or initiation of contracts is routinely deleted after this period has expired.

13) Various disclosures required by law

General comments on the following legally required disclosures:

Legal or contractual provisions for the provision of personal data.
Requirements for the conclusion of the contract.
Obligation of data subjects to provide personal data.
Possible consequences of not providing personal data.

The provision of personal data by Jan Nils Hartmann and Christoph Keutner is in some cases required by law (e.g. in the context of tax legislation) or is mandatory due to contractual obligations (e.g. information on the contractual partner). For example, the conclusion of a contract between Jan Nils Hartmann and Christoph Keutner and a person affected by the data processing makes it necessary to store, provide and process their personal data. Without such processing of personal data, the contract could not be concluded.

Data subjects affected by the processing of personal data can contact the data controller to find out whether the provision of personal data is required by law and/or necessary for the conclusion of a contract. In addition, information can be obtained on the consequences of refusing to collect personal data or objecting to processing.

14) Notes on copyright

German copyright law applies to the content of this website. All content, such as graphics, logos and text, has either been created by us, created using AI tools (such as Copilot, Midjourney and ChatGPT in particular) and used in accordance with the respective terms of use, authorised in writing by the rights holder or used in accordance with the rights holder's terms of use, or is subject to the Creative Commons Licence, the terms of which Jan Nils Hartmann and Christoph Keutner comply with very strictly. If, contrary to expectations, doubts should nevertheless arise as to whether the content of this website complies with copyright regulations, it is sufficient to inform us informally by e-mail to the e-mail address given in the legal notice. Jan Nils Hartmann and Christoph Keutner will immediately check the information and, if the objections are indeed justified, will respond without delay and remove the content in question.

15) Linking to external content

As website operators in Germany, Jan Nils Hartmann and Christoph Keutner are legally responsible for linked content and cannot legally distance themselves from linked content on third-party websites. One of the duties of a website operator is to check whether the linked websites may have illegal content and then - if you really want to distance yourself legally - to remove these links. A so-called disclaimer, which only needs to state that you distance yourself from the linked content, is legally ineffective and rather counterproductive. Today, the courts generally assume that linked illegal content, from which one simultaneously distances oneself, is accepted by the website operator and thus assumes conditional intent.

For this reason, Jan Nils Hartmann and/or Christoph Keutner check linked content on external websites. Should illegal content be found on the pages of this website, please send an informal e-mail to the e-mail address given in the imprint. Jan Nils Hartmann and/or Christoph Keutner will then immediately check the information and, if the objections are indeed justified, react without delay and remove the corresponding links to the third-party content

16) Automated decision making

The protection of personal data is very important to Jan Nils Hartmann and Christoph Keutner and we take this task very seriously. For this reason, we do not use any automated decision-making or profiling.