This privacy policy explains how we handle personal data when you visit c3i.f43.myftpupload.com/, send us a message through the contact form, or otherwise communicate with us. We have written it to be understandable rather than exhaustive. If anything is unclear, write to us at the address below.
1. Controller
BSvH Rechtsanwälte in Bürogemeinschaft
Prinz-Albert-Straße 63
53113 Bonn, Germany
Telephone: +49 (0) 228 504 463 36
Email: kontakt@kanzlei-bsvh.de
2. What we collect when you visit the site
Our hosting provider (df.eu) automatically records the following technical information in server log files when you load a page:
- IP address (shortened after 7 days)
- Date and time of the request
- URL requested and HTTP response code
- Referring page
- Browser type and operating system
This processing is based on Art. 6(1)(f) GDPR — our legitimate interest in operating a stable and secure website. We do not use this data to identify individual visitors, and we do not use third-party analytics, advertising trackers, or cookies that are not strictly necessary for the site to function.
3. Contact form, email, WhatsApp, phone
When you contact us — through the form, by email, via WhatsApp, or by phone — we process the personal data you give us (name, contact details, the contents of your message and any documents you attach) to respond to your inquiry and, if you instruct us, to provide legal services. The legal basis is Art. 6(1)(b) GDPR (steps prior to entering into a contract / performance of a contract). Where you give us special-category information (e.g. health data in a sick-leave dispute), we process it on the basis of Art. 9(2)(f) GDPR (establishment, exercise, or defense of legal claims).
4. WhatsApp
If you contact us via WhatsApp, additional information will be transmitted to Meta Platforms Ireland Ltd. as the WhatsApp operator (e.g. metadata, your WhatsApp profile). The processing by Meta is governed by Meta’s own privacy policy. If you would prefer to avoid this, please contact us by email or telephone instead.
5. Storage and deletion
If we form an attorney-client relationship, the relevant data is stored for the statutory retention period of six years after the end of the mandate (§ 50 BRAO). Inquiries that do not lead to a mandate are typically deleted within six months. Server log files are deleted after 30 days.
6. Recipients
We do not sell or share personal data with third parties for marketing purposes. Recipients limited to what is necessary include:
- Our hosting provider (df.eu / DomainFactory GmbH).
- IT service providers under written data-processing agreements (Art. 28 GDPR).
- Courts, opposing parties, and authorities to the extent required to perform the mandate.
- Our professional liability insurer in the event of a claim.
7. Your rights
Under the GDPR you have the right to obtain confirmation that we process data about you, access to that data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing based on legitimate interests (Art. 21). To exercise any of these rights, write to the address above.
You also have the right to lodge a complaint with a data-protection supervisory authority (Art. 77). The competent authority for our office is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestraße 2-4
40213 Düsseldorf
8. Updates to this policy
We update this policy when the legal landscape or our practices change. The version date is shown at the top of the page.