IDENTITIES AND CONTACT DETAILS OF THE CONTROLLER
The controller for the processing of personal data within the meaning of Art. 4 para. 7 GDPR is:
METIS Rechtsanwälte PartG mbB and Notary
Untermainkai 30
60329 Frankfurt am Main
Germany
Phone: +49 69 271 38 89 0
Fax: +49 69 271 38 89 70
E-Mail: email hidden; JavaScript is required
The controller’s legal representatives are its partners Dr. Felix Dette, Dr. Lars Friske, Dr. Andreas Rasner, Dr. Heinrich von Bünau and Dr. Florian Wettner. Each of them is authorised to represent METIS Rechtsanwälte PartG mbB solely.
CONTACT DETAILS OF OUR DATA PROTECTION OFFICER
Our data protection officer is:
ENSECUR GmbH
Höhefeldstraße 28
76356 Weingarten
Germany
E-Mail: email hidden; JavaScript is required
1 – PURPOSES AND LEGAL BASES FOR THE PROCESSING
We process your personal data collected when you visit this website only for the following purposes and on the following legal bases:
When you visit this website, your browser transmits a log record (so-called log file) to our web server. This log record includes the following data:
- your IP address
- type, language, and version of the browser you use
- your operating system and its interface
- date and time of your visit of the website
- content of your request (the specific page)
- time zone difference to Greenwich Mean Time (GMT)
- the access status/HTTP status code
- amount of data transferred in each case
- the website from which you accessed this website (so-called referrer URL)
These may be personal data. However, the log files are directly anonymised after being transmitted to the web server and before further processing, so that from that point on they no longer constitute personal data. It is then no longer possible to draw any conclusions about you.
The processing of these log files is technically necessary to display this website to you. The legal basis for the transfer to our webserver is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) in making this website available to you.
Furthermore, we use the log files to protect ourselves against criminal attacks on this website, to identify errors in the display of this website, and to compile website statistics. The legal basis for these processing activities is, in each case, our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) in taking these measures.
Beyond this, no processing of personal data takes place when you visit this website. In particular, we do not use cookies on this website.
We furthermore do not use any systems or programs for automated decision-making/profiling within the meaning of Art. 22 GDPR.
2 – CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA
Like many businesses, we use external service providers. Such service providers may, depending on the nature of the service rendered, have access to personal data that we process or even explicitly process personal data on our behalf. The legal bases for these transfers are always Art. 6 para. 1 s. 1 lit. b GDPR, Art. 6 para. 1 s. 1 lit. c GDPR or our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR) in ensuring the smooth operation of our business activities. Our contracts with the service providers require that they process the transferred personal data solely for the purposes necessary for delivery of their services.
When you visit this website, only HOST Europe GmbH, c/o WeWork Wallarkaden, Pilgrimstraße 6, 50674 Cologne, Germany, receives your personal data, i.e. the log files before their anonymisation. This is because HOST Europe GmbH hosts this website for us. The personal data collected when you visit this website is therefore stored on the servers of HOST Europe GmbH, which are located exclusively in Germany.
3 – NO TRANSFER TO THIRD COUNTRIES
At present, neither we nor any of our external service providers intend to transfer the personal data collected when you visit this website to third countries, i.e. countries outside the European Economic Area (EEA), or to international organisations.
4 – DATA ERASURE AND RETENTION PERIOD
As described above, the log files are anonymised immediately after being transmitted to the web server, so they no longer constitute personal data from that point onwards. Deletion is therefore no longer required.
5 – NO REQUIREMENT TO PROVIDE PERSONAL DATA
We do not make communication or entering into contracts with us dependent on you providing us with personal data. Generally, you are under no general statutory or contractual obligation to provide us with your personal data.
However, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data.
6 – YOUR RIGHTS
In connection with our processing of your personal data, you have the following rights:
- Right of Access (Art. 15 GDPR): According to Art. 15 GDPR, you have the right to request information about your personal data processed by us. You may especially request information on the purposes of processing, the categories of personal data processed, the categories of recipients to whom your personal data have been or are disclosed, the planned storage period, the existence of rights to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of the personal data (if not collected from you) and the existence of automated decision-making including profiling and, where applicable, request meaningful information about the details thereof.
- Right to Rectification (Art. 16 GDPR): According to Art. 16 GDPR, you have the right to request the rectification of your inaccurate or incomplete personal data stored by us without undue delay.
- Right to Erasure (Art. 17 GDPR): According to Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us, unless processing is necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise, or defence of legal claims.
- Right to Restriction of Processing (Art. 18 GDPR): According to Art. 18 GDPR, you have the right to request the restriction of processing of your personal data if the accuracy of such personal data is contested by you or the processing is unlawful.
- Right to Data Portability (Art. 20 GDPR): According to Art. 20 GDPR, you have the right to obtain your personal data provided to us in a structured, commonly used and machine-readable format or to have it transmitted to another controller.
- Right to Object (Art. 21 GDPR): According to Art. 21 GDPR, you have the right to object to the processing of your personal data if processing is based on Art. 6 para. 1 s. 1 lit. e or f GDPR. Please state the reasons why you object to the processing, so that we may re-examine the situation and either stop or adjust the processing or give you our compelling legitimate reasons to continue the processing.
- Right to Withdraw Consent (Art. 7 para. 3 GDPR): If processing is based on your consent for the processing of personal data, you have the right to withdraw your consent at any time with effect for the future. This means the consent ceases to be a legal basis for processing of your personal data from the time of withdrawal.
- Right to Lodge a Complaint (Art. 77 GDPR): According to Art. 77 GDPR, you have the right to lodge a complaint about the processing of your personal data by us with a data protection supervisory authority, for example, with the supervisory authority responsible for us:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
Phone: +49 611 1408 0
E-Mail: email hidden; JavaScript is required
7 – UP-TO-DATENESS OF THIS PRIVACY POLICY
This Privacy Policy is current as of January 2026.
Due to legal or regulatory changes or as a result of modifications to our internal policies, it may become necessary to amend this Privacy Policy. The latest version can always be viewed and printed from this website.
If you have any questions regarding this Privacy Policy, please contact our data protection officer or us at any time.