Privacy policy

The protection of your personal data is important to us. With the following privacy policy, we would like to inform you about how we process your data when you visit our website and how we use personal data when advising our clients. If you have any further questions, please feel free to contact us at any time at klaus.beucher@beucherlegal.de.

1. Controller

Klaus Beucher, LL.M., Auf dem Brand 3, 50996 Cologne (“we”, “us”) is the data controller for the processing of your personal data in connection with your visit to our website, the use of our contact options and our handling of mandates.

2. Visits to our website

When you visit our website, we use cookies that are technically necessary for the display of the website (e.g. to maintain the language setting you have chosen while visiting a website).

3. Advicew to clients

a. Processing purposes

When advising our clients, we process personal data related to the mandate (“Mandate Data“) for various purposes, such as to be able to advise our clients or for operational reasons. This includes in detail:

• advising our clients and handling the respective mandate;
• compliance with our obligations under applicable laws and regulatory requirements (e.g., conflict and know-your-customer reviews);
• operational purposes (e.g., logs, record keeping, accounting, and tax compliance);
• and/or the fulfilment of certain legal obligations (e.g. disclosure obligations and compliance with court orders).

b. Data subjects

Depending on the individual case, we process personal data of various data subjects, including:

• Clients and their respective officers, agents and employees;
• Counterparties or contractual partners of our clients and their respective mandate holders, representatives and employees;
• other advisors, consultants and freelancers involved in the mandate, as well as their respective mandate holders, representatives and employees;
• our partners and employees;
• and/or third parties, such as court personnel, witnesses and other natural persons involved in the mandate.

c. Types of personal data

The types of personal data we process in the course of a mandate depend crucially on the mandate and the possible course of negotiations or procedural actions. Typically, the mandate data concerns contact information of the relevant contact persons or information about the position or conduct of persons who are relevant in relation to the mandate.

d. Origin of the data

Client Data is predominantly provided to us by our clients and contains the information we need to act for our clients in our capacity as legal advisers. However, in certain cases we also obtain client data from other sources (for example, for know-your-customer checks), such as public directories and databases, judicial and public records. In some cases, we also obtain personal data from third parties familiar with the matter in question.

e. Storage period

We only retain client data for as long as there is a legal basis for doing so. We regularly check whether the legal requirements for further storage still exist. If the review shows that there is no legal basis for the continued storage of client data, we will securely delete or anonymise personal data. If you would like more detailed information on the storage period of certain data, please feel free to contact us at any time.

f. Legal basis

Our processing of client data is generally based on our legitimate interest in providing our (legal) services to our clients and the legitimate interest of our clients to be legally advised and represented by us. In addition, we have a legitimate interest to process client data in order to perform certain tasks in connection with the operation of our firm, for example, the maintenance of our client relationships, accounting and for tax purposes (legal basis for this processing is Art. 6 (1) lit. f) DSGVO).

If the mandate relationship exists with the data subject himself, we also process the mandate data relating to this person for the purpose of fulfilling the contract (the legal basis for processing in such cases is Art. 6 (1) (b) DSGVO).

In addition, we process client data in order to fulfil our legal obligations in accordance with the applicable laws (the legal basis for processing in such cases is Art. 6 (1) c) DSGVO).

g. Special categories of personal data

In individual cases and depending on the mandate, it is possible that we also process “special categories of personal data” within the meaning of Article 9(1) of the GDPR (e.g. health data) and personal data relating to criminal convictions and offences or related security measures within the meaning of Article 10 of the GDPR.

We process such data only if absolutely necessary and on the following basis:

• your consent (Art. 9 para. 2 lit. a) DSGVO),
• in the context of employment and social security law purposes (Art. 9 para. 2 lit. b) DSGVO),
• in connection with personal data published by the data subject (Art. 9 (2) (e) DSGVO),
• for the assertion, exercise or defence of legal claims (Art. 9 para. 2 lit. f) DSGVO),

• for reasons of public interest in connection with a statutory provision (Art. 9(2)(g-j) DSGVO, Art. 10 DSGVO).

4. Limitation of data processing

In all cases where we process personal data, we limit this processing to the minimum necessary to achieve the respective processing purpose. This also means that we delete or anonymize data as soon as it is no longer necessary for achieving the respective processing purpose, unless there is a legal basis for continued storage, e.g. a legal (such as tax law) retention obligation.

5. Sharing of data

For the provision of our website and the administration of our mandate activities (e.g. invoicing, use of cloud solutions), we partly cooperate with service providers (e.g. web hosts, analysis services, providers of cloud solutions) who process your data on our behalf and exclusively according to our instructions. We only work with trustworthy service providers on the basis of order processing contracts (Art. 28 DSGVO) to ensure the best possible protection of your data.

With regard to our website, this includes in particular the companies RAIDBOXES GmbH, based in Germany, and WorldPress WooCommerce Ireland Ltd. based in Irland

Furthermore, where necessary, we share client data with service providers who are subject to their own professional secrecy obligations, such as tax advisors. We have informed such service providers of the protection of client data by client confidentiality, which is subject to criminal prosecution.

6. Data processing in countries outside the European Union / the European Economic Area 

Where, in individual cases, personal data is processed by a service provider located outside the territorial scope of the GDPR, we will provid appropriate safeguards to the extent legally required to ensure that a high level of protection of your personal data is guaranteed at all times.

7. Your rights and how to contact us

You have the following rights with regard to the processing of your personal data:

• Right of access (Art. 15 GDPR);
• Right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR);
• THE RIGHT TO OPPOSE PROCESSING (Art. 21 GDPR);
• as well as the right to data portability (Art. 20 DSGVO).

If processing is based on your consent, you can revoke this at any time. In this case, we will only continue to process your data if there is another legal basis for this. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Furthermore, you have the right to lodge a complaint with a competent supervisory authority regarding the processing of your data.

You may contact for such a complaint e.g.:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia

P.O. Box 20 04 44
40102 Düsseldorf
Tel.: 0211/38424-0
Fax: 0211/38424-10
E-mail: poststelle@ldi.nrw.de