Privacy policy

1. name and contact details of the data controller

This privacy notice applies to data processing by:

Person responsible: GoldbergUllrich Rechtsanwälte PartG mbB (hereinafter: GoldbergUllrich), Friedrichstraße 51, 42105 Wuppertal, Germany, E-Mail:, Phone: +49 (0)202 - 9422900 Fax: +49 (0)202 - 454505 (see also our imprint)

2. processing of personal data and the nature and purpose of data processing

a) When visiting the website

When you visit our website, information is automatically sent to our website server by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

  •     IP address of the requesting computer,
  •     Date and time of access,
  •     Name and URL of the retrieved file,
  •     Website from which the access is made (referrer URL),
  •     The browser used and, if applicable, the operating system of your computer,
  •     Name of your access provider.

The above data will be processed by us for the following purposes:

  •     Ensuring the smooth presentation of our website,
  •     Ensuring a comfortable use of our website,
  •     Evaluation of system security and stability, and
  •     for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations of this in sections 4 and 5 of this data protection information.

b) When registering for our newsletter

With your consent, you can subscribe to our newsletter, which will inform you about our current interesting offers and legal news from case law, legislation and legal literature.

We use the so-called double-opt-in procedure to register for our newsletter. This means that after your registration, we will send you an email to the email address you provided, in which we ask you to confirm that you want the newsletter to be sent to the email address you provided. If you do not confirm your registration within 14 days, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

The only mandatory information for sending the newsletter is your e-mail address. After your confirmation, we store your email address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 p. 1 lit. a GDPR.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your email address will be stored as long as the subscription to the newsletter is active.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, by e-mail to or by sending a message to the contact details given in the imprint.

c) When contacting us by e-mail or via the contact form

When you contact us by e-mail or via our contact form on our website, the e-mail address you provide and - if you provide it to us voluntarily - your name, the subject specified, your telephone number and your message will be processed by us in order to answer your questions and messages.

In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data provided. The legal basis for the processing of data transmitted in the course of sending an e-mail or via the contact form is Art. 6 (1) lit. f GDPR. If the e-mail contact or the contact via the contact form aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. The mandatory information required to answer your questions and messages in the contact form is marked separately with an asterisk, all other information is voluntary.

The data is deleted or we restrict the processing if there are legal obligations to retain it as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent to us by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

In the case of client-related data, these emails are stored in our office software and in the client file/hand file. We must retain client files for 6 years. The period begins at the end of the year in which the respective mandate was completed. The legal basis for the processing is the initiation or implementation of the client relationship.

To ensure trustworthy communication with you, we use encryption programmes based on the use of two data keys. We make our public keys available exclusively to you as a client. Upon request, we also use our qualified electronic signatures. Through these measures, we ensure trustworthy e-mail communication with you.

For the aforementioned reasons, we only send unencrypted e-mails at your specific request.

d) When visiting our company presences on LinkedIn, Xing, Twitter and Facebook

We have company presences on LinkedIn, Xing, Twitter and Facebook (social media networks) and in this context process data of the users of these social media networks in order to communicate with the users active there or to offer information about us.

User data is generally processed within the social media networks by the platform providers for market research and advertising purposes. The providers of the platforms evaluate the behavior of the users in order to be able to place advertising in a more targeted manner. Furthermore, it is intended to enable us as the provider of the company website to obtain statistics that the provider of the social media network compiles based on the visits of users of our company website.

The purpose of this is to control the marketing of our activity. For example, this enables us to gain knowledge of the profiles of users who visit, view, read posts or use applications of the site on our corporate presence on the social media network in order to provide users with more relevant content and to develop features that may be of greater interest to users. In turn, these usage profiles may also be used, for example, to serve advertisements within and outside of the social media networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the end devices of the users, in which the usage behavior and the interests of the users are stored. Furthermore, data independent of the end devices used by the users may also be stored in the usage profiles. This is particularly the case if the users are members of LinkedIn and are logged in.

To help us better understand how we can make our company's presence on social media networks more interesting for users, demographic and geographic analyses are created by the providers of the social media networks based on the information collected and made available to us. We may also use this information to target interest-based advertisements without gaining direct knowledge of the user's identity. If users of the social media networks use several end devices, the collection and analysis can also take place across devices if they are registered users who are logged into their own profiles.

The user statistics created are transmitted to us by the providers of the social media platforms exclusively in anonymised form. We have no access to the underlying data.

We operate our corporate presences on social media networks in order to present ourselves to and communicate with the users of the social media network as well as other interested persons who visit our corporate presence on the social media network. We want to know what content and information interests the users of our corporate presence on the social media network in order to make our corporate presence more and more attractive. The processing of the users' personal data is based on our legitimate interests in an optimized corporate presentation. The legal basis for the data processing is Art. 6 para. 1 lit. f DSGVO.

The operators of the social media networks inform you that some of the information collected may also be processed outside the European Union (including in the USA). This may result in risks for you, in particular it may be more difficult for you to enforce your rights.

We do not pass on any personal data to third parties.

For a detailed presentation of the respective forms of processing of the users' data on the social media networks and the users' options to object (opt-out), we refer to the data protection declarations and information provided by the providers of the respective social media networks. Users can also influence and adjust the advertising settings on the social media networks. The processing of information by means of the cookies used by the social media network can also be prevented by not allowing cookies from third-party providers or such from social media networks in the user's own browser settings, cf. section 4 of this privacy policy.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can most effectively be asserted with the providers of the social media networks. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

The following service providers operate the social media networks we use:

Facebook: Social network; service provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https: //; Privacy policy:; Opt-out: Settings for advertisements: https: //; Additional privacy notices: Agreement on joint processing of personal data on Facebook pages:, Privacy notices for Facebook pages:

LinkedIn: social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website:; privacy policy:; opt-out: https: //; help pages: https: // or

Twitter: Social network; Service provider: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; Privacy policy: https: //, (settings)

Xing: Social network; Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; website: https: //; privacy policy: https: //

3. disclosure of data

We do not transfer your personal data to third parties for purposes other than those listed below.

We will only share your personal information with third parties if:

  • you have given your express consent to this in accordance with Art. 6 para. 1 p. 1 lit. a GDPR,
  • the disclosure is necessary in accordance with Art. 6 (1) p. 1 lit. f GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b GDPR for the processing of contractual relationships with you.

4. cookies

We use cookies on our website. These are small files that are automatically created by your internet browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our website.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again in order to use our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

Without your express consent, we only use technically necessary cookies. If you give us your explicit consent to use further cookies, we will also use further cookies.

If you give us your express consent, we also use cookies to statistically record and evaluate the use of our website in order to optimise our services for you (see section 5). These cookies are automatically deleted after a defined period of time.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

The legal basis for the use of technically necessary cookies is Art. 6 para. 1 p. 1 lit. f GDPR. If you have given us your consent to the use of cookies, the legal basis is Art. 6 para. 1 p. 1 lit. a GDPR.

You can change your cookie settings at any time via our cookie banner. To do so, click on the button below:

Cookie settings

5. analysis tools

a) Tracking tool / analysis tool

The tracking measure listed below and used by us is used on the basis of Art. 6 para. 1 p. 1 lit. a GDPR (consent). The tracking tool is only used if you give us explicit consent to use the tracking tool. With the use of the tracking tool, we want to ensure that the design and ongoing optimisation of our website is tailored to your needs. On the other hand, we use the tracking measure to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you.

The respective data processing purposes and data categories can be found in the notes on the tracking tool below.

b) Matomo

We use the open source software Matomo with your express consent to analyse and statistically evaluate the use of the website. Cookies are used for this purpose (see section 4). The information generated by the cookie about website usage is transmitted to our servers and compiled in pseudonymous usage profiles. The information is used to evaluate the use of the website and to enable us to design our website in line with requirements. The information is not passed on to third parties.

Under no circumstances will the IP address be linked to other data relating to the user. The IP addresses are anonymised so that an assignment is not possible (IP masking).

Your visit to this website is currently collected by Matomo web analytics. Click here( to stop your visit from being recorded.

The legal basis for the use of Matomo is Art. 6 para. 1 p. 1 lit. a GDPR.

6. OpenStreetView

We use the open source map service "OpenStreetMaps" of the OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom on our website. OpenStreetMaps is an interactive map on our website that you can use to find your way to us, among other things.

When using OpenStreetMaps, your IP address and your usage behavior on our website are transmitted to the OpenStreetMap Foundation. Furthermore, OpenStreetMaps may place cookies on your terminal device. Please note that your location will also be transmitted to OpenStreetMaps if you have granted the corresponding permission in your terminal device.

We use OpenStreetMaps so that you can easily find the places indicated on our website. The aforementioned purpose also represents our legitimate interest according to Art. 6 para. 1 p. 1 lit. f DSGVO. The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. a DSGVO in the presence of your active consent.

Details on data processing by the OpenStreetMap Foundation are available at

7. application for job vacancies

We publish job offers on our website. Interested parties can apply to us for this position by e-mail. If we conclude an employment contract with the applicant, we process their personal data for the purpose of implementing the employment relationship in compliance with Section 26 of the German Federal Data Protection Act (BDSG). If we do not conclude an employment contract with the applicant, we will delete his or her application documents no later than six months after we have rejected the applicant, provided that the deletion does not conflict with our legitimate interests or the applicant has consented to longer storage. A legitimate interest on our part exists, for example, in a possible obligation to provide evidence in proceedings under the General Equal Treatment Act (AGG).

8. data subject rights

You have the right:

  • in accordance with Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or completion of your personal data stored by us;
  • pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • pursuant to Art. 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • revoke your consent at any time in accordance with Art. 7 (3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
  • complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office.

9. right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to

10. data security

We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

11. up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and has the status: October 2022.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at