Privacy Statement

Privacy Statement


  1. Scope, purposes and legal bases of processing on this website

Whenever you visit my website, my webserver will log the below communication and usage data:

  • IP address of requesting terminal device
  • time and date of access
  • name and URL of the data accessed on my webserver
  • transferred data volume
  • confirmation that request was processed successfully, or error status information
  • header information identifying the requesting browser and operating system

My webserver is operated by a service provider based in Germany. The communication and usage data will normally be deleted within 7 days. In case of a suspected security incident, the relevant data will be retained until the incident is solved and will be transferred to the competent authorities.

I also use session cookies. The cookie is a small text file which my webserver provides to your terminal device. My cookie is technically required to properly present my website; it does not enable me to track you. The cookie will not be stored persistently but will be deleted automatically once you terminate your session or close your browser (at the latest). You may of course block cookies using the settings of your browser. However, this may result in an incorrect presentation of this website.

I process data only to the extent required for the purposes of providing secure access to my web content (making connection, correct transmission and display of content, securing my systems). The legal basis of my processing is my legitimate interest in publicly presenting my firm, statutory and law society publication requirements and the legal requirement to protect visitors from potential security threats on my website.

There is no further processing of your data by this website. Any further processing will be with regard to client relationships and I will inform you about the details separately, as required from time to time. However, as a general information, I would like to point out that I process the personal data of my clients, their opponents and any other parties concerned in a concrete matter only to the extent legally required, to pursue the legitimate interest of my clients in the enforcement of their legal positions, or as allowed pursuant to consent that may be withdrawn at any time with effect for the future.

  1. Links to websites of third parties

This privacy statement only applies to my website. If and to the extent my website contains links to third party websites, please note the following: This website does not automatically load any content from third party servers nor is such content required to use my website. The respective links indicate that they direct you to third party websites. You transmit your personal data to the third party webserver, if you follow such a link. I do not have any influence whatsoever on such third party providers and do not control whether they comply with relevant regulations.

  1. Controller, contacts, encryption

The controller as defined in the GDPR is:

Berndt Hess

Theodor-Heuss-Allee 112
60486 Frankfurt/Main

You will find my contact details under Contact. I support various industry standards for encrypted communication. Please feel free to contact me for details.

  1. Your rights

You have the following rights, each in accordance with applicable statutory law:

  • Access: You may request information on the data processed about you, and obtain a copy thereof. For clarification, I will not be able to provide access or information to the extent the affected data is subject to my professional secrecy or must be kept secret due to another statutory provision or the nature of the data, in particular due to an overriding interest of an affected third party.
  • Rectification: Upon request, I will rectify inaccurate data and complete incomplete personal data.
  • Deletion and restriction: Upon request, I will delete your personal data or restrict my processing of it.
  • Data portability: You may receive any personal data you provided to me under contract or consent in a structured, commonly used and machine-readable format.
  • Objection: To the extent I process your personal data based on a legitimate interest, you may object to such processing.
  • Consent withdrawal: You may withdraw your consent at any time without affecting the lawfulness of processing based on such consent before its withdrawal. I will inform you on how to withdraw when obtaining your consent.
  • Automated decisions: I do not use any automated individual decision making processes pursuant to Art 22 GDPR.
  • Complaint: You may lodge a complaint with a competent authority, e.g. at the place of your habitual residence.

Unless otherwise stated, to exercise your rights please contact me using the contact details provided under clause 3 above.

  1. Modifications

Due to a change of legal or regulatory requirements I may be required to modify this policy. You can access and print my most recent data protection policy under Privacy.