Privacy Notice according to Art. 13 and 14 GDPR

Who is the addressee of this Privacy Notice?

This Privacy Notice is addressed to the visitors of our website as well as any natural person, in particular representatives, contact persons or employees of clients, counterparties, parties to proceedings, courts, authorities, service providers or other business partners with whom we have a contract-, service- or other business relationship (also in the process of being established) or other communication relationship and therefore process their personal data.

Who is responsible for the data processing?

The person responsible for processing your personal data (data controller) is:

Gerlich Bönig Partnerschaft von Rechtsanwälten mbB
Kennedydamm 1
40476 Düsseldorf

Telefon: +49 (0) 211 822 669 10 
Fax: +49 (0) 211 822 669 19

Visiting the website

Log files

Each time you visit our website, your browser automatically sends technical data (such as the IP address of the requesting computer; the date and time of access; the name and URL of the file accessed; the website from which access is made; the operating system of your computer and the browser you are using, as well as the name of your internet access provider) to the server of our website and temporarily stores it in a so-called log file.

The aforementioned technical data is processed by us for the purpose of (i) ensuring a smooth connection setup and comfortable use of the website; (ii) ensuring and evaluating system security and stability and (iii) for further administrative purposes, which are our legitimate interests (the legal basis for the processing in this respect is Art. 6 para. 1 p. 1 lit. f GDPR). We will not use the collected data to identify you.


We also use cookies on our website to ensure the technically flawless display and functionality of the website. Cookies are small files that your browser automatically creates when you visit our website and stores on your end device (smartphone, tablet, laptop or similar) either for the duration of your visit or beyond. These files contain information about your usage behavior when visiting our website and can be retrieved for subsequent visits by our website to ensure its necessary functionality. 

On our website, we only use necessary cookies. This is done to protect our legitimate interest in providing you with our site, thereby enabling a comfortable browsing experience and ensuring the technical integrity of our website (the legal basis for processing in this respect is Art. 6 para. 1 p. 1 lit. f) GDPR).

By making settings in your web browser, you can completely prevent the use of cookies, which may, however, affect the functionality of our website. You can find more information on this here:

Third party providers

This website is hosted by ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf. In its capacity as a processor within the meaning of Art. 28 GDPR, ALL-INKL.COM - Neue Medien Münnich may receive the personal data exchanged via this website and process it for hosting purposes itself or via subcontractors used by ALL-INKL.COM - Neue Medien Münnich. To safeguard your data, we have entered into the necessary data protection agreements with ALL-INKL.COM - Neue Medien Münnich. Further information and the current privacy policy of ALL-INKL.COM - Neue Medien Münnich can be found at:

Data processing within the scope of our business relationship

What data do we process?

On particular, we process the following data:

  • »Identification Data« such as name, gender, date of birth, job title, copies of identification documents;
  • »Contact Data« such as address, telephone number, email;
  • »Bank Data« such as account number, IBAN, etc.;
  • »Billing Data« billing statement, invoice amounts and other data necessary for billing; 
  • »Client Data« this includes information relating to our client relationship, in particular information that is
  1. typically contained in legal documents (contracts, pleadings, etc.) and/or public registers, e.g. land register, commercial registers and registers of associations,
  2. is the subject of our correspondence with you or with clients, counterparties, parties to proceedings, courts, authorities or other business partners,
  3. affect your legal relations with your employer or third parties, or
  4. other personal data necessary for our provision of services or our communication with you.

Depending on the type and scope of the client relationship, Client Data can also include so-called special categories of personal data (Art. 9 GDPR), such as health data or data on criminal convictions and offenses (Art. 10 GDPR); 

  • »Other Business Data« this includes information related to any other order-, business- or communication relationship;

Without your personal data, we cannot provide our legal services or communicate with you.

Where does the data come from?

We receive the data either from you personally or from our clients, counterparties, parties to proceedings, courts, authorities, service providers or other business partners for whom you may be working as a representative or employee. 

For what purposes do we process your data?

We process your personal data 

  • to comply with legal obligations (Art. 6 para. 1 p. 1 lit. c) GDPR), e.g. in the case of identification obligations in accordance with the provisions of the Money Laundering Act or to comply with accounting retention periods; 
  • for the protection of the legitimate interests of our firm, insofar as the data processing is necessary for this purpose (Art. 6 para. 1 p. 1 lit. f) GDPR), in particular
  1. to carry out pre-contractual measures or to fulfill the contractual relationship with our clients, business partners or service providers for whom you may be acting as a representative or employee;
  2. to carry out our legal services;
  3. for internal organisational and administrative purposes (e.g. accounting, IT security and IT operations, use of external service providers, various compliance measures);
  4. to send you our client information, such as newsletters with references to current legal topics or law firm events;
  5. for other communication purposes.
  • to carry out pre-contractual measures and/or the performance of contracts with individuals with whom we have a business relationship (Art. 6 (1) p. 1 lit. b) GDPR).

To whom do we transfer your personal data?

We may disclose your personal data to the following recipients, provided this is legally permissible or we are obliged to do so: 

  • Parties involved in or affected by our legal service;
  • Service providers, in particular IT service providers (such as webhoster, e-Discovery provider, provider of cloud solutions), who are located within and outside the European Economic Area (EEA) and provide certain services for us. With regard to cloud solutions, we use the services of Microsoft Ireland and rely on German data centers. You can find more information here.
  • Authorities (e.g. social security institutions, tax authorities or law enforcement agencies), public registers and courts in Germany and abroad. These may also be foreign authorities and courts.

In countries outside the EEA, different data protection regulations may apply than in the EU. In the event of a data transfer to recipients in countries which do not have an adequate level of data protection comparable to European data protection law, we will implement necessary measures in order to ensure the adequate protection of your personal data in these countries. In particular, the standard contractual clauses published by the European Commission are available to us for this purpose. For more information, please contact

How long do we keep your data?

We keep your personal data as long as it is necessary for the fulfillment of our (post)contractual obligations or the legitimate interests mentioned in this Privacy Notice and no legal retention obligations exist. If legal retention obligations exist, we restrict the processing of the data.

How secure is your data?

The protection of your data is of great concern to us. Technical and organisational security measures have therefore been implemented to maintain the confidentiality and integrity of the data and, in particular, to protect it against partial or total loss, unauthorized or unlawful processing, alteration, disclosure or manipulation. 

We assume that you agree to future communication with an unencrypted email. If this is not the case, please inform us accordingly.

Your rights

Subject to the applicable statutory requirements, you have the right to, 

  • Receive information about your personal data; 
  • Request the correction or deletion of your personal data or the restriction of processing; 
  • Receive your personal data in a structured, common and machine-readable format (data portability);
  • Object to the processing of your personal data. 

Insofar as we process your personal data in order to inform you about our consulting activities as well as current developments, you may object to the processing of your personal data for this purpose at any time without stating reasons. 

Furthermore, in relation to the processing of your personal data, you have the right to lodge a complaint with a supervisory authority.

Updating our Privacy Notice

This Privacy Notice is currently valid and has the status: September 2021.

We may update the Privacy Notice at any time. You can access the current version on our website.

GERLICH/BÖNIG Rechtsanwälte

Kennedydamm 1
40476 Düsseldorf