Data protection policy
We, the law firm of Dr. Christian Rapani, will collect, process and use your personal data only upon your consent and/or instruction or appointment for the purposes agreed with you or where there is any other legal basis as per Regulation (EU) 2016/679 (General Data Protection Regulation/GDPR); this will be done in compliance with data protection and civil law provisions.
Only personal data that is required for rendering and handling our services as your legal counsel or which you provide to us on a voluntary basis will be collected.
Personal data means all data which includes details regarding personal or factual circumstances, such as, for example, name, address, email address, phone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of persons, and biometric data, such as fingerprints. Personal data may also include sensitive data, such as health data or data related to criminal proceedings.
Access and Erasure
In compliance with our professional duty as a lawyer to maintain secrecy, you as our client or as a data subject in general have a right of access to information about your stored personal data, its source and recipient(s) and the purpose of data processing as well as a right to rectification, a right to data portability, a right to object, a right to restriction of processing and blocking or erasure of inaccurate or inadmissibly processed data at any time.
In the case of changes of your personal data please inform us accordingly.
You may withdraw your consent to use of your personal data at any time. Your request for access, erasure, rectification, objection and/or data portability (in the last case: unless this involves a disproportionate effort) may be sent to this law firm’s address stated in Clause 10 of this Statement.
If you are of the opinion that processing of your personal data by us infringes applicable data protection law or that your claims under data protection law have been infringed in any other way, you may lodge a complaint with the competent supervisory authority. In Austria the competent authority is the Austrian Data Protection Authority [Datenschutzbehörde].
Your personal data is protected through appropriate technical and organisational measures. Those measures include but are not limited to protection against unauthorised, unlawful or accidental access, processing, loss, use and tampering.
Irrespective of our efforts to observe an appropriately high standard of due diligence at all times it cannot be excluded that information which you have provided to us via the internet will be inspected and used by other persons.
Please note that we, therefore, assume no liability whatsoever for disclosure of information due to errors in data transfers that were not caused by us and/or unauthorised access by third parties (e.g. hacker attack on email account or phone, interception of fax messages).
Use of data
We will not use any data provided to us for purposes other than the purposes covered by the mandate agreement or your consent or otherwise by any provision in conformity with the GDPR. This does not apply to use of data for statistical purposes, provided that the data provided has been anonymised.
Processing activities of our law firm include but are not limited to:
- processing of files and correspondence in connection with files (services, documents, claims, titles, briefs, emails, phone calls, appointments)
- Electronic legal communication (ELC)
- Electronic inspection of files (eAkt)
- Search of registers (Land Register, Business Register, Central Register of Residents, Trade Information System Austria (GISA), InsolvenzCheck)
- Archivium transfer
- Administration of insolvencies
- Marketing and soliciting activities
- Upload of files
- Transmission of data via the internet
- Synchronisation of persons, appointments and tasks
- Utility programs
- Data transmission to notebooks
- Recording of persons who are not involved in the file (e.g. suppliers, partners)
- Automated updating of addresses
- Payment transactions and third-party money
- Procurement (incoming invoices, payments)
- (Electronic) Banking
- Notifications (trusteeship, advance VAT returns, recapitulative statements, RK (cash register), Federal Ministry of Finance)
- Controlling/reporting (statistics, periodic report)
- HR management (application documents, staff files, payroll accounting, employment references)
- User and rights management (users, login, security)
- System administration and EDP support
- Software support
Transfer of data to third parties
For us to fulfil your instruction it may be necessary to transfer your data to third parties (persons involved in the file, involved lawyers, notaries and experts, ELC transfer points, IT service providers (ADVOKAT Online, Archivium, etc.), IT support (hardware and software), FinanzOnline), courts or public authorities. Your data will be forwarded exclusively on the basis of the GDPR, in particular to fulfil your instruction or on the basis of your prior consent.
Moreover, we would like to inform you that in connection with our acting as legal counsel for you also factual and case-related information concerning you will be obtained from third parties.
Some of the recipients of your personal data stated above are located or process your personal data outside your country. The data protection standard in other countries may not be the same as the one in Austria. However, we transfer your personal data only to countries for which the European Commission has decided that they offer an adequate level of data protection; if this is not the case, we take measures to ensure that all recipients offer an adequate level of data protection, for which purpose we conclude standard contractual clauses (2010/87/EU and/or 2004/915/EC).
Communication and notification of data breaches
We endeavour to ensure that data breaches will be noticed early and immediately communicated to you and notified to the competent supervisory authority, where applicable, including the relevant categories of data concerned.
Retention of data
We will not retain data longer than necessary to fulfil our contractual and/or legal obligations or to defend us against any liability claims that may arise (30-year period according to the Austrian Civil Code [ABGB]).
Statutory retention duties to be fulfilled by us include the 5-year retention period according to professional law (Section 12 (3) of the Austrian Lawyers’ Code [RAO]) and the 7-year retention period according to the Austrian Business Code [UGB] (Section 212 (1) UGB).
This website uses “cookies” to make our offer more user-friendly, more effective and safer.
A “cookie” is a small text file which we transmit to the cookie file of the browser on the hard disk of your computer via our web server. This enables our website to recognise you as a user when a connection is established between our web server and your browser. Cookies help us to establish the frequency of use and the number of users of our website. The content of the cookies used by us is limited to an identification number which no longer allows any direct reference to the user. The main objective of a cookie is to identify visitors to the website.
Two types of cookies are used on this website:
- Session cookies: are temporary cookies which are stored in the cookie file of your browser until you leave our website and are automatically deleted at the end of your visit.
- Persistent cookies: are saved on your terminal equipment and allow us to recognise your browser on your next visit in order to enhance user-friendliness.
You may adjust your browser settings so that you will be informed about the placement of cookies and only allow them on a case-by-case basis, accept them for specific cases or generally refuse or automatically delete cookies when you close your browser. The functionality of this website may be restricted as a result of deactivating cookies.
Server Log Files
In order to optimise this website in terms of system performance, user-friendliness and provision of useful information about our services, the website provider automatically collects and stores information in so-called server log files, which your browser automatically transfers to us. This includes your internet protocol address (IP address), browser and language settings, operating system, referrer URL, your internet service provider and the date/time.
This data will not be combined with personal data sources. We reserve the right to check this data at a later date if we learn of specific indications of unlawful use.
Our contact details
Protection of your data is of particular importance to us. Please do not hesitate to contact us using the contact details stated below at any time if you have any questions or if you want to withdraw your consent.
Dr. Christian Rapani