Privacy Policy

Data protection Statement according to § 13 Sec. 1 German Telemedia Act (TMG) as well as information obligations in accordance with Art. 13 GDPR.

Thank you for your interest in our services and for visiting our website. We appreciate your interest in our company and your visit to our website. Data privacy and security in the use of our website are very important for us. We therefore like to inform you which kind of personal data is collected while visiting our website and for what kind of purposes it is used.

Since statutory changes and changes to our internal company processes could require adjustments to this Data protection Statement, we ask that you please read through this Statement on a regular basis. This Data protection Statement can be downloaded, saved and printed at any time under the URL

1. Data Controller and Scope

The controller according to the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection acts of the Member States, as well as other data protection regulations, is:

KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
D-50672 Köln
Telefon: +49 (0)221 – 222 183 – 0
Telefax: +49 (0)221 – 222 183 – 10

This Data protection Statement applies to the web pages of KINAST Rechtsanwaltsgesellschaft mbH, Hohenzollernring 54, 50672 Cologne, Germany, which can be accessed through the websites found under the domain “” (hereinafter: “our website”). At the same time, this privacy policy applies to the privacy policy blog operated by us, which you can reach at

2. Data Protection Officer

Our Data Protection Officer can be reached by the following address:

Data Protection Officer
KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
D-50672 Köln


3. Principles of Processing Personal Data

Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior. Information that cannot (or only with a disproportionate effort) be referred to your person, e.g. by anonymizing the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent.
Processed personal data will be deleted as soon as the purpose of the processing has been fulfilled and no legally prescribed retention obligations are to be observed.

In case we process your personal data for the provision of certain offers, please find below information about the specific processes, the scope and purpose of data processing, the legal basis for processing and the respective retention period.

4. Data Processing

1. Provision and use of the Website

a. Scope and Purpose of the Processing

When you access and use our website, we only collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.
The following personal data is recorded to the extent necessary for the provision of a functional website and our contents and services:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • The website from which access is made (referrer URL)
  • The used browser and, if applicable, the operating system of your computer as well as the name of your access provider

b. Legal Basis

Art. 6 para. 1 lit. f GDPR serves as the legal basis for the data processing. The processing of the mentioned data is necessary for the provision of our services and thus serves the protection of a legitimate interest of our company.

c. Data Deletion and Retention Time

The data subject’s personal data are deleted or blocked as soon as the purpose of the storage is fulfilled. The collection of data for the provision of the website and the storage of data in log files is necessary for the operation of the website. Consequently, there is no possibility of objection for the user. Further storage may take place in individual cases if this is required by law.

2. Newsletter

a. Scope and Purpose of Processing

On our privacy policy blog, you can subscribe to a free newsletter. In order to be able to send you the newsletter regularly, we need the following information from you:

  • E-Mail – Address

Your data will not be passed on to third parties in the context of the newsletter.

We use the so-called double opt-in procedure for the newsletter, i.e. we will only send you the newsletter if you have previously confirmed your registration via a link that is sent to you for this purpose.

We would like to make sure that only you, as the owner of the specified e-mail address, can subscribe to the newsletter. Your confirmation must be given promptly after receiving the confirmation e-mail, otherwise, your newsletter registration will be automatically deleted from our database.

b. Legal Basis

The processing of your e-mail address for the newsletter is based on article 6 (1) lit. a GDPR on the declaration of consent, which you have voluntarily given as follows:

Declaration of consent:

By entering my data and clicking the “submit” button I declare my consent to the use of my e-mail address for regularly receiving newsletters. I can unsubscribe from the newsletter service at any time by clicking on the link at the end of the newsletter. I can withdraw my consent to the processing of personal data collected during the registration process at any time.

c. Retention Time

Your e-mail address will be stored for as long as you have subscribed to the newsletter. After you unsubscribe from the newsletter, your e-mail address will be deleted. Further storage may take place in individual cases if this is required by law.

5. Third Party Transfers

We only share your personal information with third parties if:

  • you have given your express consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR,
  • it is legally permissible and necessary for the fulfilment of a contractual relationship with you pursuant to Art. 6 (1) sentence 1 lit. b GDPR,
  • there is a legal obligation to pass on the data in accordance with Art. 6 (1) sentence 1 lit. c GDPR,
  • the disclosure pursuant to Art. 6 (1) sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

6. Cookies

a. Scope and Purpose of Processing

We use cookies on our website. Cookies are small files which are sent by us to the browser of your terminal device and stored there as part of your visit to our internet pages. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.

Our website uses session cookies, which are automatically deleted as soon as you close your browser. This type of cookies allows us to record your session ID. This allows different requests from your browser to be assigned to a single session, and we can recognize your device when visiting the website later.

These cookies are required for technical reasons so that you can visit our website and use the functions offered by us.

Cookies for advertising purposes or third-party cookies are not used on our pages.

b. Legal Basis

Due to the described purposes of use (cf. § 6. a.), the legal basis for the processing of personal data using cookies lies in Art. 6 para. 1 lit. f GDPR.

c. Retention Time

As soon as the data transmitted by the cookies is no longer necessary for the purposes described above, this information will be deleted. This is the case when you close your browser.

d. Browser Settings

Most browsers are already set to accept cookies by default. However, you can change your browser settings so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may no longer be able to use all the functions of our website if cookies are disabled by your browser settings on our website. You can also use your browser settings to delete cookies already stored in your browser. Furthermore, it is possible to set your browser so that it informs you before cookies are stored. Since the different browsers may differ in their respective functions, we ask you to use the respective help menu of your browser for the setting options. If you would like a comprehensive overview of all third-party access to your Internet browser, we recommend that you install specially developed plug-ins.

7. Tools for Tracking and Analysis

On our website as well as on our blog we do not use any tools to track our visitors or to analyze user behavior.

8. Hyperlinks

Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be directed directly to the other providers’ website. You will recognize this when the URL is changed. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.

9. Your Rights as a Data Subject

If your personal data are processed, you are a data subject within the meaning of the General Data Protection Regulation (GDPR) and the following rights apply to you:

  • Pursuant to Art. 15 GDPR you can request information about your personal data processed by us. In particular, you may obtain information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the origin of your data, if not collected from us, about transfer to third countries or international organizations, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the logic involved.
  • Pursuant to Art. 16 GDPR you can immediately demand the correction of incorrect data or the completion of your personal data stored with us.
  • Pursuant to Art. 17 GDPR, you may request the deletion of your personal data stored by us, provided that the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
  • Pursuant to Art. 18 GDPR, you can request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, if we no longer need the data and if you refuse their deletion because you need to establish, exercise or defend legal claims. You are also entitled to the right under Art. 18 GDPR if you have objected to the processing in accordance with Art. 21 GDPR.
  • Pursuant to Art. 20 GDPR, you may request that the personal data you have provided us with be received in a structured, current and machine-readable format or you may request that it be transmitted to another person responsible.
  • Pursuant to Art. 7 para. 3 GDPR you can withdraw your consent at any time. As a consequence, we are no longer allowed to continue the data processing based on this consent for the future.
  • Pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority. You can contact the supervisory authority of your habitual residence, place of work or our company headquarters.

10. Right to object

In case the processing of your personal data is based on legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right to objection which will be considered without mentioning any particular situation.

11. Data Security and Security Measures

We are committed to protecting your privacy and treating your personal information confidentially. In order to avoid any manipulation, loss or misuse of your data stored by us, we take extensive technical and organisational security measures that are regularly reviewed and adapted to technological progress. This includes, among other things, the use of recognized encryption methods (SSL). However, we would like to point out that due to the structure of the internet, it is possible that the rules of data protection and the above mentioned security measures may not be observed by other persons or institutions for which we are not responsible.
In particular, unencrypted data – e.g. if this is done by e-mail – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.

If you have any questions, please contact the team of KINAST Rechtsanwälte under the contact information above.