The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
BLL Braun Leberfinger Ludwig Unger
Steuerberater Rechtsanwalt Wirtschaftsprüfer PartGmbB
Richard-Strauss-Straße 24
81677 Munich
Germany
The Data Protection Officer of the controller is:
DataCo GmbH
Sandstraße 33
80335 Munich
Germany
+49 89 7400 45840
www.dataguard.de
On this page, we inform you about the processing of your personal data on our website.
How we collect and use your personal data depends on how you interact with us or which services you use. We only collect, use, or share your personal data if we have a legitimate purpose and a legal basis for doing so.
Consent (Art. 6(1)(a) GDPR) – You have given us your consent to process your personal data for the specific purpose explained to you. You may withdraw your consent at any time. Further information on how to withdraw your consent can be found in the section “Exercise of your rights”.
Contract (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
Legal obligation (Art. 6(1)(c) GDPR) – Processing is necessary to comply with a legal obligation.
Vital interests (Art. 6(1)(d) GDPR) – Processing is necessary to protect your vital interests or those of another natural person.
Public task (Art. 6(1)(e) GDPR) – Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of legitimate interests pursued by us or a third party, provided that your interests do not override those interests.
Please note that if data processing is required for the performance of a contract or a legal obligation, we may not be able to provide our website services if you do not provide the requested data.
As described in this Privacy Policy, we use various service providers to support us in delivering our services and ensuring data security. This may require sharing your personal data with them.
All service providers are contractually obliged to protect your personal data.
If personal data is transferred outside the EU, we ensure an equivalent level of protection, either because the destination country has been recognised by the European Commission as providing an adequate level of data protection, or by using appropriate safeguards such as the EU Standard Contractual Clauses (SCCs).
When using U.S. service providers, we rely either on SCCs or on the EU–US Data Privacy Framework, depending on the provider. Copies of the SCCs can be requested via the email address stated in this Privacy Policy.
If your personal data is processed, you are a data subject within the meaning of the GDPR and have the following rights:
You have the right to obtain confirmation as to whether personal data concerning you is being processed. If so, you have the right to access this data and the following information:
You have the right to request immediate correction or completion of inaccurate or incomplete personal data.
You may request restriction of processing if one of the following applies:
You may request erasure if:
Please note that the above reasons do not apply if processing is necessary:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format or request transmission to another controller.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the GDPR.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
A list of the locally competent supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device.
The following data is collected:
This data is stored in the log files of our system.
This data is not stored together with other personal data of the user.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
Storage in log files is carried out to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
The legal basis for the temporary storage of data and log files is Art. 6(1) sentence 1 lit. f GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
In the case of data collected for the provision of the website, this occurs when the respective session has ended.
In the case of storage of data in log files, deletion takes place after a maximum of seven days. Longer storage is possible. In this case, the users’ IP addresses are deleted or anonymised so that assignment of the accessing client is no longer possible.
The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. The user may object to this. Whether the objection is successful must be determined within the framework of a balancing of interests.
When you visit our website, we use technical tools for various functions, in particular cookies, which may be stored on your device. When accessing our website and at any later time, you have the option of allowing cookies in general or selecting individual additional functions. You can make changes via your browser settings or via our consent manager.
Cookies are text files or information stored in a database that are saved on your hard drive and assigned to the browser you use, allowing certain information to flow to the entity that sets the cookie.
Below, we describe which types of cookies we use:
We use technically necessary cookies that are required for the technical structure of the website. Without these cookies, our website cannot be displayed correctly in full or support functions are not possible.
The following data is stored and transmitted via technically necessary cookies:
The cookies we use in detail are as follows:
This cookie is required so that the web application delivering bllmuc.de (IFE) can look up the session server-side in order to assign requests. The storage period is approximately 8 hours.
This cookie is used to record the user’s selection when clicking on the cookie consent banner. The storage period is approximately 3 months.
The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognised even after a page change.
Technically necessary cookies are required for the following applications:
The provisions of the Telecommunications Digital Services Data Protection Act (TDDDG) apply to the storage of information on the end user’s device and/or access to information already stored on the end user’s device.
If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your device is based on Section 25(2) no. 2 TDDDG.
This storage and access to information on your device serves to facilitate your use of our website and to provide our services as requested by you. Some functions of our website do not work without the use of these cookies and therefore could not be offered.
Cookies are generally deleted after the end of the session (e.g. logging out or closing the browser) or after the expiry of a specified period. Information on deviating storage periods can be found in the following sections of this Privacy Policy.
Where cookies that are not technically necessary are used, this is done on the basis of your explicit consent, which you can give via the cookie banner. The legal basis in this case is Section 25(1) TDDDG in conjunction with Art. 6(1)(a) and Art. 7 GDPR.
You can withdraw your consent at any time with effect for the future or grant it again by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by adjusting your browser software settings.
Please note that browser settings apply only to the browser used.
If personal data is processed following the storage of or access to information on your device, the provisions of the GDPR apply. Further information can be found in the following sections of this Privacy Policy.
You can withdraw your consent to the use of cookies at any time and manage your consent preferences at the following link: https://www.bllmuc.de/en/privacy-policy/
The data is used exclusively for the purpose of processing the correspondence.
In the event of contact by email, this also constitutes the necessary legitimate interest in processing the data.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6(1) lit. f GDPR. Our legitimate interest lies in responding to your enquiry sent by email in the best possible manner.
If the email contact aims at the conclusion of a contract, an additional legal basis for processing is Art. 6(1) lit. b GDPR.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
For personal data sent by email, this is the case when the respective correspondence with the user has ended. The correspondence is deemed to have ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
Any personal data additionally collected during the sending process will be deleted no later than seven days after collection.
If the user contacts us by email, they may object to the storage of their personal data at any time. In such a case, the correspondence cannot be continued.
All personal data stored in the course of the contact will be deleted in this case.
Our corporate profile is used for applications, information/PR and active sourcing. We do not have any information regarding the processing of your personal data by the companies jointly responsible for the corporate profile. Further information can be found in the respective privacy policy of:
On our corporate profile, we provide information and offer users the opportunity to communicate.
The corporate profile is used for applications, information/PR and active sourcing.
We do not have any information regarding the processing of your personal data by the companies that are jointly responsible for the corporate profile. Further information can be found in the privacy policy of:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
If you perform an action on our corporate profile (e.g. comments, posts, likes, etc.), it is possible that you thereby make personal data (e.g. your real name or profile picture) publicly available.
The legal basis for the processing of personal data for the purpose of communication with customers and interested parties is Art. 6(1) sentence 1 lit. f GDPR. Our legitimate interest lies in responding to your enquiry in the best possible manner or in providing the requested information.
If the contact aims at the conclusion of a contract, an additional legal basis for processing is Art. 6(1) lit. b GDPR.
Our corporate profile serves to inform users about our services. Each user is free to publish personal data through their activities.
The data generated through the corporate profile is not stored in our own systems.
You may object at any time to the processing of your personal data that we collect in the course of your use of our corporate profile and assert your rights as a data subject as set out in the section “Your Rights” of this Privacy Policy.
To do so, please send us an informal email to the email address stated in this Privacy Policy.
Further information on exercising your rights can be found here:
The website is hosted on servers of a service provider commissioned by us.
Our service provider is:
Mittwald des Anbieters Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6 32339 Espelkamp, Germany. Further information can be found in the provider’s privacy policy: https://www.mittwald.de/datenschutz
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when visiting the website. The stored information includes:
This data is not merged with other data sources. The collection of this data is based on Art. 6(1) lit. f GDPR. Our legitimate interest in processing this data lies in ensuring the error-free provision of the website and in optimising its functions.
The server location of the website is geographically located in Germany.
We use various service providers to provide the services offered on the website. In general, we have a legitimate interest in sharing your data with the relevant service providers if these services are essential for providing the basic service offered on the website. If such services are required for additional services, extended functions or additional purposes, your personal data will only be transferred to service providers if you have given your consent.
You can withdraw your consent to the use of integrated third-party services at any time and manage your consent preferences here: https://www.bllmuc.de/en/privacy-policy/
1. Scope of Data Processing
We use the analytics service etracker provided by etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany (hereinafter referred to as “etracker”). Cookies are used that enable a statistical analysis of the use of this website by its visitors as well as the display of usage-based content or advertising. Personal data may be stored and evaluated, in particular the user’s activity (especially which pages have been visited and which elements have been clicked on) as well as device and browser information (especially the IP address, login and device identifiers and the operating system). The data generated in this way is processed and stored by etracker exclusively in Germany and is therefore subject to strict German and European data protection laws and standards.
Further information on data processing by etracker can be found here: https://www.etracker.com/datenschutz/
2. Purpose of Data Processing
The processing of users’ personal data by etracker enables us to analyse the browsing behaviour of our users.
By evaluating the data obtained, we are able to compile information about the use of individual components of our website. This helps us to continuously improve our online presence and, in this context, also to enhance user-friendliness.
3. Legal Basis for Data Processing
The legal basis for the processing of users’ personal data is generally the user’s consent pursuant to Art. 6(1) sentence 1 lit. a GDPR.
4. Duration of Storage
Your personal information is stored for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law, for example for tax and accounting purposes.
5. Exercise of Your Rights
You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal. You can prevent the collection and processing of your personal data by etracker by preventing the storage of third-party cookies on your computer, by using the “Do Not Track” function of a supported browser, by disabling the execution of script code in your browser, or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com).
Further information on objection and removal options with regard to etracker can be found at: https://www.etracker.com/datenschutz/
This Privacy Policy was created with the support of DataGuard.