+49 221 33 77 23-0

Privacy Policy

of Tsambikakis & Partner Rechtsanwälte mbB
The following data protection information provides you with information about the personal data (Art. 4 No.1 GDPR) processed at by Tsambikakis & Partner Rechtsanwälte mbB as the controller (Art. 4 No. 7 GDPR), as well as the purposes and legal basis on which this processing (Art. 4 No. 2 GDPR) takes place. With this information, Tsambikakis & Partner Rechtsanwälte mbB also fulfils its duties of information under data protection law, which are imposed on the controller pursuant to Artt. 12, 13 GDPR, when data is collected from the data subject, in this case the visitor of the website

Information pursuant to Art. 13 GDPR

Identity of the controller:

Tsambikakis & Partner Rechtsanwälte mbB, Agrippinawerft 30, 50678 Köln, phone: +49 (0)221 337723-0, fax: +49 (0)221337723-23 is the controller (Art. 4 No. 7 GDPR) for the collection of data at

Data protection officer:

You can reach the data protection officer of Tsambikakis & Partner Rechtsanwälte mbB at: Tsambikakis & Partner Rechtsanwälte mbB, Datenschutzbeauftragter, Agrippinawerft 30, 50678 Köln, email:

Categories of personal data processed:

  • Visitor data, IP addresses, device and domain data of visitors and customers, date and time of an enquiry, time zone difference to Greenwich Mean Time (GMT), content of the enquiry (concrete page), access status/HTTP status code, amount of data transferred in each case, website from which the enquiry was made, browser type, operating system and its interface, language and version of the browser software, file path of the requested resource, information about the success or forwarding or error status of the access.
  • Persistent cookies, i.e. cookies that are stored on the visitor’s computer for a predefined period of time during the visit to our website [in this case the tracking cookie for Matomo].
  • Session cookies, i.e. those cookies that are deleted at the end of the session or when the browser is idle for a certain period of time or when the browser is closed.

Processing Purposes:

The collection of personal data and their processing by Tsambikakis & Partner Rechtsanwälte mbB is done for the following purposes:

  • Operation and optimization of the online presence
  • Advertising for the law firm and its services
  • Provision of information concerning the services of the controller and its employees
  • Acquisition of new customers / clients
  • Fulfilment of legal obligations to inform, notify, disclose and retain
  • Providing defence against claims of third parties for payment, performance, rescission, injunction and/or compensation, in particular users of the website, customers and other third parties
  • Cost-benefit analysis of online advertising
  • Evaluation of the range

Information on the origin of the data:

Personal data is collected from the data subject (users of the website, customers of our company, applicants for employment).

Legal basis of the processing:

The legal basis of the processing may be

  • The existence of a consent in accordance with Art. 6 Sec. 1 lit a.) GDPR.

Where such consent exists, the data subject has the right to withdraw it at any time, without prejudice to the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.

  • Art. 6 Sec. 1 lit. b) GDPR and/or Art. 6 Sec. 1 lit. c) GDPR
  • Art. 6 Sec. 1 lit. f) GDPR, as far as the pursuit of advertising purposes of the controller, corporate communication, company presentation and/or service presentation purposes are concerned.

Criteria for storage duration:

Personal data will be processed until the purpose of the collection or – in the case of further processing – the purpose of the further processing is fully achieved. When the purpose is fully achieved, the data is deleted. The controller also has a checking and deletion concept which ensures that the deletion obligations are checked regularly.

  • Visitor data is deleted after a maximum period of 30 days from visiting the website
  • Session cookies are deleted at the end of the session or in case of longer inactivity or when the browser is closed.
  • Persistent cookies have a predefined validity, about which we will inform you specifically within the framework of the cookie information when you visit our website. We would like to point out that you also have the option of deleting stored cookies from your system manually or by means of appropriate software at any time.

Recipient of personal data:

  • Processors, such as technical service providers, providers of tracking technologies, etc.
  • Courts, authorities and/or enforcement bodies, in connection with the defence against payment, performance, rescission and/or compensation claims of third parties.

Information on the obligation to provide data by the data subject

The provision of personal data is partly required by law (e.g. under tax law, anti-money laundering regulations). Furthermore, you may be obliged to provide us with those personal data which are necessary for establishing, executing and terminating a contractual relationship with us and the fulfilment of the associated contractual obligations. Without this data, we will generally not be able to execute contracts with you and/or fulfil our legal obligations. No obligatory information / data is collected via the online offer at In the interest of the greatest possible transparency in terms of data protection law, we separately point out any obligations to provide information in specific cases before the connected data collection is carried out.

Your rights as the data subject:

You have the following rights vis-a-vis our law firm pursuant to Artt. 15 to 22 GDPR:

  • Right to information, correction, deletion, restriction of processing and to data transferability.
  • Right to object to processing operations based on the legitimate interests of the controller or of a third party (Art. 6 Sec. 1 lit. f. GDPR).

Right to lodge a complaint with a supervisory authority

  • Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data is taking places unlawfully. The address of the supervisory authority responsible for our company is

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Kavalleriestraße 2-4
40213 Düsseldorf
Phone: 0211/38424-0
Fax: 0211/38424-10

Further data protection notices and information

Use of cookies

A cookie is a small file that is stored on a visitor’s computer as soon as he visits a website. When he revisits the website, the cookie indicates this visit to be a repeat visit. We transfer cookies to your computer’s hard drive via your web browser and can read them during your current visit to our website and on subsequent visits within a year. Our cookies are protected against being read by third parties through the security standards of your browser. The main purpose of cookies is to make your use of our services as convenient as possible. Should you nevertheless wish to deactivate cookies, you can use the help function in the menu bar of the web browser you are using to find out which settings you need to make to prevent the storage of new cookies. You can also find information about further cookie settings, e.g. information and warning functions for the deletion of existing cookies there. To ensure unrestricted and trouble-free use of our websites, we recommend that you leave all cookie functions fully activated.

If you do not want cookies used for the evaluation of our range to be stored on your device, you can object to the use of these cookies via the following websites, among others:!/!/

Use of Matomo Tracking

Note on the use of tracking technologies: Matomo

We use the open source software Matomo for analysis and statistical evaluation of the use of the website. The software stores a cookie on the user’s computer (for cookies, see above). If individual pages of our website are accessed, the following data is stored:

  • Two bytes of the IP address of the accessing system of the user
  • The accessed website
  • The website from which the user accessed the website (referrer)
  • The subpages that are accessed on the website
  • The time spent on the website
  • The frequency of visiting the website

The software runs exclusively on the servers of our website. The cookies used by Matomo are stored on the user’s computer and are transmitted by the user to our website. Therefore, you as a user have full control over the use of cookies. Already stored cookies can be deleted at any time. This can also be done automatically.

You can revoke your consent to the storage and evaluation of this data at any time:
Revoke consent

You can also manage your Matomo Opt-Out settings for our website using the link below. In this case, a so-called opt-out cookie is permanently stored in your browser, which causes Matomo not to collect any data for storage and evaluation. However, should you, intentionally or unintentionally, delete this cookie, the objection to the data storage and evaluation will also be nullified, but can be renewed at any time via the following link:
Matomo settings

Alternatively, most browsers also have a “Do Not Track”-option, which can be used to inform websites to track user activities. Matomo respects this option.

The personal data of the users is only stored on our own servers. The data is not transferred to any third parties. The information about the use of our website generated by the cookie is transferred to our servers and summarized in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable us to design our website in line with user requirements. Under no circumstances is the IP address associated with other user-related data. The IP addresses are anonymized. An attribution is not possible (IP masking).

Use of Monotype (MyFonts &

This website utilizes fonts provided by Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA. In order to use the fonts, your browser needs to connect to one of Monotype’s servers in the USA. Our website contains a Monotype user counter, collecting data on the amount of site visitors on our website. In order to use the required fonts, we are contractually obligated to implement this counter. Hereby, Monotype will gain knowledge about our website being loaded from your IP-address. Such collected data is saved in encrypted logfiles for 30 days in order to extract the amount of page views and subsequently deleted.

Privacy Policy of Monotype:

Privacy Policy Webfont Tracking:

Use of Google Maps

This website utilizes the Google Maps API provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google USA“), in order to visually provide geographical information. By using Google Maps, Google may record, save and use data on how users use the map functions. Further information about data processing by Google can be found in Google’s Privacy Policy (see below). You can also modify your personal Privacy Settings in Google’s Privacy Center.

Privacy Policy of Google:

You can find detailed instructions on managing your personal data in context with Google products here.

Server data

Furthermore, information about the accessed resources is stored on the application server. This storage includes software-related error logs if corresponding errors occur. However, no references to the incoming requests are stored. Therefore, the data is anonymous and collected exclusively for the purpose of error detection and analysis. This data is deleted completely after 90 days.

A statistical evaluation of the log files is only carried out to detect attacks and to defend against them. Neither is further analyses carried out, nor are user profiles generated or created.

Job Applications

Data of applicants are collected, saved and processed solely within the scope of the respective application procedure and in accordance with existing laws.

Within the scope of an application, we require the applicants to provide us with their personal information. This can be information to the person, contact information, address as well as corresponding documents (cover letter, CV, certificates). Additionally, applicants may voluntarily provide additional information.

Should personal information, falling under special categories according to art. 9 par. 1 GDPR, be provided voluntarily during the application procedure, we will handle them with the required diligence and according to legal requirements.

By submitting their application, applicants consent to us processing their data within the scope of the application procedure and in the extent and manner described in our Privacy Policy.

Applications can be submitted via email. The law firm wishes to point out that it has no influence on any encryption options for e-mails and that the user must therefore decide for himself, whether he wants to send encrypted e-mails to the law firm. In principle, unencrypted e-mail communication is permissible under Sec. 2 (2) BRAO (The Federal Lawyers’ Act); however, this may involve considerable risk and a loss of confidentiality. Generally, there is a risk that data may be intercepted and read by third parties and/or become known to third parties after receipt by your provider and/or in your e-mail inbox. The law firm only receives e-mails that are transmitted using transport encryption in the form of TLS 1.2. In this respect, the user must ensure that e-mails can be sent using transport encryption (TLS 1.2. or higher) under the e-mail address used for transmission. We cannot assume any responsibility for unencrypted emailing and strongly suggest to alternatively send the application by mail, which is still available for the applicants.

Information provided by the applicants can be further processed in case of a successful application within the scope of the employment relationship. In case of an unsuccessful application, the applicant’s information will be deleted. The applicant can, at any time, retract their application, at which point the information will also be deleted.

Deletion will take place, pending a legitimate recall by applicants, after 6 months, to enable us to respond to follow-up questions to the application and to satisfy our obligations to provide proof according to General Equal Treatment laws (Equal Opportunity).

Specific Data Protection Information for the use of the Tsambikakis & Partner APP

The law firm provides a free app for IOS and Android devices, which – if available for your device – can be downloaded from the app stores provided by the respective providers and installed on the user’s device. In order to download the app, which cannot be obtained directly from the law firm, you may have to accept the terms and conditions of use of the distribution platform or register with the distribution platform beforehand using your personal data. The law firm has no influence on such terms of use whatsoever and is also not responsible for any data processing within the distribution platforms (app stores). A joint responsibility within the meaning of Art. 26 GDPR is also not established.

Use without registration

The app can be installed and used with its basic functions and as a pure information medium without registration with the law firm. Within the scope of this use, the law firm does not collect any personal data from the users. The app also does not use cookies. It is also not possible to contact the law firm via the app. When used without registration, the app only provides general information on criminal law issues, such as the correct conduct in the event of seizure or searches by public prosecutors. This information cannot replace personal legal advice and, above all, criminal defence. In view of its general orientation, this information is also only intended as a guideline. In case of doubt and in specific search and/or seizure situations, you should therefore always directly contact a defence attorney.

Registered use for clients

Clients of the law firm and its employees may be granted extended usage possibilities within the APP by the law firm. For this purpose, the user must register as a user within APP using access data provided by the law firm. The user data can be provided to the user by e-mail, post or personally. Notwithstanding the existence of a client-lawyer relationship, there shall be no entitlement to use the APP. No client-related information shall be processed within APP itself; the user data provided shall not contain any identifiable data either; particularly, first and last names shall not be assigned as user ID. The user shall receive a password with which he can identify himself as a registered user in the app after entering the user name assigned to him. The information entered is compared with the authentication server via a secure connection for the purpose of checking and activating the extended APP functions. The extended use is only possible after successful authentication. Apart from the user name and password, no further personal data is processed in connection with the use of the APP. Particularly, the APP does not use so-called UDID (Unique Device Identifier) information or similar data containing personal device information.

When using the extended functions of the APP, it is possible to use the APP to contact the law firm and/or individual lawyers of the law firm directly in concrete search and/or seizure situations and to easily provide them with information necessary for representation. For this purpose, the APP allows for the photographing of documents and other information, which can then be sent to the law firm by e-mail. For this purpose, the APP requires access to the camera of the device used. The user must accept this access in his device; without permission, the APP will not access the camera. Depending on the capabilities of the device used, the permission can be one-time or permanent. You can later change this permission at any time in the settings of the operating system of your device.

The law firm points out that photographs regularly contain so-called EXIF-data as meta-information, which may turn out to be personal data. These data may include information on the exact date and time of the recording, the position data recorded by the built-in GPS sensor as coordinates at the time of recording, the orientation of the image, the camera manufacturer and/or the camera model. The law firm does not need this information, nor is it specifically read out or processed by the law firm. If you do not wish to send EXIF-data, you need to change this in the camera settings of your device, if possible. The law firm or the APP have no influence on this. Information on the exact content of the EXIF[1]-data processed by your device can only be obtained from the manufacturer of your device.

SIf you want to send pictures of documents or other information to the law firm via the APP, the APP will transfer the information created by you to the e-mail program of your device. In the e-mail opened by the APP, which the user can still edit and must send independently, only the recipient’s e-mail address is pre-filled and the photographs and any further information created by the user in the APP are included as attachments. Direct sending (uploading) of information through and within the APP is not possible, the law firm does not collect information about or from the e-mail program installed by the user. Please be advised that the APP also has no influence on the e-mail address used for sending. Generally, the e-mail address that you have entered as your standard e-mail address will be used. Therefore, if you are using more than one e-mail account, please check from which account you are sending an e-mail to the law firm in each case, in order to avoid third party knowledge and loss of confidentiality.

The law firm wishes to point out that it has no influence on any encryption options for e-mails and that the user must therefore decide for himself, whether he wants to send encrypted e-mails to the law firm. In principle, unencrypted e-mail communication is permissible under Sec. 2 (2) BRAO (The Federal Lawyers’ Act); however, this may involve considerable risk and a loss of confidentiality. Generally, there is a risk that data may be intercepted and read by third parties and/or become known to third parties after receipt by your provider and/or in your e-mail inbox. The law firm only receives e-mails that are transmitted using transport encryption in the form of TLS 1.2. In this respect, the user must ensure that e-mails can be sent using transport encryption (TLS 1.2. or higher) under the e-mail address used for transmission.