The following data protection information provides you with information about the personal data (Art. 4 No.1 GDPR) processed at https://www.tsambikakis.com/ by Tsambikakis & Partner Rechtsanwälte mbB as the controller (Art. 4 No. 7 GDPR), as well as the purposes and legal basis on which this processing (Art. 4 No. 2 GDPR) takes place. With this information, Tsambikakis & Partner Rechtsanwälte mbB also fulfils its duties of information under data protection law, which are imposed on the controller pursuant to Artt. 12, 13 GDPR, when data is collected from the data subject, in this case the visitor of the website https://www.tsambikakis.com/.
Information pursuant to Art. 13 GDPR
Identity of the controller:
Tsambikakis & Partner Rechtsanwälte mbB, Agrippinawerft 30, 50678 Köln, phone: +49 (0)221 337723-0, fax: +49 (0)221337723-23 is the controller (Art. 4 No. 7 GDPR) for the collection of data at https://www.tsambikakis.com/.
Data protection officer:
You can reach the data protection officer of Tsambikakis & Partner Rechtsanwälte mbB at: Tsambikakis & Partner Rechtsanwälte mbB, Datenschutzbeauftragter, Agrippinawerft 30, 50678 Köln, email: firstname.lastname@example.org
Categories of personal data processed:
- Visitor data, IP addresses, device and domain data of visitors and customers, date and time of an enquiry, time zone difference to Greenwich Mean Time (GMT), content of the enquiry (concrete page), access status/HTTP status code, amount of data transferred in each case, website from which the enquiry was made, browser type, operating system and its interface, language and version of the browser software, file path of the requested resource, information about the success or forwarding or error status of the access.
- Persistent cookies, i.e. cookies that are stored on the visitor’s computer for a predefined period of time during the visit to our website [in this case the tracking cookie for Matomo].
- Session cookies, i.e. those cookies that are deleted at the end of the session or when the browser is idle for a certain period of time or when the browser is closed.
The collection of personal data and their processing by Tsambikakis & Partner Rechtsanwälte mbB is done for the following purposes:
- Operation and optimization of the online presence
- Advertising for the law firm and its services
- Provision of information concerning the services of the controller and its employees
- Acquisition of new customers / clients
- Fulfilment of legal obligations to inform, notify, disclose and retain
- Providing defence against claims of third parties for payment, performance, rescission, injunction and/or compensation, in particular users of the website, customers and other third parties
- Cost-benefit analysis of online advertising
- Evaluation of the range
Information on the origin of the data:
Personal data is collected from the data subject (users of the website, customers of our company, applicants for employment).
Legal basis of the processing:
The legal basis of the processing may be
- The existence of a consent in accordance with Art. 6 Sec. 1 lit a.) GDPR.
Where such consent exists, the data subject has the right to withdraw it at any time, without prejudice to the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.
- Art. 6 Sec. 1 lit. b) GDPR and/or Art. 6 Sec. 1 lit. c) GDPR
- Art. 6 Sec. 1 lit. f) GDPR, as far as the pursuit of advertising purposes of the controller, corporate communication, company presentation and/or service presentation purposes are concerned.
Criteria for storage duration:
Personal data will be processed until the purpose of the collection or – in the case of further processing – the purpose of the further processing is fully achieved. When the purpose is fully achieved, the data is deleted. The controller also has a checking and deletion concept which ensures that the deletion obligations are checked regularly.
- Visitor data is deleted after a maximum period of 30 days from visiting the website https://www.tsambikakis.com/.
- Session cookies are deleted at the end of the session or in case of longer inactivity or when the browser is closed.
- Persistent cookies have a predefined validity, about which we will inform you specifically within the framework of the cookie information when you visit our website. We would like to point out that you also have the option of deleting stored cookies from your system manually or by means of appropriate software at any time.
Recipient of personal data:
- Processors, such as technical service providers, providers of tracking technologies, etc.
- Courts, authorities and/or enforcement bodies, in connection with the defence against payment, performance, rescission and/or compensation claims of third parties.
Information on the obligation to provide data by the data subject
The provision of personal data is partly required by law (e.g. under tax law, anti-money laundering regulations). Furthermore, you may be obliged to provide us with those personal data which are necessary for establishing, executing and terminating a contractual relationship with us and the fulfilment of the associated contractual obligations. Without this data, we will generally not be able to execute contracts with you and/or fulfil our legal obligations. No obligatory information / data is collected via the online offer at https://www.tsambikakis.com/. In the interest of the greatest possible transparency in terms of data protection law, we separately point out any obligations to provide information in specific cases before the connected data collection is carried out.
Your rights as the data subject:
You have the following rights vis-a-vis our law firm pursuant to Artt. 15 to 22 GDPR:
- Right to information, correction, deletion, restriction of processing and to data transferability.
- Right to object to processing operations based on the legitimate interests of the controller or of a third party (Art. 6 Sec. 1 lit. f. GDPR).
Right to lodge a complaint with a supervisory authority
- Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data is taking places unlawfully. The address of the supervisory authority responsible for our company is
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Further data protection notices and information
A cookie is a small file that is stored on a visitor’s computer as soon as he visits a website. When he revisits the website, the cookie indicates this visit to be a repeat visit. We transfer cookies to your computer’s hard drive via your web browser and can read them during your current visit to our website and on subsequent visits within a year. Our cookies are protected against being read by third parties through the security standards of your browser. The main purpose of cookies is to make your use of our services as convenient as possible. Should you nevertheless wish to deactivate cookies, you can use the help function in the menu bar of the web browser you are using to find out which settings you need to make to prevent the storage of new cookies. You can also find information about further cookie settings, e.g. information and warning functions for the deletion of existing cookies there. To ensure unrestricted and trouble-free use of our websites, we recommend that you leave all cookie functions fully activated.
If you do not want cookies used for the evaluation of our range to be stored on your device, you can object to the use of these cookies via the following websites, among others:
Use of Matomo Tracking
Note on the use of tracking technologies: Matomo
We use the open source software Matomo for analysis and statistical evaluation of the use of the website. The software stores a cookie on the user’s computer (for cookies, see above). If individual pages of our website are accessed, the following data is stored:
- Two bytes of the IP address of the accessing system of the user
- The accessed website
- The website from which the user accessed the website (referrer)
- The subpages that are accessed on the website
- The time spent on the website
- The frequency of visiting the website
You can revoke your consent to the storage and evaluation of this data at any time:
You can also manage your Matomo Opt-Out settings for our website using the link below. In this case, a so-called opt-out cookie is permanently stored in your browser, which causes Matomo not to collect any data for storage and evaluation. However, should you, intentionally or unintentionally, delete this cookie, the objection to the data storage and evaluation will also be nullified, but can be renewed at any time via the following link:
Alternatively, most browsers also have a “Do Not Track”-option, which can be used to inform websites to track user activities. Matomo respects this option.
The personal data of the users is only stored on our own servers. The data is not transferred to any third parties. The information about the use of our website generated by the cookie is transferred to our servers and summarized in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable us to design our website in line with user requirements. Under no circumstances is the IP address associated with other user-related data. The IP addresses are anonymized. An attribution is not possible (IP masking).
Use of Monotype (MyFonts & fonts.com)
This website utilizes fonts provided by Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, MA 01801, USA. In order to use the fonts, your browser needs to connect to one of Monotype’s servers in the USA. Our website contains a Monotype user counter, collecting data on the amount of site visitors on our website. In order to use the required fonts, we are contractually obligated to implement this counter. Hereby, Monotype will gain knowledge about our website being loaded from your IP-address. Such collected data is saved in encrypted logfiles for 30 days in order to extract the amount of page views and subsequently deleted.
Use of Google Maps
You can find detailed instructions on managing your personal data in context with Google products here.
Furthermore, information about the accessed resources is stored on the application server. This storage includes software-related error logs if corresponding errors occur. However, no references to the incoming requests are stored. Therefore, the data is anonymous and collected exclusively for the purpose of error detection and analysis. This data is deleted completely after 90 days.
A statistical evaluation of the log files is only carried out to detect attacks and to defend against them. Neither is further analyses carried out, nor are user profiles generated or created.
Data of applicants are collected, saved and processed solely within the scope of the respective application procedure and in accordance with existing laws.
Within the scope of an application, we require the applicants to provide us with their personal information. This can be information to the person, contact information, address as well as corresponding documents (cover letter, CV, certificates). Additionally, applicants may voluntarily provide additional information.
Should personal information, falling under special categories according to art. 9 par. 1 GDPR, be provided voluntarily during the application procedure, we will handle them with the required diligence and according to legal requirements.
Applications can be submitted via email. The law firm wishes to point out that it has no influence on any encryption options for e-mails and that the user must therefore decide for himself, whether he wants to send encrypted e-mails to the law firm. In principle, unencrypted e-mail communication is permissible under Sec. 2 (2) BRAO (The Federal Lawyers’ Act); however, this may involve considerable risk and a loss of confidentiality. Generally, there is a risk that data may be intercepted and read by third parties and/or become known to third parties after receipt by your provider and/or in your e-mail inbox. The law firm only receives e-mails that are transmitted using transport encryption in the form of TLS 1.2. In this respect, the user must ensure that e-mails can be sent using transport encryption (TLS 1.2. or higher) under the e-mail address used for transmission. We cannot assume any responsibility for unencrypted emailing and strongly suggest to alternatively send the application by mail, which is still available for the applicants.
Information provided by the applicants can be further processed in case of a successful application within the scope of the employment relationship. In case of an unsuccessful application, the applicant’s information will be deleted. The applicant can, at any time, retract their application, at which point the information will also be deleted.
Deletion will take place, pending a legitimate recall by applicants, after 6 months, to enable us to respond to follow-up questions to the application and to satisfy our obligations to provide proof according to General Equal Treatment laws (Equal Opportunity).
Within the context of our internet presence, we offer you the possibility to subscribe to the newsletter of our law firm. Based on your express consent, we will regularly send you our newsletter or comparable information by email to the email address you have provided.
In order to receive the newsletter, we collect the following personal data from you:
- Gender/ Title
- First name
- Email address
In addition to the mandatory information, you have the option of entering the following additional data:
- Telephone number
This information is voluntary for you.
The legal basis for the processing of your personal data is your consent in accordance with Article 6 Paragraph 1 Letter a GDPR.
When registering to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by email about circumstances relevant to the service or registration (for example, changes to the newsletter offer or technical circumstances).
For an effective registration, we require a valid email address. In order to verify that a registration is actually made by the owner of an email address, we use the "double-opt-in" procedure. For this purpose, we log the subscription to the newsletter, the delivery of a confirmation email and the receipt of the response requested herewith. No further data is collected. The data is used exclusively for sending the newsletter and is not passed on to third parties.
We offer you the possibility to register directly for events of our law firm via our homepage. If you use this option, we will collect the following data as mandatory information:
- Gender/ Title
- First name
- Email address
In addition to the mandatory information, you have the option of entering the following additional data:
- Telephone number
This information is voluntary for you.
The personal data collected via the registration form will be processed in order to
- to be able to organise and carry out the respective event,
- to be able to inform the participants about the circumstances of the events,
- to be able to issue certificates of participation, if necessary.
The legal basis for the processing of your personal data is your consent in accordance with Article 6 (1) (a) GDPR.
A transfer of data to third parties may be necessary in individual cases in the case of cooperating events with another provider for the purpose of joint planning and implementation. In these cases, your personal data may be passed on to
- the service provider/cooperation partner commissioned with the organisation and implementation of an event,
- the speaker of the event.
The processing of data by these partners is subject to their respective data protection regulations.
For an effective registration, we require a valid email address. In order to verify that a registration for the event is actually made by the owner of an email address, we use the "double-opt-in" procedure. For this purpose, we log the registration for the event, the sending of a confirmation email and the receipt of the response requested herewith.
You can revoke your consent for the future at any time.
Specific Data Protection Information for the use of the Tsambikakis & Partner APP
Use without registration
Registered use for clients
Clients of the law firm and its employees may be granted extended usage possibilities within the APP by the law firm. For this purpose, the user must register as a user within APP using access data provided by the law firm. The user data can be provided to the user by e-mail, post or personally. Notwithstanding the existence of a client-lawyer relationship, there shall be no entitlement to use the APP. No client-related information shall be processed within APP itself; the user data provided shall not contain any identifiable data either; particularly, first and last names shall not be assigned as user ID. The user shall receive a password with which he can identify himself as a registered user in the app after entering the user name assigned to him. The information entered is compared with the authentication server via a secure connection for the purpose of checking and activating the extended APP functions. The extended use is only possible after successful authentication. Apart from the user name and password, no further personal data is processed in connection with the use of the APP. Particularly, the APP does not use so-called UDID (Unique Device Identifier) information or similar data containing personal device information.
When using the extended functions of the APP, it is possible to use the APP to contact the law firm and/or individual lawyers of the law firm directly in concrete search and/or seizure situations and to easily provide them with information necessary for representation. For this purpose, the APP allows for the photographing of documents and other information, which can then be sent to the law firm by e-mail. For this purpose, the APP requires access to the camera of the device used. The user must accept this access in his device; without permission, the APP will not access the camera. Depending on the capabilities of the device used, the permission can be one-time or permanent. You can later change this permission at any time in the settings of the operating system of your device.
The law firm points out that photographs regularly contain so-called EXIF-data as meta-information, which may turn out to be personal data. These data may include information on the exact date and time of the recording, the position data recorded by the built-in GPS sensor as coordinates at the time of recording, the orientation of the image, the camera manufacturer and/or the camera model. The law firm does not need this information, nor is it specifically read out or processed by the law firm. If you do not wish to send EXIF-data, you need to change this in the camera settings of your device, if possible. The law firm or the APP have no influence on this. Information on the exact content of the EXIF-data processed by your device can only be obtained from the manufacturer of your device.
SIf you want to send pictures of documents or other information to the law firm via the APP, the APP will transfer the information created by you to the e-mail program of your device. In the e-mail opened by the APP, which the user can still edit and must send independently, only the recipient’s e-mail address is pre-filled and the photographs and any further information created by the user in the APP are included as attachments. Direct sending (uploading) of information through and within the APP is not possible, the law firm does not collect information about or from the e-mail program installed by the user. Please be advised that the APP also has no influence on the e-mail address used for sending. Generally, the e-mail address that you have entered as your standard e-mail address will be used. Therefore, if you are using more than one e-mail account, please check from which account you are sending an e-mail to the law firm in each case, in order to avoid third party knowledge and loss of confidentiality.
The law firm wishes to point out that it has no influence on any encryption options for e-mails and that the user must therefore decide for himself, whether he wants to send encrypted e-mails to the law firm. In principle, unencrypted e-mail communication is permissible under Sec. 2 (2) BRAO (The Federal Lawyers’ Act); however, this may involve considerable risk and a loss of confidentiality. Generally, there is a risk that data may be intercepted and read by third parties and/or become known to third parties after receipt by your provider and/or in your e-mail inbox. The law firm only receives e-mails that are transmitted using transport encryption in the form of TLS 1.2. In this respect, the user must ensure that e-mails can be sent using transport encryption (TLS 1.2. or higher) under the e-mail address used for transmission.