Privacy policy

1. Name and contact details of the controller and the company data protection officer

The controller for data processing within the meaning of Art. 4 No. 7 GDPR is
Dr. Anna A. Rozovskaya-Lampey
Frans-Hals-Straße 20
81479 Munich
Tel +49 89 21550973

2. Collection and storage of personal data and the nature and purpose of their use

a) Mandating
When you hire us, we collect the following information Title, first name, last name; a valid e-mail address; address; company and function; telephone number (landline and/or mobile); information we receive for or in connection with the assertion and defense of your rights under the mandate.
This data is collected,
● to be able to identify you as our client;
to provide you with adequate legal advice and representation;
● to correspond with you;
● for invoicing purposes;
● for other handling of the mandate.

The data processing is carried out at your request and is necessary for the purposes mentioned for the appropriate processing of the mandate and for the mutual fulfillment of obligations arising from the mandate agreement in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.
Furthermore, we process your personal data, insofar as this is necessary on the basis of the Money Laundering Act for the purposes of preventing money laundering and terrorist financing, on the basis of Art. 6 para. 1 sentence 1 lit. c GDPR in conjunction with. § 11 a para. 1 GWG.

The personal data collected by us for the mandate will be stored until the end of the statutory retention period for lawyers (6 years after the end of the calendar year in which the mandate was terminated, Sec. 50 para. 1 BRAO) and then deleted, unless we are obliged to store it for a longer period in accordance with Art. 6 para. 1 s. 1 lit. c GDPR due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to further storage in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. The retention and documentation obligations under tax and commercial law are, for example, 6 years for correspondence in connection with the conclusion of a contract and 10 years for accounting documents ( Sec. 238, 257 (1) and (4) HGB, Sec. 147 (1) and (3) AO). Finally, the storage period is also determined by the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years. After expiry of the retention and documentation obligations and the relevant limitation periods, we delete the data.

b) Access to the website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the requested file,
  • Website from which access is made (referrer URL),
  • the browser used and, if applicable, the operating system of your computer and the name of your access provider.
  • We process the mentioned data for the following purposes:
  • Ensuring a smooth connection to the website,
  • Ensuring a comfortable use of our website,
  • Evaluating system security and stability, and for other administrative purposes.
The legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR. Our justified interest results from the purposes of data collection listed above. The log files are deleted after the end of the browser session, at the latest after seven days, unless their further storage is necessary for the above-mentioned purposes. 
We also use cookies when you visit our website.

c) For your inquiries
If you have any questions, you can contact us by e-mail, telephone or fax.
We process your personal data transmitted in this context on the basis of Art. 6 para. 1 s. 1 lit. b GDPR (inquiries within the framework of a client relationship or other contract or for the initiation of a contract) or Art. 6 para. 1 s. 1 lit. f GDPR (inquiries outside of a contract and the initiation of a contract). Our legitimate interest is to respond to your inquiries.

3. Disclosure of data to third parties

If necessary, your personal data will be communicated to third parties in accordance with Art. 6 para. 1 s. 1 lit. b GDPR for the purpose of handling the client relationship with you. This includes in particular the disclosure to opposing parties and their representatives (in particular their lawyers) as well as courts and other authorities for the purpose of correspondence and for the assertion and defense of your rights.

Contract processors engaged by us (Art. 28 GDPR) may also receive data for these purposes. These are companies in the categories of IT services, logistics, printing and shipping services, file disposal, file archiving, telecommunications, debt collection, sales and marketing.

Furthermore, we will transmit data if we are legally obliged to do so, e.g. in accordance with the provisions of the Money Laundering Act, pursuant to Art. 6 para. 1 s. 1 lit. c GDPR.

The attorney-client privilege ( sec. 43a para. 2 s. 1 BRAO) remains unaffected. The use of service providers who have access to data that is subject to attorney-client privilege (e.g. processors in the categories of IT services, file destruction, file archiving) shall take place exclusively within the framework of the applicable law ( sec. 43e BRAO). In the case of services that directly serve an individual mandate (e.g. commissioning an expert or translator), data that is subject to attorney-client privilege will only be passed on with your consent ( sec. 43e para. 2 BRAO). Within our organization, those departments that need your data to fulfil our contractual and legal obligations will have access to it.

4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

The cookie stores information that is associated with the specific device being used. However, this does not give us direct knowledge of your identity.

On the one hand, cookies are used to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your user device for a specified period of time. If you visit our site again to access our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again. The cookies are deleted after the end of the browser session, at the latest after seven days, unless their continued storage is necessary for the above-mentioned purposes.

The data processed by cookies is required for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 s. 1 lit. f GDPR.

5. Your privacy rights

With regard to the personal data we have stored about you, you have the following rights: access (Art. 15 GDPR, Sec. 34 BDSG), rectification (Art. 16 GDPR), restriction of processing (Art. 18 GDPR), erasure (Art. 17 GDPR, Sec. 35 BDSG) and data portability in a structured, commonly used and machine-readable format (Art. 20 GDPR). If we process your personal data on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you are entitled to object to the processing of your personal data according to Art. 21 GDPR if there are grounds for doing so based on your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be exercised by us without reference to a specific situation.

If we process your personal data on the basis of your consent in accordance with Art. 6 para. 1 S. 1 lit. a GDPR, you have the right to withdraw your consent at any time in accordance with Art. 7 para. 3 GDPR. As a result, we will no longer be able to continue the data processing based on this consent in the future. You may exercise all of these rights by sending an email to or by contacting us using the contact information provided in Section 1. Separately, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State where you reside, work or where the alleged breach occurred, if you believe that the processing of your personal data violates applicable data protection regulations (Art. 77 GDPR, § 19 BDSG).

6. Data security

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

As of January 31st, 2024