1. Data protection at a glance
Last updated on 01/08/2025
General notes
The operators of these pages take the protection of your personal data very seriously. The following notes contain information about the processing of personal data from users of our website, when providing our legal services and when initiating and executing other contractual relationships. We, paxa (hereinafter “we”, “us”, “our” or “paxa”), are committed to ensuring the protection of your personal data. We treat the personal data you provide in the context of using our website, providing legal services and initiating and executing other contractual relationships confidentially and in accordance with the legal provisions of European Union data protection law, in particular the General Data Protection Regulation (hereinafter “GDPR”) and other applicable regulations. In the following, we will inform you which of your personal data we process, for what purposes it is used, to whom it is passed on and what rights you have under data protection law.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Information about the responsible body:The responsible body for data processing on this website is:
Paxa Rechtsanwaltsgesellschaft mbH
Grosse Hamburger Strasse 17, 10115 Berlin
Telephone: +49 30 16638 1600
If you have any questions or concerns about this privacy statement or the collection, processing, or use of your personal information, you can email us at contact@paxapartners.com contact.
Which terms do we use?
“Personal data” is any information relating to an identified or identifiable natural person (“data subject”); identifiable is a natural person who, directly or indirectly, in particular by assigning an identifier such as a name, an identification number, location data, an online identifier or one or more specific expressive features, expresses the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person, can be identified.
“Processing” means any process or series of operations carried out with or without the aid of automated processes in connection with personal data, such as collection, collection, organization, storage, adjustment or change, reading, retrieval, use, information, creation of serial numbers, structuring or blocking, form or physical delivery, transmission, transfer, or other form of provision, combination or connection with other data, or retrieving in this context.
“Responsible person” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria established for him may be determined under Union or Member State law.
“Contract processor” means a natural or legal person, authority, agency or other body which processes personal data on behalf of the person responsible.“Third party” means a natural or legal person, public authority, agency or other body which does not refer to the data subject, controller, processor or person who is entitled to process personal data under the direct responsibility of the controller or processor.
“Consent” the data subject: any freely chosen and unequivocal statement of intent made voluntarily for the processing of the data subject's personal data to process the consent given by the data subject.
How do we collect your information?
On the one hand, your data is collected when you provide it to us. This may include data that you enter in a contact form. Other data is collected automatically or after your consent when you visit the website by our IT systems. When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. This includes information about:
1. Internet protocol addresses (IP addresses)
2. Browser type Internet service provider (ISP)
3. Date and time stamp
4. referring/outgoing pages
5. and possibly the number of clicks.
What do we use your data for?
If contracts can be concluded or initiated via the website, the data transmitted will also be used to conclude, execute and process mandate and fee agreements and to provide our legal services. The legal basis for this is Article 6 (1) (b) GDPR. Insofar as we have concluded a mandate agreement with your employer, we process your data on the basis of Art. 6 para. 1 lit. f DSGVO to fulfill the mandate. We also process personal data for internal administrative purposes, to carry out court and official proceedings, for further communication purposes and to comply with legal obligations in accordance with Article 6 (1) (c) GDPR, in particular to carry out money laundering checks, to reconcile sanctions lists and to comply with legal retention periods and conflict checks. In addition, we may also process personal data to plan and organize events and to send newsletters (Art. 6 para. 1 lit. f GDPR).
In order to fulfill the above purposes, we process in particular:
1. title
2nd title
3. Last name, first name
4. Contact
5th bank
6th profession
7. Other personal data required to provide our services.
This data is usually collected from you or your employer. The data may also be collected from publicly available sources or, if necessary, from third parties.
If you do not provide us with your personal data, we will not be able to fulfill the contractual relationship and implement the above communication purposes.
In addition, we process data for the following purposes:
1. Provision and maintenance of our website
2. Ensuring a smooth structure of the website
3. Ensuring convenient use of our website
4. Evaluation of system security and stability, and
5, other administrative purposes
The legal basis for data processing activities is Article 6 paragraph 1 letter f GDPR. Our legitimate interests arise from the above-mentioned purposes of data collection. Under no circumstances do we use the collected data to draw conclusions about you.
We also use cookies and other tracking technologies when you visit our website. Detailed explanations of this can be found below.
Who all has access to your data?
The following categories of recipients may have access to your personal data:
1. Companies and people (e.g. freelancers, consultants) who help us deliver our services. The legal basis is Article 6 paragraph 1 letter b or Article 6 paragraph 1 letter f GDPR.
2. Service providers for operating our website and processing the data stored or transmitted by the systems. The legal basis for the transfer is Article 6 paragraph 1 letter b or Article 6 paragraph 1 letter f GDPR, unless the service providers are contract processors.
3. Authorities/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the transfer is Article 6 paragraph 1 letter c GDPR.
4. Insofar as this is necessary to fulfill the purposes set out above, your personal data may be passed on to contract processors such as e-discovery platforms, translators, investigators and collection agents, who process the data on behalf of and on the instructions of paxa.
Personal data will only be transferred to countries outside the EU if this is necessary in individual cases to fulfill the requirements of the order.
Our website may contain links to other websites, products, or services that are not owned or operated by us. We are not responsible for the privacy practices of these third parties. Please note that this Privacy Policy does not apply to your activities on these third-party services or to information that you disclose to those third parties. We recommend that you read their privacy statements before you provide them with information.
Google Fonts
Calendry
linkedin
Which plug-ins and tools do we use?
Google fonts:
This site uses so-called Google Fonts, which are provided by Google, to uniformly display fonts. When you call up a page, your browser loads the required fonts into its browser cache to correctly display texts and fonts.
For this purpose, the browser you use must connect to Google's servers. As a result, Google becomes aware that this website has been accessed via your IP address. Google Fonts are used on the basis of Art. 6 para. 1 lit. f GDPR. Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy:https://policies.google.com/privacy?hl=de.
Calendly:
Calendly (appointment booking)
To make an appointment, we use Calendly, provided by Calendly LLC (USA). Name, e-mail address and desired appointment are sent to Calendly via the booking form.Data processing is carried out on the basis of Art. 6 para. 1 lit. b DSGVO (contract initiation) or lit. f DSGVO (legitimate interest in making an efficient appointment) .Calendly has integrated the standard contractual clauses (SCCs) in accordance with DPA and meets the requirements of the EU-US Data Privacy Framework.More information: https://calendly.com/legal/privacy-notice
LinkedIn Insight Day
LinkedIn Insight Day
On our website, we use the LinkedIn Insight Tag from LinkedIn Ireland Unlimited Company (Ireland).
This tag collects data such as URL, referrer, IP address (pseudonymized), browser information, and actions such as clicks (“website actions”) to optimize LinkedIn ads.
Legal basis: Your consent in accordance with Art. 6 para. 1 lit. a or lit. f GDPR. We do not receive any personal data, LinkedIn only provides aggregated reports; IP addresses are anonymized or hashed.
Information on deletion periods and pseudonymization: completely anonymous within 7 days, retargeting data 180 days.
More details: https://www.linkedin.com/legal/privacy-policy
How long is your data stored?
Your personal data will be stored for as long as is necessary to fulfill the legitimate purposes of processing and as required by law.
We delete your data after the customer relationship has ended and unless there are any further contractual or legal storage obligations.
If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have any other legally valid reasons for storing your personal data (e.g. tax or commercial retention periods); in the latter case, the deletion will take place after these reasons cease to apply.
What rights do you have with regard to your data?
We want to make sure that you are fully aware of all of your data protection rights. Every user has the following rights:
The right to withdraw your consent (Article 7 (3) GDPR) — You have the right to withdraw your consent to the processing of your personal data at any time with effect for the future. Please note that the revocation has no effect on the lawfulness of previous data processing.
Right to information (Art. 15 GDPR) — You have the right to request copies of your personal data from paxa.
Right to rectification (Art. 16 GDPR) — You have the right to ask us to correct incorrect data. You also have the right to ask paxa to complete incomplete data.
Right to deletion (Art. 17 GDPR) — You have the right to request the deletion of your personal data under certain conditions.
Right to restrict processing (Art. 18 GDPR) — You have the right to request that paxa restrict the processing of your personal data under certain conditions.
The right to object to processing (Art. 21 GDPR) — For reasons arising from your particular situation, you have the right to object at any time to the processing of your personal data carried out on the basis of Article 6 (1) (f) GDPR. The controller will then no longer process the personal data unless he can prove compelling legitimate grounds for processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. The collection of data to provide the website and the storage of log files are absolutely necessary for the operation of the website.
The right to data portability (Art. 20 GDPR) — Under certain conditions, you have the right to request that we transfer the data we collect to another organization or directly to you. You can contact us at any time to assert your rights as a data subject. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email address: contact@paxapartners.com
You also have the option of filing a complaint with a data protection supervisory authority (see Art. 77 GDPR). The right to lodge a complaint remains unaffected.
How we secure your data:
We have appropriate, state-of-the-art security measures to protect your data from loss, misuse and alteration. For example, our security policies and privacy statements are regularly reviewed and improved as needed. Although we cannot rule out a complete exclusion of data loss, misuse, or data alteration, we make every effort to prevent this. Please note that data transmission over the Internet is never completely secure. We cannot guarantee the security of data entered on our website during transmission over the Internet. The transfer is at your own risk. Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection when the browser's address line changes from “http://” to “https://” and by the lock icon in the lower status bar of your browser. If SSL or TLS encryption is activated, the data that you submit to us cannot be read by third parties.
What else is important:
Children's privacy
We also attach great importance to protecting children when using the Internet. We recommend that parents and guardians observe, participate in, and/or monitor and guide their children's online activities.
We do not knowingly collect any personal information from children under 13 years of age. If you believe that your child has provided such information on our website, we urge you to contact us immediately so that we can promptly remove this information from our records.
2nd hosting
We host the content of our website with the following provider:
Webflow
The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter Webflow).
When you visit our website, Webflow collects various log files, including your IP addresses.
Webflow is a tool for building and hosting websites. Webflow stores cookies or other recognition technologies that are necessary to display the page, to provide certain website functions and to ensure security (necessary cookies).
For details, see Webflow's privacy policy:https://webflow.com/legal/eu-privacy-policy.
Webflow is used on the basis of Art. 6 para. 1 lit. f DSGVO. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:https://webflow.com/legal/eu-privacy-policy.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards when processing data in the USA. Every company certified under DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/participant/6365.
Order processing
We have concluded an order processing contract (AVV) for the use of the above service. This is a contract required by data protection law, which ensures that it only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
3. Final provisions
By using the website, you agree to the terms of this privacy policy.
We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page.