Skip to content

Data Protection Policy for Website

1. General Information

Our data protection policy is intended to inform visitors on how we collect, record, process and use personal data in connection with our website.
We take data protection very seriously and make every effort to keep the collection, use and processing of personal data to a minimum.

1.1 Name and Contact Details of Controller

Busch von Rönn und Partner mbB
Neuer Wall 80
20354 Hamburg
Telefon: +49 40 210099-0
Fax: +49 40 210099-219
E-Mail: info@)

1.2 Questions to the data protection officer

If you should have any questions regarding our data protection policy, please send us an e-mail or contact our data protection officer directly at

2. Scope and Purpose of Processing Personal Data

2.1 Visits to our Website

Whenever anyone visits our website, the visitor’s browser automatically transmits data to this website’ server to be recorded temporarily in a log file. The following information will be stored temporarily and then automatically erased after a certain period of time:

  • IP address of the visitor,
  • date and time of access,
  • name and URL of the page visited,
  • website from which the visitor was linked to our website (‘referrer URL’),
  • browser and operating system of the visitor’s device and the name of the access provider used by the visitor.

The processing of this personal data is legitimate pursuant to Art. 6(1)(1)(f) GDPR. We have a legitimate interest in processing data

  • to reduce the load time of our website,
  • to make our website convenient to use,
  • to monitor and ensure the security and stability of our systems and
  • to facilitate and enhance administration of our website.

We make no attempt to obtain any information on the identify of visitors to our website.

3. Transfer of Data

Personal data may be transferred to third parties

  • with the express consent of the data subject pursuant to Art. 6(1)(1)(a) GDPR,
  • if necessary pursuant to Art. 6(1)(1)(f) GDPR to establish, exercise or defend legal claims and there is no reason to assume that the data subject has an overriding legitimate interest in preventing such transfer,
  • if necessary to comply with a legal obligation pursuant to Art. 6(1)(1)(c) GDPR and/or
  • if necessary for the performance of contractual obligations towards the data subject pursuant to Art. 6(1)(1)(b) GDPR.

Personal data will not be transferred to third parties otherwise.

4. Cookies

Our website uses cookies, which are small files that are exchanged between the server of our website and the browsers of visitors. They are stored on the devices (PC, notebook, tablet, smart phone, etc.) of visitors to the website. Cookies cannot harm visitors’ devices. In particular, they contain no viruses or other malware. Cookies contain information on the devices used by visitors. We cannot therefore obtain information on the personal identify of visitors.

Cookies are accepted by the default settings of most browsers. Browsers can be configured so that cookies are not accepted by the respective device or so that a special alert is provided before a new cookie can be placed. However, optimal use of all features may not be possible if cookies are disabled.

Cookies make the use of our website more convenient. For example, session cookies tell whether us which pages are visited. These cookies are deleted automatically when the visitor leaves the website.
Temporary cookies are used to improve user-friendliness. They are stored on the visitor’s device only for a limited time. If the website is revisited, preferred entries and settings from the previous visit are automatically detected and restored so that the visitor does not have to reenter them.

Cookies are also used to analyze traffic on our website for statistical purposes and provide a better experience for our visitors. These cookies automatically tell us whether a visitor has already visited our site in the past. In this case, the cookies are automatically deleted after a certain period of time.

The use of cookies to pursue legitimate interests as described above is allowed pursuant to Art. 6(1)(1)(f) GDPR.

5. Your Rights as Data Subject

If your personal data are processed in connection with a visit to our website, you have the rights set forth below as a ‘data subject’ within the meaning of GDPR:

5.1 Access

You have the right to receive confirmation as to whether we process personal data on you. This right will not exist if providing the information you request would be in violation of our duty of confidentiality pursuant to § 43a(2) of the Federal Lawyers’ Act (Bundesrechtsanwaltsordnung – BRAO) and § 57(1) of the Tax Advisory Act (Steuerberatungsgesetz – StBerG) or if such information may not be disclosed for other reasons, in particular due to an overriding legitimate interest of a third party. We may under exceptional circumstances be under obligation to disclose the information, in particular if your interests override any interest in confidentiality due to the damages that could occur otherwise. This right of access will also not apply if the data are recorded and kept only because they may not be erased due to legal or statutory retention requirements or are used exclusively for the purposes of monitoring data protection or safeguarding data, if providing the information would require an unreasonable effort or if the possibility of processing for other purposes is excluded by suitable technical and organizational measures. If the right of access is not excluded in your case and personal data that concern you are processed by us, you have a right to receive the following information from us:

  • the purposes which the data are processed,
  • the categories of personal data concerning you that we process,
  • the names of recipients or categories of recipients that receive personal concerning you from us, including in particular recipients in other countries,
  • the contemplated duration of retention of personal data if possible or, if not possible, the criteria for determination of such duration,
  • the existence of a right to rectification or erasure or restriction of access to personal data concerning you or the right to object to processing,
  • the existence of a right to lodge complaints with a supervisory authority for data protection,
  • available information on the source of the personal data concerning you if not obtained from you,
  • the existence of any automated decision-making, including profiling, and meaningful information on the logic involved and the significance and envisaged consequences of such processing,
  • information on any appropriate safeguards provided pursuant to Art. 46(2) GDPR to protect personal data in the case of any transfer of personal data to third countries that have not been found by the EU Commission to ensure an adequate level of protection pursuant to Art. 45(3) GDPR.

5.2 Rectification and Completeness

If you should find that the personal data concerning you in our possession are inaccurate, you have the right to require rectification without undue delay. In the case of incomplete data, you also have the right to have such data completed.

5.3 Erasure

You have the right to require erasure (“right to be forgotten”) if and to the extent processing is not necessary for the exercise of the right to freedom of expression and information or compliance with a legal obligation or for the performance of a task carried out in the public interest and one of the following grounds applies:

  • the personal data are no longer needed for the purposes for which they were originally collected;
  • you have withdrawn your consent, which was the only legal ground for the processing;
  • you have objected to the processing of personal data concerning you that we have made public;
  • you have objected to the processing of personal data concerning you that we have not made public and there are no overriding legitimate grounds for such processing;
  • personal data concerning you were processed unlawfully;
  • we are required by law to erase the personal data.

No right to erasure exists in the case of non-automated data processing if it would be impossible or would involve a disproportionate effort due to the specific mode of storage and your interest in erasure can be regarded as minimal. In this case, processing will be restricted instead of erased.

5.4 Restriction of Processing

You have the right to require that we restrict processing if one of the following applies:

  • you contest the accuracy of the personal data, in which case restriction can be required for the time it takes for us to verify the accuracy of the data;
  • the processing is unlawful and you request restriction of the use of the data instead of erasure;
  • we no longer need your personal data for processing purposes, but you need the data to establish, exercise or defend legal claims;
  • you have objected to processing pursuant to Art. 21(1) GDPR. you may require that processing be restricted for as long as is necessary to determine whether our legitimate reasons override your interests.

Restriction of processing means that the personal data will be processed only with your consent or to establish, exercise or defend legal claims or protect the rights of another natural or legal person or for important for reasons of an public interest. We are under obligation to inform you accordingly before we cease restriction of processing.

5.5 Data Portability

You have the right to data portability if processing is based on your consent (Art. 6(1)(1)(a) or Art. 9(2)(a) GDPR) or an agreement to which you are party and the processing is carried out by automated means. The right to data portability covers the following as long as the rights and freedoms of others are not adversely affected: You have the right to receive the personal data that you have made available to us in a structured, commonly used and machine-readable format. You have the right to have such data transmitted to another controller without hindrance from us. Insofar as technically feasible, you may require that we transmit personal data concerning you directly to another controller.

5.6 Objection

You have the right to object to the processing of personal data concerning you for reasons related to your particular situation at any time insofar as processing is based on Art. 6(1)(1)(e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority ) or Art. 6(1)(1)(f) GDPR (legitimate interest of the controller or a third party). The also applies to processing on the basis of Art. 6(1)(1)(e) or (f) GDPR. If you exercise your right of objection, we will cease to process your personal data unless we can demonstrate compelling legitimate reasons for such processing that outweigh your interests, rights and freedoms or such processing serves to establish, exercise or defend legal claims.

You have the right to object to the processing of personal data concerning you for the purposes of direct marketing. This will also apply accordingly to any profiling related to such direct marketing activities. If you exercise your right to object, we will cease processing the personal data concerning you for the purposes of direct marketing.

You may notify us of your objection without observing any special formalities by telephone, by e-mail, by facsimile or by postal mail at the postal address provided at the beginning of this data protection policy.

5.7 Withdrawal of Consent

You have the right to withdraw your consent for the future at any time. You may notify us of withdrawal of your consent without observing any special formalities by telephone, e-mail, facsimile or postal mail. Withdrawal of consent will not affect the legality of data processing based on your consent carried out prior to withdrawal of your consent. Processing based on your consent will cease upon receipt of notification of withdrawal of consent.

5.8 Right to Lodge Complaint

If you are of the opinion that personal data relating to you are being processed unlawfully, you may lodge a complaint with a supervisory authority for data protection responsible for your place of habitual residence or work or for the place of the alleged infringement.

6. Status and Ongoing Revision of this Data Protection Policy

This Data Protection Policy dates from 25 May 2018. We reserve the right to update our Data Protection Policy from time to time as necessary to improve and/or align data protection with changes in governmental practice or the law.

Back To Top