Privacy Policy

Data Privacy Policy
HAVER & MAILÄNDER Rechtsanwälte Partnerschaft mbB

We are pleased that you are visiting our website and thank you for your interest. Protecting the personal data of our users is a key concern for us. The following provisions inform you about the collection, processing and use of your personal data in connection with your visit to and use of our website.
This privacy policy may be printed and saved.

Controller / Data Protection Officer

1.1 Controller
The controller responsible for the collection, processing and use of data is the operator of the website www.haver-mailaender.de

HAVER & MAILÄNDER Rechtsanwälte Partnerschaft mbB
Lenzhalde 83–85
70192 Stuttgart
Tel: +49 (0) 711 22744 0
Fax: +49 (0) 711 29919 35
Email: info@haver-mailaender.de

The partnership is jointly represented by the two managing partners: Dr Timo Alte and Dr Peter O. Mailänder.
Register: Local Court Stuttgart PR 720629
(hereinafter “HAVER & MAILÄNDER” or “we”)

1.2 Data Protection Officer
The contact details of the Data Protection Officer are:

HAVER & MAILÄNDER Rechtsanwälte Partnerschaft mbB
Data Protection Officer
Lenzhalde 83–85
70192 Stuttgart
Tel: +49 (0) 711 22744 31
Fax: +49 (0) 711 29919 35
Email: datenschutz@haver-mailaender.de

General Principles
We collect and process your personal data in compliance with the applicable legal provisions, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), as well as in accordance with the following provisions.
Definitions
Personal data means any information relating to an identified or identifiable natural person, such as name, address, email address, IP address or usage data.
Processing means any operation performed on personal data, whether or not by automated means, including collection, storage, transmission, alteration and deletion.
Controller means the natural or legal person which determines the purposes and means of the processing of personal data.
Processor means a person or entity that processes personal data on behalf of the controller.
Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes.
Collection, Processing and Use of Your Personal Data

4.1 Hosting
Our website is hosted by Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4–6, 32339 Espelkamp (“Mittwald”). The servers are located exclusively in Germany.
We have concluded a data processing agreement with Mittwald pursuant to Article 28 GDPR to ensure compliance with data protection requirements. As part of the hosting, Mittwald processes data that arise technically when you visit our website (in particular server log files, see section 4.2) on our behalf.

4.2 Server Log Files
Each time our website is accessed, certain usage data are transmitted by your internet browser and stored in log files (server log files). These include:
– date and time of access
– IP address of the requesting device
– name and URL of the requested file
– volume of data transferred
– notification of successful retrieval
– browser and operating system details
– referring website
– name of the internet service provider

These data are collected and processed to enable you to use our website, to ensure system security and to manage the network infrastructure.
We delete these data after 8 weeks, unless longer storage is required for the purposes stated. In such cases, deletion takes place after one year at the latest.
The legal basis is our legitimate interest in the secure and stable provision of our website (Art. 6(1)(f) GDPR).

4.3 Cookies
We use only one technically necessary cookie for the operation of our website, which enables administrators to log into the content management system (MODX). This cookie is used solely for internal administrative purposes and does not identify website visitors.
It is a session cookie that is deleted immediately after the session ends. The information stored is not used to identify you and is not combined with other personal data.

Name: MODX session cookie
Provider: MODX
Domain: haver-mailaender.de
Purpose: Enables administrator login to backend
Storage duration: Session

We do not use tracking, analytics or marketing cookies.
You can also visit our website without cookies by disabling their storage in your browser settings. Further information can be found on the website of the German Federal Office for Information Security: www.bsi.bund.de

The legal basis is our legitimate interest in maintaining and updating our website (Art. 6(1)(f) GDPR).

4.4 Consent Management
We use the consent management tool “ConsentFriend”, developed in-house for the MODX CMS and operated entirely on our own server. No data are transferred to external third parties.

4.5 Contact by Email
If you contact us by email, we collect and process your email address, your name, the content of your message and any additional contact details you provide voluntarily.
Please consider carefully whether you wish to provide further information, as it is not required to respond to your enquiry.
We use your data solely to respond to your enquiry and for related communication. The data are deleted after the communication has ended, at the latest after one year without further contact, subject to statutory retention obligations.
The legal basis is Art. 6(1)(b) GDPR where processing is necessary for pre-contractual measures, otherwise our legitimate interest in responding to enquiries (Art. 6(1)(f) GDPR).

External Links
Our website may contain links to third-party websites, for example courts, authorities or specialist publications. The respective provider is responsible for compliance with data protection regulations. Please refer to their privacy policies for further information.
Data Processing / Disclosure of Data

6.1 Processing by Service Providers
We transmit your data to processors where necessary for the purposes described (e.g. IT support or data destruction). All service providers are bound by data processing agreements ensuring compliance with data protection requirements.

6.2 Disclosure to Third Parties
Your personal data are disclosed only if:
– you have given your explicit consent (Art. 6(1)(a) GDPR);
– disclosure is necessary for the establishment, exercise or defence of legal claims (Art. 6(1)(f) GDPR);
– there is a legal obligation (Art. 6(1)(c) GDPR);
– it is necessary for the performance of a contract (Art. 6(1)(b) GDPR).

Encryption / Data Security
Data transmission via our website is encrypted using TLS (Transport Layer Security). You can recognise this by “https://” in your browser.
Please note that complete confidentiality of email communication cannot always be guaranteed. We use TLS encryption for email communication. For highly confidential information, we recommend using postal services or alternative secure communication channels upon request.
We implement appropriate technical and organisational measures to protect your data against loss, destruction or unauthorised access, and continuously update these measures.
Deletion / Restriction of Processing
Your data are deleted as soon as they are no longer required for the purpose for which they were collected and no legitimate interest in further storage exists. Where legal retention obligations apply, processing is restricted.
Data Subject Rights
You have the following rights under applicable law:
– access (Art. 15 GDPR)
– rectification (Art. 16 GDPR)
– erasure (Art. 17 GDPR)
– restriction of processing (Art. 18 GDPR)
– data portability (Art. 20 GDPR)
– objection (Art. 21 GDPR)
– withdrawal of consent (Art. 7(3) GDPR)
– right to lodge a complaint (Art. 77 GDPR)

To exercise your rights, please contact our Data Protection Officer (see section 1.2).

Supervisory Authority
The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Heilbronner Straße 35
70191 Stuttgart
Tel: +49 (0) 711 615541-0
Email: poststelle@lfdi.bwl.de
Updates to this Privacy Policy
This privacy policy is currently valid. It may be updated due to changes in our website or legal requirements. The current version is always available on our website.

Status: April 2026