Privacy Notice

Thank you for visiting the website of Brödermann Jahn Rechtsanwaltsgesellschaft mbH (hereinafter also "Brödermann Jahn"/ "we"/ "us"). The protection of your data is very important to us. In the following, we would like to inform you about the extent to which and the purposes for which we collect and process personal data from you via our Internet presence at (hereinafter referred to as "website").

1 General; Definitions

Our privacy policy is based on the terms used in the General Data Protection Regulation (GDPR). We use the following terms, among others, in this privacy notice:

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (cf. Art. 4 No. 1 GDPR).

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (cf. Art. 4 No. 2 GDPR).

Controller or Data Controller means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data (cf. Art. 4 No. 3, half sentence 1 GDPR).

Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller (cf. Art. 4 No. 8 GDPR).

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor (cf. Art. 4 No. 10 GDPR).

2 Controller

The Controller for the collection, processing and use of personal data within the meaning of the DSGVO is:

Brödermann Jahn Rechtsanwaltsgesellschaft mbH
ABC Strasse 15
20354 Hamburg

This Privacy Policy meets our obligations to inform in connection with processing your personal data under Art. 12 - 14 GDPR.

3 Contact and data protection officer

If you wish to inspect and update your personal data or have any questions regarding data protection on our website, please contact us at any time via our e-mail address given above or by post at the address given above.

You can reach our data protection officer

  • by e-mail: or
  • by mail: Data Protection Officer, Brödermann Jahn Rechtsanwaltsgesellschaft mbH, ABC-Straße 15, 20354 Hamburg, Germany

4 Data processing when visiting our Website

The scope and type of collection, processing and use of your personal data differ depending on whether you contact us via our website (e.g. by e-mail) or use our website purely for information purposes.

4.1 Collection of data with your assistance
If you send us an e-mail, your e-mail address and any personal data contained in the message will be stored by us.

This personal data is stored exclusively for the purpose of processing your inquiry and in the event that follow-up questions arise. To answer the inquiry, the inquiry can be forwarded by e-mail to the respective contact person at our law firm.

The legal basis is Art. 6 (1) f) DSGVO, whereby our legitimate interest is to process your request to your satisfaction, as well as Art. 6 (1) b) DSGVO, insofar as your request relates to our range of services.

We will delete the data in question once the purpose has been fulfilled, unless we are required by law to retain it for a longer period. Longer retention periods apply in particular to business e-mails, which must be retained for 6 or 10 years after the end of the calendar year and the annual financial statements, depending on the type of document (Section 147 of the German Fiscal Code, Section 257 of the German Commercial Code).

4.2 Collection of data without your assistance
We collect and use personal data automatically generated by your visit to our website for the technical provision of our website and to improve our services.

4.2.1 Log files
When using our website for information purposes only, our server temporarily records the following personal data in so-called log files:

  • Name of the retrieved website
  • Date/time of retrieval
  • File request from the client
  • http status code
  • Amount of data transferred
  • Confirmation of successful retrieval
  • Used browser type and version
  • Operating system of the user
  • URL of the previously visited page

Unless otherwise stated in the privacy policy, this data is technically necessary for the functioning and operation of our website. In addition, the short-term storage of log files is relevant in order to subsequently clarify attempted attacks on web servers or possible misuse. Accordingly, our legitimate interest in this data processing is to be able to offer you our services on the basis of these circumstances (legal basis: Art. 6 para. 1 f) DSGVO) and are deleted when they are no longer required for this purpose, regularly seven (7) days. Data whose further retention is required for evidentiary purposes is exempt from deletion until the final clarification of the respective incident. Their processing will be blocked for any other purposes.

4.2.2 Cookies
In addition, we use so-called "cookies" in several places on our website, which serve to make our offer more user-friendly and effective. Cookies are small text files that our website wants to place on your computer or other Internet-enabled devices such as tablets or smartphones, if your browser settings allow it. Cookies do not cause any damage to your computer and do not contain viruses. The cookies used on our website are so-called session cookies as so-called "technical cookies": these are mandatory so that you can move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes nor do they store which web pages you have visited. Session cookies are automatically deleted when you close the browser. You have the option of setting your browser so that these cookies are not stored in the first place. Please note, however, that in this case you may not be able to use all the functions of our websites. The legal basis for the technical cookies is § 25 para. 2 no. 2 TTDSG.
You can object to the processing of your data by means of cookies at any time for the future (Art. 21 GDPR), for example by setting your browser accordingly. However, please note that you may then not be able to use all functionalities of our website.

4.2.3 LinkedIn
Brödermann Jahn operates a profile on the "LinkedIn" platform of the information service LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

We would like to point out that you use our LinkedIn page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access parts of the information offered via LinkedIn on this website.

When you visit our LinkedIn page, LinkedIn collects, among other things, your IP address and other information that is collected through cookies. This information is used to provide us, as operators of the LinkedIn pages, with statistical information about the use of the LinkedIn page. The data collected about you in this context will be processed by LinkedIn and, if necessary, transferred to countries outside the European Union. In what way LinkedIn uses the data from the visit of LinkedIn pages for its own purposes, to what extent activities on the LinkedIn page are assigned to individual users, how long LinkedIn stores this data and whether data from a visit to the LinkedIn page is passed on to third parties, is not conclusively and clearly stated by LinkedIn and is not known to us.

When you access a LinkedIn page, the IP address assigned to your end device is transmitted to LinkedIn. According to LinkedIn, this IP address is anonymized (for "German" IP addresses) and deleted after 90 days. LinkedIn also stores information about the end devices of its users (e.g. as part of the "login notification" function); LinkedIn may thus be able to assign IP addresses to individual users.

If you are currently logged in to LinkedIn as a user, a cookie with an identifier is located on your end device. This enables LinkedIn to track that you have visited this page and how you have used it. This also applies to all other LinkedIn pages. Based on this data, content or advertising can be offered tailored to you. If you want to avoid the described data processing, you should log out of LinkedIn or deactivate the "stay logged in" function, delete the cookies present on your device and close and restart your browser. In this way, LinkedIn information through which you can be directly identified will be deleted. This allows you to use our LinkedIn page without revealing your LinkedIn identifier. When you access interactive features of the site (like, comment, share, news, etc.), a LinkedIn login screen will appear. After any login, you will again be identifiable to LinkedIn as a specific user(s). Information on how to manage or delete information about you can be found at

We, as the provider of the information service, do not collect or process any other data from your use of our service.

What information LinkedIn receives and how it is used is described in general terms by LinkedIn in its data use policy. There you will also find information on how to contact LinkedIn and on the settings options for advertisements. The data usage guidelines are available at

5 Transfer of personal data to third parties

Your personal data will always be treated confidentially by us and will generally not be disclosed to other third parties unless you have given your express consent. However, some data must be disclosed to selected third parties in compliance with legal requirements: If external service providers (e.g. in the area of accounting or IT) come into contact with your personal data, this is done within the framework of so-called Processors. This is expressly provided for by law and follows our legitimate interest in offering our services on an equally user-friendly, secure and operationally sensible basis (legal basis: (Art. 6 (1) f) GDPR in conjunction with. Art. 28 GDPR). We remain responsible for the protection of your data even in this case. Our service providers work exclusively in accordance with our instructions, in compliance with applicable data protection law and this Privacy Policy, which we ensure through appropriate contractual arrangements pursuant to Art. 28 (3) GDPR and supplementary controls. We have concluded such an data processing agreement in particular with the IT company that hosts our website on its server operated within Europe and our web designer.

We also reserve the right to disclose your personal data if we are required to do so by law or if we are requested to do so by authorities or law enforcement agencies in a demonstrably justified manner.

6 Place of data processing and data security

The processing of your data takes place in the European Union (EU) / the European Economic Area (EEA), unless the transfer of personal data to another country is explicitly mentioned in this Privacy Policy.

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its likelihood and impact) for the data subject (Art. 24 GDPR in conjunction with Art. 32 GDPR).

We will be happy to provide you with more information on request.

7 Data subject rights

To exercise the rights below, you can contact us at any time using the contact details above:

Right to be informed: You can request information about the scope, origin and recipients of the stored data as well as the purpose of storage at any time and free of charge (Art. 15 GDPR). If you wish to exercise your right to information, you can contact one of our employees at any time or our data protection officer.

Right to data portability: You can get your personal data you provide us with in a structured, commonly used machine-readable format (Art. 20 GDPR), provided (1) you consent to its being processed under Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR or is based on a contract under Art. 6 (1) b) GDPR and (2) it is processed by automated procedures.

Right to rectification: Every person affected by the processing of personal data has the right to demand that inaccurate personal data concerning him or her be corrected without undue delay (Art. 16 GDPR). Furthermore, the data subject has the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

Right to erasure (right to be forgotten): Any person concerned by the processing of personal data has the right to obtain from the Controller the erasure without delay of personal data concerning him or her, where one of the following grounds applies and insofar as the processing is no longer necessary (Article 17 GDPR): (1) The personal data were collected or otherwise processed for such purposes for which they are no longer necessary. (2) The data subject revokes the consent on which the processing was based and there is no other legal basis for the processing. (3) The data subject objects to the processing and there are no overriding legitimate grounds for the processing. (4) The personal data have been processed unlawfully. (5) The erasure of the personal data is necessary for compliance with a legal obligation.

Right to object: Any person affected by the processing of personal data has the right to object at any time to the processing of personal data concerning him or her (Art. 21 GDPR). We shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defense of legal claims. If we process personal data for the purposes of direct marketing, the data subject shall have the right to object at any time to processing of personal data for such marketing.

Right to revoke consent under data protection law: Any person affected by the processing of personal data has the right to withdraw consent to the processing of personal data at any time (Art. 7(3) GDPR).

Right to complain to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR (Article 77 GDPR).
When asserting your claims against us, we will check this claim and comply with it if the legal requirements are met. We will inform you of the result.

As a rule, it is not necessary to comply with a special form in order to assert your data protection rights; for example, write to us by e-mail at

8 Update and amendments

In the context of the further development of data protection law as well as technological or organizational changes, our Privacy Policy is regularly reviewed to determine whether it needs to be adapted or supplemented. You can find out about changes in this data protection notice.

This privacy notice is current as of 4/24/2023.