Responsible Person:
This privacy information applies to data processing by:

Attorney Damla Yağbasan
Oranienstraße 43
10969 Berlin

Phone: +49 1577 3746410
Email: info [at] kanzlei-yagbasan [dot] de

The responsible person is Attorney Damla Yağbasan.
1. Type and Purpose of Collection and Storage of Personal Data
a) When visiting the website www.kanzlei-yagbasan.de (hereinafter referred to as “Website”), information is automatically sent by the browser you use to the server of the website. These connection data (hereinafter “logfiles”) include: domain, anonymized client IP, request line, timestamp, status code, size of the response body, referrer sent by the client, user agent sent by the client, remote user. Your non-anonymized IP address is also transmitted but stored for a maximum of 7 days, see section 2 of this statement.
The aforementioned data is used to ensure a proper connection setup of the website, to ensure a comfortable use of the website, to evaluate system security and stability, and for other administrative purposes.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. The legitimate interest follows from the purposes of data collection listed above. The collected data is not used to draw conclusions about the identity of the website users.
b) When making inquiries via the contact form, providing your email address is required in order to respond to your inquiry. Additional information can be provided voluntarily.
Data processing for the purpose of contacting is based on your voluntarily given consent pursuant to Art. 6 para. 1 lit. a) GDPR.

2. Disclosure to Third Parties
The website is hosted by:

One.com Group AB
Carlsgatan 3
211 20 Malmö
Sweden

(hereinafter “Hosting Provider”). A data processing agreement has been concluded with this service provider in accordance with Art. 28 GDPR. For the purposes stated in 1. a), the logfiles mentioned in 1 a) as well as your non-anonymized IP address are transmitted to the Hosting Provider. Non-anonymized IP addresses are stored for a maximum of 7 days by the Hosting Provider to prevent attacks and are then irreversibly anonymized. The non-anonymized IP addresses cannot be accessed by the responsible person.
Your personal data will only be disclosed to third parties if:
– you have given your explicit consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR,
– the disclosure is necessary for the protection of legitimate interests of the controller or a third party in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, and there is no reason to assume that you have an overriding interest in not disclosing your data,
– a legal obligation exists pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR, or
– it is legally permissible and necessary for the performance of a contract or for taking steps prior to entering into a contract pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR.

3. Your Rights
According to Art. 15 GDPR, you have the right to request information about your personal data processed by the controller. This includes information about the purposes of processing, categories of personal data processed, recipients or categories of recipients to whom the data has been or will be disclosed, intended storage period, the existence of rights to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by the controller, and the existence of automated decision-making including profiling and meaningful information about its details, if applicable.

You have the right pursuant to Art. 16 GDPR to request the rectification of inaccurate personal data or the completion of incomplete data stored about you.

You have the right pursuant to Art. 17 GDPR to request the deletion of your stored personal data unless there is a legal obligation to retain it.

You have the right pursuant to Art. 18 GDPR to request the restriction of processing of your personal data if:
– you contest the accuracy of the data,
– the processing is unlawful and you oppose the deletion,
– the controller no longer needs the data, but you need it for the establishment, exercise, or defense of legal claims,
– or you have objected to processing pursuant to Art. 21 para. 1 GDPR.

You have the right pursuant to Art. 20 GDPR to receive the personal data you provided in a structured, commonly used, and machine-readable format or to request its transmission to another controller, provided that the processing is carried out by automated means.

You have the right to withdraw your consent at any time pursuant to Art. 7 para. 3 GDPR. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

You have the right to object to the processing of your personal data pursuant to Art. 21 GDPR if the processing is based on legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR and if there are reasons for the objection arising from your particular situation. In the case of direct marketing, you have a general right to object.

4. Data Security
This website uses SSL security protocol with sha2 (256-bit) encryption. Supported TLS protocols are TLS 1.1 and TLS 1.2. If you contact us via the contact form, the message is sent via unencrypted email. If you wish to send your message using PGP encryption, please download the public key which is available upon request via email.

5. Storage Duration
Your personal data will be stored only as long as necessary for the purpose of collection. After that, the data will be deleted unless there is a legal obligation to retain it pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR.