Data Protection Information for websites of KPMG Law Rechtsanwaltsgesellschaft mbH (KPMG LAW)
As at 8/2018
Our business is based on trust. For KPMG LAW as a company of lawyers, the protection of personal data (data protection) has special value. KPMG LAW complies with all applicable data protection statutes and in addition endeavours to continually improve data protection. KPMG LAW is the responsible agency for the processing of personal data on these websites within the meaning of the European General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz [BDSG – Federal Data Protection Act].
In the following data protection information, we inform you about the processing of personal data on the websites of KPMG LAW and about the rights of the persons affected.
General data protection information about the processing of personal data in the course of our general line of business and for the purpose of providing legal advice can be accessed here.
1. Who is responsible for data processing of these websites?
KPMG Law Rechtsanwaltsgesellschaft mbH
Theodor-Heuss-Straße 5
70174 Stuttgart
Telephone: +49 711 781923-400 Fax: +49 711 781923-455
E-Mail: information@kpmg-law.com
2. How can the data protection officer be reached?
Either at the postal address specified in 1. or at the E-Mail address:
de-datenschutz@kpmg.com
3. For what purpose do we process your data on these websites and on what legal basis?
KPMG LAW collects and uses personal data for the provision of the websites as well as our content and services within the framework of the stipulations in Art. 6 (1) a to f GDPR, i.e. to the extent to which the GDPR or another legal provision permits this or the user has consented to the processing. Statutory standard data protection contracts are concluded with all service providers who we use on our websites as data processing contractors pursuant to Art. 28 EU GDPR and the service providers are subjected to a corresponding advance IT security assessment.
In addition, KPMG LAW processes personal data obtained from visits to these website as follows:

a) Log files
Every time our website is accessed, so-called log files are automatically stored on the basis of our justified interest pursuant to Art. 6 (1) f EU GDPR, which contain information about the computer which is accessing our website, e.g. information about the type of browser, the operating system used, the Internet service provider, the IP address, date and time of the access.
Storage of this data is necessary in order to be able to provide the users with our websites for the duration of the session. We also use this data to optimise our websites and guarantee the security of our IT systems. The data from the log files is deleted as soon as it is no longer required for the specified purposes.

b) Newsletter, Mailings, Downloads
We make a broad range of newsletters, mailings and downloads available on the websites of KPMG LAW on the basis of consent granted by the user pursuant to Art. 6 (1) a EU GDPR, if necessary in conjunction with Section 7(2) no. 3 Gesetz gegen den unlauteren Wettbewerb [UWG – The Act Against Unfair Competition]. We can also send affected parties certain information by E-Mail on the basis of statutory consent pursuant to Section 7(3).
The provision of the name and E-Mail address is necessary for registration for subject-related newsletters and mailings, as well as for the download of certain documents (e.g. studies) of KPMG LAW. After registering for newsletters, mailings or downloads on the KPMG LAW websites, each user receives a confirmation E-Mail at the stated E-Mail address (so-called double opt-in procedure). Registration is only complete after clicking on the link contained in this E-Mail.
Consents granted for the receipt of newsletters, mailings or downloads can be revoked at any time via a link at the end of each E-Mail or by a message to the inbox de-webteam@kpmg.com.
Registrations for newsletters, mailings or downloads are recorded on the basis of our justified interest of being able to prove the registration and consent of a user at any time (Art. 6(1) f EU GDPR).

c) Contact form
In order to obtain further information, we make contact forms available to you at various places on our websites with which you can approach us directly. We process the personal data entered in this context (e.g. name, E-Mail address) within the framework of the statutory provisions in order to process the enquiry pursuant to Art. 6(1) b or Art. 6(1) f EU GDPR.

e) Use of Google Custom Search
This website uses “Google custom search” as a central search function, which is made available by Google Inc. (“Google”). This search function enables a full text search for content on this website. Access to this search function is enabled through the search fields embedded in these websites. If you enter one or more search words in the search field and send off the search request, this and other data such as, for example, your IP address will be transmitted to Google, usually to Google servers in die USA. If you do not wish this, please do not use the search field. In using the search function, you acknowledge that the data protection provisions of Google (accessible under http://www.google.de/privacy.html) alone are decisive for your use of the search field and the data processing connected with this by Google.
The same applies for the use of further services made available by Google, such as for example Google Maps.

f) Cookies & Analytics
KPMG LAW uses cookies to improve depiction and navigation. A cookie is a text file which is sent from the Web server to the browser. The URL which was accessed is deposited in this file, as well as the date of the access and a final date which determines the period of activity of the cookie. Cookies are used by KPMG LAW on the one hand to determine the areas of the KPMG websites which are most frequently accessed and on the other hand to enable the user to save his/her personal settings so that they are once again available upon renewed access to the page. A notification banner about the use of cookies appears on the Internet pages on which cookies are used.
KPMG LAW uses cookies on the basis of our justified interest pursuant to Art. 6(1) f EU GDPR. Each user in principle has the choice of whether or not to accept cookies. Each browser can be set in such a way that users are notified if it receives a cookie or cookies can be generally refused in the browser settings.
If cookies are generally refused, it may be that the full range of website functions cannot be used. Further information about the use of cookies can be found on the help pages of the browser used as well as, for example, on the Internet page: http://www.allaboutcookies.org/ge/.
The following table contains a list of the different types of cookies we use on our website:
Purpose Description Storage Duration
Performance (e.g. browser of the user) Cookies are employed in the use of our websites (e.g. to recognise the browser) in order to improve performance (e.g. faster loading of content). Session cookies – are deleted when the browser is closed.
Security cookies (e.g. aps.net) If you register for an area with restricted access, these cookies ensure that your devices stay logged in for the duration of your access. You mostly need a username and a password in order to access these areas. Session cookies – are deleted when the browser is closed.
Preferences Our cookies can also note your preferences, e.g. language setting. It is also possible to transmit personalised greetings content to you. However, this exclusively affects areas with restricted access, i.e. which require registration. Session cookies – are deleted when the browser is closed.
Analysis cookies We use analysis cookies from third party providers in order to understand how visitors use our site. This helps us to improve the quality and content of our website. For further information about the analysis cookies we use, see below. They remain, but are deleted automatically after two years if the KPMG LAW website is not visited again.
Feedback from visitors to the Internet site We use the survey tool of an external provider to ask some of the visitors to our Internet website for feedback. The cookies are used to ensure that the visitors are not repeatedly invited to take part in the survey.
The first cookie is set when the visitor is not invited to participate in the survey in order to ensure that the visitor is not invited during his/her visit to the site.
The second cookie is set when the visitor was invited to participate in the survey. This is intended to ensure that the visitor only receives a repeat invitation after 90 days.
First cookie
is deleted when the browser is closed.
Second cookie
is deleted automatically after 90 days or the invitation to participate in the survey is shown.
KPMG LAW uses the following cookies and analytics tools from third party providers on these websites:

(1) Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (“Google”).
Google Analytics uses so-called cookies, text files which are stored in the browser and which enable an analysis of the use of the website by the user. The information generated by the cookie concerning the use of this website is usually transmitted to a server of Google in the USA and stored there. However, in case of activation of the IP anonymity on this website, the IP address of the user is first shortened within the member states of the European Union or in other treaty states to the Treaty on the European Economic Area. The full IP address will only be transmitted to a server of Google in the USA in exceptional cases, and shortened there. Google will use this information on behalf of the operator of this website in order to evaluate the use of these websites, to compile reports about the website activities and to perform further services connected with the website use and Internet use in relation to the website operator.
The IP address transmitted by the browser used within the framework of Google Analytics is not merged with other data by Google.
Every user can prevent the storage of cookies by a corresponding setting of his/her browser software; in addition, the collection of the data generated by the cookie and related to the use of the website (incl. your IP address) to Google and the processing of this data by Google can be prevented by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
We also point out that Google Analytics has been extended by the code “anonymizeIp” on this website, in order to guarantee the anonymous collection of IP addresses (so-called IP masking).
More detailed information about the conditions of use and data protection can be found under http://www.google.com/analytics/terms/de.html and under https://www.google.de/intl/de/policies/.
You can prevent collection by Google Analytics by clicking on the following link. An opt-out cookie is set which prevents the future collection of your data when visiting this website: Deactivate Google Analytics.

(2) Google Remarketing
This website uses the Google remarketing technology of Google Inc. (“Google”).
For this purpose, cookies are placed on your computer which are used by third party providers, including Google, to record which of our websites were visited with your browser. With the aid of this information, you can then be presented with our advertising on other websites, e.g. in the course of a Google search or on websites of the Google network at a later date. You can find further information about data protection at Google and about the way remarketing works in the Google data protection information. Here too, you can deactivate the storage of cookies through the settings of your browser and/or object to such collection within the framework of Google remarketing with the Google advertising settings.

(3) Evaluation of the call up of job advertisements
Our website uses functions of Kanzlei-Job.de, Königsteiner Strasse 6a, 65812 Bad Soden.
When our job advertisements are called up, a connection is established between your browser and the servers of Kanzlei-Job.de. In this context, data is transmitted to Kanzlei-Job.de. The contents are linked through an iFrame.
Kanzlei-Job.de records various user data for analysis purposes and for the provision of functions. Cookies are used for this. These are small text files to store specific user data. This data enables an analysis of the use of the website by Kanzlei-Job.de. The data is stored on servers of Kanzlei-Job.de in Germany and is not passed on to third parties. In addition, all data and in particular the IP address is only stored in shortened and anonymous form. Only the first two IP blocks are stored (e.g. 192.168.x.x). The remaining two are shortened. This means that your identity cannot be traced back. You can find out more under https://www.kanzlei-job.de/datenschutz.

(4) Use of JavaScript and Tracking Pixels (Web Beacons)
KPMG LAW uses JavaScript and web beacons to evaluate website visits. JavaScript is incorporated into all KPMG LAW websites. JavaScript collects various information through the visitor’s computer (e.g. IP address, time at which the page was visited, type of browser and the existence of cookies which were previously set by the same server). This data is transmitted to KPMG LAW through web beacons.
You have the possibility to deactivate JavaScript access in your browser. In addition, you can deactivate tracking pixels by refusing or deactivating the cookies linked to them.

(5) Use of Hubspot

KPMG Law uses Hubspot on its websites for analytical purposes, a service provided by Hubspot Inc., en. Hubspot is certified under the EU-US Privacy Shield.
In this context, so-called beacons are used and cookies set which are stored on your computer and which enable us to analyse your use of the website. The information collected (e.g. IP address, geographical location, type of browsers, duration of the visit and the pages called up) are evaluated by Hubspot on behalf of KPMG Law in order to generate reports about the visit and the pages of KPMG Law visited.
If you have subscribed to KPMG Law E-Mail News and have downloaded studies and other documents as described in fig. 3b, we can use Hubspot to also link the visits of a user to KPMG Law websites with personal information (in particular name/E-Mail address) on the basis of consent granted, thereby recording personal data in order to inform uses in an individual and targeted way about preferred subject areas.
If recording by Hubspot is generally not desired, the storage of cookies can be prevented at any time by corresponding browser settings (see fig. 3b above).
Further information about the way in which Hubspot functions is available in the data protection declaration of Hubspot Inc., which can be found under: http://legal.hubspot.com/de/privacy-policy

(6) Locating Service
Our website can determine the geographical location of your device. The collection of this information exclusively serves to provide you with information which can be of interest to you due to your geographical location.
The use of the applications for smartphones and tablets made available by KPMG Law (so-called Apps) is evaluated with the use of the transmitted device identification characteristics (device ID). Evaluation is anonymous; KPMG Law cannot draw conclusions about the device user.

(7) How long is data stored?
Unless expressly stated otherwise, KPMG LAW stores personal data for as long as this is required for the conduct of the purposes listed above. This is subject to statutory duties of safekeeping. KPMG LAW staff is instructed to regularly check the duration of the storage of personal data and to delete it if necessary.

(8) Which data protection rights apply to persons affected?
Persons affected are entitled to rights of information pursuant to Art. 15 EU GDPR concerning the processing of your personal data by KPMG LAW (also including the purpose of the processing, any recipients and the probable duration of the storage), rights to the correction of incorrect data (Art. 16 EU GDPR), deletion (Art. 17 EU GDPR), restriction of the processing and transferability of data of the data contributed (Art. 18, 20 EU GDPR) and the right to object to use for marketing purposes as well as processing on the basis of a justified interest of KPMG LAW (Art. 21 EU GDPR).
Consents granted can in principle be revoked in relation to KPMG LAW at any time with effect for the future. In order to exercise these rights, any party affected can contact the data protection officer of KPMG LAW (see fig. 2). In addition, there is a right of complaint to a data protection supervisory authority. Persons affected can address their complaint to the public authority at their place of residence, but in principle also to any other data protection supervisory authority.