Rechtsanwaltsgesellschaft Steuerberatungsgesellschaft mbH

Privacy and data protection

Privacy Policy

We are delighted about your interest in our services and your visit to our website. Privacy and the security of your data when using our website and when working for you is important to us. We would like to inform you which information we register when you visit our website and when you send us e-mails, the purposes for which such data is used and about your rights.

This privacy policy may at any time be downloaded from the URL https://www.koruslaw.de/en/deutsch-impressum/privacy/, saved to your computer and printed. Changes in the law or our business processes may require an update to this policy. Kindly check any updates regularly.

This privacy policy applies to the internet presence of KORUS Rechtsanwaltsgesellschaft Steuerberatungsgesellschaft mbH (herein referred to as: KORUS), Blutenburgstraße 17, D-80636 Munich, Germany, available on websites running under the domain “koruslaw.de” (herein “our website”) and e-mails you may be sending to us outside an existing client relationship.

1. Name and contact details of the data controller

This policy applies to data processing by:

Controller: KORUS Rechtsanwaltsgesellschaft Steuerberatungsgesellschaft mbH (herein referred to as: KORUS), Blutenburgstraße 17, D-80636 Munich, Germany Email: office@koruslaw.de, phone number: +49 (0)89 – 85637403, facsimile number: +49 (0)89 – 85637403

The controller’s legal representative is its director, Gerhard Köglmeier. The contact details are as above for the controller.

KORUS has currently not appointed a data protection officer because it is not required to do so pursuant to Art. 37(1) GDPR and sec. 38 BDSG.

GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). BDSG means Bundesdatenschutzgesetz, the German act on privacy.

    2. Collection and storage of personal data, ways and purposes of the processing

When visiting our website www.koruslaw.de, the browser you use on your device automatically sends information to the server running our website. This information is stored temporarily in a so called log file. The following information is registered without your interference and will be stored until automatic deletion:

  • IP address of the requesting computer (your device)
  • date and time of access
  • name and URL of the file requested
  • website, from which access is being requested (referrer URL)
  • the browser used by you, and eventually the operating system of your computer and the name of your access provider

This data is normally not assignable to individuals by us. We do not merge such data with other sources of data. After its use for statistical purposes, the data is deleted.

This data is processed for the following purposes:

  • ensuring a seamless connection of the website
  • ensuring a comfortable use of our website
  • checking system security and stability
  • other administrative purposes.

The legal basis for processing is Art. 6(1) sent. 1 point (f) of the GDPR. Our legitimate interests result from the above purposes of the processing. In no event will we use the data processed for the purpose of tracking your person.

When visiting our website, we may use cookies. You can find further information under paragraph 4 below.

When sending e-mails to us, data is registered and saved, too. We will save the e-mail, your e-mail address and any further contact details you may provide us with. We use your e-mail address and any other contact details provided exclusively for getting in contact with you, if you wish so. We will not use it for newsletters, advertising or any other unsolicited information or any other purposes. If you request a reply to your e-mail, we use your e-mail address and other contact details transmitted by you only to make such reply. Of course, we will not pass your data on to third parties. Data processing for purposes of your contact request has its basis in Art. 6(1) sent. 1 point (a) of the GDPR, i.e. your voluntary consent.

3. Sharing Data

We will not share any of your personal data with third parties for any purposes other than the following. When establishing and in the course of any client-attorney relationship we will of course keep any information about you and your instructions confidential.

    • if you have expressly consented to us sharing this data (Art. 6(1) sent. 1 point (a) of the GDPR),
    • if the transfer is necessary for the purposes of asserting, exercising or in defence of legal rights, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Art. 6(1) sent. 1 point (f) of the GDPR),
    • if the transfer is required for compliance with a legal obligation we are subject to ((Art. 6(1) sent. 1 point (c) of the GDPR),
    • if the transfer is permitted by applicable law and necessary for the performance of a contract with you (Art. 6(1) sent. 1 point (b) of the GDPR).

4. Cookies

Website usage information is collected using cookies.

Cookies are text files put on your computer to collect standard internet log information and visitor behaviour information. Cookies contain information created in each case in connection with the specific device used. This does however not mean that we will now your identity. This information is then used to track visitor use of the website and to create statistical reports on website activity. The use of cookies can help you get a better experience from using our website. Session cookies (deleted automatically after leaving our website) will remember pages of our website already visited. Temporary cookies stored on your computer for a specific time may enhance usability. If you visit our site again, you may not have to re-enter data and settings.

The data processed with the help of cookies is necessary for the purpose of legitimate interests (Art. 6(1) sent. 1 point (f) of the GDPR).

Most browsers accept cookies automatically. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.  Please note in a few cases some of our website features may not function because of this.

5. Your rights

It is your right:

  • pursuant to Art. 15 of the GDPR to obtain confirmation from us as to whether or not personal data is being processed by us. You may in particular request confirmation as to the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or is disclosed, the planned duration for storage, the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint with a supervisory authority, where the personal data are not collected from the data subject, any available information as to their source, the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
    • pursuant to Art. 16 GDPR, to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
    • pursuant to Art. 17 GDPR, to obtain from us the erasure of personal data concerning you without undue delay and we shall have the obligation to erase personal data without undue delay where one of the following grounds applies: (a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing; you object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR; the personal data have been unlawfully processed; the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject; the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
    • pursuant to Art. 18 GDPR, to obtain from us the restriction of processing where one of the following applies: (a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; (b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; (c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; (d) the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
    • pursuant to Art. 20 of the GDPR, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where: (a) the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR; and (b) the processing is carried out by automated means.
    • pursuant to Art. 7(3) of the GDPR, you may revoke your consent at any time. This may mean that we cannot further perform the data processing in the future, which had its legal basis in this consent.
    • pursuant to Art. 77 of the GDPR, if you feel that your personal data has been processed in a way that does not meet the GDPR, you have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will then tell you of the progress and outcome of your complaint. You may address complaints to the supervisory authority of your regular abode, workplace or the authority competent at our business seat. The supervisory authority in Munich, Bavaria, Germany (our business seat) can be contacted as follows and also provides an online form for complaints on its website https://www.lda.bayern.de/de/kontakt.html:


Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 27

91522 Ansbach


Telephone: +49 (0) 981 53 1300

Facsimile: +49 (0) 981 53 98 1300

E-Mail: poststelle@lda.bayern.de


On the website of the BayLDA, you may find an online form for your complaints.


6. Right to object

If your personal data is being processed on the basis of legitimate interests pursuant to point (f) of Art. 6(1) sent. 1 of the GDPR, you have the right to object at any time to the processing of your personal data pursuant to Art. 21 of the GDPR, on grounds relating to your particular situation or if the objection is against direct marketing (without you having to provide any grounds for your objection).

If you would like to make use of your right to revoke your consents or your right to object, simply send us an e-mail to office@koruslaw.de.

7. Security precautions in place about data collected

Our website uses the widely used SSL (secure socket layer) protocol. When you are on a secure page, a lock icon will appear on the address line or bottom of web browsers such as Microsoft Internet Explorer.

Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. If you would like to share confidential information with us, talk to us in person or chose other ways of communicating with us. Upon request, we will use encryption for electronic communication. Once we receive your information, we make our best effort to ensure its security on our systems by using appropriate technical and organizational means to protect it against manipulation, partial or total loss, destruction or unauthorized access of third parties. Our security processes are continuously being adapted to technological development.

8. Changes to our Privacy Policy

We keep our privacy policy under regular review and we will place any updates on this web page.  This privacy policy currently applicable was last updated in April 2020.

Further developments regarding our website and our services, amended statutory or administrative requirements may require us to update this privacy policy. The current privacy policy may at any time be downloaded from the URL https://www.koruslaw.de/en/deutsch-impressum/privacy/, saved to your computer and printed. Kindly check any updates regularly.