Privacy Policy

Thank you for your interest in our website. The protection of your privacy is very important to us. In the following we inform you in detail about the handling of your data.

1. Name and contact details of the data controller.

This privacy policy applies to data processing by:

Grau Rechtsanwälte PartGmbB
Rödingsmarkt 20
24509 Hamburg

Tel.: +49 40 180 364 020
Fax: +49 40 180 364 022
E-Mail: office@graulaw.eu

2. Collection, processing and use of personal data

a) When visiting our website

You can visit our website www.graulaw.eu without providing any personal information. We only store access data without personal reference. When you access our website, information is automatically sent to our website server by the browser used on your end device. This information is temporarily stored in a so-called logfile. The following information is collected without your intervention and stored until automatic deletion:

  • IP-address of the requesting computer,
  • Date and time of request,
  • Language settings,
  • Website from which the request was made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.


The aforementioned data is processed by us for the following purposes:

  • ensuring a smooth connection set-up of the website,
  • ensuring a comfortable use of our website,
  • evaluating system security and stability, and
  • for other administrative purposes.


The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR (General Data Protection Regulation). Our legitimate interest results from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person. In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations on this under points 3 and 4 in this Privacy Policy.


b) When registering for our newsletter

If you have expressly consented in accordance with Art. 6 para 1 p. 1 lit. a GDPR, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is necessary to provide an e-mail address, first and last name, gender and company. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can send us your unsubscribe request by e-mail to office@graulaw.eu.


c) When using our contact form

If you have any questions, we give you the possibility to contact us via a form provided on the website. In doing so, it is necessary to provide a valid e-mail address, first and last name, gender and company so that we know who the enquiry is from and can answer it. Additional information can be provided voluntarily.

When using the contact form, the following information is collected and stored until automated deletion:

  • Date and time of access of the sending of the message,
  • IP address of your computer,
  • Language settings,
  • Website from which the access was made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a GDPR on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.


3. Cookies

We use cookies on our site. Cookies are small files that are automatically created by your browser and saved on your end device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that is related to the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

We use the following types of cookies:

a) Essential

Essential cookies are absolutely necessary for the proper functioning of the website. These cookies provide basic functionality and security for the website, on an anonymous basis.


b) Functional

Functional cookies help with specific functions, such as sharing website content on social media platforms, collecting feedback and other third-party functions.


c) Analytical

Analytical cookies are used to understand how users interact with the website. These cookies help to provide information on metrics such as number of visitors, rejection rate, source of traffic, etc.


The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been to our site and which entries and settings you have made so that you do not have to enter them again.

The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been to our site and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies for statistical purposes to record the use of our website and also to evaluate it for the purpose of optimising our services for you. These cookies enable us to automatically recognise that you have already been to our site when you visit it again. With the cookies, we also receive information about the most frequently visited sub-pages and posts as well as the number of messages sent via the contact form. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 para.1 p. 1 lit. f GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.


4. Analysis tools

a) Tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) p. 1 lit. f DSGVO. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.


b) Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”), for the purpose of demand-oriented design and continual optimisation of our pages. In this context, pseudonymised usage profiles are created and cookies (see under point 4) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request


are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services associated with the use of the website and the internet for the purposes of market research and demand-oriented design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an allocation is not possible (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (incl. your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).


c) Google Adwords Conversion Tracking

In order to statistically record the use of our website and to evaluate it for the purpose of optimising our website for you, we also use Google Conversion Tracking. Google Adwords sets a cookie on your computer if you have accessed our website via a Google advertisement.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer’s website and the cookie has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page.

Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. The Adwords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this – for example, via a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the domain “www.googleadservices.com” are blocked. Google’s privacy policy on conversion tracking can be found here: https://services.google.com/sitestats/de.html.


5. Transfer of data

We do not transfer your personal data to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

  • -you have given your express consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR,
  • the disclosure is necessary for the assertion, exercise or defence of legal claims in accordance with Art. 6 Para. 1 Sentence 1 lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for disclosure in accordance with Art. 6 Para. 1 Sentence 1 lit. c GDPR, as well as
  • this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b GDPR.


6. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries sent via the contact form. An encrypted connection can be recognised by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in the browser line. If SSL or TLS encryption is activated, the data transmitted to us cannot be read by third parties.


7. Contact Form

For the purpose of forwarding messages sent to us via the contact form on our website, we use Plugin Contact Form 7, a service for creating contact forms. Via the Contact Form plug-in, only the entered form data is forwarded to our e-mail address. The forwarding between browser and server is done by SSL/TLS encryption. The transmitted data is not additionally stored.

Additional information regarding the Contact Form can be found at https://de.wordpress.org/plugins/contact-form-7/ and https://rocklobster.in/.


8. Facebook Pixel

Within our online offer, the so-called “Facebook Pixel” of the social network Facebook, which is operated by Meta Platforms Inc. (formerly Facebook Inc.), 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Meta Platforms Ireland Ltd. (formerly Facebook Ireland Ltd.), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used.

The Facebook pixel enables Facebook to determine visitors to our online offering as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”).

The Facebook pixel also enables us to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).

The processing of the data by Facebook takes place within the framework of Facebook’s data use policy. General information on the display of Facebook ads can be found in Facebook’s data usage policy. Specific information and details on the Facebook Pixel and how it works can be found in Facebook’s help section. Further information on Facebook’s privacy policy can be found at: http://www.facebook.com/policy.php.

Facebook uses the standard contractual clauses approved by the European Commission and we rely on the adequacy decisions issued by the European Commission regarding certain countries for data transfers from the EEA to the USA and other countries, where applicable.

The use of the Facebook Pixel and the storage of “conversion cookies” is based on Art. 6 (1) lit. f GDPR.

We have a legitimate interest in analysing user behaviour in order to optimise both our web offering and our advertising.

Although we declare legitimate interests to use the Facebook Pixel and to store “conversion cookies”, we offer you opt-out options. You can object to the collection by the Facebook Pixel and use of your data to display Facebook ads. To set which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising Settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices. To do this, you must be logged in to Facebook.

Furthermore, you can object to the use of cookies used for reach measurement and advertising purposes via the Network Advertising Initiative opt-out page and, in addition, the US website aboutads.info or the European website youronlinechoices.com.


9. Elementor Pro

Our website uses Elementor Pro, a WordPress plug-in operated by Elementor LTD, Mesada st. 7, Tel Aviv, Israel.

The Elementor Pro plugin is installed locally, there is no data transfer to third parties.

The current privacy policy of Elementor LTD can be found at https://elementor.com/about/privacy/.


10. The Newsletter Plugin

For sending our newsletter we use The Newsletter Plugin, which is operated by Web Agile S.a.s. di Fietta Roberto, Italy. 

This plugin enables us to automate the sending of newsletters. No data is transmitted to Web Agile SAS.

For more information, please visit the website: https://www.thenewsletterplugin.com/ and read the provider’s privacy policy: https://www.thenewsletterplugin.com/legal/privacy.


11. CookieYes

Our website uses CookieYes, a plug-in for WordPress developed by CookieYes Limited, 3 Warren Yard, Wolverton Mill, Milton Keynes, England, MK12 5NW, United Kingdom.

The plug-in allows you to remember your settings, in terms of giving or not giving consent to particular categories of cookies.

CookieYes Limited’s current privacy policy can be found at: DATA PROCESSING AGREEMENT – CookieYes.


12. Rights of the data subject

You have the right

  • To request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to request the correction of incorrect or incomplete personal data stored by us without delay;
  • in accordance with Article 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
  • in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
  • pursuant to Art. 20 of the GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
  • revoke your consent at any time in accordance with Art. 7 para. 3 GDPR. This has the consequence that we may no longer continue the data processing based on this consent in the future; and
  • complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.


13. Right of objection

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you would like to make use of your right of revocation or objection, it is sufficient to send an e-mail to office@graulaw.eu.


14. Data security

When visiting our website, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can check whether an individual page of our website is encrypted when you see the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.


15. Up-to-dateness and amendment of this privacy policy

This data protection declaration is currently valid and has the status June 2022.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at http://www.graulaw.eu/de/kontakt/datenschutzerklaerung/.