Protection of your data is of particular importance to us. In the following we inform you about our data policy:
1. Personal data
1.1. We, law firm of Dr. Alma Steger, will collect, process and use your personal data only upon your consent and/or instruction or appointment for the purposes agreed with you or where there is any other legal basis as per Regulation (EU) 2016/679 (General Data Protection Regulation/GDPR); this will be done in compliance with data protection and civil law provisions.
1.2. Only personal data that is required for rendering and handling our services as your legal counsel or which you provide to us on a voluntary basis will be collected.
1.3. Personal data means all data which includes details regarding personal or factual circumstances, such as, for example, name, address, email address, phone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of persons, and biometric data, such as fingerprints. Personal data may also include sensitive data, such as health data or data related to criminal proceedings.
2. Access and erasure
2.1. In compliance with our professional duty as a lawyer to maintain secrecy, you as our client or as a data subject in general have a right of access to your stored personal data, its source and recipient and the purpose of data processing as well as a right to rectification, a right to data portability, a right to object, a right to restriction of processing and blocking or erasure of inaccurate or inadmissibly processed data at any time.
2.2. In the case of changes of your personal data please inform us accordingly. You may withdraw your consent to use of your personal data at any time. Your request for access, erasure, rectification, objection and/or data portability (in the last case: unless this involves a disproportionate effort) may be sent to this law firm’s address stated in Clause 8 of this Statement.
2.3. If you are of the opinion that processing of your personal data by us infringes applicable data protection law or that your claims under data protection law have been infringed in any other way, you may lodge a complaint with the competent supervisory authority. In Austria the competent authority is the Austrian Data Protection Authority [Datenschutzbehörde].
3. Data security
3.1. Your personal data is protected through appropriate technical and organisational measures. Those measures include but are not limited to protection against unauthorised, unlawful or accidental access, processing, loss, use and tampering.
3.2. Irrespective of our efforts to observe an appropriately high standard of due diligence at all times it cannot be excluded that information which you have provided to us via the internet will be inspected and used by other persons.
3.3. Please note that we, therefore, assume no liability whatsoever for disclosure of information due to errors in data transfers that were not caused by us and/or unauthorised access by third parties (e.g. hacker attack on email account or phone, interception of fax messages).
4. Use of data
We will not use any data provided to us for purposes other than the purposes covered by the mandate agreement or your consent or otherwise by any provision in conformity with the GDPR. This does not apply to use of data for statistical purposes, provided that the data provided has been anonymised.
5.Transfer of data to third parties
5.1. For us to fulfil your instruction it may be necessary to transfer your data to third parties (e.g. counterparty, substitutes, insurance companies, service providers whom we engage and to whom we provide data, etc.), courts or public authorities. Your data will be forwarded exclusively on the basis of the GDPR, in particular to fulfil your instruction or on the basis of your prior consent.
5.2. Moreover, we would like to inform you that in connection with our acting as legal counsel for you also factual and case-related information concerning you will be obtained from third parties.
5.3. Some of the recipients of your personal data stated above are located or process your personal data outside your country. The data protection standard in other countries may not be the same as the one in Austria. However, we transfer your personal data only to countries for which the European Commission has decided that they offer an adequate level of data protection; if this is not the case, we take measures to ensure that all recipients offer an adequate level of data protection, for which purpose we conclude standard contractual clauses (2010/87/EU and/or 2004/915/EC).
6. Communication and notification of data breaches
We endeavour to ensure that data breaches will be noticed early and immediately communicated to you and notified to the competent supervisory authority, where applicable, including the relevant categories of data concerned.
7. Retention of data
We will not retain data longer than necessary to fulfil our contractual and/or legal obligations or to defend us against any liability claims that may arise.
8. Our contact details
Protection of your data is of particular importance to us. Please do not hesitate to contact us using the contact details stated below at any time if you have any questions or if you want to withdraw your consent.
Dr. Alma Steger, Lawyer
Stallburggasse 4, 1010 Wien, Österreich