Data Privacy Policy

of René Schneider Rechtsanwalts GmbH
(FN 246037 w)

Kipferlhaus, Grünangergasse 8/6, A-1010 Wien
(im Folgenden „RS“ genannt)

1. Personal Data
1.1. RS collects, processes and uses your personal data only for purposes of fulfilment and performance of the attorney-client relationship and provision of legal services by RS, upon your consent, or if any other legal basis pursuant to the European General Data Protection Regulation (GDPR) applies. Thereupon RS complies with current legislation on the protection of personal data and data security. The protection of your personal data is of particular concern to RS.
1.2. RS only processes personal data, which are necessary for the fulfillment and performance of the attorney- client relationship, for the provision of legal services by RS and for the fulfillment of statutory and professional obligations of RS, or which have been made available to RS on a voluntary basis.
1.3. Personal data are all data that contain specific information on personal or factual circumstances, such as name, address, e-mail address, telephone number, birthdate, age, gender, social security number, bank data, video recordings, photos, voice recordings of persons as well as biometric data, such as fingerprints. Moreover, personal data may also comprise special categories of data, such as health data or data on criminal convictions and criminal offences.
1.4. Activities, for which personal data are collected, processed and used by RS upon fulfillment and performance of the attorney-client relationship and upon provision of legal services by RS include, without limitation, the following:
(i) towards clients, opponents and other parties involved in proceedings before courts of law and authorities including, without limitation, in civil law proceedings, administrative proceedings and administrative court proceedings,
(ii) in out-of-court matters, including, without limitation, legal advice, correspondence, legal expert reports as well as drafting of legal expert opinions, contracts and corporate as well as any other documents,
(iii) administration of third party funds and performance of trusteeships, self-calculation and payment of real estate transfer tax, land register tax as well as real estate capital gains tax,
(iv) prevention of money laundering and terrorist financing, and
(v) office management, general office and IT operations, business performance with business partners, business partner databases, correspondence, advertising, marketing, client acquisition, recording and billing of services rendered, accounting and payment collection.

2. Rights of Person Affected, Access and Erasure
2.1. As client, or generally, as a person affected by the processing of personal data, you have the right, at any time, - and subject to professional secrecy obligations - to request access to your personal data being processed, the data sources, the categories of recipients, the purposes of the data processing, and, if possible, the envisaged period of data storage respectively the criteria used to determine the data storage period. Moreover, you also have the right to request a data transfer, to request rectification or erasure of incorrect or unlawfully processed personal data, to request restriction of the data processing, and to object to the data processing.
2.2. If any changes occur with respect to your personal data, RS kindly requests to be informed accordingly.
2.3. If the data processing is based on your consent, you have the right to withdraw your consent to the data processing at any time. Any such withdrawal does not influence the lawfulness of the data processing based on the consent until such withdrawal. Your request for access, rectification, erasure, restriction, objection and/or data transfer may be forwarded to RS either to the address indicated above, or by e-mail to kanzlei@ rslaw.at.
2.4. In case you should take the view that the processing of your personal data by RS does not comply with current legislation on the protection of personal data and data security, or that your rights on data protection have been violated in any other way, you are entitled to file a complaint to the Austrian Data Protection Authority (Datenschutzbehörde) as the relevant supervisory authority (see https://www.dsb.gv.ator by e-mail dsb@dsb.gv.at).

3. Data Security
3.1. RS takes all necessary and appropriate technical and organisational security measures in order to protect your personal data. Such measures include, without limitation, protection against unauthorized, unlawful or accidental access, data processing, data loss, use and manipulation.
3.2. Notwithstanding efforts to maintain a consistently high level of diligence, the possibility cannot be excluded that information you provide to RS by e-mail or via the internet may be viewed and used by unauthorized third parties.
3.3. Consequently, please kindly note that RS cannot accept any liability, whatsoever, for the disclosure of information which is due to errors upon data transmission and/or unauthorised access by third parties not attributable to RS (e.g. hacking of e-mail accounts or telephone, interception of faxes).

4. Legal Basis for Data Processing
RS will not process any data made available to RS for purposes other than the purposes of fulfilment and performance of the attorney-client relationship and provision of the legal services by RS (in particular for the purposes as mentioned under item 1.4. of this Data Privacy Policy), upon your consent, or if any other legal basis pursuant to the GDPR applies. Any use of data for statistical purposes shall be excluded from such restriction, if the available data are made anonymous.

5. Transfer of Personal Data
5.1. Upon provision of its legal services, RS may need to transfer your data to third parties (including, without limitation, contracting parties, opponents, awarding and contracting authorities, bidders, other parties involved in proceedings, substitute attorneys at law, bar association, insurance companies, as well as business partners and external service providers of RS, such as tax consultants, accountants, attorneys at law, and IT service providers), courts of law or authorities. Any transfer of your data takes place exclusively in accordance with the GDPR, in particular for purposes of fulfilment and performance of the attorney-client relationship and provision of legal services by RS, upon your consent, or if any other legal basis pursuant to the GDPR applies.
5.2. Upon provision of its legal services, RS may also obtain factual and case-related information about you from third parties.
5.3. Some of the recipients of your personal data mentioned above may be situated outside of Austria or may process your personal data there. Some of these countries may have a lower level of data protection than Austria. RS will only transmit your personal data to such countries, for which the Commission of the European Union has decided that an appropriate level of data protection exists. Otherwise, RS will take appropriate measures in order to ensure that the recipients have an adequate level of data protection, e.g. by entering into standard contractual clauses (2010/87/EC and 2004/915/EC).

6. Notification of a Data Breach
RS takes every effort in order to ensure that data incidents, in particular data breaches, are avoided to the utmost extent possible, are detected as early as possible, and, if necessary, are notified to you and/or the Austria Data Protection Authority (Datenschutzbehörde) as the relevant supervisory authority without undue delay, thereby also mentioning the respective category of data involved.

7. Storage Period for Personal Data
RS will not retain data for longer than is necessary in order to fulfill the contractual or legal obligations of RS and to defend any possible legal claims.

Vienna, September 2023