Privacy Policy


Data Protection Statement of the law firm and notary office
Anwalts- und Notarkanzlei Lehmann Neunhoeffer Sigel Schäfer

In the information below we advise you of the nature and scope of the collection, processing and use of your personal data

  • during your use of our Internet site (cf. section II.),
  • in a client relationship with us (cf. section III.) and
  • when applying for an employment position with us (cf. section IV.)

I. Responsibility for the data processing / data protection officer

The controller responsible for the lawful collection, processing and use of the personal data of the users of our Internet site, of our clients and applicants is

Lehmann Neunhoeffer Sigel Schäfer
Partnerschaft von Rechtsanwälten mbB
Bopserwaldstrasse 62
70184 Stuttgart, Germany
Tel. +49 (0)711/2268912

Our data protection officer can be contacted via the contact data provided above and by e-mail to:

II. Data processing on our Internet site

As a matter of principle, it is not necessary to provide any personal data in order to use our Website. Personal data are only collected if this is necessary to provide our online content. Personal data are only processed in the following cases:

1. Access to our Internet site

The site provider automatically collects and stores information as follows in so-called server log files which your browser automatically transmits to us:

  • Browser type and browser version
  • Operating system used,
  • URL (Internet site from which the access was referred) / name of the access provider,
  • Host name of the accessing computer,
  • Time of the server request,
  • IP address. 

It is not possible for us to attribute these data to specific persons or to deduce their identity. The data of the log files are always stored separately from other personal data; these data are not combined with other data sources.

The basis for the data processing is point f) of Art. 6 (1) GDPR which permits the processing of data to perform a contract or pre-contractual measures.

2. Plugins and tools

This site uses so-called web fonts provided by Google for the uniform presentation of fonts. When you access a page, your browser downloads the web fonts required to your browser cache so that texts and fonts are depicted correctly. To this effect the browser you use has to connect to the Google servers. As a result, Google obtains the information that our website has been accessed by your IP address. Google web fonts are used in the interests of having a uniform and attractive presentation of our online content. The basis for the data processing is point f) of Art. 6 (1) GDPR.

If your browser does not support web fonts, then a standard font is used that is installed on your computer. Additional information on Google web fonts is available at: and in the data privacy policy of Google:

3. Use of cookies

No cookies are used on our Internet sites. Your visit to our Internet pages is not tracked, nor are any user profiles compiled utilizing pseudonyms.

III. Data processing within the client relationship

Within the client-attorney, i.e. within the course of soliciting clients and when a client engages us to act on the client’s behalf and when a client engagement is being processed, we collect personal data of the client or of the contact person stipulated by our client. These data include, in particular: the contact data (first name and last name, address, telephone number, telefax number, e-mail address) and any commercial register data and bank account details of the client or of the contact person stipulated by the client. We only collect additional information insofar as this is required to process the client’s engagement.

The purpose of the data processing is, in addition to the decision on accepting the client’s engagement and the examination of a possible conflict of interests to be conducted in this respect, the entire processing of the client’s engagement by an attorney. This also includes, in particular, the establishment or defence of claims for our clients, invoicing, the establishment of any claims of our own from the client relationship and all activities in connection therewith.

The legal basis for the processing of personal data in connection with our activity as attorney at law are: 

  • point b) of Art. 6 (1) sentence 1 GDPR, insofar as the processing of your personal data is necessary for the acceptance and processing of the engagement and to perform the mutual obligations under the “Mandatsvertrag”, the agreement in which you instruct the attorney to work on your behalf; 
  • point c) of Art. 6 (1) sentence 1 GDPR, insofar as the processing of your personal data is necessary to comply with our contractual obligations; 
  • point f) of Art. 6 (1) sentence 1 GDPR, insofar as the processing of your personal data is necessary for protecting our legitimate interests;

Your personal data will only be stored by us as long as is required to achieve the purpose for which the data were collected. If we are obliged to store them for a period of time exceeding this due to retention obligations based on the professional law of an attorney at law or on provisions of tax and commercial law, or if consent has explicitly been given to longer storage of the data in accordance with point a) of Art. 6 (1) sentence 1 GDPR, then we reserve the right to store personal data for a longer period of time.

IV. Data processing in the event of applications for an employment position

In the context of applications for an employment position, we process the personal data provided to us (in particular name, date and place of birth, photographs, address and contact data, curriculum vitae data and evidence of formal qualifications) solely for the application process. The legal basis for this is point b) of Art. 6 (1) sentence 1 GDPR. If we do not employ the applicant, the applicants’ data are stored for a maxim period of twelve months and then deleted.

V. Transferring personal data to third parties

We only disclose personal data to third parties in connection with compulsory or statutory obligations or in those cases which are necessary in accordance with point b) of Art. 6 (1) sentence 1 GDPR for the purpose of processing the engagement. This also includes, in particular, transferring data to parties to judicial proceedings and to their counsel or advisors and transferring data to courts and other public authorities, in connection with correspondence.

Insofar as we engage external service providers to process personal data in connection with data processing by a processor on commission pursuant to Art. 28 GDPR (e.g. IT service providers, translators, service providers to store and/or destroy files), we select such service providers with care and they are instructed and obligated to complete compliance with the provisions of data protection law.

There is no transfer of personal data to third parties over and above the afore-mentioned purposes. In particular, data are only transferred to recipients domiciled outside the European Union or the European Economic Area insofar as this is necessary for the purposes of processing the client’s engagement.

VI. Rights of the data subject

The data subject of the data collected has the following rights:          

  • Right to information on the processing of the personal data of the data subject, in particular on the purposes of the processing, the categories of the data, the origin of the data in the event that the data are not collected directly from the data subject, the categories of the recipients of personal data and the intended period of storage; 
  • Right to rectification of inaccurate or incomplete personal data and the right to restriction of processing of personal data; 
  • Right to erasure of personal data if the personal data are no longer necessary in relation to the purposes for which they were collected and such erasure is not prevented by statutory or contractual stipulations for storage of the data; 
  • Right to data portability in a commonly used, machine-readable format and the right to transmission of those data to another controller named by the data subject; 
  • Right to lodge a complaint with a supervisory authority. 

If the processing of personal data is based on point f) of Art. 6 (1) sentence 1 GDPR, (“legitimate interests”), the data subject can object to the data processing pursuant to Art. 21 GDPR. If we process personal data on the basis of consent by the data subject, the data subject has the right to revoke his or her consent at any time without stating any grounds.

VII. Data security

The data we collect are protected against loss, destruction, disclosure and access by unauthorized persons by means of appropriate, state of the art security measures. We point out, however, that it is not possible to have complete protection of data against access by third parties.