Unkelbach-Tomczak Logo

Data Protection Notice for Electronic Communication

This notice pro­vides infor­ma­tion on the pro­cess­ing of per­son­al data in con­nec­tion with com­mu­ni­ca­tion via email, tele­phone, or video conferencing.

1. Controller

Sabine Unkel­bach-Tom­czak, Attor­ney at Law
Taunus­Turm
Taunus­tor 1
60310 Frank­furt am Main
Ger­many

Phone: +49 (0)69 87 00 20 520
Email: info@unkelbach-tomczak.law

Fur­ther infor­ma­tion can be found in the legal notice (imprint).

2. Scope and Purpose of Processing

a) Communication via Email or Telephone

When com­mu­ni­cat­ing via email or tele­phone, the fol­low­ing per­son­al data may be processed in particular:

  • name
  • con­tact details (email address, phone number)
  • com­mu­ni­ca­tion content
  • attach­ments, if applicable
  • tech­ni­cal meta­da­ta (e.g. timestamps)

Pro­cess­ing is car­ried out to han­dle your request and to ini­ti­ate, per­form, or man­age a mandate.

b) Video Conferencing

Video meet­ings are con­duct­ed – where agreed on a case-by-case basis – using appro­pri­ate com­mu­ni­ca­tion tools (e.g. Microsoft Teams).

Depend­ing on the type and scope of use, the fol­low­ing data may be processed:

  • name or dis­play name
  • con­tact details
  • audio and video data
  • chat con­tent
  • shared con­tent
  • tech­ni­cal con­nec­tion data

Par­tic­i­pa­tion in video meet­ings is vol­un­tary and arranged in advance. Com­mu­ni­ca­tion may alter­na­tive­ly take place via oth­er channels.

Pro­cess­ing is car­ried out only to the extent nec­es­sary for con­duct­ing the respec­tive communication.

3. Legal Basis

Pro­cess­ing is based on Art. 6(1)(b) GDPR where com­mu­ni­ca­tion is relat­ed to the ini­ti­a­tion, per­for­mance, or han­dling of a mandate.

For oth­er inquiries, pro­cess­ing is based on Art. 6(1)(f) GDPR (legit­i­mate inter­est in appro­pri­ate communication).

Where legal oblig­a­tions apply, pro­cess­ing is based on Art. 6(1)© GDPR.

4. Use of Service Providers

Where video con­fer­enc­ing sys­tems are used, this is based on a data pro­cess­ing agree­ment pur­suant to Art. 28 GDPR.

Appro­pri­ate tech­ni­cal and orga­ni­za­tion­al mea­sures are imple­ment­ed to ensure a lev­el of data pro­tec­tion appro­pri­ate to the risk.

5. Confidentiality

Elec­tron­ic com­mu­ni­ca­tion chan­nels may involve secu­ri­ty risks. Com­plete con­fi­den­tial­i­ty can­not be guar­an­teed, par­tic­u­lar­ly in the case of unen­crypt­ed email communication.

If you require par­tic­u­lar­ly secure com­mu­ni­ca­tion, an alter­na­tive com­mu­ni­ca­tion method can be agreed upon in indi­vid­ual cases.

6. Data Retention

Com­mu­ni­ca­tion data will be delet­ed once the pur­pose of pro­cess­ing ceas­es, unless statu­to­ry reten­tion oblig­a­tions apply.

7. Disclosure to Third Parties

Per­son­al data will only be dis­closed to third par­ties where nec­es­sary for the han­dling of a man­date, where a legal oblig­a­tion exists, or where you have giv­en your consent.

8. Data Subject Rights

You have the right to:

  • access
  • rec­ti­fi­ca­tion
  • era­sure
  • restric­tion of processing
  • data porta­bil­i­ty
  • objec­tion

You also have the right to lodge a com­plaint with a super­vi­so­ry authority.