Privacy Policy

  1. Personal Data

The law firm Greindl & Köck Rechtsanwälte GmbH, Gußhausstraße 14, 1040 Vienna, (the “Law Firm”) collects, processes and uses your personal data in accordance with the following principles. This statement is addressed to existing and former clients, prospects and potential future clients, as well as their respective shareholders, corporate bodies and other employees.

Personal data is any data that contains individual information about personal or material circumstances, such as name, address, email address, telephone number, date of birth, age, gender, social security number, video recordings, photographs, voice recordings of persons and biometric data such as fingerprints. Sensitive data such as health data or data related to criminal convictions and offences may also be included.

We only collect personal data that is necessary in order to perform our legal services or that you have voluntarily provided to us.

The law firm processes your data in particular for the following purposes:

  • establishment, administration and settlement of the business and client relationship,
  • performing mandated advisory, assistance and representation activities in all judicial and extrajudicial matters,
  • internal organisation and claims management of the law firm,
  • strengthening existing client relationships or establishing new client relationships, approaching interested parties, including information on current legal developments and our range of services (marketing).

The law firm processes personal data because this is necessary to fulfil the contract (mandate) concluded with you (Art. 6 para. 1 lit. b General Data Protection Regulation – GDPR). Furthermore, the law firm processes personal data on the basis of an overriding legitimate interest in order to achieve the stated purposes (Art. 6 Para. 1 lit. f GDPR) or on the legal basis of the Lawyer’s Act (“RAO”) or other statutory or professional obligations (Art. 6 Para. 1 lit. c and Art. 9 Para. 2 lit. g GDPR).

Without the collection and processing of your data, offered services may not be provided or not performed completely.

  1. Information and Erasure

As a client or, generally, as a data subject, you have the right – subject to the lawyer’s duty of confidentiality – to obtain information at any time about your stored personal data, their origin and recipients and the purpose of the data processing, as well as the right to rectification, data transfer, objection, restriction of processing and erasure of incorrect or unlawfully processed data.

If there are any changes to your personal data, we request that you inform us accordingly.

You have the right to revoke a given consent to the use of your personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Your request for information, erasure, rectification, objection and/or data transfer, in the latter case provided that this does not involve a disproportionate effort, may be directed to the address of the law firm indicated in point 10 of this statement.

If you are of the opinion that the processing of your personal data by us violates applicable data protection laws or that your rights to data protection have been violated in any other way, you have the option of complaining to the competent supervisory authority. In Austria, the competent authority is the Austrian Data Protection Authority (Wickenburggasse 8, 1080 Vienna, phone: +43 1 52 152-0, e-mail:

  1. Security of Personal Data

Your personal data is protected by appropriate organisational and technical security measures. These security measures include in particular protection against unauthorised, illegal or accidental access, processing, loss, alteration, disclosure, use and manipulation.

Notwithstanding our efforts to maintain an appropriately high level of diligence at all times, it cannot be ruled out that information you disclose to us via the Internet may be viewed and used by other persons.

Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorised access by third parties (e.g. hacking attack on email account or telephone, interception of faxes).

4 Use of the Data

We will not process the data provided to us for purposes other than those covered by the mandate agreement or by your consent or otherwise by a provision in accordance with the GDPR. This does not include the use for statistical purposes, if the data provided has been anonymised.

  1. Transfer of Data to Third Parties

For the purpose of fulfilling your mandate, it may also be necessary to transfer your data to third parties (e.g. opposing parties, substitutes, insurance companies, service providers or consultants whom we use and to whom we provide data, such as notaries or auditors, third-party experts, bar associations, insurance companies, banks, (IT) service providers, etc.), courts or authorities. Your data will only be forwarded on the basis of the GDPR, in particular for the purpose of fulfilling your mandate or on the basis of your prior consent.

Furthermore, we inform you that in the course of our legal representation and support, factual and case-related information about you is regularly obtained from third parties.

Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take steps to ensure that all recipients have an adequate level of data protection, to which we include standard contractual clauses (2010/87/EC and/or 2004/915/EC).

  1. Notification of Personal Data Breaches

We endeavour to ensure that data breaches are identified at an early stage and, where appropriate, reported to you or the relevant supervisory authority without delay, taking into account the relevant categories of data involved.

  1. Storage of data

We will not retain data for longer than is necessary to fulfil our contractual or legal obligations and to avert any possible liability claims.

In principle, data will be deleted 10 years after completion of the business relationship. Data will be stored beyond this period if there is a statutory storage obligation. The data necessary for the fulfilment of accounting obligations (Art. 190, 212 UGB) and tax law requirements (Art. 132 BAO) are stored for at least 7 years. In addition, in individual cases, data is stored for a longer period until the completion of the business relationship or a legal dispute or until the expiry of warranty periods and limitation periods in the case of the assertion of claims for damages or insofar as it is necessary for the assertion of claims under copyright law. Furthermore, a retention period of 30 years applies to all data stored in the electronic document archive (Archivium).

  1. Cookies

The firm’s website may use “cookies” to make our services more user-friendly, effective and secure.

A “cookie” is a small text file which we transfer via our web server to the cookie file of the browser on the hard disk of your computer. This enables our website to recognise you as a user when a connection is established between our web server and your browser. Cookies help us to determine the frequency of use and the number of users of our web pages. The content of the cookies we use is limited to an identification number that no longer allows any personal reference to the user. The main purpose of a cookie is to recognise visitors to the website.

Two types of cookies are used on this website:

  • Session cookies: These are temporary cookies that remain in your browser’s cookie file until you leave our website and are automatically deleted at the end of your visit.
  • Persistent cookies: For a better user experience, cookies remain stored on your terminal device and allow us to recognise your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and can allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

  1. Server Log Files

In order to optimise this website in terms of system performance, user-friendliness and the provision of useful information about our services, the website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your internet protocol address (IP address), browser and language setting, operating system, referrer URL, your internet service provider and the date/time.

We do not combine this data with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

  1. Our Contact Details

The protection of your data is particularly important to us. You can reach us at any time at the contact details below if you have any questions or wish to exercise your rights.

Greindl & Köck Rechtsanwälte GmbH

Gußhausstraße 4/5

1040 Vienna


Tel: +43 1 494 63 63

Fax: +43 1 494 63 63

Greindl & Köck Rechtsanwälte GmbH