+49 89 288 139 0

Privacy / Data Protection Policy

Thank you for your interest in our web presence. The protection of personal data is an important issue to us. The following describes our handling of data processing. We operate in line with the applicable legal provisions governing the protection of personal data, in particular those of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Person responsible for data processing

The data protection controller within the meaning of the GDPR is Merx Pütz Rechtsanwälte PartmbB, Uhlandstrasse 2, 80336 Munich, Germany, phone: 089-288139-0, facsimile: 089-288139-99, e-mail: Telefon: 089- 288139-0, Fax: 089- 288139-99, E-Mail:

2. Use of our website; SSL encryption

When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the accessed file,
  • Website from which the access was made (referrer URL),
  • browser used and, if applicable, the operating system of your computer and the name of your access provider.

The data is processed by us for the following purposes

  • Ensuring a smooth connection to the website,
  • Ensuring a comfortable use of our website,
  • evaluating system security and stability, and
  • for other administrative purposes.

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

We do not use cookies or analysis tools.

3. Collection and storage of personal data

When you instruct us, we collect the following information:

  • Title, first name, surname,
  • a valid e-mail address,
  • address,
  • telephone number (landline and/or mobile),
  • Information that is necessary for the assertion and defense of your rights within the scope of the client mandate, and
  • Contact details of the contact person

This data is collected only

  • to be able to identify you as our client;
  • to be able to provide you with appropriate legal advice and representation;
  • for correspondence with you;
  • for invoicing purposes;
  • to process any existing liability claims and to assert any claims against you;

Data processing is carried out on the basis of contract initiation or contract fulfillment (mandate agreement) in accordance with Art. 6 para. 1 lit. b GDPR. 1 lit. b DSGVO.

The personal data collected by us for the client’s mandate will be stored until the expiry of the statutory retention obligation for lawyers (6 years after the end of the calendar year in which the mandate was terminated) and then deleted, unless we are obliged to store it for a longer period of time in accordance with Art. 6 para. 1 lit. c GDPR due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to further storage in accordance with Art. 6 para. 1 lit. a GDPR.

4. Transfer of data to third parties

Your personal data will not be transferred to third parties for purposes other than those listed below.

Insofar as this is necessary in accordance with Art. 6 para. 1 lit. b GDPR for the processing of client relationships with you, your personal data will be passed on to third parties. This includes in particular the disclosure to opposing parties and their representatives (in particular their lawyers) as well as courts and other public authorities for the purpose of correspondence and for the assertion and defense of your rights. The data passed on may be used by the third party exclusively for the stated purposes. The attorney-client privilege remains unaffected. Insofar as data is concerned that is subject to attorney-client privilege, it will only be passed on to third parties in consultation with you.

5. Transfer of personal data to other EU countries

It may be necessary to transfer your data to public authorities, courts or lawyers in other EU countries in order to defend your rights. It may be necessary to transfer data to countries for which no adequacy decision (decision on compliance with security standards) has been issued by the Commission. The transfer will only take place if this is necessary to assert your legal claims (Art. 49 para. 1 lit. f GDPR). The attorney-client privilege remains unaffected.

6. Rights of data subjects

As an affected person you have the right:

  • in accordance with Art. 7 para. 3 GDPR to withdraw your given consent at any time for the future. The revocation has no influence on the previous lawfulness of the processing;
  • in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the rights of the data subject, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it, we no longer need the data but you need it to assert, exercise or defend legal claims or you have lodged an objection in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data in a structured, commonly used and machine-readable format or to request transmission to another controller; and
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. To do so, you can contact the supervisory authority of your usual place of residence or workplace or our law firm’s registered office. A list of supervisory authorities (for the non-public sector) with addresses can be found at:

7. Right to objection

In accordance with Art. 21 GDPR, you have the right to object, on grounds that arise from your particular situation, to the processing of your personal data unless the controller is able to demonstrate compelling legitimate grounds for the processing. To exercise your right to object, please simply send an e-mail to