COPYTRACK
Privacy Policy - COPYTRACK

Privacy Policy

Effective: June 2025

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions. In this privacy information, we inform you about the most important aspects of data processing in the context of our websites.

Controller

RD Legal GmbH, Saarbrücker Str. 18, 10405 Berlin, Deutschland Phone: +49 30 809 332 910 | Email: case@copytrack.com

General Information on Cookies and Similar Technologies

We use cookies, pixels, tags, and web beacons on our website. These small files are stored on your device when you visit our site. Cookies do not cause any damage to your device, do not contain viruses, trojans, or other malware. Information transmitted includes IP addresses, referrer URLs, access times, browsers used, and cookie data. Session cookies enable basic service use and are deleted after leaving the site. Persistent cookies optimize user experience based on legitimate interests per Art. 6(1)(f) GDPR and Sec. 25(2)(2) TDDDG. Third-party tools using cookies require explicit consent under Art. 6(1)(a) GDPR and Sec. 25(1) TDDDG. Users can adjust settings via the cookie banner or configure browsers to reject cookies, though this may limit functionality.

General Information on Third Country Transfers

Data transfers to countries outside the EU/EEA occur when the European Commission confirms adequate protection under Art. 45(3) GDPR, recipients are DPF-certified (Transatlantic Data Privacy Framework), adequate safeguards exist per Art. 46 GDPR, or user consent is obtained per Art. 49(1)(a) GDPR. Please note: U.S. authorities may access personal data based on surveillance programs under Section 702 of the FISA and Executive Order 12333 without effective EU legal remedies for non-DPF certified recipients.

Data Processing Activities

Data Processing When Accessing the Website

Automatically transmitted server data includes IP addresses, access dates/times, requested file names, referrer URLs, browser information, and provider names. Processing serves connection establishment, content display, security, and error evaluation. Legal basis: Art. 6(1)(f) GDPR. Recipient: IONOS SE (hosting provider). Retention: Seven days, extended only for security incidents.

General Contacting

Personal data from inquiries (name, email, content) is processed for response purposes. Legal basis: Art. 6(1)(f) GDPR. Deletion occurs within six months post-communication.

Assignment for Rights Enforcement

Client-provided contractual and case data is processed to assess cases and communicate. Legal basis: Art. 6(1)(b) GDPR. Retention: Duration of relationship plus statutory retention periods.

Contacting Opponents

Contact details and case information are processed when contacting potential infringers on behalf of clients. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in supporting contractual partners). Retention: Duration of relevance plus statutory periods.

Registration and Platform Use

Clients/opponents register with email and case number, confirming via double opt-in. Secure passwords enable login. Legal basis: Art. 6(1)(f) GDPR (platform management). Retention: Until account deletion; case data deleted upon matter conclusion and statutory expiration.

Applications

Submitted application data (contact details, qualifications, attachments) is processed for hiring decisions. Legal basis: Art. 6(1)(b) GDPR. Deletion: Six months post-procedure, unless legal obligations or defense needs require longer retention.

Google Maps

Interactive maps activate upon user consent, processing IP addresses, access times, URLs, location data, browser information, and Google identifiers. Legal basis: Art. 6(1)(a) GDPR. Recipient: Google Ireland Limited (with potential transfer to Google LLC, a DPF participant). Data generally deleted after 30 days if not linked to logged-in accounts.

Data Subject Rights

  • Right of Access (Art. 15 GDPR): You may obtain information about stored data, processing purposes, data categories, recipients, retention periods, and data origins.
  • Right to Rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17 GDPR): You may request deletion if the legal basis no longer applies, consent is withdrawn, or GDPR Art. 17(1) conditions are met.
  • Right to Restriction (Art. 18 GDPR): You may restrict processing if disputing accuracy, processing is unlawful, data is no longer needed, or objections are pending.
  • Right to Data Portability (Art. 20 GDPR): You may request data transfer in structured, machine-readable formats.
  • Right to Withdraw Consent (Art. 7(3) GDPR): Consent withdrawal ceases processing; prior processing remains lawful.
  • Right to Lodge Complaints (Art. 77 GDPR): You may file complaints with supervisory authorities.

Right to Object

YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA IF WE PROCESS YOUR PERSONAL DATA SOLELY ON THE BASIS OF OUR LEGITIMATE INTERESTS. Pursuant to Art. 21 GDPR, you have the right to object to processing if we rely solely on legitimate interests and circumstances warrant objection. General objection rights apply to direct marketing. Submit objections to case@copytrack.com.