Privacy Policy


Jaufer Rechtsanwälte GmbH

Glacisstraße 35, 8010 Graz, Austria


Phone: + 43 5 93 12 – 0


1) Personal data

We collect, process and use your personal data only with your consent or mandate or order for the purposes agreed with you or if there is another legal basis in accordance with the GDPR; and we do so in compliance with data protection and civil law. 

We only collect personal data that is required for the performance and processing of our legal services or that you have voluntarily provided to us. On the one hand, we collect personal data when they are expressly communicated to us. On the other hand, we automatically collect data, technical data in particular, when you visit our website.

Personal data are all data that contain individual details about personal or factual circumstances, for example name, address, e-mail address, telephone number, date of birth, age, gender, social security number, video recordings, photos, voice recordings of persons as well as biometric data such as fingerprints. Sensitive data, such as health data or data related to criminal proceedings, may also be included. Information such as the number of users visiting a website is not personal data because it is not associated with an individual.

2) Data security

We protect your personal data by taking appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, illegal or even accidental access, processing, loss, use and manipulation. 

Notwithstanding our efforts to maintain an appropriately high level of due diligence at all times, it cannot be ruled out that information which you disclose to us via the Internet or which is collected by us may be viewed by other persons and used without our consent. 

Please note that we therefore accept no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacker attack on e-mail account or telephone, interception of faxes).

3) Use of the data

We will not process the data provided to us for purposes other than those covered by the contract of engagement or by your consent or by any other provision in accordance with the GDPR. In this context, we would like to point out that we use your data anonymously for statistical purposes.

The legal basis for our data processing within the scope of the attorney-client relationship is therefore primarily

  • the performance of the contract of engagement or order pursuant to Art. 6(b) GDPR and
  • compliance with legal obligations pursuant to Art. 6(c) GDPR.

In principle, you are not obliged to provide us with your personal data. However, you need to provide your data so that we can maintain a attorney-client relationship and fulfill your order. If you do not provide the data, this may mean that the acceptance of your order or the provision of the requested services is not possible or only possible to a limited extent.

In order to stay in contact with you or to be able to inform you about relevant developments or changes on our part, we use your contact data to send you information letters, newsletters or invitations in particular. You are under no legal or contractual obligation to provide us with your contact details for marketing or promotional purposes. If you do not provide us with your data for this purpose or if you object to this use, we will not contact you. You can let us know at any time by e-mail or telephone if you do not wish to be contacted any further. 

The legal basis for data processing for advertising purposes is our legitimate interest pursuant to Art. 6(f) GDPR.


4) Transfer of data to third parties 

For the fulfillment of your order, it may also be necessary to forward your data to third parties (e.g. the opposing party, substitutes, insurance companies, service providers that we use and to whom we make data available, etc.), courts or authorities. We will only forward your data in compliance with the provisions of the GDPR and in particular for the purpose of fulfilling your order or with your prior consent.

We would also like to inform you that we regularly obtain factual and case-related information about you from third parties to provide you with our legal representation and support services.

Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in Austria. However, we only transfer your personal data to countries for which the European Commission has decided that they have an adequate level of data protection, or we take measures to ensure that all recipients have an adequate level of data protection, for which we conclude standard contractual clauses pursuant to Art. 46(2) and (3) GDPR. Standard contractual clauses are templates provided by the European Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there.

5) Notification of a data breach

We strive to ensure that data breaches are identified at an early stage. If necessary, we will notify you and/or the competent supervisory authority, including the data categories concerned. We will make every effort to address the data breach and keep you informed.

6) Storage of data

We process and store your personal data only for the period of time required to fulfill the purpose of processing and storage (Art. 5(1)(e) GDPR) or if another legal basis applies under the GDPR. In addition, data may be stored beyond the outlined periods in order to comply with European or national laws, rules and regulations. In this context, we would like to point out that legal retention obligations constitute a legitimate purpose for the processing of personal data.

If you do not (or no longer) agree to the storage of your data for contact purposes, you can notify us at any time by e-mail or telephone.

7) Rights of the data subject

You, the data subject, have the following rights with regard to your personal data in compliance with our duty of confidentiality as attorneys-at-law:

  • Right of access by the data subject pursuant to Article 15 GDPR: You have a right to information, about your stored personal data, their source and recipient and the purpose of data processing.
  • Right to rectification pursuant to Article 16 GDPR: You have the right to request that your data be corrected if it is inaccurate.
  • Right to erasure pursuant to Article 17 GDPR: You have the right to request the deletion of your data under certain conditions.
  • Right to restriction of processing pursuant to Article 18 GDPR: You have the right to request that the processing of your data be restricted under certain conditions.
  • Right to data portability pursuant to Article 20 GDPR: You have the right to receive from the controller your data provided to it in a commonly used format, provided that this does not involve a disproportionate effort.
  • Right to object pursuant to Article 21 GDPR: You have the right to object on specific grounds to certain processing of your data.

Your request for access, erasure, rectification, objection and/or data portability can be directed to our address listed above.

Furthermore, you can withdraw your consent to data processing at any time. Please note that this shall not affect the lawfulness of processing based on consent before its withdrawal.

You also have the right to lodge a complaint with the Data Protection Authority. The competent Data Protection Authority is the Österreichische Datenschutzbehörde, Barichgasse 40-42, 1030 Vienna, Austria, Phone: +43 1 52 152-0,

8) Cookies

Our website uses “cookies” to make our offer more user-friendly, effective and secure. 

A “cookie” is a small text file that we transfer via our web server to the cookie file of the browser on the hard drive of your computer. This enables our website to recognize you as a user when a connection is established between our web server and your browser. Cookies help us to determine the frequency of use and the number of users of our website. The content of the cookies we use is limited to an identification number, which no longer allows any personal reference to the users. The main purpose of a cookie is to recognize visitors to the website. Cookies can only store information provided by your browser, i.e. information that you yourself have entered into the browser or that is present on the website. Cookies cannot execute code and cannot be used to access your device.

Depending on their purpose and function, we divide cookies into the following categories:  

  • Technically necessary (essential) cookies to ensure the technical operation and basic functions of our website. This type of cookies is used, for example, to maintain your settings while you navigate the website; or they can ensure that important information is retained throughout the session (e.g. login, shopping cart). 
  • Statistics cookies to understand how visitors interact with our website by collecting and analyzing information anonymously only. This provides us with valuable insights to optimize both the website and our products and services. 
  • External media cookies: These cookies control the settings about the integration and display of external media (e.g. videos) that are not displayed via our platform.

The legal basis for our use of technically necessary cookies is Art. 6(1)(f) GDPR, as we are pursuing our legitimate interest in the error-free operation and smooth functioning of our website. Our website cannot function properly without these cookies. 

The use of statistics and external media cookies requires your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent to the use of cookies at any time in the future pursuant to Art 7(3) GDPR. Consent is given freely.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you choose to deactivate cookies, the functionality of our website may be limited. 

9) Use of Borlabs Cookie

Our website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents. Borlabs Cookie does not process any personal data.

The borlabs-cookie stores the consent you gave when you entered the website. If you wish to withdraw your consent, simply delete the cookie from your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

10) Server log files 

In order to optimize our website in terms of system performance, user-friendliness and provision of useful information about our services, the website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider and date/time. 

We do not merge this data with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use. 

The data processing is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR in the technically error-free presentation and optimization of our website.

11) Use of Matomo 

We use Matomo, a web analytics software, on our website. The service provider is the New Zealand company InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. For more information about the data processed through the use of Matomo, please see their Privacy Policy at Questions about data protection can be sent by e-mail to

As a rule, we store, for example, what content you view on our website, which buttons or links you click on, when you access a page, which browser you use, which device (PC, tablet, smartphone, etc) you use to visit the website or which computer system you use. When you have given us permission to collect location data, it may also be processed by the provider of the web analytics tool.

Your IP address will also be stored. Pursuant to the General Data Protection Regulation (GDPR), IP addresses are considered personal data. However, your IP address is usually stored pseudonymized (i.e. in an unrecognizable and shortened form). For the purpose of testing, web analytics and web optimization, we generally do not store any direct data, such as your name, age, address or e-mail address. All this data, if collected, is stored in pseudonymized form. Thus, you cannot be identified as a person.

The use of web analytics requires your consent, which we have obtained with our cookie popup. According to Art. 6(1)(a) GDPR, this consent constitutes the legal basis for the processing of personal data, as may occur during the collection by web analytics tools. 

In addition to the consent, there is a legitimate interest on our part to analyze the behavior of website visitors and thus to improve our offer technically and economically. With the help of web analytics, we can detect website errors, identify attacks and improve efficiency. The legal basis for this is Art. 6(1)(f) GDPR.