Data Privacy


We, Renner Wildner Bauer – Partnership of Independent Attorneys-at-Law („RWB“), collect and process your personal data on the basis of your mandate or your consent. As attorneys-at-law, we are committed to the utmost secrecy in all of our dealings due to our professional duty of confidentiality. 

When using your data, we naturally observe all data protection and civil law provisions as well, including but not limited to the provisions of the EU General Data Protection Regulation (“GDPR”). Hereinafter, we inform you of the purposes and the scope of processing your personal data, as well as your rights under the GDPR. 

Purposes of Processing and Legal Basis

Personal data means any information relating to an individual person by which such person can be identified. This includes information containing details of personal or material circumstances such as name, address, email address, phone number, date of birth, age, sex, social security number, or image and voice recordings of natural persons. Personal data can also include special categories of data such as data concerning health, biometric data or data relating to criminal proceedings. 

We process your personal data on the basis of our engagement by you and only to the extent this is necessary for the performance of your mandate and the respective contractual relationship between you and RWB (including steps taken prior to entering into a contract). Therefore, the processing may also be required for the establishment, exercise or defense of legal claims. 

As attorneys-at-law, we are obligated within the scope of your mandate to represent your interests zealously, faithfully and conscientiously, and we are therefore legally required to collect in your interest any personal data about you which is needed for a conscientious representation. We only collect personal data which is necessary in order to carry out and execute our legal services, or data which you have provided to us on a voluntary basis. When you disclose your (or your relatives‘, employees‘ or other third parties‘) personal data as well as their business or trade secrets, if any, we generally assume that you are authorised to disclose this data. 

Please note that, under certain circumstances, we might abstain from accepting, or not be in a position to pursue and thus terminate, an engagement if you fail to provide personal data, or provide incomplete data which would be necessary to achieve the purposes set out herein. 

We also process your contact details for the purpose of sending you client information, press releases as well as newsletters on current legal developments, or inviting you to corporate events. Unless there is an existing business relationship between you and RWB, this will solely be based on your consent which you can revoke at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. 

In any event, we will not process data made available to us for purposes other than those covered by your mandate or your consent, and at all times on a legal basis in accordance with the GDPR. Exempt therefrom is the use for statistical purposes, provided that data made available was anonymized. 

Your Rights

As a client or generally as a data subject within the meaning of the GDPR – and subject to the attorney-client privilege – you have the right to request at any time information on the processing of your personal data. This includes information on the purposes of the processing, the categories of data and recipients, storage periods, the source of data, as the case may be, as well as your rights under data protection regulations. In any case, all this information is already set out in this Data Privacy Statement. 

Should it become apparent that specifics of your data are inaccurate or incomplete, you can at any time request rectification or completion thereof. If your data has changed, please notify us accordingly. For the period of any processing of your requests until the final validation, you have the right to restriction of data processing. 

Furthermore, you have the right to request erasure of your personal data. If your data is no longer necessary in relation to the purposes set out herein (in particular for the performance of your contractual relationship with RWB) or if you have withdrawn your consent in a given case, then we will erase your data immediately to the extent that an exceeding storage period is not required by contract or by law. 

Finally, every data subject has the right to have an overview of his or her personal data transmitted directly to another controller, provided that the data portability is technically feasible and not precluded by unreasonable effort, or by legal or other obligations or requirements of confidentiality. 

To exercise your rights, please contact us at any time and provide us with evidence of your identity (e.g. an electronic copy of an identification card). In case of delays arising in verifying identity or for technical reasons we will restrict the processing of data as far as possible until its final erasure. 

Also, if you should consider that we are not observing your rights sufficiently we are at all times available for a joint resolution. Other than that, every data subject has the right to lodge a complaint with the Austrian Data Protection Authority, if he or she considers that the processing of personal data relating to him or her infringes data protection regulations. The complaint can also be lodged with a supervisory authority in the EU member state of the data subject’s habitual residence, place of work or place of the alleged infringement. 

Storage Period and Data Security

We store your personal data as long as and to the extent this is necessary to fulfill our (post-)contractual or legal obligations (retention periods) or to defend liability claims (statutes of limitations), if any. 

We have taken appropriate organizational and technical measures to ensure the protection of your personal data. Those measures provide protection in particular against unauthorized, unlawful or accidental access, processing, loss, use and tampering. 

In spite of our efforts of ensuring an appropriately high standard of diligence requirements, it cannot be ruled out that information you have provided via the internet or otherwise online might be accessed or used by other persons. We aim to ensure that data incidents are detected at an early stage and immediately reported to you or to the competent supervisory authority, as the case may be, including the respective data categories concerned. 

Please note that we cannot assume any liability whatsoever for the disclosure of information due to errors in the data transfer or unauthorized access by third parties not caused by us (e.g. hacking of email accounts or telephone, interception of fax messages). 

Transfers to Third Parties

The execution of your mandate may require us to transfer your data to third parties (e.g. to opponents, to substitute lawyers, to insurance companies, or to service providers we may use and to which we provide data – so-called processors) or to courts and authorities. Also, an international issue arising in connection with a mandate may require us to exchange data with cooperation partners who are subject to obligations of confidentiality. Data will be transferred only in accordance with data protection laws, in particular to execute your mandate or based on your prior consent. 

We would like to further inform you that, in connection with our legal services, information relating to your person and the specific circumstances of your case may regularly be sourced from third parties. In addition, we may have to disclose your personal data to courts or authorities upon their request. In all these cases, we will at all times observe the compliance with applicable legal regulations in order to protect your data. 

Some of the recipients of your personal data are located outside the EU or the EEA and process your personal data there. We will however transfer your personal data only to countries where the EU Commission has determined an adequate level of protection, or we will in accordance with the GDPR apply standard data protection clauses or similar legal instruments, pursuant to which the recipient ensures an appropriate level of data protection. 

Cookies and Server Log Files

You may use our website and access its public content generally without having to disclose your personal data. Only information provided by your internet provider will be collected and saved temporarily, including but not limited to your IP address and the duration and time of your visit. 

The website uses cookies to ensure that our services are user-friendly, effective and safe. 

A „cookie“ is a tiny text file that is downloaded by our web server on the hard drive of your computer via your browser and allows our website to recognize you as a user if a connection is made between our web server and your browser. Cookies help us to observe the frequency of use and the number of users who visit our website. The content of the cookies we use is confined to an identification number and does not allow us to personally identify a user. 

The main purpose of a cookie is to recognize the visitors of a website, thus two types of cookies are used: 

  • session cookies: these are transient cookies stored in temporary memory, which are automatically erased when you close your browser.
  • permanent cookies: these are stored on your hard drive to enhance user friendliness and allow us to recognize your browser when you visit our website again.

You can however adjust the settings on your browser to activate functionality which notifies you on the setting of cookies and to allow cookies only in a particular case. You may also disable cookies for certain cases or in general, or you can activate functionality which will automatically delete cookies when you close your browser. Disabling cookies may result in a limitation of certain functionalities and features of the website. 

For optimized system performance, user friendliness and provision of useful information on our services, the website provider automatically collects and stores so-called server log files, which your browser automatically transmits to us. This information includes your IP address, browser and language settings, operating system, referrer URL, your internet service provider, as well as date and time. 

This data will not be combined with other sources of personal data. We reserve the right to examine this data at a later stage if there is solid evidence suggesting unlawful use. 

Controller, Contact Details

In case of questions related to this Data Privacy Statement as well as in all data privacy matters, we are available at any time under the following contact details: 

Renner Wildner Bauer
Partnership of Independent Attorneys-at-Law A-1010 Vienna, Gonzagagasse 11