1. responsible body

Rotwang Law (Senf & Partner*innen mbB)
Silbersteinstraße 78, 12051 Berlin
E-mail: kontakt@rotwang-law.de
Phone: +49 (0)30 12345678

2. general information on data processing

We process the personal data of our clients, business partnersand website visitors exclusively in accordance with the legal requirements, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

3. categories of processed data

• Master data (name, address, contact details)
• Mandate-related information (e.g. case description, documents)
• Communication data (e-mail, telephone)
• special categories of personal data, if applicable (e.g. health data)

4. purposes of the processing

• Client processing and legal advice
• Communication with clients and third parties
• Documentation and archiving
• Use of AI-supported tools to increase efficiency

5. use of AI tools (ChatGPT, Copilot etc.)

5.1 Description and purpose

To support our legal services, we use AI-supported tools such as ChatGPT (OpenAI) and Copilot (Microsoft). These tools help us with:

• Text creation and revision
• legal research
• Analysis of complex issues

5.2 Processing of personal data

Personal data may also be processed, especially if it is entered into the AI systems. Processing takes place exclusively within the scope of processing the mandate and in compliance with data protection regulations.

5.3 Legal basis

• Art. 6 para. 1 lit. a GDPR - Consent of the data subject
• Art. 9 para. 2 lit. a GDPR - for special categories of personal data
• Art. 6 para. 1 lit. f GDPR - legitimate interest (e.g. increased efficiency), provided that no sensitive data is affected

5.4 Data transfer to third countries

The providers of the AI tools used are based outside the EU (e.g. USA). Data is only transferred under the following conditions:

• Certification according to the EU-U.S. Data Privacy Framework
• Conclusion of standard contractual clauses (SCCs) with the providers
• Use of privacy-by-design functions(e.g. deactivation of training data usage)

5.5 Protective measures

• Pseudonymization/anonymization of sensitive content before input
• Use exclusively via business devices
• Training employees in the use of AI tools
• No automated decisions with legal effect

5.6 Rights of data subjects

You have the right to at any time:

• Information (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Objection (Art. 21 GDPR)
• Data portability (Art. 20 GDPR)

6 Order processing and joint responsibility

Depending on the provider and configuration of the AI tools, we conclude data processing agreements (DPAs) or joint responsibility agreements. The role of the respective provider is reviewed regularly.

7. storage period

Personal data is only stored for as long as is necessary for the respective purposes or for as long as there are statutory retention obligations.

8 Your rights and contact with the data protection supervisory authority

If you have any questions or complaints, you can contact us or the responsible data protection supervisory authority at any time:

Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59-61, 10555 Berlin
www.datenschutz-berlin.de

You can change your privacy settings on Twitter at any time: https://twitter.com/account/settings