3. Collection of data and information when accessing this site (log files)
The QNC GmbH website collects certain general data and information each time it is accessed. This data is stored in the log files of our server. The following data may be collected

• browser types and versions used,
  
• the operating system used by the accessing system,
• the date and time of access,
• the IP address of the requesting computer

When using this general data and information, QNC GmbH does not draw any conclusions about the data subject. The legal basis for this data processing is Art. 6 (1) lit. f GDPR (legitimate interests of the controller) and, where applicable, the fulfillment of contractual obligations under Art. 6 (1) lit. b GDPR.

This information is required in order to

• display the contents of the website correctly,
  
• optimize the content of the website and advertising for it,
• ensure the long-term functionality of the IT systems and technology of the website, and
• protect against and prosecute misuse

These reasons also constitute the legitimate interest for this data processing in accordance with Art. 6 (1) lit. f GDPR and, where applicable, the fulfillment of contractual obligations in accordance with Art. 6 (1) lit. b GDPR. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.

4. Cookies
The websites of QNC GmbH use cookies and other technologies. Cookies are text files that are stored on your device by a browser and other programs. Certain pages cannot be accessed without them or cannot be accessed without errors. In this context, they are used for the following purposes:

• Security
  
• Usability
• Improvement

The legal basis for data processing for the purposes of security and usability is the corresponding legitimate interests pursuant to Art. 6 (1) (f) GDPR and, where applicable, the fulfillment of contractual obligations pursuant to Art. 6 (1) (b) GDPR. The legal basis for data processing for improvement purposes is as follows: consent pursuant to Art. 6 (1) (a) GDPR, where applicable, the fulfillment of contractual obligations pursuant to Art. 6 (1) (b) GDPR, and legitimate interests pursuant to Art. 6 (1) (f) GDPR.

QNC GmbH commissions anwalt.de services AG to analyze the use of its websites by means of a separate function. No information is stored in the end user's terminal equipment, in particular by means of cookies, nor is such information accessed within the meaning of § 25 TDDDG. The legal basis for data processing is the legitimate interest pursuant to Art. 6 (1) (f) GDPR of QNC GmbH to obtain information about the use of its websites and its offerings in order to improve them . The application is designed to be privacy-friendly and, in particular, does not track the behavior of individual persons. Personal data is not stored.

QNC GmbH uses the services of Simple Analytics (Simple Analytics, Hooftlaan 4, 1401 ED Bussum, Netherlands) to easily measure the number of page views by commissioning anwalt.de services AG. Simple Analytics counts these based on the browser referrer. Processing is carried out on the basis of Art. 6 (1) lit. f GDPR in the legitimate interest of obtaining the information necessary for user-oriented offer design. Further information on data processing by Simple Analytics can be found at: https://docs.simpleanalytics.com/what-we-collect

‍QNC GmbH uses the services of the provider Cookiebot (Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark) for cookies and technologies that require consent in accordance with Art. 6 (1) (a) GDPR and/or § 25 (1) TDDDG. Cookiebot is a completed order processing. Cookiebot uses Google Tag Manager to provide the consent banner and control tags. Cookiebot logs and documents your consent by storing the first half of the IP address, the browser's user agent, the domain name of the website, the date and time of consent, and a unique, encrypted key, which is stored in a data center of Microsoft Ireland Operations Ltd in Dublin, Ireland. Consent is automatically deleted after 12 months and is only processed in aggregated, anonymized form as part of the statistics. The legal basis is Art. 6 (1) lit. c GDPR, as the data processing is carried out to fulfill the legal obligation existing under § 25 TDDDG, as well as Art. 6 (1) (f) GDPR due to the interest in a page design that meets the interests of different users. You can prevent this data processing by deactivating the execution of scripts in your browser. Further information from Cookiebot on data protection can be found at: https://www.cookiebot.com/en/privacy-policy/

‍Common browsers offer functions to prevent cookies or only allow them in individual cases, to be informed about cookies in advance, and to delete cookies automatically. However, there is no guarantee that you will be able to access all functions of this website without restrictions if you make the appropriate settings.

QNC GmbH commissions anwalt.de services AG to process personal data using Google Tag Manager and Google Analytics with the Google Ads and Google Conversion Tracking extensions as services provided by Google (Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) and Google, LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and other affiliated companies of Google, LLC. Appropriate order processing and standard contractual clauses have been agreed with Google Ireland Ltd. Processing is carried out on the basis of Art. 6 (1) lit. a GDPR. Google Tag Manager allows website tags to be managed via an interface. Only tags are integrated. Personal data in the form of IP addresses is only processed for the technically necessary purpose of recording the cookie consent status, as long as you have not given your consent for other processing for other purposes, as a result of which other tags may be triggered that collect further personal data, which Google Tag Manager does not access. Google Analytics uses cookies and other technologies such as browser fingerprinting. These enable Google to analyze the use of the primelegal.ai websites. The information collected by the cookie about the use of the pages under the domain primelegal.ai (including your IP address) by devices in the EU is transmitted to Google servers in the EU and stored there. The IP address is automatically truncated in the process. Data may be transferred to servers in the USA. Data processing is based on your consent in accordance with Art. 6 (1) (a) GDPR, which you gave via the cookie consent tool displayed when you first visited primelegal.ai. Google uses the information collected to evaluate the use of the primelegal.ai websites, to compile reports for QNC GmbH in this regard, and to provide other comparable services. Google Analytics is set up so that data is deleted within 14 months of its creation. You can deactivate Google Analytics by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. For more information about Google's privacy policy for Google Analytics, please visit: https://support.google.com/analytics/topic/2919631?hl=en

QNC GmbH commissions anwalt.de services AG to process personal data using Clarity from Microsoft (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland) for the purpose of analyzing page usage by collecting information about cursor movements, clicks, and similar interactions by way of order processing. The EU standard contractual clauses have been concluded with Microsoft. The parent company Microsoft Corp. is certified under the EU-U.S. Data Privacy Framework. Processing is carried out on the basis of Art. 6 (1) lit. a GDPR. Further information on data processing by Microsoft can be found in the privacy policy: https://www.microsoft.com/en-us/privacy/privacystatement

‍Clarity can be deactivated in particular at https://account.microsoft.com/privacy/ad-settings/signedout?lang=en-US and at https://optout.aboutads.info/

‍QNC GmbH commissions anwalt.de services AG to process personal data on its behalf using the LinkedIn Ads function of the LinkedIn network (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). The legal basis for this is consent in accordance with Art. 6 (1) (a) GDPR. When you visit corresponding pages under the domain primelegal.ai, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited these web pages with your IP address. If you click on the LinkedIn Recommend button and are logged into your LinkedIn account, LinkedIn can associate your visit to our web pages with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn. Personal data is deleted within 90 days of collection. LinkedIn users can deactivate personalized advertising in their LinkedIn settings. For more information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy

‍QNC GmbH uses the Bing Ads service provided by Microsoft (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland) through an agreement with anwalt.de services AG. For this purpose, a cookie is placed on your device when you access relevant pages under the domain primelegal.ai via a Bing ad. These also contain a so-called UET tag (Universal Event Tracking). This means that non-personal data is stored in connection with the cookie, such as the length of time spent on the page and which ad was used to access it. The legal basis is consent in accordance with Art. 6 (1) (a) GDPR. The information is stored on a Microsoft server for up to 180 days and then deleted. In addition, Microsoft may use cross-device tracking to track usage behavior across multiple electronic devices and thereby display personalized advertising on Microsoft websites and in Microsoft apps. Deactivation is possible at: https://account.microsoft.com/privacy/ad-settings/signedout?lang=en-USFurther information on Microsoft's data protection can be found at https://help.ads.microsoft.com/#apex/ads/en/ext60212

‍QNC GmbH uses the Meta Ads service, which is provided by Meta (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland) on the basis of joint responsibility, through an agreement with anwalt.de services AG. For this purpose, a pixel is integrated into websites under the domain primelegal.ai. This enables Meta to display ads to visitors to the websites in services provided by Meta and its Meta Audience Network cooperation partners. In addition, the effectiveness of Meta Ads can be measured by information about a referral to our websites without revealing the identity of the users. However, Meta can connect to a user account for Meta services.

QNC GmbH uses LinkedIn Lead Ads on behalf of anwalt.de services AG. If you click on a corresponding ad and fill out the lead generation form, the following personal data will be collected from you: first name, last name, email address, phone number, company/law firm name, law firm website. The use of the data is linked to the purposes pursued by the respective Lead Ad campaign, in particular for the purpose of establishing contact. Data processing is based on your express consent in accordance with Art. 6 (1) lit. a GDPR. The legal basis is also the legitimate interest Art. 6 (1) lit. f GDPR in the use of this data for our own purposes and exclusively for direct marketing purposes. These purposes are specifically described in the Lead Ad before consent is obtained and before QNC receives the data provided. The data you provide will be transmitted to us by LinkedIn and stored for up to 90 days. Your data will then be deleted or blocked within 30 days. Further information on data processing by LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/legal/privacy/eu?

QNC GmbH uses the Lead Ads function from Meta (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland) on the Facebook pages https://www.facebook.com/people/PRIME-LEGAL-AI/61583445330877/# and https://www.instagram.com/prime_legal_ai/ to process data from interested parties – so-called leads – voluntarily via a contact form displayed there. The legal basis for this is the consent of the user in accordance with Art. 6 (1) lit. a GDPR. The legal basis is also the legitimate interest pursuant to Art. 6 (1) (f) GDPR in the use of this data for our own purposes and exclusively for direct marketing purposes. Further information can be found in Facebook's data policy at: https://www.facebook.com/privacy/center/?locale=en

‍Data collected through Lead Ads can be automatically processed using make (Celonis SE, Theresienstr. 6, 80333 Munich). The legal basis is Art. 6 (1) lit. f GDPR and, in this respect, the legitimate interest in efficient and interest-based direct advertising. To use make, an agreement on order processing and the standard contractual clauses have been concluded with the provider . Further information is available at: https://www.make.com/en/privacy-and-gdpr

5. Contact options
For easy contact, we provide a contact form and an email address on this page. If a data subject contacts us by email or via the contact form, the following data must be provided in the input form and will be automatically stored after submission:
‍
Email address, first name, last name, and text message of the email.

The legal basis for the processing of data transmitted in the course of using the contact form or sending an email is Art. 6 (1) lit. f GDPR (legitimate interest) and Art. 6 (1) lit. a GDPR (consent).

If the purpose of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

The processing of personal data from the input mask serves us solely for the purpose of processing the contact request by the data subject.

A separate contact form is available for registering for webinars. If a data subject registers using this form, the following data must be provided in the input form and will be automatically stored after submission:
Email address, first name, last name, company role, (optional law firm name/company name, company size)

For the optional newsletter registration during webinar registration, please refer to the information in this privacy policy under 6. Newsletter.

QNC GmbH has data collected via webinar registrations processed by anwalt.de services AG on its behalf. It uses Brevo (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin) services for registration and email delivery and Microsoft (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland) services for webinar delivery via Teams by way of subcontracting. The legal basis for the processing is Art. 6 (1) (a) GDPR and the legitimate interest pursuant to Art. 6 (f) GDPR in direct marketing to persons who are interested or presumably interested in its products
‍
During the sending process, the following data of the data subject is automatically stored:

• IP address
  
• Date and time of registration

This data is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
‍
The legal basis for this data processing is Art. 6 (1) lit. f GDPR (legitimate interests of the controller). Another legal basis for this data processing is Art. 6 (1) lit. e GDPR (public interest).

For some contact forms on specific topics, we use the Typeform service provided by Typeform S.L., Carrer Bac de Roda, 163, 08018 Barcelona. The data entered is stored by this service and forwarded to us or made available to us. Typeform does not use this data itself.

The legal basis for this data processing is Art. 6 (1) lit. f GDPR (legitimate interests of the controller). We have a legitimate interest in the targeted and individually customized presentation of contact forms on specific topics and the ability to customize them quickly and cost-effectively.

This personal data is not passed on to third parties.

6. Newsletter
QNC GmbH regularly sends out newsletters via anwalt.de services AG as a processor. anwalt.de services AG uses the services of Brevo (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin) to send out the newsletter as a subcontractor. Brevo can be used to organize and analyze the sending of emails. The double opt-in procedure is used to subscribe to the newsletter. This means that after subscribing to the newsletter, you must additionally confirm your subscription. You will receive a confirmation email containing a link. Only then will you receive the newsletter. We process your email address and name for shipping purposes and your IP address to verify your consent and to investigate and prevent possible misuse of your personal data. When you open an email sent via Brevo, a file contained in the email (known as a tracking pixel) connects to Brevo's servers. This allows us to determine whether the email has been opened. The links contained in the email make it possible to track when and how often they were clicked. You can object to this at any time by clicking on the unsubscribe link provided in each email and unsubscribing from the newsletter. Further information on the processing of data by Brevo can be found here: https://www.brevo.com/de/datenschutz-uebersicht/

The legal basis for processing is Art. 6 (1) (a) GDPR for processing based on consent and Art. 6 (1) (c) GDPR for the fulfillment of associated legal obligations and Art. 6 (1) (f) GDPR on the basis of legitimate interests in the intended use of the offer for direct marketing and protection against misuse.

If you no longer wish to receive the newsletter, you can unsubscribe at any time by clicking on the unsubscribe link contained therein and thus revoke your consent. You can also revoke your consent at any time by simply sending a message to the contact details at https://www.anwalt.de/impressum or https://www.primelegal.ai/en/impressum. To do so, please enable us to identify you as a newsletter subscriber by providing the email address you used when registering for the newsletter.

Your data collected in this context will be stored for up to four years after unsubscribing due to the legitimate interest in asserting, exercise, and defense of legal claims in accordance with Art. 6 (1) lit. f GDPR and due to a legal obligation in accordance with Art. 6 (1) lit. c GDPR in conjunction with Art. 7 (1) GDPR.

7. Routine deletion and blocking of personal data
The personal data of the data subject will only be stored for the period necessary to achieve the purpose of storage or for as long as storage is required by law.

If the purpose of storage no longer applies or if a statutory storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

8. Rights of the data subject
lit. a Right to confirmation
Every data subject has the right to request information about whether personal data concerning them is being processed.

b) Right of access (Art. 15 GDPR)
Every data subject has the right to obtain information free of charge about the personal data stored about them and a copy of this information.

c) Right to rectification (Art. 16 GDPR)
The data subject has the right to request that the controller rectify inaccurate personal data concerning them without delay.

d) Right to erasure (right to be forgotten) (Art. 17 GDPR)
Every data subject has the right to request that personal data concerning them be erased without delay, provided that one of the reasons specified by law applies and that processing is not necessary.

e) Right to restriction of processing (Art. 18 GDPR)
Every data subject has the right to request the restriction of processing if one of the reasons specified by law applies.

lit. f Right to data portability (Art. 20 GDPR)
Every data subject has the right to receive the personal data concerning them that they have provided to a controller in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance, provided that the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, when exercising their right to data portability pursuant to Art. 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

g) Right to withdraw consent under data protection law (Article 13 GDPR)
Every data subject has the right to withdraw consent to the processing of personal data at any time if the processing is based on Art. 6(1)(a) or Art. 9(2)(a), without affecting the lawfulness of the processing carried out on the basis of the consent until withdrawal.

h) Right to object (Art. 21 GDPR)
Every data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them which is based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions. Where personal data is processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him or her for such marketing; this also applies to profiling insofar as it is related to such direct marketing.

9. Right to lodge a complaint with the competent supervisory authority
In the event of violations of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. This is the state data protection officer of the federal state in which our company is based. A list of data protection officers and data protection authorities can be found here: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html