Search

The Firm

Information about Data Protection for our Clients

I. Who is responsible for data processing and whom can I contact?

We are jointly re­spon­si­ble for the pro­ces­sing of your data on this web­site:

  • RSM Eb­ner Stolz Wirt­schaftsprüfer Steu­er­be­ra­ter Rechts­anwälte
    Part­ner­schaft mbB
  • RSM Eb­ner Stolz GmbH & Co. KG
    Wirt­schaftsprüfungs­ge­sell­schaft Steu­er­be­ra­tungs­ge­sell­schaft
  • RSM Eb­ner Stolz Ma­nage­ment Con­sul­tants GmbH

The con­tact de­tails of these com­pa­nies ("RSM Eb­ner Stolz") can be found on the le­gal noti­ces page of our web­site. To re­gu­late our data pro­tec­tion re­spon­si­bi­li­ties, these com­pa­nies have en­te­red into an agree­ment, the es­sen­tial con­tent of which we will send to you by email upon re­quest.

If you have any ques­ti­ons about data pro­tec­tion, please con­tact our data pro­tec­tion of­fi­cer using the con­tact de­tails be­low:

RSM Eb­ner Stolz, Da­ten­schutz­be­auf­trag­ter, Kro­nen­straße 30, 70174 Stutt­gart, Email: da­ten­schutz@eb­ner­stolz.de

II. Why is your data processed?

RSM Eb­ner Stolz pro­ces­ses data in or­der to per­form the en­ga­ge­ment and fee agree­ments we en­ter into with our cli­ents, or to carry out pre-con­trac­tual mea­su­res. RSM Eb­ner Stolz pro­ces­ses data for the fol­lo­wing pur­po­ses (de­pen­ding on the en­ga­ge­ment):

  • Le­gal, tax-re­la­ted and ma­nage­ment con­sul­ting, busi­ness au­dits and spe­cial au­dits, fi­nan­cial ac­coun­ting, fi­nan­cial state­ment pre­pa­ra­tion
  • Re­pre­sen­ta­tion in ad­mi­nis­tra­tive and court pro­cee­dings
  • Cor­re­spon­dence
  • Ve­ri­fi­ca­tion of the iden­tity of our cli­ents, che­cking for con­flicts of in­te­rest and file crea­tion
  • In­voi­cing
  • Sett­ling and as­ser­ting po­ten­tial lia­bi­lity claims and other claims

The le­gal ba­sis for the data pro­ces­sing is Art. 6(1b) of the Ge­ne­ral Data Pro­tec­tion Re­gu­la­tion (GDPR). If you have gi­ven your cons­ent, the le­gal ba­sis is Art. 6(1a) of the GDPR. If you sub­mit spe­cial ca­te­go­ries of data to RSM Eb­ner Stolz (Art. 9(1) of the GDPR), the le­gal ba­sis is eit­her your cons­ent (Art. 9(2a) of the GDPR) or Art. 9(1f) of the GDPR.

RSM Eb­ner Stolz uses your data to send mar­ke­ting ma­te­ri­als and Christ­mas cards via the postal sys­tem, and if you have pro­vi­ded us with your email ad­dress, to send email mar­ke­ting. The le­gal ba­sis is Art. 6(1f) of the GDPR. We have a le­gi­ti­mate in­te­rest in di­rect mar­ke­ting. You may ob­ject to the pro­ces­sing of your data for mar­ke­ting pur­po­ses at any time and free of charge, by sen­ding an email to info@eb­ner­stolz.de.

If ne­cessary, RSM Eb­ner Stolz also pro­ces­ses your data for pur­po­ses of con­trol­ling, in­ter­nal au­dits and IT ad­mi­nis­tra­tion. The le­gal ba­sis is Art. 6(1f) of the GDPR. RSM Eb­ner Stolz has a si­gni­fi­cant in­te­rest in com­ply­ing with le­gal re­qui­re­ments and en­su­ring the se­cu­rity of its IT sys­tems.

RSM Eb­ner Stolz may pro­cess your data to ful­fill le­gal ob­li­ga­ti­ons un­der Art. 6(1c) of the GDPR for the fol­lo­wing pur­po­ses:

  • Pre­ven­tion of mo­ney laun­de­ring un­der §§ 10 ff., 23 of the Mo­ney Laun­de­ring Act
  • Sto­rage of do­cu­ments re­la­ted to en­ga­ge­ments, fi­nan­cial ac­coun­ting and busi­ness re­cords (see Sec­tion III).

III. How long is data stored?

RSM Eb­ner Stolz may store your data af­ter the ter­mi­na­tion of the cli­ent re­la­ti­ons­hip at least un­til all fees are paid. For the mar­ke­ting pur­po­ses men­tio­ned above, RSM Eb­ner Stolz may store your data for up to four years, pro­vi­ded that you have not ob­jec­ted to use of your data for mar­ke­ting pur­po­ses. To as­sert or de­fend le­gal claims, RSM Eb­ner Stolz may store data wi­thin the pe­riod of the re­gu­lar sta­tute of li­mi­ta­ti­ons of th­ree years and in ex­cep­tio­nal ca­ses un­til the ma­xi­mum sta­tute of li­mi­ta­ti­ons pe­riods ex­pire. If and as long as RSM Eb­ner Stolz is re­qui­red to store data, RSM Eb­ner Stolz is en­tit­led to store such data un­til the end of the sto­rage pe­riods spe­ci­fied in § 50 of the Fe­deral La­wy­ers Act, § 66 of the Tax Con­sul­ting Act, § 51b of the Au­di­tors Act, § 257 of the Com­mer­cial Code, § 147 of the Tax Code and § 8 of the Mo­ney Laun­de­ring Act. These pe­riods are up to 10 years.

IV. Are you required to provide data?

Pro­vi­sion of your data is volun­tary. Howe­ver, for a cli­ent re­la­ti­ons­hip, you must pro­vide your name and com­pany name and an ad­dress, be­cause other­wise RSM Eb­ner Stolz would not be able to iden­tify you and send you an in­voice. Pro­vi­sion of ad­di­tio­nal data may be ne­cessary for us to per­form the en­ga­ge­ment.

V. What are the sources of your data?

You will usually share data with RSM Eb­ner Stolz your­self. RSM Eb­ner Stolz may also re­ceive data from the fol­lo­wing sour­ces:

  • Bu­reau van Dijk Elec­tro­nic Publis­hing GmbH, Frank­furt, Si­kom Soft­ware GmbH and Sil­ler Por­tal In­te­gra­tors GmbH, Heil­bronn (name, date of birth, ad­dress) to iden­tify our cli­ents and to main­tain mas­ter data, as far as we re­qui­red or en­tit­led by law to do so
  • Aut­ho­ri­ties and courts (data from file in­spec­tion), cre­dit agen­cies (ad­dress), pu­blic trans­pa­rency, com­mer­cial and as­so­cia­tion re­gis­ters and land re­gis­ters (name, ad­dress and if ap­plica­ble, date of birth)

VI. Is data passed on to third parties?

Your data will not be pas­sed on wi­thout a le­gal ba­sis. In ad­di­tion, la­wy­ers, tax con­sul­tants and au­di­tors are le­gally bound to con­fi­den­tia­lity. In part, RSM Eb­ner Stolz may trans­fer your data to the fol­lo­wing pro­ces­sors for the fol­lo­wing pur­po­ses:

  • Au­diti GmbH (Data ex­change)
  • DA­TEV e.G., Nu­rem­berg (ope­ra­tion of the DA­TEV soft­ware)
  • DRA­COON GmbH, Re­gens­burg (cloud ser­vices)
  • FTAPI Soft­ware GmbH (sen­ding encryp­ted emails)
  • In­xmail GmbH, Frei­burg (email news­let­ters)
  • REISS­WOLF GmbH & Co. KG, Ham­burg (file de­struc­tion)
  • Sol­vAct GmbH, Stutt­gart (print news­let­ters)
  • Vod­afone GmbH, Düssel­dorf (data backup)
  • the com­pa­nies re­fer­red to in sec­tion V
  • other pro­ces­sors ba­sed in Ger­many that pro­vide the fol­lo­wing ser­vices: main­ten­ance of com­pu­ter pro­grams or hard­ware, hard­ware setup, pro­vi­sion of com­pu­ter pro­grams, te­le­phone or web con­fe­ren­ces via the In­ter­net, de­struc­tion of data sup­port me­dia, data backup, ad­dres­sing and dis­patch of let­ters

These pro­ces­sors pro­cess data only on our in­struc­tions and not for their own pur­po­ses.

In cer­tain ca­ses your data is pas­sed on to the fol­lo­wing re­ci­pi­ents, if you have cons­en­ted to it (Art. 6(1a) of the GDPR), it is ne­cessary to per­form the en­ga­ge­ment (Art. 6(1b) of the GDPR), we are re­qui­red to do so by law in ex­cep­tio­nal ca­ses de­spite our duty of con­fi­den­tia­lity (Art. 6(1c) of the GDPR) or this is ne­cessary to safe­guard le­gi­ti­mate in­te­rests (Art. 6(1f) of the GDPR):

  • other RSM Eb­ner Stolz com­pa­nies, if re­qui­red for in­ter­nal com­mu­ni­ca­tion or other ad­mi­nis­tra­tive pur­po­ses
  • ex­ter­nal au­di­tors, tax con­sul­tants, la­wy­ers, no­ta­ries, in­sol­vency ad­mi­nis­tra­tors
  • courts, aut­ho­ri­ties, ex­perts, ad­dress in­ves­ti­ga­tors, postal and te­lecom­mu­ni­ca­ti­ons ser­vice pro­vi­ders
  • your com­pany's con­tact per­sons, op­po­sing par­ties in pro­cee­dings, con­trac­tual part­ners and their re­pre­sen­ta­ti­ves for pur­po­ses of cor­re­spon­dence and to as­sert and de­fend your rights
  • le­gal pro­tec­tion and pro­fes­sio­nal lia­bi­lity in­surance to settle pos­si­ble claims
  • trans­la­tion agen­cies

VII. Does "automated decision-making" take place pursuant to Art. 22 of the GDPR?

Ac­cor­ding to Re­gu­la­ti­ons (EC) No. 2580/2001 and No. 881/2002 and the Mo­ney Laun­de­ring Act, we are re­qui­red to com­bat the fi­nan­cing of ter­ro­rism, and if ne­cessary, to con­duct a mo­ney laun­de­ring au­dit. To do this, some of your mas­ter data may be com­pa­red with pu­blic lists that con­tain in­di­vi­du­als and or­ga­niza­ti­ons af­fec­ted by sanc­tions. If you are af­fec­ted by these sanc­tions, we will not es­ta­blish a cli­ent re­la­ti­ons­hip with you.

VIII. What rights do you have with regard to your data?

You can find in­for­ma­tion about your rights at the end of our Pri­vacy Po­licy.

back to top