Privacy notice

This privacy notice tells you what to expect me to do with your personal data when you make contact with me or use my services. This privacy notice complies with the respective requirements of the EU General Data Protection Regulation (GDPR), applicable national data protection laws and regulations. This privacy notice also informs you about rights you have regarding your personal data and how you can contact me in this respect.

A. Data Controller

The data controller with respect to your personal data is:

The data controller is:
Tobias Neufeld
c/o ARQIS Rechtsanwälte Partnerschaftsgesellschaft mbB
Breite Straße 28
40213 Düsseldorf
T +49 211 13069 2040
F +49 211 13069 099
M +49 172 6865911

In case of any queries as regards processing of your personal data by Tobias Neufeld or with respect to general data protection queries, please contact me at the above address.

B. General Information

1. Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly. Your name, address or email address in particular constitute personal data.

2. If you click on the links included on my website, you will be directed to third party websites and thereby leave my website. I have no control over how any such third party handles your personal data and do not accept any responsibility in this respect.

3. Legal basis for processing personal data

  • Where I have received a data subject’s consent for data processing, Art. 6 para. 1 lit. a GDPR is the legal basis for the respective processing.
  • Where processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, Art. 6 para. 1 lit. b GDPR is the legal basis.
  • Where processing is necessary for compliance with a legal obligation to which the controller is subject, Art. 6 para. 1 lit. c GDPR is the legal basis.
  • Where processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, Art. 6 para. 1 lit. f GDPR is the legal basis.

4. Data deletion and retention
Personal data of a data subject will be deleted or the processing restricted as soon as the justification for such data processing ceases to exist. Nonetheless, a continuous storing of personal data can occur where European or German laws or regulations I am subject to as the data controller require so. Even then a deletion or restriction of processing of such data will occur, where a period of retention, required by the aforementioned laws, expires, unless a continuous storage of such data is required for entering into an agreement or performing any contractual duties thereunder.

C. Your rights as data subject

Data subjects have a number of rights regarding their personal data pursuant to the following legal provisions, insofar applicable:

  • Art. 15 GDPR: Right of access by the data subject
  • Art. 16 GDPR: Right to rectification
  • Art. 17 GDPR: Right to erasure (“right to be forgotten“)
  • Art. 18 GDPR: Right to restriction of processing
  • Art. 20 GDPR: Right to data portability.

Art. 21 GDPR: Right to object, on grounds relating to the data subject’s particular situation, at any time to processing of personal data concerning him or her which is based on lit. e or lit. f of Article 6 para. 1 GDPR. Where data processing is based on the data subject’s consent, such consent can be withdrawn any time with effect for the time after such withdrawal.

With respect to exercising your data subject rights, please simply email me at In addition, you can contact the competent Data Protection Authority.

D. Details on processing of personal data by Tobias Neufeld

Please see below summary of how I protect your personal data when you visit my website and what (categories of) personal data I process, the related purpose for processing and the scope of such processing of personal data.

1. Processing when visiting my website – Logfiles
When you visit my website, certain general information will automatically be collected. Such information, the server logfiles, in particular includes the type of web browser you are using, the operating system used, the domain name of your internet service provider. In addition, your IP address will be submitted for use of this website. Such information is required for technical reasons so the content of this website can be displayed properly and their processing is standard for respective internet browsing.

Theses logfiles will be anonymized or deleted after visiting this website. Legal basis for this data processing is Art. 6 para. 1 lit. f GDPR.

No automated decisions in individual cases including profiling in the meaning of Art. 22 GDPR are being made when you visit my website.

2. Data processing when using this website – your email queries to me
If you contact me by email, I collect the data provided for reviewing and responding to your query. I will store such data for documentation purposes for up to two years. Legal basis for this data processing is Art. 6 para. 1 lit. f GDPR.

I will not transfer your data to third parties unless this is required in order to respond to your query or permitted or required by law.

3. Google webfonts
In order to properly display the contents of this websites for all browsers, this website, like most websites, uses the font library Google webfonts ( Google webfonts will be transferred into the cache of your browser to avoid multiple loading. If you browser does not support Google webfonts or prohibits the transfer, my website contents will be displayed in a standard font. Activating the font library Google webfonts automatically starts a connection to the provider of such library. Theoretically – and it is currently unclear if this is the case at all and if so, for what purposes – the provider of Google webfonts may collect data. The privacy policy of the font library provider Google can be found here:

4. Data security
I have taken security measures on my website to protect any personal data collected from unauthorized access, loss or unauthorized use und to ensure a secure data transfer. I use the common SSL-Procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser, typically 256 bits. You can check for an encrypted transfer of any site of my web presence by looking at the key or lock symbol in your browser.

Please note that, given the general internet infrastructure and set-up, an unintended data access by third parties still remains possible and it is also your responsibility to protect your data against misuse through encryption or otherwise. Without sufficient security measures on your part, unencrypted data transfers – including by email – can potentially be reviewed/accessed by third parties.

5. No tracking by cookies on my website
My website does not use cookies/tracking-cookies.

E. Version and updates of this privacy notice

This privacy notice is valid as at March 2020.

Due to changes to my website or changes required by law, changes to this privacy notice may be required.