Note: This is a translation of our Privacy Policy. The German version is legally binding. View German version

Privacy Policy

Last updated: October 21, 2025

1. Data Controller

Attorneys Dr. Greger & Collegen
Weltenburgerstraße 70, 81677 Munich, Germany
Phone: +49 89 490 092 18
Email: kanzlei-muenchen@dr-greger.de

Responsible person: Attorney Dr. Stephan Greger

Data Protection Officer:
Dr. Greger & Collegen, Attn: Dr. Stephan Greger
Weltenburgerstraße 70, 81677 Munich
Email: datenschutz@dr-greger.de

2. General Information on Data Processing

We process personal data only to the extent necessary for the provision of a functional website and our content and services. Legal bases are in particular Art. 6 para. 1 lit. a, b, c, f GDPR as well as – for access to devices/setting of cookies – § 25 TDDDG.

Storage Period

Unless otherwise described below, we delete personal data as soon as the purpose of processing no longer applies. Further storage may occur if legal retention obligations conflict or we assert legitimate interests (Art. 6 para. 1 lit. f GDPR).

3. Your Rights

You have the right to information, correction, deletion, restriction of processing, data portability as well as objection to processing based on Art. 6 para. 1 lit. e or f GDPR (including profiling). You can revoke consents at any time with effect for the future.

Complaints should be directed to the competent supervisory authority.

4. Hosting (STRATO)

We host the website with STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. STRATO processes, among other things, server log data (browser type/version, OS, referrer URL, hostname/IP address, timestamp of server request) to ensure technical operation and IT security.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in secure provision).
Storage period: according to provider specifications; logs are only kept for security/error analysis purposes and then deleted.
Further information: Privacy notices of STRATO AG.

5. Consent Management (Borlabs Cookie)

We use Borlabs Cookie (Borlabs GmbH, Hamburg) to manage and document your consents. The Borlabs cookie stores your consent decisions, an anonymous user ID, domain/path and the duration; no data transmission to Borlabs takes place.

Legal basis: Art. 6 para. 1 lit. c GDPR (legal proof obligations) and § 25 para. 2 no. 2 TDDDG (absolutely necessary).
Borlabs cookie duration: currently 6 months.

6. Cookies & Similar Technologies

We only use cookies/similar technologies to the extent that they are technically necessary or you have consented to them. You can adjust your selection at any time in the cookie banner.

Note: The specific list may change depending on the website configuration; you will always find the currently valid version in the cookie banner, including provider, purpose and duration.

7. Web Analytics with Google Analytics 4 (GA4)

We use – only after your consent – Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

GA4 uses cookies/similar technologies to measure page views, interactions, dwell time, approximate geolocation (at country level), etc.

For users within the EU, GA4 does not store IP addresses; IPs are discarded before logging.

Optionally, Google uses modeling/ML procedures to supplement incomplete data sets.

Legal basis: Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG (consent).

Revocation: You can change your consent at any time in the cookie banner.

Third country transfer: To the extent that data is transmitted to servers of Google LLC in third countries (especially USA), this is done on the basis of certification under the EU-US Data Privacy Framework (DPF) and/or standard contractual clauses (SCCs).
Further information: https://policies.google.com/privacy and https://support.google.com/analytics.

8. Contact

When contacting us by email or phone, we process your information (e.g., name, contact details, content of the inquiry) for processing.

Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual/contractual) or Art. 6 para. 1 lit. f GDPR (general inquiries).
Storage period: until completion of processing; beyond that, if legal retention periods exist.

9. Technical and Organizational Measures / TLS

Our website uses TLS encryption ("https"). However, a completely gap-free data transmission on the Internet cannot be guaranteed.

10. Obligation to Provide / Profiling

There is no legal or contractual obligation to provide personal data when visiting the website for purely informational purposes. Automated decision-making/profiling within the meaning of Art. 22 GDPR does not take place.

11. Changes to this Policy

We update this privacy policy as soon as the legal situation, services or processing changes. The current version is available here; see date above.