nicht nachvollziehbar – seite ist normal erreichbar


General information


At HSP Rechtsanwälte GmbH, the protection and security of your personal data is of utmost importance to us. For this reason, we would like to inform you about our handling of your personal data, in particular as to how and for what purpose we collect and process your personal data, to whom we transmit them and which claims and rights affected parties have.

We, HSP Rechtsanwälte GmbH, are obliged to confidentiality owing to our professional obligation of secrecy and therefore especially observe the legal provisions on data security, in particular the Austrian Data Protection Act ("DSG"), the EU Data Protection Basic Regulation ("DSGVO") and the Telecommunications Act ("TKG").




The responsibility for the collection and processing of data lies with:

HSP Rechtsanwälte GmbH

Company Register No. [FN] 226631g | Commercial Court of Vienna

Gonzagagasse 4
1010 Wien
Tel:           + 43 1 533 0 533

Contact:    Dr. Peter Wagesreiter LLM



Addressees of this declaration


This data protection declaration is directed equally at clients, interested parties (newsletter recipients), business partners, applicants and website visitors ( or

Should any questions arise in connection with these data protection regulations, please send us an e-mail to the following address:



What are personal data?


Personal data are data that enable the identification of a person. These are, amongst others, their name, their residential or e-mail address, their date of birth and IP address.





How, which and for what purpose is data collected?


Data is collected and processed in different ways and for different purposes, depending on whether the data relates to clients, newsletter recipients, business partners, applicants or website visitors.



  1. Data processing for clients


In order to carry out and process our legal services, we collect and store personal data that you have voluntarily provided us with, such as your name, address, e-mail address, telephone number, date of birth, gender, social security number, tax number, bank account number, photos, data related to your health and possibly biometric data.

We process your personal data to fulfil our contractual obligations within the framework of the client relationship, to fulfil other legal obligations, and/or on the basis of justified interests (advertising purposes in particular), unless your interest in confidentiality outweigh these.



  1. Data processing for interested parties (newsletter recipients)


From interested parties who would like to receive our newsletter, we collect the personal data necessary for the processing of the transmission. If you have agreed to the transmission of the newsletter by e-mail or by our newsletter tool, we collect the following personal data: First and last name, academic degree, e-mail address, company, department, position, geographical address and relevant fields of expertise.


The purpose of collecting this data is to send the newsletter and to transmit further information about products, services, events as part of HSP Rechtsanwälte GmbH's self-marketing.


Interested parties and newsletter recipients can unsubscribe from further subscription on our website, or via the link provided in the e-mail newsletter.



  1. Data processing for business partners


In the course of conducting business with suppliers, service providers and other business partners, we collect and store the personal data required to process the transaction. These are, amongst others, their first and last name, date of birth, address, telephone number, social security number, tax number or VAT number, and company register number.

The data is processed for the purpose of fulfilling our contractual obligations, to comply with related legal requirements (correct bookkeeping) and to protect legitimate interests (e.g. in the context of a legal dispute).



  1. Data processing for applicants


We collect the personal data provided by HSP Rechtsanwälte GmbH’s applicants, who apply in writing or via the direct option on our website, that is necessary for the handling of the application process and the inclusion in our list of applicants. For this purpose, we record their first and last name, academic degree, address, telephone number, date and place of birth, nationality, language skills and any additional qualifications.

If you have agreed to us keeping your data on file, they will be stored for a maximum of 3 years, but you can expressly revoke your consent to keep them on file at any time.



  1. Data processing for website visitors


In the course of using our website ( or, we collect, record and store the IP address and IP location, the referrer URL (the website visited before and after), the number, duration and time of visits (your interaction with the website) as well as the language, the type of search engine and the keywords you used to find us.

In addition, we use cookies, amongst others from Google Analytics, provided that you have given your consent to this when using our website. Cookies are small text files that are temporarily stored on your computer and saved by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit and are not permanently stored on your end device. Other cookies are stored on your end device until you delete them (permanent cookies). These cookies enable us to recognize your browser during your next visit.

The information collected by Google Analytics (IP address, browser & device type, operating system, resolution, country, language, service provider, pages visited and length of stay) is generally transferred to a server of Google Inc. (1600 Amphiteatre Parkway, Mountain View, CA 94043, USA) in the USA or another state outside the EU.

Social media plug-ins are integrated into our website to recommend and share articles in social networks such as Facebook, Twitter, Xing, LinkedIn etc. Data is only transferred to third parties when website visitors click on one of the icons displayed in the social media list. We have no influence on cookies set by social networks, nor do we have access to them.

The collection and processing of personal data is carried out to secure the operation of as well as analyse and improve an advertising presence. You can also adjust the cookie settings and the transmission of advertising by Google Inc. via the settings of your browser or download a corresponding plug-in from



  1. Data processing for visitors to the office premises in Gonzagagasse 4, 1010 Vienna


We also process your data for the purpose of self-protection (protection of property and employees, and the fulfilment of traffic safety obligations) as well as for the purpose of prevention and clarification of criminally relevant behaviour in the form of encrypted video surveillance. This data is evaluated exclusively for these purposes.

The data is stored for up to 72 hours. Longer storage is only intended in the course of a legal dispute, in which case the data is stored until said dispute has been settled. Your data will not be passed on to recipients who would use this data for their own purposes, but only to competent authorities and courts (for reasons of preservation of evidence or to enforce claims), to insurance companies (to process insurance claims), and to lawyers and other private or public bodies for the purpose of legal enforcement. A transfer to recipients in a third country or to an international organisation is not intended. Irrespective of the data subject's rights to which you are entitled (see point 9. Data subject's rights), it should be noted that there is no right to data transfer here.



How long is personal data stored?


We only store personal data for as long as we need it in order to fulfil the purposes described above, and to fulfil our contractual or legal obligations.

The storage of this data is also carried out for evidence purposes, considering the limitation periods, or as long as a claim (liability) can be filed.



Transfer of data to third parties (transmission)


As a matter of principle, we do not make your personal data available to third parties. However, it may be necessary to pass on your data to trustworthy third parties in order to carry out your mandate, or for legal reasons. These may be courts or authorities or other third parties involved (including tax consultants, banks, IT service providers, contract processors working for us). In this case, your data will be passed on exclusively according to the regulations of the DSGVO (on the basis of your consent, for the purpose of fulfilling a contract, or fulfilling a legal obligation, etc.).



Data security


We have taken state-of-the-art organisational and technical precautions to ensure the protection of your personal data (protection against misuse, both internally and externally, e.g. through firewalls, encryptions, access authorisations, etc.). However, it cannot be ruled out that information may be viewed or used by others because of errors in data transmission, not caused by us or unauthorized access by third parties (hackers, etc.). We do not accept any liability for this, provided that this misuse was not culpably caused by us.



What rights do data subjects have?


You have the right to be informed about your stored personal data, its origin and recipients, and the purpose of data processing, as well as the right to correction, objection, data transmission, restriction of processing and blocking, or deletion of incorrect/impermissibly processed data.

You also have the right to revoke any consent you may have given to the use of your personal data at any time. In order to assert your rights as a data subject (information, deletion, correction, objection and/or data transfer [unless the data transfer involves disproportionate effort]), please contact



Complaint to the data protection authority


If you are of the opinion that the processing of your personal data by us violates the applicable data protection law, or your data protection rights have been violated in any other way, you have the possibility to complain to the responsible supervisory authority.

The competent supervisory authority is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, email: