Skip to main content

Privacy Statement


HBD Steuerberatungsgesellschaft PartGmbB

Privacy Statement


From 25th May 2018, the requirements of the EU Data Protection Regulation (“EUDPR”) will apply in Europe. Please note that we already process your personal data in accordance with the conditions of this new regulation (cf. Article 13 EUDPR), when you visit our web site. Please read our privacy policy carefully. If you have any questions or comments about this privacy policy, you can address these at any time to the email address specified under 1.


1. Name and contact details of the Data Processor and of the Data Protection Officer

This privacy statement applies to data processing carried out by:

Data Processor:    

HBD Steuerberatungsgesellschaft PartGmbB ("HBD")
Boyenstraße 41, 10115 Berlin

tel: +49 30 280 40 745
fax: +49 30 280 40 746

The Data Protection Officer at HBD can be contacted under the above-mentioned address:

GFAD Datenschutz GmbH
Huttenstraße 34/35
10553 Berlin


2. Collection, storage and use of personal information

a) When you visit our web site

When you visit us online at the browser used automatically sends information to our web site server. This information is stored temporarily in a log file. The following information will be collected without your intervention and deleted after 9 weeks at the latest:


  • the IP address of the visiting computer;
  • date and time of access
  • name and URL of the files requested
  • web site from which access is made (referrer URL),
  • browser used and, if necessary, the operating system of your computer as well as the name of your access provider.


Your IP address stored in the log file will be anonymised after 7 days.

The data mentioned is processed by us for the following purposes:


  • Ensuring a smooth connection to the web site,
  • Ensuring comfortable use of our web site,
  • Evaluation of system security and stability as well as for
  • further administrative purposes.


The legal basis for data processing is Art. 6 para. 1 sentence 1f EUDPR. Our legitimate interest follows from the data collection purposes listed above. In no case will we use the collected data for the purpose of drawing conclusions about you.

We also use cookies when you visit us online. Further details can be found under 4 of this privacy policy.


b) When you use the client information form

You can download the client form as a PDF document via our web site and then fill out the form by hand. The form is used to record your master data in the context of client initiation, i.e. for setting up a client contract to be concluded with you in the sense of Art. 6 para. 1 sentence 1b EUDPR.

The form can be used by you in preparation for an initial meeting. The form cannot be completed and transmitted directly through our web site. As a result, data collection and further processing do not take place online.


c) When using our contact form

We offer you the opportunity to contact us via a form provided on the web site for any questions you may have. You must provide a valid email address, your surname and the name of the recipient so that we know who the request came from, who the request is for and how to answer it. You may choose whether or not to give your first name.

Data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 sent. 1a EUDPR on the basis of the consent, which you grant voluntarily on sending the request.

The personal data collected by us for the use of the contact form will be deleted automatically after completion of the request made by you.


3. Transfer of data to a third party

We will not transfer your personal data to third parties. In particular, your data will not be disclosed to recipients located outside the European Union or the European Economic Area.

Incidentally, we only pass on your data if you have expressly consented to this, pursuant to Art. 6 para. 1 sent. 1a EUDPR, if disclosure pursuant to Art. 6 para. 1 sent. 1f EUDPR is required, in order to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data, and in the event that there is a legal obligation to disclose pursuant to Art. 6 para. 1 sent. 1c EUDPR.


4. Cookies

We use cookies on our web site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

Information relating to each terminal used is stored in the cookie. However, this does not mean that we are directly aware of your identity.

Cookies are used to guarantee use and security of our web site and to make browsing our site more comfortable for you.

A contact form is integrated on our web site, which creates an anonymous security key in the form of a cookie "fe_typo_user" for each visitor, in order to be able to clearly assign the data in the form to the appropriate visitor. This method prevents spam attacks on the form of spam robots. This security key cookie does not contain any personal data relating to the web site visitor and is deleted once the browser is closed.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer. A notification banner will appear before a new cookie is created. Disabling cookies completely may mean that you cannot use all of the features of our web site.


5. Google Maps

We use Google Maps to display our location on our web site. Google Maps is operated by Google Inc. When you visit our contact page, into which "Google Maps" is embedded, Google places a cookie on your device in order to process user settings and data when displaying the page and the associated functions which are integrated into Google Maps. This cookie is usually not deleted by closing the browser, but will expire after a certain amount of time (up to 24 months), unless you delete it first. If you disagree with this processing, you can disable the Google Maps service and prevent data transfer by disabling the Java Script feature in your browser. For further information on the cookies used by Google, see here and Google's Privacy Policy.


6. Your rights

You have the right:

  • pursuant to Art. 7 para. 3 EUDPR to revoke your consent to us at any time. As a result, we are not allowed to continue processing data based on this consent in the future;
  • pursuant to Art. 15 EUDPR to request information about your personal data that is processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right of rectification, deletion, limitation of processing or opposition, the existence of a the right to complain, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the details thereof;
  • pursuant to Art. 16 EUDPR, to demand immediate correction or completion of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 EUDPR, to demand the deletion of your personal data stored by us, except where processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • to demand the restriction of the processing of your personal data in accordance with Art. 18 EUDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion; we no longer need the data, but you need it for asserting, exercising or defending legal claims or you have objected to processing in accordance with Art. 21 GDPR;
  • pursuant to Art. 20 GDPR to obtain the personal data that you provided to us in a structured, usual and machine-readable format or to request the that it be sent to another responsible person; and
  • pursuant to Art. 77 EUDPR to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or that of our registered address.


7. Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this arising from your particular situation.

If you would like to exercise your right of revocation or objection, please send an email to


8. Data security

All personal data transmitted by you is encrypted using the generally accepted and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used in online banking, for example. A secure TLS connection is signified by the s attached to the http (i.e. https: //..) in the address bar of your browser or the lock icon at the bottom of your browser.

We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.


9. Updating and change to this Privacy Statement

This privacy statement is currently valid and was last updated in December 2017

Due to the evolution of our web site and offers, or due to changed legal or regulatory requirements, it may be necessary to make changes to this privacy policy. The current privacy policy can be viewed at any time on our web site at and printed out.