Privacy Policy
This Privacy Policy describes how Linklaw, a service of AA Legal Consulting GmbH and its affiliates (collectively “Linklaw,” “us,” or “we”) process personal data and other information through Linklaw’s website, applications, and other online platforms (our “Services”). This Privacy Policy explains what types of information we collect, how we use it, our sharing practices, and your choices. Linklaw treats all personal data with the utmost care. We have undertaken all necessary steps to ensure the safety of this data.
Who can I contact?
AA Legal Consulting GmbH
Lütticher Straße
50674 Cologne
privacy@golinklaw.com
Please feel free to get in touch with our Data Protection Officer at any time and with any questions you might have regarding your data, the deletion of the same, or your rights.
1. Individual Privacy Rights
The EU General Data Protection Regulation grants EU Citizens privacy rights listed below:
• Withdrawal of consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us to withdraw consent and stop receiving a newsletter)
• Right of Access in accordance with Art. 15 GDPR (e.g. you can contact us to find out which data of yours we have saved)
• Rectification in accordance with Art. 16 GDPR (e.g. you can contact us if your email address has changed and you want us to update it)
• Erasure in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete any of your data that we have saved)
• Restriction of processing in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your email address but only wish us to send you emails that are strictly necessary)
• Data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive the data we have saved on you in a compressed format, e.g. because you want to provide the data to another website)
• Objection in accordance with Art. 21 GDPR (e.g. you can contact us if you do not consent to one of the advertising or analytical procedures listed in this document)
• Right to lodge a complaint with the relevant supervisory authority in accordance with Art. 77 para. 1 GDPR (e.g. in the event of a complaint you could contact the data protection supervisory authority in your state directly)
2. Deletion of Data & File Storage Period
If not otherwise noted, we delete personal data as soon as it is no longer needed. Your data will also be locked or deleted if a storage period set out by law expires, unless the data must be kept in order to complete or fulfill a contract. Some data may have to be stored for a longer time period if the law requires it. You can, of course, request information regarding the personal data we have saved on you at any time.
3. Hosting & Data Security
Any personal data processed for use of services is processed solely on servers located within the EU. The hosting providers were carefully selected, and we have signed processing contracts with them as required by Art. 28 GDPR. Our main service providers are AWS (https://aws.amazon.com/de/), Moodle (https://moodle.org/) and Synergy Learning (https://synergy-learning.com/).
Linklaw takes security precautions to guarantee that your data is protected from loss, alteration, or misuse. Linklaw does this with industry standard firewalls that are constantly being updated as well as other security systems. At the same time, the user should be aware that we cannot offer one hundred percent protection from attacks, due to the constant barrage of new viruses and ever developing means of attack on internet service’s secure data systems. Linklaw will pursue every attack on the data, regardless of who carried it out, under both civil and criminal law, and inform users in the event that their data has been compromised.
4. Data Processing
As part of providing Linklaw’s services to companies, Linklaw acts as the data processor, in accordance with Art. 28 GDPR. The company in question makes use of Linklaw’s services in order to provide the Linklaw product to their employees, who are then able to use Linklaw’s services independently.
Companies sign a data processing agreement with Linklaw as required by Art. 28 GDPR in order to legitimize the processing of employee data necessary for this access.
5. Website Access
Every time you access our website www.golinklaw.com the hosting server creates a protocol entry. The entered data set contains the following information:
5.1. Your IP address (a unique address used to identify your computer)
5.2. The remote host (name and IP address of the computer requesting the page)
5.3. The time, the status, the amount of data transferred, and the website from which you accessed the requested page (Referrer)
5.4. Product and version information on the browser in use (User Agent)
Linklaw uses a standardized web server log file format for this purpose. Provided the data is not necessary for technical system maintenance or system security, it will be anonymized immediately, and the original logs will be deleted. Anonymization is achieved by removing or shortening the IP address while assigning a code to the data that is not connected to the user. It is then no longer possible to match the data to a specific person, or to identify a specific person using the remaining information. Linklaw therefore only uses anonymized logs, that is logs containing no connection to or information on your person, for statistical evaluations. Linklaw can use these logs, for example, to determine on which days and at which times Linklaw is particularly popular, and what volume of data is created on the Linklaw web servers. In addition, Linklaw can use the log files to identify any potential errors, e.g. incorrect links or program errors, and thus use the log files to improve Linklaw. Linklaw does not connect the page requests or uses saved in the server log with individual persons.
The legal basis for this process is known as legitimate interest, which has been verified within the framework of the previously listed protective measures and in accordance with the European data protection requirements as laid out in Art. 6 para. 1 s. 1 lit. f GDPR.
6. Registration & Use of Services
When you register for our services, we record and save basic data such as name, email address, and any other contact information you provide, such as username and password. We may receive additional information from you via the website (e.g. if you fill out your personal profile) or when you communicate with us.
7. Courses
As described on Linklaw’s website www.golinklaw.com and updated from time to time, Linklaw offers licenseable pre-recorded online learning content on various legal and language learning topics (“Courses”). Linklaw Courses are through a proprietary LMS based on moodle, a free and open-source learning management system written in PHP and distributed under the GNU General Public License (https://moodle.org/).
The LMS is hosted on AWS servers. We have signed a data processing contract with AWS including provisions about GDPR compliance. Read more about GDPR compliance at AWS on the GDPR addendum to their privacy policy. AWS and Moodle process only that data which is required for user access to Courses and for improving usability. That includes, for example, the first and surnames of the participants, profile pictures, e-mail addresses, and (optionally) telephone numbers. In addition, the service processes technical data such as IP addresses, browser settings, language settings, and time zones that are required in order to provide the service.
8. Training
Our Training sessions give participants the opportunity to deepen their knowledge and practice their legal and language skills lessons 1-on-1 with an instructor or in small groups. The personal data entered during registration by the user is processed as part of this service. The user’s name will therefore be visible to the teacher and to other participants. Based on Customer preference, training sessions are hosted on
8.1. Meet, the video meetings service of US-based search company Google (https://meet.google.com/). We have signed a data processing agreement with Google including provisions about the compliance with GDPR. Meet is set to process the least possible amount of personal data during participation in Training sessions and features such as attention tracking and other analytical options are always deactivated. You can find more information on Google’s data protection in the Meet Privacy Policy.
8.2. Zoom, a US-based online meeting platform (https://zoom.us). We have signed a data processing agreement with Zoom including provisions about the compliance with GDPR. Teams is set to process the least possible amount of personal data during participation in Training sessions and features such as attention tracking and other analytical options are always deactivated. You can find more information on Zoom’s Privacy Policy.
8.3. Teams, a group chat software by American software company Microsoft (https://www.microsoft.com/en/microsoft-teams/group-chat-software/). We have signed a data processing agreement with Microsoft including provisions about the compliance with GDPR. Teams is set to process the least possible amount of personal data during participation in Training sessions and features such as attention tracking and other analytical options are always deactivated. You can find more information on Microsoft’s Privacy Policy.
9. Newsletter & Emails
We will send you emails for a variety of reasons:
9.1. Newsletter. You can sign up for our newsletter by entering your name and email in the relevant box on our website and unsubscribe at any time. To send the newsletter we use a service called Mailchimp by a company called Rocket Science Group, an American company headquartered in Atlanta, Georgia. To find out more information about them please see their privacy policy.
The newsletter may contain information about our services, provided you have not objected to receiving such information, which you are free to do at any time. Emails that we send to you will be saved and any emails that may be considered business letters will not be deleted during the legally required retention period. In addition, we record those email addresses to which an email was unable to be sent, in order to request that the email address be updated. In terms of our newsletter emails, we record (e.g. using what are known as tracking pixels) whether or not an email has been opened and which links in the email have been clicked on in order to optimize our offers and ensure they are designed based on needs. We use this data to send you newsletter content tailored for you. If you wish to object to this use of data, you can do so by unsubscribing from our newsletter.
9.2. Administrative Email. Upon your request or an order you placed, we may send you administrative email such as order confirmation, confirmation of registration and login credentials through Pipedrive or our Moodle-based LMS
9.3. Course Email. Based on your progress in any of our Courses, we may sent you additional content via mail through Mailchimp.
9.4. Individual Email. We may answer individual requests, questions or queries sent to hello@linklaw.com or made through the forms associated with the help icons in our LMS through Gmail.
10. Cookies
Our website uses cookies in some instances. Cookies are small text files that are usually saved in a folder in your browser. Cookies contain information on your current and previous website visits:
• Name of the website
• Cookie expiration date
• Cookie value
Provided that cookies do not contain a specific expiration date, they are only saved temporarily and automatically deleted as soon as you close your browser or turn off the device. Cookies with expiration data remain saved even after you have closed your browser or turned off your device. These cookies are only removed once they have reached their expiry date or if you manually delete them.
Our website uses the following three types of cookies:
• Required cookies (these are needed, for example, in order to display the website correctly for you and to temporarily save certain settings)
• Functional and performance cookies (these cookies help us, for example, to evaluate technical data from your visit and therefore avoid error messages)
• Advertising and analytics cookies (these cookies ensure that, for example, you see ads for shoes if you had previously searched for shoes)
You can use your browser settings to configure, block, and delete cookies. If you delete all cookies from our website, you may find that some website features are not displayed properly. Cookies are only activated after you have granted express permission, with the exception of those cookies that are required for the technology to work. You can withdraw this permission at any time. You can find information on how to withdraw permission, as well as additional information, in the cookie configuration options.
11. Google Analytics & Conversion Tracking
This website uses Google Analytics, a web analysis service provided by Google Inc. (Google). Google Analytics uses cookies, which are text files saved on your computer that make it possible to analyze how you use the website. Because we have activated anonymization of the data, your IP address will be shortened by Google within the European Union Member States or other states party to the agreement regarding the European Economic Area and only then transferred to the USA. The full IP address will only be transferred to a Google server in the USA and shortened there in exceptional cases. Google uses this information on behalf of the operator of this website to evaluate your use of the website, in order to compile reports regarding website activities and in order to perform additional services for the website provider connected to website use and internet use. The IP address transmitted from your browser for use in Google Analytics will not be connected to other data from Google.
You can prevent the cookies from being saved by selecting the appropriate setting in your browser software; please note that in this case you may not be able to fully use all features available on the website.
You can find additional information on Google Analytics’ use of data and data protection in Google’s Privacy Policy. Linklaw only uses Google Analytics in combination with the gat._anonymizeIp(); expansion, so that IP addresses are only recorded in a shortened, i.e. anonymized form.
Our website uses Google Conversion Tracking from Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (subsequently: Google), in order to record statistics on the use of our website and for the purpose of evaluating optimization of our services for you. Google AdWords places a cookie on your computer in the event that you have reached our website via a Google ad. If the user visits specific pages on the AdWords customer’s website, and if the cookie has not yet expired, Google and the customer can see that the user clicked on the ad and was directed to this page.
Every AdWords customer receives a different cookie. Cookies can therefore not be tracked via AdWords customer’s websites. The information collected with help from the conversion cookies serves to create conversion statistics for AdWords customers who have decided to make use of conversion tracking. We receive information on the total number of users who have clicked on the advertisement and were forwarded to a page containing a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
The legal basis for use of this service is your consent as laid out in Art. 6 para. 1 s. 1 lit a GDPR, and consent is granted via our cookie banner. Consent can be withdrawn at any time via cookie management.
12. Social Plugins
The website footer on www.golinklaw.com features social plugins from LinkedIn and Twitter. You can find more information about their protection of personal information in LinkedIn’s privacy policy here and Twitter’s privacy policy here.
13. Pipedrive
Linklaw uses Pipedrive for our online marketing activities. Pipedrive is a software company from the USA with a branch in Ireland. More information on the Pipedrive’s privacy policy can be found here.
14. Payments
Linklaw uses SevDesk for its billing and accounting. SevDesks servers are located in Germany and data protection is taken extremely seriously. You can learn more about their protection of user date in their privacy policy.