1. Processing of personal data when accessing the website
When you access our website at www.bbl-law.com, the browser used on your device automatically transmits information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the file retrieved,
- website from which the website was accessed (referrer URL),
- browser used and, where applicable, your computer’s operating system, as well as the name of your access provider.
When you visit our website, our server system accesses this information which is already stored on your device. This access is technically necessary.
The legal basis for this access to information already stored on your device is Section 25(2)(2) of the German Telecommunications Digital Services Data Protection Act (TDDDG).
In this context, we are supported by our technical service providers, who may have access to these data where necessary.
The above-mentioned data are logged and used for the following purposes:
- Providing a smooth connection to the website,
- ensuring convenient use of our website,
- evaluating system security and stability
- and for other administrative purposes.
The legal basis for this data processing is Article 6(1)(f) of the GDPR. Our legitimate interest lies in the data collection purposes listed above. Under no circumstances do we use the data collected to draw conclusions about you.
We neither disclose these data to third parties nor use them to create user profiles.
The data are deleted after three months.
Under Article 21 of the GDPR, you have the right to object at any time to the processing of your personal data in relation to future processing. However, the processing of the IP address for this purpose is technically necessary for the operation of the website. Objecting will therefore not result in the website being made available to you without your IP address being processed.
1.1 Hosting
We do not use our own servers to operate our website, but instead we host the website on the servers of the following hosting provider:
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany
Personal data which are technically collected and processed when accessing our website are stored on the hosting provider’s servers. Specifically, these may include IP addresses, connection requests, metadata and communication data, as well as website access data.
2. Contact form and email contact
Our website gives you the option of getting in touch with us via the contact form or the email address provided on the website.
If you contact us by email, we process the personal data you provide, such as your name, email address, the content of your message and any other information provided voluntarily, in order to deal with your enquiry and respond to you.
If you wish to use the contact form for communication, you will be asked to provide personal data required to process your enquiry. In this context, we collect your name and email address. It is entirely your decision whether to use this service and make your data available. The data are collected in order to enable us to address you personally in our communications and, where applicable, to assign your enquiry to the relevant case or matter. The data are processed for the purpose arising from your enquiry and, where appropriate, for further communication with you. Our legitimate interest lies, in particular, in processing the data based on the reason contact was made.
Your personal data are processed in order to deal with and respond to your enquiry. The processing is based on Article 6(1)(f) of the GDPR, as we have a legitimate interest in handling your queries. If your question is aimed at concluding a contract, the legal basis is Article 6(1)(b) of the GDPR, because in this case the processing is necessary in order to take steps prior to entering into a contract.
The data you provide are processed exclusively by employees responsible for handling your enquiry. The data are only disclosed to other third parties where this is necessary in order to process your request.
The data are deleted as soon as they are no longer required for the purpose for which they were collected. In the case of personal data transmitted via the contact form, this applies once the respective communication with you has ended. Communication is deemed to have ended when the circumstances indicate that the matter concerned has been resolved conclusively.
The provision of your personal data is voluntary. You are under no legal or contractual obligation to get in touch with us by email or via the contact form.
You may object at any time to the use of your personal data for this purpose in relation to future processing. In this case, all personal data stored in the course of the contact made will be deleted.
3. Cookies
We use cookies on our website. These are small files automatically created by your browser and stored on your device (laptop, tablet, smartphone or similar) when you visit our website. Information is stored in the cookie in connection with the specific device used in each case. Cookies typically contain characteristic strings that enable the browser to be uniquely identified when the website is accessed again. Cookies are either stored on your device temporarily for the duration of the session (so-called session cookies) or permanently (persistent cookies). Session cookies are automatically deleted once the session has ended. Persistent cookies remain stored until you delete them yourself or they expire automatically after a certain period of time.
In addition, cookies may be stored by us and for our website (first-party cookies), as well as by third-party companies and for their services (third-party cookies / external media). This enables the use of certain services provided by third-party companies.
Cookies have different functions and we divide them into four categories: technically necessary cookies, functional cookies, analytical cookies and advertising / tracking cookies. Technically necessary cookies are required for the functioning of our website. Functional cookies facilitate the use of our website and improve its functionality. Analytical cookies are used to collect information about your user behaviour to further improve the website for you. Advertising / tracking cookies are used to provide you with advertising that may be of interest to you.
You can view and manage your cookie settings for our website here:
Cookie settings
Cookies are stored on your device and transmitted to us or to third-party companies. As a user, you therefore have full control over the use of cookies. You can prevent cookies from being stored on your device by adjusting the relevant settings in the Internet browser you use. Cookies that have already been stored can be deleted at any time. If cookies for our website are disabled and/or deleted, it may no longer be possible to use all features of the website without restriction.
3.1 Borlabs
We use the Borlabs consent management tool to manage cookies. When you access our website, Borlabs sets cookies on your device in order to record your decision regarding the storage of information on your device or access to information already stored on your device (Section 25(1) of the TDDDG), and to obtain and document your consent to the processing of your personal data (Article 6(1)(a) of the GDPR) in a way that is compliant with data protection. In addition, information is stored regarding the cookie duration, cookie version, website domain and path, as well as a randomly generated identification number (UID). These data are not disclosed to the provider or to third parties.
Borlabs may use the following cookies, the category, purpose and storage duration of which are set out below, based on the provider’s sample descriptions.
| Name |
Category |
Purpose |
Cookie duration |
| Borlabs cookie |
Functional |
Stores the settings selected by visitors in the Borlabs Cookie box. |
60 days |
The legal basis for the use of technically necessary cookies is Section 25(2)(2) of the TDDDG.
Data are processed through the use of this cookie in order to obtain the legally required consent for the use of cookies and the processing of data (Article 6(1)(c) of the GDPR).
We delete the data as soon as they are no longer required for documentation purposes, you request their deletion, or you delete the cookie yourself.
4. Services
Our website uses the following services to create an appropriate online presence, respond to developments in line with requirements, and to ensure that the use of the website and the user experience are as intuitive and convenient as possible:
4.1 Web analysis by Matomo
We use the open-source software tool Matomo on our website to analyse the browsing behaviour of our users. The software places a cookie on the user’s computer. When individual pages of our website are accessed, the following data are stored:
(1) Two bytes of the IP address of the user’s accessing system
(2) The website accessed
(3) The website from which the user accessed the website concerned (referrer)
(4) The subpages accessed from the website concerned
(5) The duration of the visit to the website
(6) The frequency with which the website is accessed
The software runs exclusively on our website servers. This is the only place where users’ personal data are stored. The data are not disclosed to third parties.
The software is configured so that IP addresses are not stored in full, but instead two bytes of the IP address are masked (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the accessing computer.
When using Matomo, information may be stored on the user’s device or read from it. This may involve both cookies and other browser-based storage technologies. The storage technologies used in this context, together with their purpose and storage duration, are set out below based on the provider’s information:
| Name |
Category |
Purpose |
Duration |
| MatomoAbTesting |
Statistics |
Stores information for Matomo A/B tests. |
Permanent |
| mtm_consent_removed |
Functional |
This cookie is used to determine whether the user has objected to Matomo tracking. |
30 years |
| mtm_cookie_consent |
Functional |
This cookie is used to determine whether the user has consented to Matomo tracking. |
36 months |
The legal basis for the use of technically necessary cookies is Section 25(2)(2) of the TDDDG.
The legal basis for the use of statistical cookies is your consent pursuant to Section 25(1) of the TDDDG.
The legal basis for the processing of personal data is your consent in accordance with Article 6(1)(a) of the GDPR. You may withdraw any consent given at any time in relation to future processing.
Personal data are stored on our servers only for as long as is necessary for the preparation and evaluation of statistical analyses.
Further information on how Matomo works can be found on the Matomo website: https://www.matomo.org.
4.2 WPML
We use the WordPress Multilingual Plugin provided by OnTheGoSystems Limited (hereinafter referred to as “WPML”), 22/F, 3 Lockhart Road, Wanchai, Hong Kong. WPML is a multilingual plugin for WordPress. We use WPML to display our website in different languages. When you visit our website, WPML stores cookies on your device in order to save your selected language setting. This serves solely to recognise the language selected by the user when the website is accessed again or when navigating within the website. No personal data are processed in connection with the use of WPML. Only the selected language option (“de” or “en”) is stored as a cookie in the user’s browser.
WPML may use the following cookies, the category, purpose and storage duration of which are set out below, based on the provider’s sample descriptions.
| Name |
Category |
Purpose |
Cookie duration |
| _icl_visitor_lang_js |
Functional |
Stores the redirected language. This cookie is enabled for all website visitors if they use the browser language redirection function. |
1 day |
| wpml_browser_redirect_test |
Functional |
Tests whether cookies are enabled. This cookie is enabled for all website visitors if they use the browser language redirection function. |
Session |
| wp-wpml_current_admin_language_* |
Functional |
Saves the current language. |
1 day |
| wp-wpml_current_language |
Functional |
Saves the current language This cookie is enabled by default on websites that use the language filtering function for AJAX operations. |
1 day |
The legal basis for the use of technically necessary cookies is Section 25(2)(2) of the TDDDG.
4.3 Google Conversion Tracking
We use Google Conversion Tracking to better understand the requirements of our users and to reach them once they show interest in our products or services.
This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Users’ behaviour may be analysed as part of Google Ads. For this purpose, information is processed that enables the Internet browser used on the device to be recognised and supports the measurement of the success of our advertising measures (in particular online identifiers and technical information). We do not directly identify users; Google provides us only with statistical evaluations (e.g. regarding the number and effectiveness of conversions).
You can prevent the storage of, or access to, corresponding information on your device by disabling cookies in your Internet browser settings. In this case, measuring the success of our advertising may only be possible to a limited extent; however, the use of our website is generally not affected. In addition, you may withdraw any consent given at any time via our cookie settings in relation to future processing.
Google Ads may use the following cookies, the category, purpose and storage duration of which are set out below, based on the provider’s sample descriptions:
| Name |
Category |
Purpose |
Cookie duration |
| _gcl_au |
Advertising / tracking |
Conversion linking / conversion measurement (assignment of ad clicks and conversions) |
90 days |
| Conversion |
Advertising / tracking |
Conversion measurement |
90 days |
| VISITOR_INFO1_LIVE__default |
Advertising / tracking |
This cookie is used for security and advertising purposes. |
180 days |
| _gac_gb_<wpid> |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| VISITOR_INFO1_LIVE |
Advertising / tracking |
This cookie is used for security and advertising purposes. |
180 days |
| RUL |
Advertising / tracking |
This cookie is used for advertising purposes. |
1 year |
| NID |
Advertising / tracking |
This cookie is used for analysis, security, functional and advertising purposes. |
6 months |
| FPAU |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| FPGCLAW |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| pm_sess_NNN |
Functional |
This cookie is used for security and functional purposes. |
30 minutes |
| __gads |
Advertising / tracking |
This cookie is used for advertising purposes. |
13 months |
| _gcl_aw |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| VISITOR_INFO1_LIVE__k |
Advertising / tracking |
This cookie is used for security and advertising purposes. |
180 days |
| 1P_JAR |
Advertising / tracking |
This cookie is used for advertising purposes. |
30 days |
| YSC |
Functional |
This cookie is used for security purposes. |
Session |
| aboutads_sessNNN |
Functional |
This cookie is used for security and functional purposes. |
30 minutes |
| IDE |
Advertising / tracking |
This cookie is used for advertising or retargeting purposes. |
1 year |
| _gcl_gb |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| pm_sess |
Functional |
This cookie is used for security and functional purposes. |
30 minutes |
| ANID |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
2 years |
| FPGCLGB |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
90 days |
| TAID |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
2 weeks |
| AID |
Advertising / tracking |
This cookie is used for analysis and advertising purposes. |
540 days |
The legal basis for the use of advertising / tracking cookies is your consent pursuant to Section 25(1) of the TDDDG. The legal basis for the use of technically necessary cookies is Section 25(2)(2) of the TDDDG.
The legal basis for the processing of users’ personal data is consent in accordance with Article 6(1)(a) of the GDPR.
The storage period depends on the specific function used and the respective configuration. Data are deleted as soon as they are no longer required for the purposes pursued, but no later than after 540 days. The data collected may also be transferred to the parent company in the USA. Google’s parent company, Google LLC, is located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. With regard to the USA, the European Commission has determined that an adequate level of data protection exists according to the GDPR. An adequacy decision pursuant to Article 45 of the GDPR exists (EU-U.S. Data Privacy Framework) where the relevant US service provider is certified and therefore listed in the Data Privacy Framework List (“DPF List”). Google LLC is listed as a certified company.
If you do not wish to receive interest-based advertising, you can disable Google’s use of cookies for these purposes by visiting https://www.google.de/settings/ads/onweb. Alternatively, users can disable the use of third-party cookies by visiting the opt-out page of the Network Advertising Initiative (https://www.networkadvertising.org/choices). By using our services, you consent to Google processing the anonymised data collected about you in the manner described here and for the purpose stated above.
Further information can be found in Google’s privacy policy at: https://www.google.de/intl/de/policies/privacy/.
4.4 Creditor Information System
BBL Brockdorff Rechtsanwaltsgesellschaft mbH operates the Creditor Information System (https://www.glaeubigerinformation.de/t/151). The Creditor Information System is a web-based system through which creditors involved in specific insolvency proceedings can access information relating to those proceedings. As a creditor in insolvency proceedings, you can log in using a user ID to retrieve information on the progress of the insolvency proceedings in which you are involved. You will receive the user ID at the beginning of the insolvency proceedings. The data processed are used exclusively for the purpose of providing information to creditors.
The legal basis for the processing of your data when using the Creditor Information System is your consent to participation in the Creditor Information System (Article 6(1)(a) of the GDPR). The legal basis for the processing of your data also arises from the performance of the contract concluded between you, as creditor, and the insolvency debtor (Article 6(1)(b) of the GDPR).
4.5 Accessibility with Eye-Able
To improve accessibility on our website, we use the “Eye-Able” software provided by Web Inclusion GmbH. The integration is carried out locally via our server. No personal data are transmitted to third parties in this process.
Eye-Able is activated only once the accessibility icon (bottom right) has been clicked and a setting selected. Only from that point onwards is information stored in your browser in the local storage under “eyeAbleVariables”. This enables your settings (such as contrast and font size) to be restored during a later visit. No cookies are set in connection with Eye-Able.
The settings stored in the local storage remain there until you reset them within Eye-Able or delete the local storage / browser data in your browser.
The legal basis for the storage of information on your device and access to such information (local storage) is Section 25(2)(2) of the TDDDG.
Further information on how Eye-Able works is available at: https://eye-able.com.
5. Privacy notice for social media pages
In addition to our website, we also provide information via our publicly accessible profiles on the usual social media platforms. When you access our social media pages, technical data are transmitted to the operator of the social media platform (hereinafter referred to as the “provider”). In addition, the provider may create user profiles including information on your Internet behaviour and your preferences / interests. Providers may comprehensively analyse your Internet usage behaviour when you access or interact with social media, for example by clicking the “Like” button, the “Share” button or advertising banners. Based on these data, content or advertising may be tailored specifically to you.
If you have an account with the provider and are logged in, the provider is able to create and assign comprehensive user profiles. This makes it possible for advertising that may be of interest to you to be displayed across all devices on which you log in with your account. You can prevent this by logging out beforehand and, where applicable, disabling the “stay logged in” feature, as well as deleting the provider’s cookies stored on your device that enable account identification. This allows you to use our social media presence without the provider associating it with your account identification. If you wish to use interactive functions, you may be required to log in with your account. Once logged in, the provider may identify you via your account identification.
By accessing our social media page hosted by the provider, extensive data protection-related processing operations are carried out. We are not solely responsible for this data processing, but share responsibility jointly with the provider, meaning that we are also unable to fully trace all data processing activities. As joint controllers, we have entered into agreements with the providers which, among other things, govern the conditions of use. Depending on the social media platform, the providers may carry out additional processing operations over which we have no direct influence.
Further details regarding the providers’ data processing activities can be found in the respective providers’ privacy notices and terms of use.
Where a communication channel is available on a social media platform, we process your messages there in order to respond to you and communicate with you. The data entered with the provider, such as your username and comments published under our content using your account, are processed by us so that we can respond to your enquiries.
The processing of the personal data you provide on our social media channels is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in ensuring the broadest possible presence on the Internet through our profiles on social media platforms
As a general rule, you may exercise your rights both against us and against the provider as joint controllers. However, we do not have influence over all the provider’s data processing operations. Our options for complying with your rights are limited by the respective provider’s corporate policies.
The personal data collected directly by us are deleted once the purpose no longer applies or if you request deletion. Information stored by the provider on your device (such as “cookies”) can be deleted by you on your device. We have no influence over the storage period of the data collected by the provider. In this regard, please refer to the respective provider’s privacy notice.
This privacy notice applies exclusively to the use of the social media profiles published by us. It does not apply to websites or social media pages of other service providers to which we merely provide links.
We accept no responsibility or liability for external statements and policies that are unrelated to our website.
We maintain profiles on the following social media platforms in particular:
6. LinkedIn
We also provide information about our services on our LinkedIn site.
This LinkedIn service is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Its parent company, LinkedIn Inc., is based in Sunnyvale, California, USA. The data collected may also be transferred to the parent company in the USA. With regard to the USA, the European Commission has determined that an adequate level of data protection exists in accordance with the GDPR. An adequacy decision pursuant to Article 45 of the GDPR exists (EU-U.S. Data Privacy Framework) where the relevant US service provider is certified and therefore listed in the Data Privacy Framework List (“DPF list”). LinkedIn Inc. is listed as a certified company.
We have entered into the following data processing agreement with LinkedIn.
The following privacy notice and terms of use apply to the use of the LinkedIn service.
7. Data subject rights
You have the right to obtain information from us regarding the personal data concerned, as well as the right to rectification, the right to erasure, the right to restriction of processing and the right to data portability. In the case of processing pursuant to Article 6(1)(e) and (f) of the GDPR, you also have the right to object to the processing. Where you have given us consent to process your personal data pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR, you may withdraw this consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal. If you wish to exercise your right to object and/or your right of withdrawal, it is sufficient to send an email to: datenschutz@bbl-law.com. You have the right to lodge a complaint with a data protection supervisory authority.
8. Data security
We use the widely adopted SSL (Secure Socket Layer) procedure during visits to our website, in conjunction with the highest level of encryption supported by your browser. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed key or padlock symbol displayed in the lower status bar of your browser.
In addition, we use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
9. Current version and amendments to this privacy notice
This privacy notice is currently valid and was last updated in January 2026.
It may become necessary to amend this privacy notice as a result of the further development of our website and the services offered through it, or due to changes in legal or regulatory requirements. You can access and print the current version of the privacy notice at any time on the website at: https://www.bbl-law.com/en/data-protection-declaration.
