Privacy Policy

This privacy policy (“data protection declaration”) informs you about the collection, processing and use of your data (“data processing”) on the website of Fleury & Fleury GbR.


It describes the processing of personal data on our website » including the subpages. If you leave our website via a link or visit our website on a social media platform, you also leave the area of application of this privacy policy.


We explain to you below,


  • who is responsible for data processing on our website,

  • the legal basis on which we process data,

  • when or for which actions we process data,

  • which data we process for which reasons,

  • who receives data, and

  • which rights you have with regard to data processing by us.


You can retrieve, print or download this privacy policy permanently and at any time at »­en/privacy-policy.

Responsible for data processing

Responsible for data processing within the scope of this website in accordance with the General Data Protection Regulation (GDPR) is:

Fleury & Fleury GbR

Zollstockgürtel 61
50969 Cologne

Legal basis

We process your personal data on the basis of the European Data Protection Regulation (GDPR) and the German Bundesdatenschutzgesetz (BDSG):


  • On the basis of a consent pursuant to Art. 6 para. 1 a) GDPR, insofar as you have expressly agreed to the type and scope of data processing. You can revoke your consent at any time with effect for the future. This does not affect the processing that has taken place up to this point in time.

  • For the purpose of fulfilling the contract or implementing pre-contractual measures pursuant to Art. 6 para. 1 b) GDPR to the extent necessary for exercising the rights and obligations arising from the contract or the pre-contractual legal relationship.

  • On the basis of legal obligations pursuant to Art. 6 para. 1 c) GDPR, insofar as this is necessary to fulfil German or European statutory obligations.

  • On the basis of legitimate interest pursuant to Art. 6 para. 1 f) GDPR, insofar as we have a legitimate interest and no conflicting overriding interests of the party or parties concerned are evident. The specific interest is explained in this privacy statement in the context of the processing description.

Scope of processing of personal data

Making our websites available requires the processing of various information. Furthermore, the scope of data processing depends on your use of the functionalities of the websites, for example if you communicate with us via the contact form or agree to the processing of data.

You do not have to provide us with personal data. However, if the provision of this data is technically mandatory when you visit our website, refusal will result in your being unable to visit and use our website.

TLS encryption, PFS and HSTS

For security reasons and to protect the transmission of confidential content over the Internet, our websites use TLS encryption (Transport Layer Security) in the versions TLSv1.3 and TLSv1.2 that are currently considered secure.

In addition, we secure the connection with PFS (
Perfect Forward Secrecy) and HSTS (HTTP Strict Transport Security). PFS uses a non-reconstructable random component to ensure that encrypted data cannot be subsequently decrypted even if the TLS key valid during transmission is known. Together with an automatic redirection through our web server to an encrypted connection, HSTS ensures that your browser only establishes encrypted connections to our web pages, regardless of how you access the web pages.

You can recognize an encrypted connection by the fact that the address line of your browser changes from http:// to https://, and by the (often green colored) lock symbol in the address time of your browser. In this way, the data you transmit to us and the data you receive from us cannot be read by third parties on the insecure Internet and cannot be subsequently decrypted after any possible recording by third parties.

We use links on our websites that enable you to send us an e-mail. Our mail server also uses TLS encryption and PFS for the secure transport of messages between our mail server and your mail server over the Internet. The connections between our mail server and our work computers are also encrypted.

Deletion of data and storage time

We will delete your personal data as soon as the legal basis for its processing ceases to exist. In some cases, however, legal bases can exist in parallel or, if a legal basis ceases to exist, a new one can intervene, such as the obligation to store certain data in order to fulfil a legal obligation to store data.

Data processing for the provision of the web pages

We may need to process certain information in order to display the website to you. This is already done when you visit our website. In addition, we offer various functionalities on our website which require further data processing.


1. Log files


When you visit our website, your browser sends various information to our server. We need these to establish and maintain the connection. Among the data is also your IP address, which we treat as personal data. All in all, the following data is collected:


  • IP address

  • Date and time at the time of access

  • Requested web page

  • Access status / HTTP status code

  • Amount of data transferred

  • Referrer URL (the previously visited page)

  • Browser

  • Language and version of the browser software

  • Operating system and its interface


We store this data in so-called server log files. This data is not combined with any other data about you. The storage of log files including your IP address serves the legitimate interest of providing our websites and preventing their misuse. Stored log files will be deleted after 30 days at the latest, unless longer storage is necessary, for example to ward off or clarify an attack on our website.


2. Cookies


A cookie is a small text file containing information transmitted by your browser and stored on your computer. You can also control the use of cookies in your browser.


We do not currently use cookies on our website.


3. Google Maps


On our websites we use the map service Google Maps (API) from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google) to show our location and enable you to plan your journey.


When you enter the page on which the Google Maps map is integrated, our website sends various information including your IP address to Google in the USA, where it is stored on its servers. If you have a Google Account and are logged in at the time you visit our site, the information will be associated directly with your account. But even without a user account, Google will create a user profile about you.


Our transmission of the data to Google is based on our legitimate interest in offering you the map function of Google Maps on our website.


You can prevent the allocation of the data we transmit to your user account by logging out of Google before you visit our website. To stop the data transfer to Google completely, you have to switch off the JavaScript application in your browser. The map display can then no longer be used.


More information about Google and the use of Google Maps can be found here:



4. Infomail / Newsletter


If you use the option of subscribing to our Infomail / Newsletter, the following data that you entered in the registration form and which is technically necessary for registration will be transmitted to us:


  • First name and surname

  • Email address

  • IP adress of the calling computer

  • Date and time of registration


The newsletter / infomail of our company can only be received by you if you a. have a valid e-mail address and b. register for the newsletter dispatch. For legal reasons, we use the so-called double opt-in procedure for the info mail / newsletter registration. After your registration an e-mail is sent to the specified e-mail address, which contains a confirmation link to receive the newsletter. This confirmation e-mail is used to check whether the owner of the e-mail address, as the person concerned, has authorised the receipt of the newsletter.


The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject's e-mail address at a later date and therefore serves to provide legal protection for the data controller.

The legal basis for the processing for sending the info mail / newsletter is the existence of consent in accordance with Art. 6 Para. 1 a) GDPR.


With our Infomail / Newsletter we inform interested parties at irregular intervals about current events, news, announcements, offers and more. The data you provide for this purpose will be processed exclusively for the delivery of the Infomail / Newsletter to you and in order to address you correctly. We collect the additional data required for registration only to prevent misuse of the Infomail / Newsletter offer and in particular your e-mail address.


The data required for sending the infomail / newsletter will be stored as long as the subscription to the infomail / newsletter is used. You can revoke your consent to receive the infomail / newsletter at any time. The revocation can be done by using the link provided in every infomail / newsletter. If you click on the link, you will be directed to a website where you can also tell us your reason for unsubscribing if you wish. When you send this message, the following data will be transmitted to us:


E-mail address

IP address


All other data that you send us, especially the text of the message, you send us voluntarily. This data will be deleted as soon as your inquiry has been finally processed.


5. Social media links


Social media icons (recognizable by the logo of the respective social network) are displayed in the footer area of our website. Until final legal clarification, they are exclusively static links to the websites of the respective providers or to our company channels set up there. They have no further functionality, in particular they do not transfer any data to third parties. These icons merely represent a service by making it easier for you to access the respective websites, which you can then use at your own risk, for example for information, to make contact or to pass on information about our offer. If you click on these icons, you leave our website via the linked link and thus also the area of application of this privacy statement.


6. Google AdWords


This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (Google). It is an Internet advertising service that allows advertisers to place ads in Google's search engine results and the Google Advertising Network.


Google AdWords allows an advertiser to pre-define certain keywords to display an ad in Google's search engine results when the user uses the search engine to retrieve a keyword relevant search result.


The purpose of our use of Google AdWords is exclusively to advertise our websites by displaying interest-relevant advertising in the search engine results of the Google search engine. We deliberately do not participate in the advertising network and also deliberately do not use conversion tracking, which is also offered in connection with Google AdWords.


You can find more information about Google AdWords in » Google's Privacy Policy.


7. E-Mail


We also use links on our website that display our e-mail addresses. If you click on one of these links, your e-mail program starts and offers you to send an e-mail to the address provided. If you send us an e-mail with your own e-mail program, the following data will be transmitted to us:


  • Name, as it is stored in your e-mail program

  • Email address

  • IP address


All other data that you submit to us in the context of e-mail communication, in particular the text of the e-mail, you voluntarily transmit to us.


We use your data for the answering of your enquiry and the related communication. The legal basis of this processing of your data depends on the content of your request. In principle, our legitimate interest in the provision of the contact functionality by e-mail and the correct response to your inquiry transmitted via it applies here. If your request is aimed at concluding a contract with us, the processing will take place within the framework of this pre-contractual obligation.


Your data will be deleted as soon as your request has been processed. In the event of a contract being concluded, we may process the data to fulfil the contract or within the framework of statutory storage obligations.


8. Phone calls


On our website we also use links that show our telephone numbers. When you click on one of these links, your browser starts the phone functions on your mobile device or computer and offers you to make a call. When you call us, your telephone number will be transferred to us. All other data that you provide to us during a telephone call is provided voluntarily.


We use the information you provide to us to respond to your enquiry and to communicate with you. The legal basis of this processing of your data depends on the content of your request. In principle, our legitimate interest in the provision of the availability by telephone and the communication carried out over it applies here. If your request is aimed at concluding a contract with us, the processing will take place within the framework of this pre-contractual obligation.


Your data will be deleted as soon as your request has been processed. In the event of a contract being concluded, we may process the data to fulfil the contract or within the framework of statutory storage obligations.


9. Google Fonts


We use web fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google).


When you call up a page, your browser loads the required web fonts into your browser to display texts and fonts correctly. To do this, your browser connects to Google, which tells Google that our websites have been accessed via your IP address.


We use Google Fonts to ensure a consistent and legible presentation of our web pages. If your browser does not support Google Fonts or Web Fonts, your device uses a default font.


Google is certified for this for the » EU-US Privacy Shield privacy convention, which is intended to ensure compliance with the data protection level applicable in the EU.


For more information about Google Fonts and Googles privacy policy, please visit the following Web sites:


» Google Fonts

» Google's Privacy Policy


The legal basis for the processing of personal data using Google Fonts is Art. 6 para. 1 f) GDPR (legitimate interest).

Utilization analysis and tracking

We do not currently use any further usage analysis or tracking.

Possibility of objection and revocation

If the data processing is based on your consent or our legitimate interest, you have the right to object to the processing or to revoke your consent at any time. Your objection or revocation only has an effect for the future. If the analysis cookies used offer their own technical options for deactivation, this is shown there in each case. You can contact at any time to exercise your right of objection or revocation. If you object to processing on the basis of our legitimate interest, we may nevertheless continue processing if we can prove compelling reasons worthy of protection for the processing which outweigh your interests, your rights and freedoms.

Rights of the parties concerned

If personal data are processed, you are a data subject within the meaning of Art. 4 para. 1 GDPR. As the data subject, you have the following rights with regard to your personal data. To exercise these rights, please contact us using the contact details above.

Right to request information according to Art. 15 GDPR

You have a right to request information about your personal data processed by us. This includes the mandatory information set out in Art. 15 GDPR.

Right of amendment in accordance with Art. 16 GDPR

You have the right to correct incorrect personal data without delay and to complete incorrect personal data.

Right of deletion in accordance with Art. 17 GDPR

You have the right to request the deletion of your personal data if one of the reasons mentioned in Art. 17 GDPR applies, in particular if there is no longer a legal basis for the processing.

Right to limitation of processing according to Art. 18 GDPR

You have the right to demand the restriction of the processing of your personal data if one of the reasons mentioned in Art. 18 GDPR applies, in particular at your request instead of deletion of the data.

Right to data transferability in accordance with Art. 20 GDPR

You have the right to request all personal data stored by us about you in a structured, current and machine-readable format and to transmit this data to another person in charge without obstruction by the person responsible to whom the personal data was provided.

Right of appeal to the competent supervisory authority in accordance with Art. 77 GDPR

According to Art. 77 GDPR, you have the right to file a complaint with the supervisory authority responsible for you.

Recipients of data

The processing of your personal data in the context of our web pages, in particular by calls started from the web pages, takes place partially also via processors. These are included exclusively on the basis of an agreement to the order agreement in accordance with Art. 28 para. 3 GDPR.

Data transfer to third countries

The personal data we collect from you through the website will also be transferred to a certain extent to third countries outside the European Economic Area.

When using Google Maps or Google Fonts, your IP address may be transmitted to Google LLC.

Google LLC. is based in the USA and thus according to Art. 44 GDPR in a so-called third country. Google LLC. is certified under the » EU-US Privacy Shield privacy convention, which legally guarantees compliance with a European level of data protection.

Update and modification

Parts of this privacy policy may be changed or updated by us without prior notice to you. Please check the privacy policy before using our site to keep up to date with any updates or changes.

Status: January 2020