Privacy Policy

1. Data Controller

Controller within the meaning of the General Data Protection Regulation (GDPR):

Portalix UG (haftungsbeschränkt)
Thalkirchner Str. 103
81371 Munich
Germany

Email: datenschutz@avukat.eu

2. Overview of Processing

We only process personal data to the extent necessary to provide our platform and associated services.

3. Data We Collect

We collect and process the following personal data:

  • Registration (Lawyers): Email address, name
  • Lawyer Profile: Title, name, address, phone, website, office address, practice areas, languages, experience, bar association membership, profile photo, biographies
  • Booking Requests: Name, email address, phone number (optional), message
  • Reviews: Name, email address, review text
  • AI Tools: Input texts are anonymized before processing (PII masking). Personal data is not transmitted to third-party providers.
  • Server Logs: IP address, browser type, operating system, referrer URL, access time
4. Legal Basis

Processing of your personal data is based on:

  • Art. 6(1)(a) GDPR — Consent (e.g., use of AI tools)
  • Art. 6(1)(b) GDPR — Contract performance (e.g., profile creation, booking requests)
  • Art. 6(1)(f) GDPR — Legitimate interest (e.g., server logs for security)
5. Data Recipients

Your data may be shared with the following recipients:

  • Hosting: Our server is operated in Germany.
  • Email: Mailgun (Sinch Email, EU data centers) for login links, booking confirmations, and notifications.
  • Bot Protection: Cloudflare Turnstile — Cloudflare Inc. receives technical data for bot detection. No cookies are set.
  • AI Processing: OpenAI API — Texts are anonymized through our PrivacyMask service before transmission. Personal data (names, addresses, phone numbers) is replaced with placeholders and restored after processing.
6. Data Retention
  • User accounts: Until deletion by the user
  • Lawyer profiles: Until deletion or deactivation
  • Booking requests: 12 months after completion
  • Reviews: Until deletion or upon objection
  • Server logs: 14 days
  • AI inputs: Not stored
7. Cookies

avukat.eu only uses technically necessary session cookies required for the operation of the website (e.g., login session, CSRF protection, language setting). No tracking or analytics cookies are used.

8. Your Rights

Under the GDPR, you have the following rights:

  • Access (Art. 15 GDPR) — What data we store about you
  • Rectification (Art. 16 GDPR) — Correction of inaccurate data
  • Erasure (Art. 17 GDPR) — Deletion of your data
  • Restriction (Art. 18 GDPR) — Restriction of processing
  • Portability (Art. 20 GDPR) — Export of your data
  • Objection (Art. 21 GDPR) — Object to processing
  • Complaint — You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the Bavarian Data Protection Authority (BayLDA).
9. Privacy Contact

For all privacy-related inquiries, please contact us at:
datenschutz@avukat.eu

Last updated: February 2026