Legal
Information on the processing of personal data when visiting this website pursuant to Art. 13 and 14 of the EU General Data Protection Regulation (GDPR).
The controller within the meaning of the GDPR is:
Attorney Dr. Oliver Peschel
Karmeliterplatz 1/2, 1020 Wien, Austria
Phone: +43 1 391 96 00
Email: office@peschel.at
VAT ID: ATU74727058
As an attorney, the controller is bound by the statutory professional secrecy under § 9 of the Austrian Code of Conduct for Attorneys (RAO). This duty applies in addition to data protection obligations and protects all information entrusted in connection with a mandate or its initiation. Technical and organisational measures take into account the particular sensitivity of legal data.
Personal data is processed only to the extent necessary to provide a functional website and the content and services offered. Processing is regularly based on consent (Art. 6 (1) lit. a GDPR), the performance of or preparation for a contract (Art. 6 (1) lit. b GDPR), compliance with legal obligations (Art. 6 (1) lit. c GDPR) or legitimate interests (Art. 6 (1) lit. f GDPR).
Each time the website is accessed, the hosting provider automatically collects data from the computer system of the accessing device. In particular, the following data is collected:
Purpose: Provision of the website, guarantee of
technically error-free operation, evaluation of system security and
stability, defence against attacks.
Legal basis: Art. 6 (1) lit. f GDPR (legitimate
interest in a secure and stable website).
Storage period: A maximum of 14 days in the server
log files, followed by automatic deletion. This data is not combined
with other data sources.
This website is hosted by:
easyname GmbH
Canettistraße 5/10, 1100 Wien, Österreich
Server location: Österreich / EU
Hosting provider's privacy policy:
https://www.easyname.at/de/datenschutz
The hosting provider processes, on behalf of the controller, all data arising in connection with the operation of the website (in particular access data, server logs, content of the website). A data processing agreement under Art. 28 GDPR is in place with the hosting provider. Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in reliable hosting).
For security reasons and to protect the transmission of personal data, this website uses SSL or TLS encryption. An encrypted connection can be identified by the string "https://" in the browser address bar.
Users may contact the controller via the contact form on the website and by email to office@peschel.at. When using the contact form, the following data is collected:
Purpose: Processing of the request, initiation of a
mandate, response to enquiries.
Legal basis: Art. 6 (1) lit. b GDPR (pre-contractual
measures) and Art. 6 (1) lit. f GDPR (legitimate interest in efficient
handling of enquiries).
Storage period: Messages that do not lead to a mandate
will be deleted no later than three years after submission. If a
mandate is established, the retention periods applicable to legal
mandates apply (in particular § 132 of the Austrian Federal Fiscal
Code and the retention obligations under the RAO).
To protect the contact form against automated submissions and spam, the service Turnstile from Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA, is used. Turnstile analyses browser behaviour (such as mouse and keyboard interactions, browser fingerprint, movement patterns) to distinguish human users from bots. Personal data processed in this context includes in particular the IP address and technical browser information.
Purpose: Defence against automated submissions,
protection against misuse of the contact form.
Legal basis: Art. 6 (1) lit. f GDPR (legitimate
interest in an abuse-free contact form).
Third-country transfer: Cloudflare is headquartered
in the United States. A transfer of data to the United States cannot
be excluded. Cloudflare is certified under the EU-US Data Privacy
Framework (Adequacy Decision of the European Commission of 10 July
2023, Art. 45 GDPR).
Storage period: According to Cloudflare's own
statements, data processed for bot detection is stored for a maximum
of 24 hours.
Further information: https://www.cloudflare.com/de-de/privacypolicy/
This website uses cookies and comparable technologies only to the extent necessary for technical operation or where the user has given explicit consent. A detailed list of the cookies used is available in the Cookie Policy.
Technically necessary cookies are set without consent based on Art. 6 (1) lit. f GDPR and § 165 (3) of the Austrian Telecommunications Act 2021. They are indispensable for the operation of the website.
Optional cookies (statistics, marketing) are set only after the user has given explicit consent via the cookie banner. Legal basis: Art. 6 (1) lit. a GDPR and § 165 (3) of the Austrian Telecommunications Act 2021. Consent may be withdrawn at any time via the cookie settings in the footer with effect for the future.
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies and comparable technologies that enable a pseudonymised analysis of the use of the website.
Purpose: Evaluation of website usage, improvement of
content and structure, reach measurement.
Data processed: IP address (truncated by IP
anonymisation), URLs visited, time spent, referrer, device and browser
data, pseudonymous client ID.
Legal basis: Art. 6 (1) lit. a GDPR and § 165 (3) of
the Austrian Telecommunications Act 2021 (consent). The Google tag is
loaded in Consent Mode v2: before your consent, analytics storage
(analytics_storage) is set to "denied", no cookies or identifying
attributes are stored, and Google only receives cookieless, aggregated
signals (consent status and basic technical data). Cookies and the
pseudonymous analysis only take place after your consent in the cookie
banner.
Storage period: up to 24 months on Google servers.
Third-country transfer: Google may transfer data to
the USA. Google is certified under the EU-US Data Privacy Framework
(Adequacy Decision of the European Commission of 10 July 2023,
Art. 45 GDPR).
Withdrawal: at any time via the "Cookie settings"
link in the footer.
Further information: policies.google.com/privacy
This website uses Google Ads (conversion tracking and remarketing), an advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads sets cookies that can record clicks on ads and subsequent actions on the website (for example submission of the contact form).
Purpose: Measurement of advertising effectiveness,
delivery of relevant ads, exclusion of users who have already
converted.
Data processed: Click and conversion data,
pseudonymous cookie identifiers, IP address, technical browser and
device data, and for enhanced conversions the hashed email address
from the form (see below).
Legal basis: Art. 6 (1) lit. a GDPR and § 165 (3) of
the Austrian Telecommunications Act 2021 (consent). The Google tag is
loaded in Consent Mode v2: before your consent, the advertising and
storage signals (ad_storage, ad_user_data, ad_personalization) are set
to "denied", no advertising cookies are set and no personal data is
transmitted to Google. Cookies, conversion measurement and the enhanced
conversions described below only take place after your consent in the
cookie banner.
Storage period: 30 to 540 days depending on cookie
type.
Third-country transfer: EU-US Data Privacy Framework
(Art. 45 GDPR).
Withdrawal: at any time via the "Cookie settings"
link in the footer.
Enhanced Conversions: Provided you have consented to marketing cookies, when you successfully submit the contact or enquiry form the email address you entered is irreversibly hashed (SHA-256) in your browser and transmitted to Google only in this hashed form. Google uses the hash solely to attribute a conversion to a previous ad click. It does not allow Google to recover your plain-text email address. Without consent to marketing cookies, no transmission takes place.
Selected video interviews with Attorney Dr. Peschel are embedded on this website. The embed uses the privacy-enhanced YouTube mode (youtube-nocookie.com).
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, with parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Data processed: When you click the preview thumbnail for the first time, the YouTube player is loaded as an iframe. Only from this moment on is data transmitted to YouTube, in particular your IP address, browser and device information as well as technical identifiers required to deliver the video. As long as you do not activate the video, no data is sent to YouTube and no YouTube cookies are set.
Purpose: Display of embedded media content for information on the recovery of gambling losses.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in rich content and in presenting press references). By clicking the preview thumbnail you also consent to the subsequent data transfer to YouTube (Art. 6(1)(a) GDPR).
Third-country transfer: Google may transfer data to the USA. Google is certified under the EU-US Data Privacy Framework (Commission adequacy decision of 10 July 2023).
Further information: policies.google.com/privacy .
The pseudonymous data collected via Google Analytics and Google Ads is not linked to specific clients or to data from the contact form.
This website uses the typefaces Inter and Montserrat. The font files are served locally from the hosting provider's server. No connection to external font services (in particular not to Google Fonts) is established. No fonts are loaded from external servers when the website is accessed.
Personal data is generally not disclosed to third parties. A transfer only takes place if:
Processors within the meaning of Art. 28 GDPR are in particular the hosting provider and the provider of the spam protection service (see sections 5 and 8).
Personal data is stored only for as long as necessary for the respective purpose or as required by statutory retention obligations. Once the purpose ceases or the retention period expires, the data is deleted or anonymised. Relevant retention periods include in particular the seven-year retention obligation under § 132 of the Austrian Federal Fiscal Code and the retention obligations under the RAO.
Under the GDPR, every data subject has the following rights:
The right to obtain confirmation as to whether personal data is being processed, together with information about such data and a copy of it.
The right to obtain without undue delay the rectification of inaccurate personal data or the completion of incomplete personal data.
The right to obtain the erasure of personal data without undue delay, unless statutory retention obligations apply.
The right to restrict the processing of personal data.
The right to receive personal data in a structured, commonly used and machine-readable format or to have the data transmitted to another controller.
The right to object at any time, on grounds relating to the data subject's particular situation, to processing of personal data based on Art. 6 (1) lit. e or lit. f GDPR.
Consent given may be withdrawn at any time with effect for the future. The withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.
To exercise these rights, an informal notification to the contact details listed above is sufficient.
Without prejudice to any other remedy, every data subject has the right to lodge a complaint with a supervisory authority. The competent supervisory authority in Austria is:
Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna, Austria
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Web: www.dsb.gv.at
No automated decision making, including profiling, within the meaning of Art. 22 GDPR takes place.
Appropriate technical and organisational measures within the meaning of Art. 32 GDPR are in place to protect personal data against accidental or intentional manipulation, loss, destruction or unauthorised access. Security measures are continuously improved in line with technological developments.
This privacy policy is current as of 2026-05-26. Further development of the website or amended legal requirements may necessitate changes. The current version of the privacy policy is always available on the website.