Privacy Policy

General

Protecting your personal data is important to us.

We process your personal data (hereinafter referred to as “data”) exclusively in accordance with the applicable statutory provisions. Personal data means any information relating to an identified or identifiable natural person. A person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Examples of personal data include your name, contact details, and banking or credit card information.

This Privacy Policy explains the type, scope, purpose, duration, and legal basis of the processing of personal data insofar as we, alone or jointly with others, determine the purposes and means of processing.

Controller (within the meaning of the GDPR):

Mag. Jia Zhou, B.A., Attorney-at-Law

Volksgartenstraße 3 / 2nd Floor, 1010 Vienna, Austria

+43 660 6615775

office@monolaw.at

Definition of “Processing”

According to Article 4(1) of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), “processing” means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction.
 

Purpose and Legal Basis of Data Processing

Wenn Sie unsere Website besuchen – sei es zur Information über unsere Leistungen oder um aktiv mit uns in Kontakt zu treten – verarbeiten wir Ihre personenbezogenen Daten zu folgenden Zwecken und auf Grundlage der nachstehenden gesetzlichen Bestimmungen: 

Visiting the Website

When you use our website purely for informational purposes – without actively providing data – certain technical information is automatically collected. This information is necessary to display the website correctly and to ensure stability and security.
The data transmitted by your browser to our server and temporarily stored in so-called server log files includes:

  • The page or file accessed

  • Date and time of access

  • Type and version of your web browser

  • Your IP address

These data are used exclusively for technical purposes. They are not analysed in relation to you personally, nor are they combined with other data sources. Identification of a specific person is not possible.

To ensure the technical operation of the website, we may engage external service providers (e.g., hosting providers, CMS services). These act on our behalf and process data only to the extent necessary.

Processing is based on Article 6(1)(f) GDPR (legitimate interest), which lies in maintaining a secure and stable website and preventing misuse or technical disruptions.

Provision of Legal Services

In the course of our legal practice, we provide advisory and representation services to clients. When you contact us for this purpose, we process the personal data you provide (e.g., name, address, phone number, email, and any additional information supplied in connection with the mandate).

The data are processed for the initiation and performance of a mandate agreement pursuant to Article 6(1)(b) GDPRand, where applicable, Article 9(2)(f) GDPR for the establishment, exercise, or defence of legal claims.

Your data will not be passed on to third parties without your consent.

Recipients

We transfer personal data only if required by law or upon your explicit instruction — for example, when communicating with third parties or drafting contracts on your behalf.

In certain cases, it may be necessary for us to engage external service providers or partners to fulfil a contract or perform legal services. All processors are contractually obliged to process your data only as necessary and to delete them once the purpose has been fulfilled, unless statutory retention obligations apply.

Regular categories of recipients include:

  • Tax advisors or accountants (e.g., for billing purposes)

  • Substitute attorneys (in Austria or abroad, where necessary and agreed with you)

  • IT and telecommunications service providers (e.g., system maintenance)

  • Printing and postal service providers (e.g., for document delivery)

  • Courts and public authorities

  • Contracting parties or opponents in legal proceedings

  • Other third parties expressly authorised by you.

Storage Period

We retain your personal data only for as long as necessary to meet our contractual or statutory obligations. This includes the full duration of the business relationship — from initiation and performance to termination — as well as statutory retention or limitation periods.

Typical retention periods include:

  • 5 years under the Austrian Lawyers’ Code (RAO)

  • 7 years under the Austrian Commercial Code (UGB) and Federal Fiscal Code (BAO)

  • 6 months under the Equal Treatment Act (GlBG)

Longer retention may be required for the preservation of evidence within limitation periods or for defending legal claims.

Once the purpose of processing ceases to exist and no legal basis remains, your data will be deleted.
Where deletion is not possible due to statutory obligations or legitimate interests, processing will be restricted to such purposes and the data will be blocked accordingly.

Cookies

Our website uses only technically necessary cookies required for its operation. We do not use tracking or analytics tools. Consequently, no cookie banner is necessary.

OpenStreetMap

For displaying maps, we use a locally integrated version of OpenStreetMap.
No data are transmitted to third parties or to OpenStreetMap servers. Your personal data remain fully protected.

Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art 15 GDPR)

  • Right to rectification and erasure (Arts 16–17 GDPR)

  • Right to restriction of processing (Art 18 GDPR)

  • Right to data portability (Art 20 GDPR)

To exercise these rights or obtain further information, please contact: office@monolaw.at

If you believe that the processing of your personal data violates data protection law or that your rights have otherwise been infringed, you may lodge a complaint with the competent supervisory authority:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40–42, 1030 Vienna, Austria
Email: dsb@dsb.gv.at

Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our website, our services, or legal requirements.

Version from September 2025