Payment Services of Bankhaus August Lenz
Flexible, independent & secure.

We take protecting your personal data very seriously and treat your personal data confidentially in accordance with the statutory data protection provisions and this Data Protection Statement.

1. Controller of the data processing (hereinafter: “we”)

Bankhaus August Lenz & Co. AG

Holbeinstraße 11

81679 München

Telefon: 089/96 012 – 0

Telefax: 089/96 012 -100


You can find further information about us in our Provider Identification (Legal Notice).

2. Data Protection Officer

Bankhaus August Lenz & Co. AG
Tel.: 0800 70 170 70


3. Personal data, the purposes of its processing and legal grounds

It is generally possible to use our website without having to provide personal data. Personal data is provided on a voluntary basis.

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors that are an expression of the identity of this natural person.

Data is processed in order to operate this website with information on our range of services with various means to contact us.

    • Personal data is only collected on our website when it is required
    • to use the website (legal grounds: Art. 6(1a) and/or Art. 6(1b) General Data Protection Regulation / “GDPR”), to protect our interests in enhancing the user experience and to ensure that use of the website is secure (legal grounds: Art. 6(1f) GDPR),
    • to use the services provided on the website and other pre-contractual measures, in particular for form entries (legal grounds: Art. 6(1a) and/or Art. 6(1b) GDPR) or
    • to conclude and perform a contract (legal grounds: Art. 6(1a) and (1b) GDPR).

You can find further information on how data is processed below under the corresponding headings:

4. Access data/server log files

When you visit our website, the server automatically stores the information that your browser transmits to us; this is known as the server log files. The information includes the name of the website visited

  • File
  • Date and duration of the visit
  • Notification on successful access
  • Browser type including version
  • The user’s operating system
  • Referrer URL
  • IP address and
  • Provider.

This data is not consolidated with other data sources. The information is used exclusively in accordance with Art. 6(1f) GDPR to analyse and maintain the technical operation of the server and the network.

5. Cookies

Our website stores cookies. Cookies are small files that enable specific information relating to the user’s access device (PC, smartphone or similar) to be stored on the device itself. They are used to make websites more user-friendly and thereby assist users (e.g. by storing login data). In addition, they serve to collect statistical data on website use, and they can be analysed in order to improve the service. The legal basis for this is Art. 6(1f) GDPR.

You as the user can control the use of cookies. Most browsers have an option to restrict or completely prevent the storing of cookies. However, we should point out that, if cookies are not stored, use of the website may be restricted, and in particular ease of use may be impaired.

6. Contact via email

When you send us email enquiries, your information in the email including the contact data that you provide is stored by us in accordance with Art. 6(1b) GDPR in order to process the enquiry and in case there are any follow-up questions. We never share this data without your consent. We treat the information that you voluntarily share with us as strictly confidential. We store and use the personal data that you voluntarily share with us to the extent required for further correspondence with you.

7.Contact form

When you send us enquiries using the contact form, your information in the contact form including the contact data that you provide is stored by us in order to process the enquiry and in case there are any follow-up enquiries. We do not share this data without your consent.

8. Google Maps

Our website uses Google Maps, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Maps provides geographical information and calculates route descriptions. When you use Google Maps, information on the use of our website (including your IP address) and the data you enter in Google Maps will be transmitted to Google and stored there. The legal basis for this is Art. 6(1f) GDPR.

However, you can prevent this data from being transmitted by deactivating JavaScript in your browser. Please note that, in this case, it will not be possible to display any maps. You can find further information on how Google Maps uses your data at: You can find detailed information on the options and data protection in Google’s Privacy Policy at

9. Google Fonts

This website uses so-called web fonts provided by Google to ensure consistent display of fonts. The legal basis for this is Art. 6 (1b) and (1f) GDPR. When you access a page, your browser loads the required web fonts in your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font from your computer will be used. You can find further information on Google Fonts at and in Google’s Privacy Policy:

10. Jetpack/

Our website uses functions of the web analytics service Google Analytics. Provider is the Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses cookies that are stored on users’ computers and that allow an analysis of their use of the website. The information generated by the cookie about the use of this website by the users are usually transmitted to a Google server in the USA and stored there. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR.

IP anonymization is activated. The IP address of the user is therefore shortened by Google within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate users’ use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.

The IP address transmitted by Google’s browser as part of Google Analytics will not be merged with any other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; However, this offer notifies users that in this case you may not be able to use all features of this website in full.

In addition, users may collect the data generated by the cookie (including their IP address) related to their use of the website to Google and prevent Google from processing this information by downloading and installing the browser plug-in available at the following link: An opt-out cookie is stored on your device. You must redo this link after deleting your cookies.

Google LLC is under the US-EU Privacy Shield (, and is committed to complying with EU data protection requirements. In addition, we have entered into a contract processing agreement with Google LLC. This is a contract in which Google undertakes to protect the data of our users, in accordance with its privacy policy on our behalf to process and in particular not to third parties.

11. Recipients of personal data

We share personal data with the following categories of recipients:

our employees and subcontractors (“processors”).

Beyond this, your personal data is not shared with third parties without your express consent unless we are under a legal obligation to do so within the meaning of Art. 6(1c) GDPR or where the sharing of the data is required to perform a contract in accordance with Art. 6(1b).

Please note that data transmission over the Internet (for example when communicating by email) may be subject to security vulnerabilities. It is not possible to protect your data entirely against access by a third party.

12. Period for which the data will be stored

We delete your personal data immediately after fulfilling the purpose for which it is stored. This means that we store your data in your emails and the contact form until your enquiry has been processed completely and resolved. The information is generally deleted after this. In addition to this, we review whether data can be deleted on an annual basis.

Session cookies are automatically deleted by us after your website visit.

Access data and server log files are deleted after one week.

Please note that there is a legal duty to retain certain categories of data under commercial and tax law for a minimum period of six years (Sec. 257 HGB / German Commercial Code) or ten years (Sec. 147 AO / German Fiscal Code).

13. Rights of the data subject

You are not under any legal obligation to provide your personal data.

However, you may be required to provide it in order to conclude a contract in accordance with Art. 6(1b).

The rights of data subjects arise in particular from Arts. 15 to 23 and Art. 77 GDPR and Secs. 32 to 37 German Federal Data Protection Act (BDSG, revised). We would like to draw your attention to the following rights that you have as the data subject:

In relation to your personal data, you have:

  • the right to information
  • the right to have your data corrected
  • the right to have your data erased
  • the right to restrict the processingand
  • the right to portability

You also have

  • the right to object

to the processing of your personal data.

If you have given your consent to the processing of your personal data, you have

  • the right to withdraw

your consent with future effect. Please send any enquiries, requests and messages to us. You can find our contact details above under Point 1.

If you believe that the processing of personal data relating to you infringes data protection legislation, you have

  • the right to complain

at any time to the competent supervisory authority, see Art. 77 GDPR. Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State where you reside, your place of work or the place of the alleged infringement if you believe that the processing of personal data relating to you infringes the GDPR.

The supervisory authority responsible for us is

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Postfach 606
91511 Ansbach