Privacy Policy

1. An overview of data protection

General information

The fol­lowing infor­ma­ti­on will pro­vi­de you with an easy to navi­ga­te over­view of what will hap­pen with your per­so­nal data when you visit this web­site. The term “per­so­nal data” com­pri­ses all data that can be used to per­so­nal­ly iden­ti­fy you. For detail­ed infor­ma­ti­on about the sub­ject mat­ter of data pro­tec­tion, plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on, which we have inclu­ded bene­ath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this web­site is pro­ces­sed by the ope­ra­tor of the web­site, who­se con­ta­ct infor­ma­ti­on is avail­ab­le under sec­tion “Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)” in this Pri­va­cy Policy.

How do we record your data?

We collect your data as a result of your sharing of your data with us. This may, for instance be infor­ma­ti­on you enter into our con­ta­ct form.

Other data shall be recor­ded by our IT sys­tems auto­ma­ti­cal­ly or after you con­sent to its record­ing during your web­site visit. This data com­pri­ses pri­ma­ri­ly tech­ni­cal infor­ma­ti­on (e.g., web brow­ser, ope­ra­ting sys­tem, or time the site was acces­sed). This infor­ma­ti­on is recor­ded auto­ma­ti­cal­ly when you access this website.

What are the purposes we use your data for?

A por­ti­on of the infor­ma­ti­on is gene­ra­ted to gua­ran­tee the error free pro­vi­si­on of the web­site. Other data may be used to ana­ly­ze your user patterns.

What rights do you have as far as your information is concerned?

You have the right to recei­ve infor­ma­ti­on about the source, reci­pi­ents, and pur­po­ses of your archi­ved per­so­nal data at any time without having to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or era­di­ca­ted. If you have con­sen­ted to data pro­ces­sing, you have the opti­on to revo­ke this con­sent at any time, which shall affect all future data pro­ces­sing. Moreo­ver, you have the right to demand that the pro­ces­sing of your data be restric­ted under cer­tain cir­cum­s­tan­ces. Fur­ther­mo­re, you have the right to log a com­p­laint with the com­pe­tent super­vi­sing agency.

Plea­se do not hesi­ta­te to con­ta­ct us at any time if you have ques­ti­ons about this or any other data pro­tec­tion rela­ted issues.

Analysis tools and tools provided by third parties

The­re is a pos­si­bi­li­ty that your brow­sing pat­terns will be sta­tis­ti­cal­ly ana­ly­zed when your visit this web­site. Such ana­ly­ses are per­for­med pri­ma­ri­ly with what we refer to as ana­ly­sis programs.

For detail­ed infor­ma­ti­on about the­se ana­ly­sis pro­grams plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on below.

2. Hosting

External Hosting

This web­site is hos­ted by an exter­nal ser­vice pro­vi­der (host). Per­so­nal data collec­ted on this web­site are stored on the ser­vers of the host. The­se may inclu­de, but are not limi­ted to, IP addres­ses, con­ta­ct requests, meta­da­ta and com­mu­ni­ca­ti­ons, con­tract infor­ma­ti­on, con­ta­ct infor­ma­ti­on, names, web page access, and other data gene­ra­ted through a web site.

The host is used for the pur­po­se of ful­fil­ling the con­tract with our poten­ti­al and exis­ting cus­to­mers (Art. 6(1)(b) GDPR) and in the inte­rest of secu­re, fast, and effi­ci­ent pro­vi­si­on of our online ser­vices by a pro­fes­sio­nal pro­vi­der (Art. 6(1)(f) GDPR). If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent inclu­des the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) wit­hin the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

Our host will only pro­cess your data to the extent necessa­ry to ful­fil its per­for­mance obli­ga­ti­ons and to fol­low our inst­ruc­tions with respect to such data.

We are using the fol­lowing host:

domain­fac­to­ry GmbH
Oskar-Mess­ter-Str. 33
85737 Ismaning

Data processing

We have con­clu­ded a data pro­ces­sing agree­ment (DPA) with the abo­ve-men­tio­ned pro­vi­der. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our inst­ruc­tions and in com­pli­an­ce with the GDPR.

3. General information and mandatory information

Data protection

The ope­ra­tors of this web­site and its pages take the pro­tec­tion of your per­so­nal data very serious­ly. Hence, we hand­le your per­so­nal data as con­fi­den­ti­al infor­ma­ti­on and in com­pli­an­ce with the sta­tu­to­ry data pro­tec­tion regu­la­ti­ons and this Data Pro­tec­tion Declaration.

Whenever you use this web­site, a varie­ty of per­so­nal infor­ma­ti­on will be collec­ted. Per­so­nal data com­pri­ses data that can be used to per­so­nal­ly iden­ti­fy you. This Data Pro­tec­tion Decla­ra­ti­on exp­lains which data we collect as well as the pur­po­ses we use this data for. It also exp­lains how, and for which pur­po­se the infor­ma­ti­on is collected.

We here­with advi­se you that the trans­mis­si­on of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­ti­ons) may be pro­ne to secu­ri­ty gaps. It is not pos­si­ble to com­ple­te­ly pro­tect data against third-par­ty access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­ces­sing con­trol­ler on this web­site is:

AmRhein Immobilien­Management GmbH
Neu­en­hö­fer Allee 49–51
50935 Köln

Pho­ne: +49 (0) 221 95582788
E‑mail: info@amrheinimmobilien.de

The con­trol­ler is the natu­ral per­son or legal enti­ty that sin­gle-han­ded­ly or joint­ly with others makes decisi­ons as to the pur­po­ses of and resour­ces for the pro­ces­sing of per­so­nal data (e.g., names, e‑mail addres­ses, etc.).

Storage duration

Unless a more spe­ci­fic sto­rage peri­od has been spe­ci­fied in this pri­va­cy poli­cy, your per­so­nal data will remain with us until the pur­po­se for which it was collec­ted no lon­ger app­lies. If you assert a jus­ti­fied request for dele­ti­on or revo­ke your con­sent to data pro­ces­sing, your data will be dele­ted, unless we have other legal­ly per­mis­si­ble rea­sons for sto­ring your per­so­nal data (e.g., tax or com­mer­cial law reten­ti­on peri­ods); in the lat­ter case, the dele­ti­on will take place after the­se rea­sons cea­se to apply.

General information on the legal basis for the data processing on this website

If you have con­sen­ted to data pro­ces­sing, we pro­cess your per­so­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cate­go­ries of data are pro­ces­sed accord­ing to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­so­nal data to third coun­tries, the data pro­ces­sing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­ti­on in your end device (e.g., via device fin­ger­prin­ting), the data pro­ces­sing is addi­tio­nal­ly based on § 25 (1) TTDSG. The con­sent can be revo­ked at any time. If your data is requi­red for the ful­fill­ment of a con­tract or for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­mo­re, if your data is requi­red for the ful­fill­ment of a legal obli­ga­ti­on, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­mo­re, the data pro­ces­sing may be car­ri­ed out on the basis of our legi­ti­ma­te inte­rest accord­ing to Art. 6(1)(f) GDPR. Infor­ma­ti­on on the rele­vant legal basis in each indi­vi­du­al case is pro­vi­ded in the fol­lowing para­graphs of this pri­va­cy policy.

Information on data transfer to the USA and other non-EU countries

Among other things, we use tools of com­pa­nies domic­i­led in the United Sta­tes or other from a data pro­tec­tion per­spec­ti­ve non-secu­re non-EU coun­tries. If the­se tools are acti­ve, your per­so­nal data may poten­ti­al­ly be trans­fer­red to the­se non-EU coun­tries and may be pro­ces­sed the­re. We must point out that in the­se coun­tries, a data pro­tec­tion level that is com­pa­ra­ble to that in the EU can­not be gua­ran­te­ed. For instance, U.S. enter­pri­ses are under a man­da­te to release per­so­nal data to the secu­ri­ty agen­ci­es and you as the data sub­ject do not have any liti­ga­ti­on opti­ons to defend yourself in court. Hence, it can­not be ruled out that U.S. agen­ci­es (e.g., the Secret Ser­vice) may pro­cess, ana­ly­ze, and per­ma­nent­ly archi­ve your per­so­nal data for sur­veil­lan­ce pur­po­ses. We have no con­trol over the­se pro­ces­sing activities.

Revocation of your consent to the processing of data

A wide ran­ge of data pro­ces­sing tran­sac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revo­ke at any time any con­sent you have alrea­dy given us. This shall be without pre­ju­di­ce to the law­ful­ness of any data collec­tion that occur­red pri­or to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PRO­CES­SED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PRO­CES­SING OF YOUR PER­SO­NAL DATA BASED ON GROUNDS ARI­SING FROM YOUR UNI­QUE SITUA­TI­ON. THIS ALSO APP­LIES TO ANY PRO­FILING BASED ON THE­SE PRO­VI­SI­ONS. TO DETER­MI­NE THE LEGAL BASIS, ON WHICH ANY PRO­CES­SING OF DATA IS BASED, PLEA­SE CON­SULT THIS DATA PRO­TEC­TION DECLA­RA­TI­ON. IF YOU LOG AN OBJEC­TION, WE WILL NO LON­GER PRO­CESS YOUR AFFEC­TED PER­SO­NAL DATA, UNLESS WE ARE IN A POSI­TI­ON TO PRE­SENT COM­PEL­LING PRO­TEC­TION WORTHY GROUNDS FOR THE PRO­CES­SING OF YOUR DATA, THAT OUT­WEIGH YOUR INTE­RESTS, RIGHTS AND FREE­DOMS OR IF THE PUR­PO­SE OF THE PRO­CES­SING IS THE CLAI­MING, EXER­CIS­ING OR DEFENCE OF LEGAL ENTI­T­LE­MENTS (OBJEC­TION PUR­SUANT TO ART. 21(1) GDPR).

IF YOUR PER­SO­NAL DATA IS BEING PRO­CES­SED IN ORDER TO ENGA­GE IN DIRECT ADVER­TI­SING, YOU HAVE THE RIGHT TO OBJECT TO THE PRO­CES­SING OF YOUR AFFEC­TED PER­SO­NAL DATA FOR THE PUR­PO­SES OF SUCH ADVER­TI­SING AT ANY TIME. THIS ALSO APP­LIES TO PRO­FILING TO THE EXTENT THAT IT IS AFFI­LIA­TED WITH SUCH DIRECT ADVER­TI­SING. IF YOU OBJECT, YOUR PER­SO­NAL DATA WILL SUB­SE­QUENT­LY NO LON­GER BE USED FOR DIRECT ADVER­TI­SING PUR­PO­SES (OBJEC­TION PUR­SUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of vio­la­ti­ons of the GDPR, data sub­jects are enti­t­led to log a com­p­laint with a super­vi­so­ry agen­cy, in par­ti­cu­lar in the mem­ber sta­te whe­re they usual­ly main­tain their domic­i­le, place of work or at the place whe­re the alle­ged vio­la­ti­on occur­red. The right to log a com­p­laint is in effect regard­less of any other admi­nis­tra­ti­ve or court pro­cee­dings avail­ab­le as legal recourses.

Right to data portability

You have the right to demand that we hand over any data we auto­ma­ti­cal­ly pro­cess on the basis of your con­sent or in order to ful­fil a con­tract be han­ded over to you or a third par­ty in a com­mon­ly used, machi­ne read­a­ble for­mat. If you should demand the direct trans­fer of the data to ano­t­her con­trol­ler, this will be done only if it is tech­ni­cal­ly feasible.

Information about, rectification and eradication of data

Wit­hin the scope of the app­li­ca­ble sta­tu­to­ry pro­vi­si­ons, you have the right to at any time demand infor­ma­ti­on about your archi­ved per­so­nal data, their source and reci­pi­ents as well as the pur­po­se of the pro­ces­sing of your data. You may also have a right to have your data rec­ti­fied or era­di­ca­ted. If you have ques­ti­ons about this sub­ject mat­ter or any other ques­ti­ons about per­so­nal data, plea­se do not hesi­ta­te to con­ta­ct us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­ti­on of restric­tions as far as the pro­ces­sing of your per­so­nal data is con­cer­ned. To do so, you may con­ta­ct us at any time. The right to demand restric­tion of pro­ces­sing app­lies in the fol­lowing cases:

  • In the event that you should dis­pu­te the cor­rect­ness of your data archi­ved by us, we will usual­ly need some time to veri­fy this claim. During the time that this inves­ti­ga­ti­on is ongo­ing, you have the right to demand that we restrict the pro­ces­sing of your per­so­nal data.
  • If the pro­ces­sing of your per­so­nal data was/is con­duc­ted in an unlaw­ful man­ner, you have the opti­on to demand the restric­tion of the pro­ces­sing of your data in lieu of deman­ding the era­di­ca­ti­on of this data.
  • If we do not need your per­so­nal data any lon­ger and you need it to exer­cise, defend or claim legal enti­t­le­ments, you have the right to demand the restric­tion of the pro­ces­sing of your per­so­nal data ins­tead of its eradication.
  • If you have rai­sed an objec­tion pur­suant to Art. 21(1) GDPR, your rights and our rights will have to be weig­hed against each other. As long as it has not been deter­mi­ned who­se inte­rests pre­vail, you have the right to demand a restric­tion of the pro­ces­sing of your per­so­nal data.

If you have restric­ted the pro­ces­sing of your per­so­nal data, the­se data – with the excep­ti­on of their archi­ving – may be pro­ces­sed only sub­ject to your con­sent or to claim, exer­cise or defend legal enti­t­le­ments or to pro­tect the rights of other natu­ral per­sons or legal enti­ties or for important public inte­rest rea­sons cited by the Euro­pean Uni­on or a mem­ber sta­te of the EU.

SSL and/or TLS encryption

For secu­ri­ty rea­sons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as purcha­se orders or inqui­ries you sub­mit to us as the web­site ope­ra­tor, this web­site uses eit­her an SSL or a TLS encryp­ti­on pro­gram. You can reco­gni­ze an encryp­ted con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearan­ce of the lock icon in the brow­ser line.

If the SSL or TLS encryp­ti­on is acti­va­ted, data you trans­mit to us can­not be read by third parties.

Rejection of unsolicited e‑mails

We here­with object to the use of con­ta­ct infor­ma­ti­on publis­hed in con­junc­tion with the man­da­to­ry infor­ma­ti­on to be pro­vi­ded in our Site Noti­ce to send us pro­mo­tio­nal and infor­ma­ti­on mate­ri­al that we have not express­ly reques­ted. The ope­ra­tors of this web­site and its pages reser­ve the express right to take legal action in the event of the unso­li­ci­ted sen­ding of pro­mo­tio­nal infor­ma­ti­on, for instance via SPAM messages.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the indus­try refers to as “coo­kies.” Coo­kies are small text files that do not cau­se any dama­ge to your device. They are eit­her stored tem­pora­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or they are per­ma­nent­ly archi­ved on your device (per­ma­nent coo­kies). Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted once you ter­mi­na­te your visit. Per­ma­nent coo­kies remain archi­ved on your device until you actively dele­te them, or they are auto­ma­ti­cal­ly era­di­ca­ted by your web browser.

In some cases, it is pos­si­ble that third-par­ty coo­kies are stored on your device once you enter our site (third-par­ty coo­kies). The­se coo­kies enab­le you or us to take advan­ta­ge of cer­tain ser­vices offe­red by the third par­ty (e.g., coo­kies for the pro­ces­sing of pay­ment services).

Coo­kies have a varie­ty of func­tions. Many coo­kies are tech­ni­cal­ly essen­ti­al sin­ce cer­tain web­site func­tions would not work in the absence of the coo­kies (e.g., the shop­ping cart func­tion or the dis­play of vide­os). The pur­po­se of other coo­kies may be the ana­ly­sis of user pat­terns or the dis­play of pro­mo­tio­nal messages.

Coo­kies, which are requi­red for the per­for­mance of elec­tro­nic com­mu­ni­ca­ti­on tran­sac­tions, or for the pro­vi­si­on of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or tho­se that are necessa­ry for the opti­miz­a­ti­on (requi­red coo­kies) of the web­site (e.g., coo­kies that pro­vi­de mea­sura­ble insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fe­rent legal basis is cited. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the sto­rage of requi­red coo­kies to ensu­re the tech­ni­cal­ly error free and opti­mi­zed pro­vi­si­on of the operator’s ser­vices. If your con­sent to the sto­rage of the coo­kies and simi­lar reco­gni­ti­on tech­no­lo­gies has been reques­ted, pro­ces­sing occurs exclu­si­ve­ly on the basis of the con­sent obtai­ned (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this con­sent may be revo­ked at any time.

You have the opti­on to set up your brow­ser in such a man­ner that you will be noti­fied any time coo­kies are pla­ced and to per­mit the accep­t­ance of coo­kies only in spe­ci­fic cases. You may also exclu­de the accep­t­ance of coo­kies in cer­tain cases or in gene­ral or acti­va­te the dele­te func­tion for the auto­ma­tic era­di­ca­ti­on of coo­kies when the brow­ser clo­ses. If coo­kies are deac­ti­va­ted, the func­tions of this web­site may be limited.

In the event that third-par­ty coo­kies are used or if coo­kies are used for ana­ly­ti­cal pur­po­ses, we will sepa­r­ate­ly noti­fy you in con­junc­tion with this Data Pro­tec­tion Poli­cy and, if app­li­ca­ble, ask for your consent.

Consent with Borlabs Cookie

Our web­site uses the Borlabs con­sent tech­no­lo­gy to obtain your con­sent to the sto­rage of cer­tain coo­kies in your brow­ser or for the use of cer­tain tech­no­lo­gies and for their data pri­va­cy pro­tec­tion com­pli­ant docu­men­ta­ti­on. The pro­vi­der of this tech­no­lo­gy is Borlabs GmbH, Rüben­kamp 32, 22305 Ham­burg, Ger­ma­ny (her­ein­af­ter refer­red to as Borlabs).

Whenever you visit our web­site, a Borlabs coo­kie will be stored in your brow­ser, which archi­ves any decla­ra­ti­ons or revo­ca­ti­ons of con­sent you have ent­e­red. The­se data are not shared with the pro­vi­der of the Borlabs technology.

The recor­ded data shall remain archi­ved until you ask us to era­di­ca­te them, dele­te the Borlabs coo­kie on your own or the pur­po­se of sto­ring the data no lon­ger exists. This shall be without pre­ju­di­ce to any reten­ti­on obli­ga­ti­ons man­da­ted by law. To review the details of Borlabs’ data pro­ces­sing poli­ci­es, plea­se visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs coo­kie con­sent tech­no­lo­gy to obtain the decla­ra­ti­ons of con­sent man­da­ted by law for the use of coo­kies. The legal basis for the use of such coo­kies is Art. 6(1)© GDPR.

5. Analysis tools and advertising

Google Tag Manager

We use the Goog­le Tag Mana­ger. The pro­vi­der is Goog­le Ire­land Limi­ted, Gor­don House, Bar­row Street, Dub­lin 4, Ireland

The Goog­le Tag Mana­ger is a tool that allows us to inte­gra­te tracking or sta­tis­ti­cal tools and other tech­no­lo­gies on our web­site. The Goog­le Tag Mana­ger its­elf does not crea­te any user pro­files, does not store coo­kies, and does not car­ry out any inde­pen­dent ana­ly­ses. It only mana­ges and runs the tools inte­gra­ted via it. Howe­ver, the Goog­le Tag Mana­ger does collect your IP address, which may also be trans­fer­red to Google’s parent com­pa­ny in the United States.

The Goog­le Tag Mana­ger is used on the basis of Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the quick and uncom­pli­ca­ted inte­gra­ti­on and admi­nis­tra­ti­on of various tools on his web­site. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent inclu­des the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) wit­hin the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

Google Analytics

This web­site uses func­tions of the web ana­ly­sis ser­vice Goog­le Ana­ly­tics. The pro­vi­der of this ser­vice is Goog­le Ire­land Limi­ted (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ireland.

Goog­le Ana­ly­tics enab­les the web­site ope­ra­tor to ana­ly­ze the beha­vi­or pat­terns of web­site visi­tors. To that end, the web­site ope­ra­tor recei­ves a varie­ty of user data, such as pages acces­sed, time spent on the page, the uti­li­zed ope­ra­ting sys­tem and the user’s ori­gin. This data is assi­gned to the respec­ti­ve end device of the user. An assign­ment to a user-ID does not take place.

Fur­ther­mo­re, Goog­le Ana­ly­tics allows us to record your mou­se and scroll move­ments and clicks, among other things. Goog­le Ana­ly­tics uses various mode­ling approa­ches to aug­ment the collec­ted data sets and uses machi­ne lear­ning tech­no­lo­gies in data analysis.

Goog­le Ana­ly­tics uses tech­no­lo­gies that make the reco­gni­ti­on of the user for the pur­po­se of ana­ly­zing the user beha­vi­or pat­terns (e.g., coo­kies or device fin­ger­prin­ting). The web­site use infor­ma­ti­on recor­ded by Goog­le is, as a rule trans­fer­red to a Goog­le ser­ver in the United Sta­tes, whe­re it is stored.

The use of the­se ser­vices occurs on the basis of your con­sent pur­suant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revo­ke your con­sent at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser plug-in

You can pre­vent the record­ing and pro­ces­sing of your data by Goog­le by down­loading and instal­ling the brow­ser plugin avail­ab­le under the fol­lowing link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­ti­on about the hand­ling of user data by Goog­le Ana­ly­tics, plea­se con­sult Google’s Data Pri­va­cy Decla­ra­ti­on at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have exe­cu­t­ed a con­tract data pro­ces­sing agree­ment with Goog­le and are imple­men­ting the strin­gent pro­vi­si­ons of the Ger­man data pro­tec­tion agen­ci­es to the ful­lest when using Goog­le Analytics.

6. Newsletter

Newsletter data

If you would like to sub­scri­be to the news­let­ter offe­red on this web­site, we will need from you an e‑mail address as well as infor­ma­ti­on that allow us to veri­fy that you are the owner of the e‑mail address pro­vi­ded and con­sent to the rece­i­pt of the news­let­ter. No fur­ther data shall be collec­ted or shall be collec­ted only on a vol­un­ta­ry basis. We shall use such data only for the sen­ding of the reques­ted infor­ma­ti­on and shall not share such data with any third parties.

The pro­ces­sing of the infor­ma­ti­on ent­e­red into the news­let­ter sub­scrip­ti­on form shall occur exclu­si­ve­ly on the basis of your con­sent (Art. 6(1)(a) GDPR). You may revo­ke the con­sent you have given to the archi­ving of data, the e‑mail address, and the use of this infor­ma­ti­on for the sen­ding of the news­let­ter at any time, for instance by cli­cking on the “Unsub­scri­be” link in the news­let­ter. This shall be without pre­ju­di­ce to the law­ful­ness of any data pro­ces­sing tran­sac­tions that have taken place to date.

The data depo­si­ted with us for the pur­po­se of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scri­be from the news­let­ter or the news­let­ter ser­vice pro­vi­der and dele­ted from the news­let­ter dis­tri­bu­ti­on list after you unsub­scri­be from the news­let­ter or after the pur­po­se has cea­sed to app­ly. We reser­ve the right to dele­te or block e‑mail addres­ses from our news­let­ter dis­tri­bu­ti­on list at our own dis­cre­ti­on wit­hin the scope of our legi­ti­ma­te inte­rest in accordance with Art. 6(1)(f) GDPR.

Data stored for other pur­po­ses with us remain unaffected.

After you unsub­scri­be from the news­let­ter dis­tri­bu­ti­on list, your e‑mail address may be stored by us or the news­let­ter ser­vice pro­vi­der in a black­list, if such action is necessa­ry to pre­vent future mai­lings. The data from the black­list is used only for this pur­po­se and not mer­ged with other data. This ser­ves both your inte­rest and our inte­rest in com­ply­ing with the legal requi­re­ments when sen­ding news­let­ters (legi­ti­ma­te inte­rest wit­hin the mea­ning of Art. 6(1)(f) GDPR). The sto­rage in the black­list is inde­fi­ni­te. You may object to the sto­rage if your inte­rests out­weigh our legi­ti­ma­te interest.

7. Plug-ins and Tools

Google Web Fonts (local embedding)

This web­site uses so-cal­led Web Fonts pro­vi­ded by Goog­le to ensu­re the uni­form use of fonts on this site. The­se Goog­le fonts are local­ly instal­led so that a con­nec­tion to Google’s ser­vers will not be estab­lis­hed in con­junc­tion with this application.

For more infor­ma­ti­on on Goog­le Web Fonts, plea­se fol­low this link: https://developers.google.com/fonts/faq and con­sult Google’s Data Pri­va­cy Decla­ra­ti­on under: https://policies.google.com/privacy?hl=en.

Google Maps

This web­site uses the map­ping ser­vice Goog­le Maps. The pro­vi­der is Goog­le Ire­land Limi­ted (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ireland.

To enab­le the use of the Goog­le Maps fea­tures, your IP address must be stored. As a rule, this infor­ma­ti­on is trans­fer­red to one of Google’s ser­vers in the United Sta­tes, whe­re it is archi­ved. The ope­ra­tor of this web­site has no con­trol over the data trans­fer. In case Goog­le Maps has been acti­va­ted, Goog­le has the opti­on to use Goog­le web fonts for the pur­po­se of the uni­form depic­tion of fonts. When you access Goog­le Maps, your brow­ser will load the requi­red web fonts into your brow­ser cache, to cor­rect­ly dis­play text and fonts.

We use Goog­le Maps to pre­sent our online con­tent in an appe­aling man­ner and to make the loca­ti­ons dis­c­lo­sed on our web­site easy to find. This con­sti­tu­tes a legi­ti­ma­te inte­rest as defi­ned in Art. 6(1)(f) GDPR. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent inclu­des the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) wit­hin the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more infor­ma­ti­on on the hand­ling of user data, plea­se review Google’s Data Pri­va­cy Decla­ra­ti­on under: https://policies.google.com/privacy?hl=en.

Wordfence

We have inclu­ded Wor­d­fence on this web­site. The pro­vi­der is Defi­ant Inc, Defi­ant, Inc, 800 5th Ave Ste 4100, Seat­tle, WA 98104, USA (her­ein­af­ter “Wor­d­fence”).

Wor­d­fence is desi­gned to pro­tect our web­site from unwan­ted access or mali­cious cyber­at­tacks. To accom­plish this, our web­site estab­lis­hes a per­ma­nent con­nec­tion with Wordfence’s ser­vers, which check and block their data­ba­ses against access to our website.

The use of Wor­d­fence is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the most effec­ti­ve pro­tec­tion of his web­site against cyber­at­tacks. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent inclu­des the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) wit­hin the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

Data trans­mis­si­on to the USA is based on the stan­dard con­trac­tu­al clau­ses of the EU Com­mis­si­on. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

iThemes Security

We have inte­gra­ted iThe­mes Secu­ri­ty into this web­site. The pro­vi­der is iThe­mes Media LLC, 1720 South Kel­ly Ave­nue Edmond, OK 73013, USA (her­ein­af­ter refer­red to as “iThe­mes Security”).

iThe­mes Secu­ri­ty pro­tects our web­site against unde­s­i­ra­ble access or mali­cious cyber-attacks. For this pur­po­se, iThe­mes Secu­ri­ty records, among other things, your IP address, the time, and source of log­in attempts and log files (e.g., the uti­li­zed brow­ser). iThe­mes Secu­ri­ty is instal­led local­ly on our servers.

iThe­mes Secu­ri­ty trans­mits IP addres­ses of recur­ring atta­ckers to a cen­tral data­ba­se of iThe­mes in the US (Net­work Bru­te For­ce Pro­tec­tion) to pre­vent such attacks in the future.

The use of iThe­mes Secu­ri­ty is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in pro­tec­ting its web­site opti­mal­ly against cyber-attacks. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent inclu­des the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) wit­hin the mea­ning of the TTDSG. This con­sent can be revo­ked at any time.

8. Custom Services

Handling applicant data

We offer web­site visi­tors the oppor­tu­ni­ty to sub­mit job app­li­ca­ti­ons to us (e.g., via e‑mail, via pos­tal ser­vices on by sub­mit­ting the online job app­li­ca­ti­on form). Below, we will brief you on the scope, pur­po­se and use of the per­so­nal data collec­ted from you in con­junc­tion with the app­li­ca­ti­on pro­cess. We assu­re you that the collec­tion, pro­ces­sing, and use of your data will occur in com­pli­an­ce with the app­li­ca­ble data pri­va­cy rights and all other sta­tu­to­ry pro­vi­si­ons and that your data will always be trea­ted as strict­ly confidential.

Scope and purpose of the collection of data

If you sub­mit a job app­li­ca­ti­on to us, we will pro­cess any affi­lia­ted per­so­nal data (e.g., con­ta­ct and com­mu­ni­ca­ti­ons data, app­li­ca­ti­on docu­ments, notes taken during job inter­views, etc.), if they are requi­red to make a decisi­on con­cer­ning the estab­lish­ment or an employ­ment rela­ti­ons­hip. The legal grounds for the afo­re­men­tio­ned are § 26 BDSG accord­ing to Ger­man Law (Nego­tia­ti­on of an Employ­ment Rela­ti­ons­hip), Art. 6(1)(b) GDPR (Gene­ral Con­tract Nego­tia­ti­ons) and – pro­vi­ded you have given us your con­sent – Art. 6(1)(a) GDPR. You may revo­ke any con­sent given at any time. Wit­hin our com­pa­ny, your per­so­nal data will only be shared with indi­vi­du­als who are invol­ved in the pro­ces­sing of your job application.

If your job app­li­ca­ti­on should result in your recruit­ment, the data you have sub­mit­ted will be archi­ved on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the pur­po­se of imple­men­ting the employ­ment rela­ti­ons­hip in our data pro­ces­sing system.

Data Archiving Period

If we are unab­le to make you a job offer or you reject a job offer or with­draw your app­li­ca­ti­on, we reser­ve the right to retain the data you have sub­mit­ted on the basis of our legi­ti­ma­te inte­rests (Art. 6(1)(f) GDPR) for up to 6 mon­ths from the end of the app­li­ca­ti­on pro­ce­du­re (rejec­tion or with­dra­wal of the app­li­ca­ti­on). After­wards the data will be dele­ted, and the phy­si­cal app­li­ca­ti­on docu­ments will be des­troy­ed. The sto­rage ser­ves in par­ti­cu­lar as evi­dence in the event of a legal dis­pu­te. If it is evi­dent that the data will be requi­red after the expi­ry of the 6‑month peri­od (e.g., due to an impen­ding or pen­ding legal dis­pu­te), dele­ti­on will only take place when the pur­po­se for fur­ther sto­rage no lon­ger applies.

Lon­ger sto­rage may also take place if you have given your agree­ment (Arti­cle 6(1)(a) GDPR) or if sta­tu­to­ry data reten­ti­on requi­re­ments pre­clu­de the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our app­li­cant pool. In case of admis­si­on, all docu­ments and infor­ma­ti­on from the app­li­ca­ti­on will be trans­fer­red to the app­li­cant pool in order to con­ta­ct you in case of sui­ta­ble vacancies.

Admis­si­on to the app­li­cant pool is based exclu­si­ve­ly on your express agree­ment (Art. 6(1)(a) GDPR). The sub­mis­si­on agree­ment is vol­un­ta­ry and has no rela­ti­on to the ongo­ing app­li­ca­ti­on pro­ce­du­re. The affec­ted per­son can revo­ke his agree­ment at any time. In this case, the data from the app­li­cant pool will be irre­vo­ca­b­ly dele­ted, pro­vi­ded the­re are no legal rea­sons for storage.

The data from the app­li­cant pool will be irre­vo­ca­b­ly dele­ted no later than two years after con­sent has been granted.