fbpx

Privacy policy

General information

The following notices provide a simple overview of how personal data is processed when you visit our website. Personal data is any data that can be used to identify you personally. For detailed information on the subject about data protection, please refer to the data protection notes listed in the following text.

Of course, the protection of your personal data, as well as fair and transparent data processing, are important to us. In the following, we provide you with the information according to Art. 13 and 14 GDPR that you need to review and exercise your rights regarding data protection. As the website operator, we are the responsible party within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR) for this website and the associated data processing.

Comprehensive information about our organization can be found in the imprint.

The following data protection information is divided into the following sections:

I. Information about the responsible person

II. Data processing on our website

III. Data processing within the scope of our business performance

IV. Data subject rights

Cookie Einstellungen ändern

I. Details of the person responsible

Person responsible for data collection:

PRIMUS Immobilien AG
Oranienburger Street 3
10178 Berlin-Mitte
E-mail: info@primusimmobilien.de

Telephone: +49 (0) 30 880 358 0

Data Protection Officer:

GFAD Data Protection GmbH
Data Protection Officer
Huttenstrasse 34/35
10553 Berlin
E-mail: datenschutz@gfad.de

Phone: +49 (0)30 269 111-1

II. Data processing on our website

Data security on our website

To ensure the security of our website, we use a valid state-of-the-art SSL certificate. A website encrypted with SSL transmits personal data to the server in an encrypted form so that it is impossible for third parties to intercept or read it. A certificate verifies our identity. Depending on your browser, you can recognize that a secure connection exists by the display of a lock symbol. By clicking on the lock symbol, you can view our online proof of identity. By encrypting the transmission, you can assume that your entered data is sufficiently protected against unauthorized access during transmission according to the state of the art.

Protection of minors

Our offer is basically directed at adults. Persons under the age of 18 may not transmit any personal data to us without the consent of their parents or legal guardians.

Hosting

The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer.

In doing so, we, or our hosting service provider on our behalf, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f GDPR. The data processing of our hosting service provider is carried out within the framework of a contract processing agreement in accordance with Art. 28 GDPR.

Provision of the website and log files

The entry of personal data is not necessary for the purely informational use, i.e., if you do not otherwise transmit information to us, of our website.

Nevertheless, every time our website is called up, personal data that your browser transmits to our server is automatically collected in addition to information from the system of the calling computer or end device of the user. The following data, which is technically necessary for us to display our website to you, is collected by us in this context:

  • Information about the browser type and the version used.
  • The IP address of the user
  • The operating system of the user’s terminal device
  • Date and time of access
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • The previous website from which the user accessed our website
  • Operating system and its interface
  • Language and version of the browser software

The legal basis for the temporary storage of this data in so-called log files are our legitimate interests as the responsible website operator according to Art. 6 para. 1 lit. f. GDPR, to ensure the technical presentation and stability and security of the website.

The temporary storage of the user’s IP address by our system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must necessarily remain stored for the duration of the session. The storage of the above-mentioned data in the log files is done to ensure the functionality of our website. In addition, we use this data to optimize the website and to ensure the security of our information technology systems (e.g., attack detection). An evaluation of the data for marketing purposes does not take place in this context. The above-mentioned data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after 14 days at the latest. Storage beyond this is possible if there are indications of an illegal attack on our systems.

Cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the body that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer more user-friendly and effective. The legal basis for the use of cookies is our legitimate interest pursuant to Art. 6 para. 1 lit. f. GDPR, to design and optimize our website in a user-friendly way.

This website uses the following types of cookies, the scope and functionality of which are explained below:

Transient cookies

These cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. These cookies are technically necessary for the optimization and presentation of the website. Session cookies are deleted when you log out or close the browser.

Persistent cookies

These cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time. For the storage of the language setting, we use cookies that are technically necessary due to our legitimate interests pursuant to Art. 6 (1) lit. f GDPR to optimize the user-friendliness of our website. The cookie expires automatically after one year.

Flash cookies

The Flash cookies used are not collected by your browser, but by your Flash plug-in. Furthermore, we use HTML5 storage objects that are stored on your terminal device. These objects store the required data independently of the browser you are using and have no automatic expiration date. If you do not want Flash cookies to be processed, you must install an appropriate add-on, such as “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using private mode in your browser. In addition, we recommend that you manually delete your cookies and browser history on a regular basis.

Third-party cookies

For the further development and improvement of our online offer (reach measurement, website analysis, website optimization, marketing), we use third-party services that also use cookies on the legal basis of our legitimate interests pursuant to Art. 6 (1) lit. f GDPR. Further information on the third-party services we use on our website can be found listed separately below as part of our privacy policy. If user consent is obtained, the processing is carried out on the legal basis pursuant to Art. 6 (1) lit. a GDPR.

Prevention of cookies

You can configure your browser setting according to your preferences and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may then not be able to use all functions of this website.

Borlabs cookie

This website uses the consent management tool Borlabs Cookie, a service of Borlabs, Rübenkamp 32, 22305 Hamburg, Germany, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents, due to legitimate interests to obtain and manage consents according to Art. 6 (1) lit. f GDPR.

The cookie borlabs-cookie stores your consents that you have given when entering the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Website analysis

For purposes of analysing and optimizing our websites, we use various services, which are outlined below. For example, we can analyse how many users visit our site, what information is most in demand, or how users find the offer. Among other things, we collect data on which website a data subject came to a website from (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The data collected is not used to identify individual users personally. Only pseudonymous data is collected. The legal basis for this is Art. 6 para. 1 f GDPR. We understand the optimization of our website as a legitimate interest, your fundamental rights and freedoms do not outweigh our interest, as we inform you comprehensively about the data collection in our privacy policy and you have the option of an opt-out (via link or browser settings) at any time. In addition, we only use pseudonymous tracking.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc, (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) The use includes the Universal Analytics mode of operation. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyse a user’s activities across devices.

Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics is Art. 6 para. 1 f GDPR. The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month. For more information on terms of use and data protection, please visit www.google.com/analytics/terms/de.html  or www.policies.google.com.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the tools.google.com/dlpage/gaoptout. Opt-out cookies prevent the future collection of your data when visiting this website. To prevent collection by Universal Analytics across devices, you must opt-out on all systems used. If you click here, the opt-out cookie will be set:

Google Analytics deaktivieren

For Google services within the EEA and Switzerland, as of January 22, 2019, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is the provider of the service and the responsible data controller under data protection law “Data Controller”. For the provision of the service, it may be necessary that the information generated by the cookie about the use of this website is transmitted to and stored by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA on a server in the USA. The USA is assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards. There is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy.

 

Data protection and data security in Google Analytics

For data transfers to third countries, the EU standard contractual clauses have been agreed with Google. The EU standard contractual clauses represent a guarantee of an adequate EU level of data protection in accordance with Art. 46 GDPR. As additional protective measures, the IP anonymization function is activated.

Insofar as the Google Analytics service is only activated by the consent of the user, the processing is carried out in accordance with the consent given pursuant to Art. 6 (1) lit. a GDPR and for the transfer of data to the USA pursuant to Art. 49 (1) p. 1 lit. a GDPR. The USA is assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards. In particular, there is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy. Consent given can be revoked at any time with effect for the future through appropriate cookie settings.

In addition, Google Analytics and Google Analytics 360 have been certified in accordance with the independent security standard ISO 27001. ISO 27001 is one of the most widely recognized standards in the world. The certification applies to the systems provided via Google Analytics and Google Analytics 360.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will process this information for the purpose of evaluating your use of the website statistically, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google. The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addition, the IP address of the Internet connection of the data subject is shortened and anonymized by Google if access to our Internet pages is from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

Browser Add-on

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on available at the following link to disable Google Analytics: https://tools.google.com/dlpage/gaoptout .

Objection to data collection

If you do not want your website activity to be available to Google Analytics, you can install the browser add-on to disable Google Analytics via the following link https://tools.google.com/dlpage/gaoptout . An opt-out cookie will be set that will prevent the collection of your data during future visits to this website by the Java Script executed on websites (gtag.js, ga.js, analytics.js and dc.js) from sharing activity data with Google Analytics. You may also refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

For more information on how Google Analytics handles user data, please refer to Google’s privacy policy: https://support.google.com/analytics/answer/6004245 .

Cookies for marketing purposes

We use cookies for marketing purposes to target our users with interest-based advertising. In addition, we use the cookies to limit the likelihood of an ad being played and to measure the effectiveness of our advertising efforts. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6 para. 1 f GDPR. For the purposes pursued with the data processing, there is the legitimate interest of direct marketing. You have the right to object to the processing of your data for the purpose of such advertising at any time. For this purpose, we provide you with opt-out options of the respective services below. Alternatively, you can prevent the setting of cookies in your browser settings. Insofar as these services are only activated by user consent, the processing is carried out in accordance with Art. 6 (1) lit. a GDPR. Consent given can be revoked at any time with effect for the future through appropriate cookie settings.

Double Click

We also use DoubleClick, a service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, “Google”) or Google Ireland Limited. DoubleClick uses cookies to serve user-based ads to protect our legitimate interests pursuant to Art. 6 para.1 lit. f GDPR. The cookies recognize which ad has already been placed in your browser and whether you have accessed a website via a placed ad. In doing so, the cookies do not collect any personal information and cannot be associated with such. If the Double click service is only activated by the user’s consent, the processing is carried out in accordance with the consent given pursuant to Art. 6 para. 1 lit. a GDPR and for data transfer to the USA pursuant to Art. 49 para. 1 p. 1 lit. a GDPR.

Consent given can be revoked at any time with effect for the future by making the appropriate cookie settings.

For Google services within the EEA and Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland has been the provider of the service and the responsible “data controller” under data protection law since 22.01.2019. For the provision of the service, it may be necessary that the information generated by the cookie about the use of this website is transmitted to and stored by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA in the USA. The EU standard contractual clauses have been agreed with Google for the transfer of data to third countries. The EU standard contractual clauses represent a guarantee for an adequate EU level of data protection in accordance with Art. 46 GDPR. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy.

If you do not want this, you can prevent the storage of the cookie required for these technologies, for example, via the settings of your browser. In this case, your visit will not be included in the user statistics. You also have the option of selecting the types of Google ads or deactivating interest-based ads on Google via the ad settings. Alternatively, you can disable the use of cookies by third parties by accessing the Network Advertising Initiative’s deactivation guide. However, we and Google still receive statistical information about how many users have visited this site and when. If you do not want to be included in these statistics either, you can prevent this by using additional programs for your browser (for example, the Ghostery add-on).

Facebook Custom Audiences

As part of usage-based online advertising, the Custom Audiences product from Facebook (Facebook Custom Audiences1601 S. California Avenue, Palo Alto, CA, 94304, USA) is also used on the website. Basically, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which can be transmitted to Facebook for analysis and marketing purposes. A Facebook cookie is set in the process. Information about your activities on the website (e.g. surfing behavior, subpages visited, etc.) is collected. Your IP address is stored and used for the geographic targeting of advertising.

Within our online offer, the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used due to our legitimate interests pursuant to Art. 6 (1) lit. f GDPR in the analysis, optimization and economic operation of our online offer and for these purposes. If this service is only activated by the user’s consent, the processing is carried out in accordance with the consent given pursuant to Art. 6 para. 1 lit. a GDPR and for data transfer to the USA pursuant to Art. 49 para. 1 sentence 1 lit. a GDPR. For data transfers to third countries, the EU standard contractual clauses have been agreed with Facebook. The EU standard contractual clauses constitute a guarantee for an adequate EU level of data protection pursuant to Art. 46 GDPR. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy.

With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).

For more information about the purpose and scope of data collection and the further processing and use of the data, as well as privacy settings, please refer to Facebook’s privacy policy at https://www.facebook.com/policy.php.  Specific information and details about the Facebook Pixel and how it works can be found in Facebook’s help section: https://www.facebook.com/business/help/651294705016616 .

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To set which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads . The settings are done in a platform-independent manner, which means that they are applied to all devices, such as desktop computers or mobile devices.

You can further object to the use of cookies that are used for reach measurement and advertising purposes via the Network Advertising Initiative opt-out page (http://optout.networkadvertising.org/)  and additionally the US website (http://www.aboutads.info/choices)  or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/) .

Facebook Connect

We offer you the opportunity to sign up for our service using Facebook Connect. To register, you will be redirected to the Facebook page, where you can log in with your usage data. This will link your Facebook profile and our service. Through the link, we automatically receive information from Facebook Inc. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. We offer this registration option based on our legitimate interests in a user-friendly registration option pursuant to Art. 6 (1) lit. f GDPR.

If you decide to register with Facebook Connect and click on the “Login with Facebook” / “Connect with Facebook” button, you will automatically be redirected to the Facebook platform. There you can log in with your usage data. This links your Facebook profile to our website or services. Through this link, we gain access to your data deposited with Facebook. These are mainly:

  • Facebook name
  • Facebook profile and title picture
  • Facebook cover picture
  • e-mail address deposited with Facebook
  • With the help of the Facebook Pixel, it is possible for Facebook, on the one hand, to track Facebook ID
  • Facebook friends lists
  • Facebook Likes (“Like”-statements)
  • Birthday
  • Gender
  • Country
  • Language
  • This data is used to set up, provide and personalize your account.

To do this, Facebook uses cookies to validate your account and to determine when you are logged in so that we can make it easier for you to access Facebook products and provide you with the appropriate experience and features. For more information, please see the Facebook Terms of Use and Facebook Privacy Policy. These can be found at: https://de-de.facebook.com/about/privacy/  and https://www.facebook.com/legal/terms.  

For data transfers to third countries, the EU standard contractual clauses have been agreed with Facebook. The EU standard contractual clauses represent a guarantee of an adequate EU level of data protection in accordance with Art. 46 GDPR. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy.

Insofar as the Facebook connect service is only activated by the user’s consent, the processing is carried out in accordance with the consent given pursuant to Art. 6 (1) lit. a GDPR and, for the transfer of data to the USA, in accordance with Art. 49 (1) sentence 1 lit. a GDPR. Consent given can be revoked at any time with effect for the future by making the appropriate cookie settings.

LinkedIn Analytics and LinkedIn Ads

We use the conversion tracking technology and the retargeting function of LinkedIn Corporation Inc, Sunnyvale, California, USA on our website based on our legitimate interests to play out personalized advertisements in accordance with Art. 6 para. 1 lit. f GDPR. Insofar as the service is activated by the consent of the user, the processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR. Consent given can be revoked with effect for the future through appropriate cookie settings.

For the provision of the service in the EEA, the data controller is LinkedIn Ireland Unlimited Company. Nevertheless, data is transferred to the USA for the provision of the service. For this purpose, the EU standard contractual clauses, which constitute a guarantee of an adequate EU level of data protection in accordance with Art. 46 GDPR, are contractually agreed. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by U.S. authorities, for control and for monitoring purposes, possibly also without any legal remedy.

Insofar as this service is activated by Linkedin only through the consent of the user, the processing is carried out in accordance with the consent given pursuant to Art. 6 (1) lit. a GDPR and for the data transfer to the USA pursuant to Art. 49 (1) p. 1 lit. a GDPR. Consent given can be revoked at any time with effect for the future through corresponding cookie settings.

With the help of the Facebook Pixel, Facebook is able to, on the one hand, LinkedIn relies on standard contractual clauses approved by the European Commission as a legal instrument for data transfers from the European Union. As explained in the EU Data Protection FAQ document, these clauses are contractual obligations that require companies to protect privacy and data security when transferring personal data (e.g., between LinkedIn Ireland Unlimited Company or its customers and LinkedIn Corporation). LinkedIn companies follow standard contractual clauses to ensure that the data flows necessary to provide, maintain, and develop our services are legally secure.

Using this technology, personalized ads can be served to visitors of this website on LinkedIn. Furthermore, the possibility arises to generate anonymous reports on the performance of the advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight tag is embedded on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.

In the privacy policy of LinkedIn at https://www.linkedin.com/legal/privacy-policy you will find more information on data collection and data use, as well as the options and rights to protect your privacy. If you are logged in to LinkedIn, you can deactivate the data collection at any time using the following link: https://www.linkedin.com/psettings/enhanced-advertising.

Google Maps

To make it easier for you to find the location of our organization, we have integrated map material from the Google Maps service of Google LLC into our website via an API for the visual display of geographical information in interactive maps on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. In order to display the content in your browser, Google must receive your IP address, otherwise Google would not be able to show you this embedded content. Google obtains this via an interface (API) and / or via cookies that are set by Google. In addition, the use of Google maps, to our knowledge, the following additional data to Google LLC. Transmitted:   

  • Date and time of the visit to the website in question,
  • Internet address or URL of the website accessed,
  • IP address

For Google services within the EEA and Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland has been the responsible “data controller” since 22.01.2019. The data is thus processed on servers within the EEA. Nevertheless, it may be necessary for the provision of the service that data is transmitted to the parent company Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA”.

For data transfers to third countries, the EU standard contractual clauses have been agreed with Google. The EU standard contractual clauses represent a guarantee for an adequate EU level of data protection in accordance with Art. 46 GDPR. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities, for control and for monitoring purposes, possibly also without any legal remedy.

Insofar as the Google maps service is only activated by the user’s consent, the processing is carried out in accordance with the consent given pursuant to Art. 6 (1) lit. a GDPR and, for the transfer of data to the USA, in accordance with Art. 49 (1) sentence 1 lit. a GDPR. Consent given can be revoked at any time with effect for the future through corresponding cookie settings.

By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out of your Google account before activating Google maps. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of tailored advertising. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display. For the purpose and scope of the data collection and the further processing and use of the data by Google, as well as your rights in this regard and setting options for protecting your privacy, please refer to Google’s privacy policy at https://accounts.google.com/  and https://policies.google.com/privacy?hl=de.

Vimeo video platform

Our website embeds videos from Vimeo, which is operated by Vimeo LLC, 555 West 18th Street, New York 10011 (“Vimeo”).

The content of the plugin is transmitted by Vimeo directly to your browser and embedded in the page. Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo profile or are not currently logged in to Vimeo. Thus, the use of the video service of Vimeo on our website is carried out to protect our legitimate interests in the context of public relations pursuant to Art. 6 para. 1 lit. f GDPR. Insofar as this service is activated by the user’s consent, the processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR. Consent given can be revoked at any time with effect for the future through appropriate cookie settings.

This information (including your IP address) is transmitted by your browser directly to a Vimeo server in the USA and stored there. If you are logged in to Vimeo, Vimeo can directly assign the visit to our website to your Vimeo account. If you interact with the plugins, for example by clicking the “Vimeo” button, this information is also transmitted directly to an Instagram server and stored there. For data transfers to third countries, the EU standard contractual clauses are agreed. The EU standard contractual clauses represent a guarantee for an adequate EU level of data protection in accordance with Art. 46 GDPR. The USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities, for control and for monitoring purposes, possibly also without any legal remedy.

The information will also be published on your Vimeo account and displayed there to your contacts.

If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out of Vimeo before visiting our website.

For more information, see the privacy policy (https://vimeo.com/privacy) of Vimeo.

Google reCAPTCHA

Google reCAPTCHA is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which allows website operators to check whether a user on their site is a human or a bot. This is to ensure that no bots interact on the website in an automated way.

On our website, we use Invisible reCAPTCHA V3, which no longer requires the user to perform any action themselves. Google checks in the background of the page itself whether the user is a human or a bot. To do this, Google processes cursor movements and the user’s IP address. Thus, Google reCAPTCHA also processes information about the

  • Page that embeds reCAPTCHA,
  • IP address of the user,
  • language set in the browser,
  • screen and window resolution,
  • time zone and
  • Installation of browser plugins.

The purpose of reCAPTCHA is to check whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (IP address, time spent by the website visitor on the website and mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are informed that an analysis is taking place as part of the data protection notice.

The data processing is based on Art. 6 para. 1 lit. f GDPR.

As website operator, we have a legitimate interest in protecting our web offers from abusive automated spying and from SPAM. The Google reCAPTCHA security tool represents a technical measure to ensure the security of processing in accordance with Art. 32 GDPR.

For more information on Google reCAPTCHA and Google’s privacy policy, please refer to the following links https://www.google.com/policies/privacy/  and https://www.google.com/recaptcha/intro/android.html.

For Google services within the EEA and Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is the responsible controller (Data Controller) since 22.01.2019. The processing and provision of the service is generally carried out by Google Ireland Limited as its own controller and within the EEA.

In order to ensure the service, it may happen that a transfer of data to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA takes place. To ensure an appropriate level of data protection for the data transfer to Google LLC in the USA, the EU standard contractual clauses are contractually agreed. In addition, the transfer is necessary for the fulfillment of a contract concluded with Google for the provision of this service in the interest of the user and the responsible party as website operator, for protection against abusive automated spying and spam in accordance with Art. 49 (1) lit. c GDPR.

If you do not want Google to collect, process or use data about you via our website, you can delete or also block the cookies in your browser settings.

Social Media Buttons

So-called social bookmarks (e.g. from Facebook, Twitter and Xing) are integrated on our website. Social bookmarks are Internet bookmarks with which the users of such a service can collect links and news messages. These are only integrated on our website as a link to the corresponding services. After clicking on the embedded graphic, you will be redirected to the page of the respective provider, i.e. only then will user information be transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection provisions of the providers.

This is done on the legal basis of our legitimate interests according to Art. 6 para. 1 lit. f GDPR in the context of public relations to share content with other users. Data transfers to third parties take place based on the contractually agreed EU standard contractual clauses, which are a guarantee of an adequate level of EU data protection pursuant to Art. 46 GDPR.

If you activate them, you will be redirected to the providers’ pages and corresponding user information will be passed on. The responsibility for the processing of personal data lies with the provider of the service as its own controller pursuant to Art. 4 No. 7 GDPR.

If you are logged into one of these social networks with your account while using our site and would like to share our content, then this information will be linked to your respective account. We, as the operator, have no influence on the data that is transmitted to corresponding servers by plug-ins. As a rule, the IP address is transmitted.

For more information on the handling of your data, please refer to the privacy policy of the respective provider:

Facebook: https://de-de.facebook.com/full_data_use_policy  

Instagram: https://de-de.facebook.com/help/instagram/519522125107875  

You Tube: https://policies.google.com/privacy?hl=de  

LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE


Contacting (contact inquiries, real estate offers) with PRIMUS.

Via the contact form, our e-mail address, or by phone, you can ask us questions and send us messages. In these cases, the personal data of the sender, i.e. the user, transmitted with the inquiry will be stored. In this context, we would like to point out that transmission as an unencrypted e-mail poses certain security risks, as it cannot be ruled out that the data may be read or accessed by unauthorized persons. The processing of this data, which is transmitted while sending a request, is carried out on the legal basis of Art. 6 para. 1 lit. f. GDPR of our legitimate interests to answer your request satisfactorily. If the request is aimed at the fulfillment of an existing contract or the conclusion of a new contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b. GDPR for the initiation and fulfillment of a contract. If consent is given, the processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR. The processing of this personal data serves us solely to process the contact.  Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data sent by e-mail, this is the case when the respective request is answered and the conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified and no contract has been concluded. Inquiries about the contractual relationship are stored for the duration of the existing contractual relationship.

All personal data stored while contacting us will be deleted in this case, provided that there are no legal retention periods to the contrary.

Newsletter dispatch

You can subscribe to our newsletter to receive information about current offers, product news, etc.. This may also include offers from the PRIMUS Group.

A sending of promotional information to your e-mail address in the context of our newsletter will only take place if you have consented to the use of your e-mail address. Of course, you can revoke your consent to receive newsletters at any time by clicking on the unsubscribe link in the newsletter or by informing us of your wish to unsubscribe via info@primusimmobilien.de.

We use the so-called double opt-in procedure to register for our newsletter. This means that after your registration, we will send you an e-mail to the e-mail address you provided in which we ask you to confirm that you wish to receive the newsletter. In addition, we store your IP addresses and the times of registration and confirmation. This allows us to prove your registration and, if necessary, to clarify a possible misuse of your personal data by third parties.

Shipping service provider

The newsletter is sent using the dispatch service provider “MailChimp”, a newsletter dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the shipping service provider here: mailchimp.com/legal/privacy/. The shipping service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f. GDPR and an order processing agreement pursuant to Art. 28 para. 3 p. 1 GDPR. For data transfers to third countries, the EU standard contractual clauses have been agreed upon, which are a guarantee for an adequate level of data protection according to Art. 46 GDPR. We inform that according to the case law of the ECJ, the USA is currently not a safe third country in the sense of EU data protection law. Due to surveillance laws in the U.S., U.S. service providers may be obliged to hand over personal data to security authorities without data subjects being able to appeal against this. It can therefore not be ruled out that US authorities, such as intelligence agencies, may process, evaluate and permanently store your data located on servers of US service providers for surveillance purposes. We have no influence on these processing activities.

The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletters or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

Newsletter tracking

In order to better understand how our newsletter is used, we evaluate your user behavior when sending the newsletter based on our legitimate interests in optimizing the newsletter in accordance with Art. 6 para. 1 llit. f GDPR. By subscribing to the newsletter, you consent to the sending of the newsletter and evaluation in accordance with Art. 6 para. 1 lit. a GDPR. For this evaluation, the sent emails contain so-called web beacons, also called tracking pixels. These are single-pixel image files that link to our website and thus enable us to evaluate your user behavior. This is done through the use of web beacons, which are assigned to your e-mail address and linked to a separate ID. Links received in the newsletter also contain these.

The data is collected exclusively pseudonymously, i.e. the IDs are not linked to your other personal data, a direct personal reference is excluded.

You can object to this tracking at any time by clicking on the unsubscribe link provided in every email. Please note that you will then also no longer be able to receive the newsletter. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.

Moreover, such tracking is not possible if you have deactivated the display of images by default in your e-mail program. In this case, the newsletter will not be fully displayed to you and you may not be able to use all functions. If you display the images manually, the above-mentioned tracking will take place.

Data processing at trade fairs

If you provide us with your contact data at the trade fair, e.g. by leaving us your business card, entering a competition, or registering for our newsletter, we record this data in our CRM system. We use your data to contact you as requested, to establish a business relationship and to send you information material (Art. 6 para. 1 lit a, b and f GDPR).

Career

You can apply to one of our companies electronically, esp. via e-mail at bewerbung@primusimmobilien.de. Your details will only be used to process your application.

Please note that unencrypted e-mails will not be transmitted without access protection.

If you have applied for a specific position and it has already been filled, or if we consider you equally or more suitable for another position, we would be happy to forward your application within the company. Please let us know if you do not agree to forwarding.

Your personal data will be deleted immediately after completion of the application process, or after a maximum of 6 months, unless you have given us your express consent to store your data for longer or a contract has been concluded. Legal bases are thus Art. 6 para. 1 a, b and f GDPR as well as § 26 BDSG.

Recipients of the data or categories of recipients

Within our organization, those entities will have access to your data that need it to fulfil contractual and legal obligations.

External service providers (order processors)

Your data will be shared with our IT and software service providers for maintenance and support to assist us in providing our services.

Processing of your personal data by contracted service providers takes place within the framework of order processing pursuant to Art. 28 GDPR.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA) or if this is done in the context of using third-party services or disclosing, or transferring data to third parties, this is only done if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests, or if another legal basis permits this. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. GDPR are met. I.e. the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (EU adequacy decision) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

Data transfer to the USA

Among other things, services of companies based in the USA are integrated on our website. If these services are active, your personal data could be transferred to the US servers of the respective companies. We inform that the USA is currently not a safe third country in the sense of EU data protection law according to the case law of the ECJ. Due to the surveillance laws in the USA, US service providers may be obliged to hand over personal data to security authorities without data subjects being able to appeal against this. It can therefore not be ruled out that US authorities, such as intelligence agencies, may process, evaluate and permanently store your data located on servers of US service providers for surveillance purposes. We have no influence on these processing activities.

III. Data processing within the scope of our business services

Contractual services with business partners

We process the data of our contractual partners and interested parties as well as clients, suppliers, service providers and customers in accordance with Art. 6 para. 1 lit. b. GDPR in order to provide them with our contractual or pre-contractual services. The data processed in this context, the type, scope and purpose and the necessity of their processing, are determined by the underlying contractual relationship. The data processed includes the master data of our contractual partners (e.g. names and addresses), contact data (e.g. mail addresses and telephone numbers) as well as contractual data (e.g. services used, contract contents, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history). As a matter of principle, we do not process special categories of personal data, unless these are components of a commissioned or contractual processing. We process data that are required for the justification and fulfilment of contractual services and point out the necessity of their disclosure unless this is evident to the contractual partners. Disclosure to external persons or companies is made only if it is necessary in the context of a contract. When processing the data provided to us within the scope of an order, we act in accordance with the instructions of the client as well as the legal requirements.

In the context of the use of our online services, we may store the IP address and the time of the respective user action. The storage is based on our legitimate interests of the user to protect against misuse and other unauthorized use. As a matter of principle, this data is not passed on to third parties unless it is necessary for the prosecution of our claims pursuant to Art. 6 para. 1 lit. f. GDPR or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c. GDPR.

The deletion of the data takes place when the data is no longer required for the fulfilment of contractual or legal duties of care as well as dealing with any warranty and comparable obligations. In all other respects, the statutory retention obligations apply.

Direct advertising

If we receive your e-mail address and postal address in the course of concluding a contract, we may process this data in order to inform you about our own similar product and service offers by e-mail and post from now on. If you do not wish to receive any further advertising information by e-mail or post, you can object to the use of your contact data for advertising purposes at any time with effect for the future without incurring any costs other than the transmission costs according to the basic rates. You can send your objection by mail or e-mail to the following contact addresses.

PRIMUS Immobilien AG
Oranienburger Street 3
10178 Berlin-Mitte
E-Mail: info@primusimmobilien.de

Recipients of the data or categories of recipients

Within our organization, access to your data is granted to those entities that need it to fulfill contractual and legal obligations.

External service providers (order processors)

Your data is shared with service partners, e.g. IT and software service providers for maintenance and support, to assist us in providing our services.

Processing of your personal data by contracted service providers takes place within the framework of order processing pursuant to Art. 28 GDPR.

Other service providers, partners and third parties

We may cooperate with other partners if it is necessary to fulfill our service offerings or if we are legally obligated to disclose data. These may be the following partners or third parties:

  • Credit institutions and payment service providers
  • credit agencies
  • Support call centers
  • Disclosure to public bodies (e.g. tax offices, authorities) or by court order
  • advertising agencies
  • Document shredding companies, logistics
  • Advice and consulting, auditors
  • insurance companies
  • Utilities, cable network operators
  • (Heat) metering services
  • Law firms and competent jurisdiction
  • notary’s offices
  • property management companies
  • Agents and operators of commercial/residential property for the purpose of renting and brokering
  • Craft businesses, architecture offices, service companies

It is important to us to process your data within the EU. However, it may happen that we use service providers who operate outside the EU. In these cases, we ensure that an appropriate level of data protection is established before transferring your personal data. This means that a level of data protection comparable to the standards within the EU is achieved via EU standard contracts or an EU adequacy decision.

Origin of personal data

We process personal data that we receive in the course of our business relationship. In addition, to the extent necessary for the provision of our services and for the fulfilment of contracts, we process personal data that we have received from other companies in our group of companies or from other third parties (e.g. credit agencies) in a permissible manner (e.g. for the execution of orders, for the fulfilment of contracts or on the basis of consent given by you). In addition, we process personal data that we have permissibly obtained from publicly accessible sources (e.g. trade and association registers, press, media) and are permitted to process.

Categories of personal data

We process the following categories of personal data about you:

Personnel master data (name, address and other contact data, date of birth), if applicable order and contract data (e.g. delivery order), payment data, data from the fulfillment of our contractual obligations, advertising and sales data, documentation data (data from consulting and service discussions) and comparable data.

Storage of data

To the extent necessary, we process and store personal data for the duration of the business relationship. This also includes the initiation and processing of a contract. For the duration of the existence of warranty and guarantee claims, the personal data required for this purpose are stored. In addition, we store personal data insofar as we are legally obligated to do so. Corresponding obligations to provide proof and to store data result from the German Commercial Code (Handelsgesetzbuch) and the German Fiscal Code (Abgabenordnung). The periods for storage or documentation specified there are six years in accordance with commercial law requirements under Section 257 of the German Commercial Code (HGB) and up to ten years based on tax requirements under Section 147 of the German Fiscal Code (AO). We delete personal data of the data subject as soon as the purpose of the storage no longer applies and legal retention periods do not prevent a deletion.

IV. Data subject rights

Rights of the data subjects

If personal data of a user is processed, he is a “data subject” within the meaning of the GDPR. He is entitled to the following rights vis-à-vis us as the data controller:

  • Right to information
  • Right to rectification
  • Right to restriction of processing
  • Right to deletion
  • Right to information
  • Right to data portability
  • Right to object
  • Right to revoke the declaration of consent under data protection law
  • Right to complain to a data protection supervisory authority

Information, blocking, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if the legal requirements are met, a right to correction, blocking or deletion of this data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

– If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.

– If the processing of your personal data has happened / is happening unlawfully, you can request the restriction of data processing instead of deletion.

– If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.

– If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR).

If data processing is carried out on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Article 21 (2) GDPR).

Right of complaint to a supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.

Rights in case of data processing according to the legitimate interest

Pursuant to Article 21(1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) GDPR (data processing in the public interest) or on the basis of Article 6(1)(f) GDPR (data processing for the purposes of a legitimate interest). This also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Rights in the event of direct advertising

If we process your personal data for the purpose of direct marketing, you have the right pursuant to Article 21 (2) GDPR to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes. The objection can be made form-free and should preferably be addressed to: PRIMUS Immobilien AG Oranienburger Straße 3, 10178 Berlin-Mitte, e-mail: info@primusimmobilien.de

Legal or contractual requirements to provide the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). For the conclusion of the contract it is necessary that you provide us with personal data. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it. If there is a legal obligation to provide the data, you are obliged to provide us with personal data. Before providing personal data by the data subject, the data subject may contact our data protection officer. Our data protection officer will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.

Automated decision-making and performance of profiling.

For the establishment and implementation of a business relationship, we generally do not use exclusively automated decision-making including profiling within the meaning of Article 22 GDPR.

Objection to advertising e-mails

We hereby object to the use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Changes to the data protection declaration

This data protection declaration is continuously adapted in the course of the further development of the Internet or our offer. We will announce any changes on this page in good time. In order to be informed about the current status of our data usage regulations, this page should be called up regularly. (Current status: January 2021)