Data protection
Whenever you visit our website, you provide certain personal data and we, as the data controller, process these personal data. If you would like to know what data we collect, how they are processed and what rights you have in relation to your personal data, please read on.
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to the following data protection policy.
How we collect data on this website
Who is responsible for collecting data on this website?
The website operator is responsible for processing data on this website. You can find the contact details of the website operator in the section “Information about the responsible party” in this data protection policy.
How do we collect your personal data?
Firstly, we collect and process data when you provide them to us. These can be, for example, data that you enter in a contact form.
Other data are collected by our IT systems either automatically or with your consent whenever you visit the website. This is mainly technical data (e.g. relating to your internet browser, operating system, or the time you access a specific page). Such data are normally collected automatically when you enter this website.
What do we use your data for?
Some data are collected to ensure that this website is provided free of errors. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right of access to information about the origin, recipient and purpose of your stored personal data, at any time and free of charge. You also have a right to request the correction or erasure of these data. If you have given your consent to data processing, you can revoke this consent at any time with immediate effect. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with a competent supervisory authority.
You can contact us at any time with regard to any questions you may have on the subject of data protection.
Third-party analytics and tools
Your browsing behavior evaluated statistically whenever you visit our website. This analysis is performed in particular with the aid of so-called “analysis programs.” Detailed information about these analysis programs can be found in the following data protection policy.
2. Hosting
The content of our website is hosted by the following provider:
Hetzner
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereafter Hetzner). For details, please refer to Hetzner’s data protection policy: https://www.hetzner.com/de/rechtliches/datenschutz.
Our use of Hetzner is based on Article 6 (1) (f) of the European Union’s General Data Protection Regulation (GDPR). We have a legitimate interest in ensuring the most reliable presentation of our website. Insofar as a corresponding consent has been requested and granted, processing is carried out on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent granted includes the storage of cookies and/or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the Telecommunications and Telemedia Data Protection Act. Users may revoke their consent at any time.
Order processing
We have concluded an order processing contract that governs the above-mentioned service. This contract is required by data protection law and ensures that the personal data of our website’s visitors is processed according to our instructions and in full compliance with the GDPR.
3. General notes and mandatory information
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and why this is done.
Please note that transmission of data transfer over the Internet (for example, when communicating by email) is not completely secure. It is not possible to completely protect data from being accessed by third parties.
Information about the data controller
The controller responsible for data processing on this website is:
David Borck Immobiliengesellschaft mbH
Schlüterstr. 45
10707 Berlin
represented by the managing directors Caren Rothmann and David Borck
Telephone: +49 (0) 30 887 742 50
Email: service@david-borck.de
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
Storage period
Unless otherwise specified within this privacy policy, we will store your personal data until the purpose for processing the data no longer applies. If you assert a legitimate request for erasure, or revoke your consent to data processing, your data will be erased unless we have other legally permissible grounds to store your personal data (e.g. retention periods under tax or commercial law); in the latter case, your data will be erased once these grounds no longer apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Article 6 (1) (a) or Article 9 (2) (a) of the GDPR, if special categories of data are processed according to Article 9 (1) of the GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Article 49 (1) (a) of the GDPR. If you have consented to the storage of cookies or to the access to information in your terminal device (e.g. via device fingerprinting), the data processing is additionally carried out on the basis of Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. Your consent can be revoked at any time. If your data are required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Article 6 (1) (b) of the GDPR. Furthermore, if these data are required for the fulfillment of legal obligations, we process them on the basis of Article 6 (1) (c) of the GDPR. Furthermore, data processing may be carried out on the basis of our legitimate interest pursuant to Article 6 (1) (f) of the GDPR. Information about the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.
Data protection officer
We have appointed the following data protection officer.
Eric Drissler
ED Computer & Design GmbH & Co. KG
Lina-Bommer-Weg 4
51149 Cologne
Telephone: +49 (0)221 28 88 77 66
Email: datenschutz@edcud.de
Information on the transfer of data to third-party countries that are not secure under data protection law and to US companies that are not DPF-certified
We use tools and services provided by companies based in third-party countries that are not deemed safe under data protection law and from companies in the USA who are not certified under the EU-US Data Privacy Framework (DPF). If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries.
In the case of the USA, the EU Commission has issued an adequacy decision, the EU-US Data Privacy Framework (DPF), which, however, is of limited scope.
Data may be transferred to the USA if the recipient is certified under the “EU-US Data Privacy Framework” (DPF). Data transfers to recipients in the USA who are not certified must be based on EU standard contractual clauses agreed with the recipient or other suitable safeguards. Information on transfers to third countries, including data recipients, can be found in this Privacy Policy.
Recipients of personal data
In the scope of our business activities, we cooperate with various external parties. In some cases, this also requires the transfer of personal data to these external parties. We only disclose personal data to external parties if this is required as part of the fulfillment of a contract, if we are legally obligated to do so (e.g., disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 (1)(f) GDPR, or if another legal basis permits the disclosure of this data. When using processors, we only disclose personal data of our customers on the basis of a valid contract on data processing. In the case of joint processing, a joint processing agreement is concluded.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Article 21 of the GDPR)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ARTICLE 6 (1) (E) OR (F) OF THE GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL GROUNDS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21 (1) OF THE GDPR).
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ARTICLE 21 (2) OF THE GDPR).
Right of appeal to the competent supervisory authority
In the event of breaches of the GDPR, data subjects have a right to appeal to a competent supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of these data to another controller, this will only be done insofar as it is technically feasible.
Information, erasure and correction
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing and, if necessary, a right to correction or erasure of these data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data happened/is happening unlawfully, you may request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
- If you have lodged an objection pursuant to Article 21 (1) of the GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
- If you have restricted the processing of your personal data, these data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol displayed in your browser’s address line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to advertising emails
The use of the contact data published within the framework of the mandatory Legal Notice for the purpose of unsolicited advertising and information material is prohibited. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited receipt of advertising materials, such as spam emails.
4. Data collection on this website
Cookies
Our website uses so-called “cookies.” Cookies are small text files and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us to provide certain services of these third-party companies (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are necessary to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring the web audience) (necessary cookies) are stored on the basis of Article 6 (1) (f) of the GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. Insofar as consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act); the consent can be revoked at any time.
You can set your browser to inform you about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this data protection declaration and, if necessary, request your consent.
Consent with ConsentManager
Our website uses the consent technology of ConsentManager to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is consentmanager AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter “ConsentManager”).
When you enter our website, a connection is established to the servers of ConsentManager in order to obtain your consent and other declarations regarding the use of cookies. Subsequently, ConsentManager stores a cookie in your browser in order to be able to assign the consents granted or revoked by you. Data collected in this way are stored until you request their deletion, delete the ConsentManager cookie yourself, or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
ConsentManager is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6 (1) (c) of the GDPR.
Order processing
We have concluded a contract on order processing for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors are processed according to our instructions and in compliance with the GDPR.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
- The collection of these data is based on Article 6 (1) (f) of the GDPR.
The website operator has a legitimate interest in the error-free presentation and optimization of its website and it is for this purpose that server log files must be collected.
Contact form
If you send us an inquiry via our website’s contact form, the data you submit, including the contact data you provide, will be stored by us for the purpose of processing your inquiry and to deal with follow-up questions. We do not pass these data on to third parties without your consent.
The processing of these data is based on Article 6 (1) (b) of the GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Article 6 (1) (f) of the GDPR) or on your consent (Article 6 (1) (a) of the GDPR) if this has been requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you request us to erase it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
Inquiries by email, phone or fax
If you contact us by email, phone or fax, we will store and process your request, including all resulting personal data (name, request), for the purpose of dealing with your request. We do not pass these data on to third parties without your consent.
When you contact us, we process your data using the CRM software of our service provider Propstack GmbH, Walderseestraße 26, 13407 Berlin.
Order processing
We have concluded an order processing agreement with Propstack GmbH for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is processed according to our instructions and in compliance with the GDPR.
You can find more information about data processing at Propstack GmbH under https://www.propstack.de/legal/datenschutzbestimmungen.
The processing of data is based on Article 6 (1) (b) of the GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Article 6 (1) (f) of the GDPR) or on your consent (Article 6 (1) (a) of the GDPR) if this has been requested; consent can be revoked at any time.
The data you send to us via contact forms will remain with us until you request us to erase it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular legal retention periods – remain unaffected.
Terminland.de
You have the option of making appointments with us via our website. We use Terminland.de for booking appointments. The provider is Terminland GmbH, Kreuzberger Ring 44a, 65205 Wiesbaden (hereinafter “Terminland”).
For the purpose of booking an appointment, you enter the requested data and the desired date in the required fields. We use the data you enter for the planning, management and, if necessary, follow-up of appointments. Furthermore, Terminland collects log files (number and time of page views, browser, browser version and operating system as well as an anonymized IP address).
The appointment data is stored for us on the servers of Terminland, whose privacy policy you can view here: https://www.terminland.de/datenschutz/.
The data you enter will remain with us until you request us to erase it, revoke your consent to store it, or the purpose for storing the data no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected.
The legal basis for data processing is Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in making it as uncomplicated as possible to arrange appointments with interested parties and customers. Insofar as a corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Order processing
We have concluded a contract on order processing for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is processed according to our instructions and in compliance with the GDPR.
5. Analysis tools and advertising
Referral Tracking
We use so-called referral tracking from our own development to measure reach. Ideally, the origin as well as the UTM source, campaign and medium of the website visitor are recorded in Java script.
If the website visitor gives his consent via the consent tool, these data are stored in a cookie and assigned to the sender when a contact form is used. In addition, they are stored in the referral dashboard.
Processing is carried out exclusively on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Server-side tracking/proxy tracking
To ensure a lawful use of tracking services such as analytics and marketing services, we use the tracking proxy solution of Tracking Garden GmbH, Ritterfelddamm 225e, 14089 Berlin. With the help of the tracking proxy solution, we can avoid direct access by third-party providers (Google Analytics, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) to users’ end devices and ensure complete control over a single data parameter when communicating with websites by imposing access restrictions on third-party providers and setting conditions for the transfer of data to third-party providers.
For these purposes, so-called cookies and browser fingerprinting procedures are used, which are stored on your end device by the tracking proxy for recognition purposes and can process information from your end device. For this purpose, your terminal device is assigned a randomly generated identification number (cookie ID/device ID) by the tracking proxy.
With the help of the tracking proxy, we process the information generated about the use of our website by your end device as well as access data for the purpose of statistical analysis and reach measurement – e.g. call-up of a specific web page, number of unique visitors, entry and exit pages, dwell time, click, wipe and scroll behavior, actuation of buttons, bounce rate and similar interactions made by users on our website (events), e.g. whether a newsletter subscription was made or a product was added to the shopping cart or purchased. Access data includes, in particular, browser and device information, cookie ID of the tracking proxy and date and time of the server request. The processing of your data by the tracking proxy takes place exclusively on servers in Germany.
Your IP address is not stored or passed on to third-party providers, but only general location information such as the region and city of the location of the end device is collected, which is previously derived from the IP address. Due to the tracking proxy solution, further user data is transmitted to third-party providers in exclusively pseudonymous form for the purpose of analyzing and measuring the reach of usage behavior on our website. To ensure effective pseudonymization, the tracking proxy creates artificially generated data parameters for the browser identifier (user agent), for the third-party provider’s cookie IDs, for order numbers if applicable, and for other browser and device information that would enable re-identification.
The storage period of the tracking proxy cookie for the re-identification of users’ end devices is a maximum of 24 months.
The legal basis for data processing is Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in an analysis as well as the measurement of the reach of its website, through which it can optimize and improve digital offers and correct errors. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the Telecommunications and Telemedia Data Protection Act. The storage period of the tracking proxy cookie for the recognition of users‘ end devices is a maximum of 24 months.
Order processing
We have concluded a contract on order processing for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is processed according to our instructions and in compliance with the GDPR.
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager collects your IP address, which may also be transferred to Google’s parent company in the United States.
The use of Google Tag Manager is based on Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in a fast and uncomplicated integration and management of various tools on his website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, dwell time, operating systems used and the origin of the user. These data are assigned to the respective end device of the user. An assignment to a user ID does not take place.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here. The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Browser Plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information on how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
Order processing
We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate these data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many ads resulted in corresponding clicks.
The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks und https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Google Conversion-Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google conversion tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.
The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
You can find more information about Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Meta Pixel (formerly Facebook Pixel)
This website uses the visitor action pixel from Facebook for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the collected data is also transferred to the USA and other third countries.
In this way, the behavior of page visitors can be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
These data are anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, according to the Facebook data usage policy. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. This use of these data cannot be influenced by us as the site operator.
The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Insofar as personal data are collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Article 26 of the GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. You can find the text of the agreement at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Facebook’s data protection notices: https://de-de.facebook.com/about/privacy/.
You can also disable the Custom Audiences remarketing feature in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.
If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Facebook Custom Audiences
We use Facebook Custom Audiences. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
When you visit or use our websites and apps, make use of our free or paid offers, transmit data to us or interact with our company’s Facebook content, we collect your personal data in the process. If you give us consent to use Facebook Custom Audiences, we will transmit these data to Facebook, which Facebook can use to play you suitable advertising. Furthermore, target groups can be defined with your data (Lookalike Audiences).
Facebook processes these data as our processor. Details can be found in the Facebook user agreement: https://www.facebook.com/legal/terms/customaudience.
The use of this service is based on your consent according to Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/terms/customaudience and https://www.facebook.com/legal/terms/dataprocessing.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
6. Plugins and Tools
Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. If Google Maps is activated, Google may use Google Fonts for the purpose of uniform display of fonts. When calling up Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Article 6 (1) (f) of the GDPR. Insofar as a corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6 (1) (a) of the GDPR and Section 25 (1) of the Telecommunications and Telemedia Data Protection Act, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the Telecommunications and Telemedia Data Protection Act. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ und https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
7. eCommerce
Processing of customer and contract data
We collect, process and use personal customer and contractual data for the purpose of establishing, defining the content of and amending our contractual relationships. We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user. The legal basis for this is Article 6 (1) (b) of the GDPR.
The collected customer data will be erased after completion of the order or termination of the business relationship and expiration of any existing legal retention periods. Statutory retention periods remain unaffected.
Data transfer upon closing of contracts for services and digital content
We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with the financial institution tasked with the processing of payments.
Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.
The basis for the processing of data is Art. 6(1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.
8. Custom services
Our social media channels
This privacy policy applies to the following social media presence
- https://www.facebook.com/DavidBorckImmobilien
- https://www.instagram.com/davidborckimmobilien
- https://www.xing.com/pages/davidborckimmobiliengesellschaftmbh
- https://de.linkedin.com/company/david-borck-immobiliengesellschaft-mbh
- https://www.youtube.com/@DavidBorck1
Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks we use are detailed below.
Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are or were logged in.
Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.
Legal basis
Our social media presence is intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Article 6 (1) (f) of the GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Article 6 (1) (a) of the GDPR).
Responsible person and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, erasure, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
Storage period
The data collected directly by us via the social media presence will be erased from our systems as soon as you request us to erase it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no influence on the storage period of your data, which are stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
Social networks in detail
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta, the collected data is also transferred to the USA and other third countries.
We have entered into a joint processing agreement (Controller Addendum) with Meta. This agreement specifies the data processing operations for which we or Meta are responsible when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
For details, see the Facebook privacy policy: https://www.facebook.com/about/privacy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
For details on their handling of your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy: https://privacy.xing.com/en/privacy-policy.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For details on their handling of your personal data, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to YouTube’s privacy policy: https://policies.google.com/privacy?hl=en.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Last revised: October 2023.