Privacy Statement for the Website

 www.aengevelt.com

Privacy Statement

General Introduction:

We take the protection of your personal data very seriously and want you to be safe when visiting our website. Our data protection practices comply in particular with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications Digital Services Data Protection Act (TDDDG). At this point, we would like to inform you about the type, scope and purpose of the processing of your personal data. We would like to point out in advance that this data protection declaration only refers to our websites and does not apply to third-party websites to which we refer in the form of links.

Subject of protection:

The object of protection is personal data. This is all information that relates to an identified or identifiable natural person (hereinafter "data subject"). This primarily includes information that allows conclusions to be drawn about your identity (e.g. details such as your name, postal address, email address and telephone number, but also your IP address).

Technical requirements:

To enable you to establish a connection to our website, your browser transmits certain data to the web server of our website. This is a technical necessity so that the information you request from the website can be made available. To make this possible, your IP address, the date and time of your request and the type of operating system you are using are stored and used for a maximum of 7 days. We reserve the right to store this data for a limited period of time to safeguard our legitimate interests in order to initiate a derivation of personal data in the event of unauthorized access or an attempt to deliberately harm us in this way (Art. 6 para. 1 lit. f GDPR). The data will only be stored or forwarded by us for these and no other purposes without us informing you in advance and asking for your permission.

Cookies:

Cookies are small text files that are stored on your computer or mobile device via your browser, e.g. to recognize whether you visit websites repeatedly from the same device or browser. In general, we use cookies to analyze interest in our website and to improve the user-friendliness of our website. In principle, however, you can also visit our website without cookies.

As a rule, cookies can be deactivated or removed with the help of tools that are available in most commercial browsers. The settings must be defined separately and set individually for each browser you use. The various browsers offer different functions and options for this purpose.

In order to be able to use our website fully and comfortably, you should accept those cookies that enable the use of certain functions or make the use more comfortable. You can see the purpose for which the cookies we use are used and for how long they are stored in the following overview:

Cookie list:

Cookie types:

To help you understand the most common types of cookies, we have explained them below:

1.     Session cookies:

Session cookies can be used to recognize users and the changes they have made within a website. They allow the website to track their movements across individual pages so that information that has already been entered/saved does not have to be entered/saved again. One example of this is shopping baskets in web stores. The session cookie saves the selected products in the shopping cart so that it contains the correct items when payment is made at the checkout. Session cookies are deleted when you log out or lose their validity as soon as the session has automatically expired.

2.     Permanent or protocol cookies:

A permanent or protocol cookie stores the user's information and settings on the user's computer for the period specified in the expiration date. This leads to faster and more convenient access, as you do not have to re-enter language settings or login data, for example. The cookie is automatically deleted at the end of the storage period.

3.     Third-party cookies:

Third-party cookies generally have no influence on the use of the website, as they do not originate from the website operator. Their purpose is, for example, to collect information for advertising, user-defined content and web statistics and to pass this on to the respective third-party provider.

4.     Tracking cookies:

Tracking cookies are special text files which open up the possibility of collecting data on the behavior of the Internet user. This is aimed at gaining information on what the user’s main points of interest are, for example, to be able to launch made-to-measure promotional offers.

The above exemplary presentation of the most common forms of cookies is intended to give you a global overview of this form of data collection. These explanations do not claim to be exhaustive. As a result of technical IT developments, it can be assumed that other types of cookies will develop over time. Please check our privacy policy at regular intervals for the latest changes before using our website.

Consent Manager:

We use the Cookiebot service (Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, hereinafter "Cookiebot") on our website, which manages the consents to all services requiring consent on our website (so-called consent management). The use of Cookiebot enables us to comply with our legal obligation to provide proof of consent (Art. 7 para. 1 GDPR). In this context, the following data is collected from you and stored by Usercentrics:

-        Date and time of access

-        Browser information

-        Device information

-        Geographical location

-        Cookie preference

-        URL of the website visited

Cookiebot works for us within the framework of order processing in accordance with Art. 28 GDPR and does not process the data for its own purposes. All information on data protection at Cookiebot can be found at

https://www.cookiebot.com/en/privacy-policy/.

Processing takes place according to Art. 6, para. 1 (c) GDPR in order to comply with the legal requirements.  

Contact us

You will find various contact forms on our website that can be used to contact us electronically. Alternatively, you can use another contact form to place a callback request. Alternatively, you can contact us via the e-mail address provided. If you contact us via one of these channels, we will process the personal data you enter and transmit.

If you use a contact form, the personal data processed consists of the master data entered there (surname, first name, title, email address) and possibly other personal data entered by you in the "Message" field. If you contact us directly by e-mail, we collect your e-mail address and any personal data resulting from the text of the e-mail. 

If you use the contact form to place a callback request, we will also collect the personal data you provide via the input screen. These are your name, telephone number and, if you decide to provide this information in addition, the company you work for and the subject of your callback request. To ensure secure transmission of your data, we use a state-of-the-art encrypted connection with an SSL certificate

The processing is carried out on the basis of the legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR or your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. To do so, please send us your revocation by email to datenschutz@aengevelt.com.

Newsletters / reports and market reports

On our website you have the option of downloading various reports and market reports, which we are happy to make available to you. In order to access this information, you must first register for our newsletter service, which will inform you whenever we upload a current City Report to our website. To do this, we ask for your e-mail address and your name using a form. Registration for the newsletter takes place by means of a double opt-in procedure. This is a recognized procedure in which you receive an e-mail with a confirmation link to the e-mail address you have provided. Only when this link is activated will the regular sending of the above-mentioned information begin.

The processing takes place on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. Please send us your revocation by e-mail to datenschutz@aengevelt.com or click on the "unsubscribe" link in the newsletter.

Google Maps:

Our website uses the Google Maps map service via an API (application programming interface). The provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your IP address. According to Google, this information is generally transmitted to a server in Ireland and stored there. However, it cannot be ruled out that the parent company in the USA may also have access to this data. As the website operator, we have no influence on data transmission. The transfer of information only begins when you click the button on the card. By activating the card, you consent to the processing of personal data in accordance with Art. 6 para. 1 lit. a GDPR. 

A transfer of your data to the USA involves certain risks, e.g. national authorities may gain access to your data through domestic laws (such as "FISA") and the possibility of enforcing your data subject rights in accordance with Art. 15 ff GDPR may be restricted. For data transfer to the USA, Google uses so-called standard contractual clauses (pursuant to Art. 46 para. 2 GDPR) as suitable guarantees to protect your data from the above-mentioned risks.

If you do not wish to consent to the transfer of information, do not click on the card button. In this way, you can continue to use our website without a transfer taking place. You can also withdraw your consent at any time by refreshing or reloading our website. 

You can find more information on the handling of user data in Google's privacy policy:

https://policies.google.com/privacy?hl=en&gl=en  

Tracking tools (exports to third countries):

Our website makes use of functions provided by a range of different third-party web analysis services, such as Google. In the following, we shall explain in even more detail which individual services are involved and which data are analyzed.

Third country exports (risks):

Please note that when analyzed by such services (e.g. Google), your data may also potentially be transferred to third countries such as the USA. The third-country transfer of your data to countries such as the USA, where there is no GDPR-compliant and adequate level of data protection, entails certain risks, which we would like to inform you about at this point. Due to national laws such as the Foreign Intelligence Surveillance Act (FISA), domestic authorities (in the USA) can access the data you have provided to the provider without your knowledge or consent, if the authority considers this to be necessary. In addition, the enforcement of your rights as a data subject pursuant to Art. 15 et seq. of the GDPR may only be possible to a limited extent.

We only use services that use standard contractual clauses (pursuant to Art. 46 (2) GDPR) as suitable guarantees for secure third country exports.

Use of Google Tag Manager

We use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google". Google Tag Manager can manage various website tags from marketers via an interface. The tool (Tag Manager, which implements the tags) is a cookie-free domain and does not collect any personal data. It only triggers tags, which in turn may collect data (see descriptions of Google Analytics and Google Ads). However, the Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.

Use of Google Analytics with anonymization function

We use Google Analytics on our website, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google". Google Analytics uses cookies that enable your use of the website to be analyzed. The information generated by the cookies about the use of our website (e.g. when, where and how often you access our website, including your IP address) is generally transmitted to a Google server in Ireland or the USA and stored there. You can find out what risks this may entail in our privacy policy above.

Your IP address is shortened immediately after collection (e.g. by deleting the last 8 bits) and thus anonymized so that it is no longer personally identifiable. Further information on the processing of personal data by Google can be found at https://policies.google.com/privacy?hl=de&fg=1.

Via our Consent Manager (cookie banner) you consent to the processing in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future (see below).

If you wish to revoke your consent to the use of Google Analytics, please click on this link to prevent the transmission of analysis data to Google Analytics:

Use of GA Audiences

On this website, GA Audiences, a web analysis service of the provider Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland "Google"), collects and stores data from which user profiles are created using pseudonyms. This technology allows users who have already visited our websites and online services to see targeted advertising from us on other external sites in the Google Partner Network. For this purpose, a cookie is set on your computer to analyze user behavior when visiting the website and can then be used for targeted product recommendations and interest-based advertising.

Further information on the processing of personal data by Google can be found at

https://policies.google.com/privacy?hl=en&gl=en  

The processing of personal data takes place on the basis of your previously given consent on our Consent Manager in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do so, please click on the following link:

Use of DoubleClick by Google

Doubleclick by Google is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Doubleclick by Google uses cookies to present you with advertisements that are relevant to you. A pseudonymous identification number (ID) is assigned to your browser in order to check which ads have been displayed in your browser and which ads have been viewed. The use of DoubleClick cookies enables Google and its partner websites to display ads based on previous visits to our or other websites on the Internet. The information generated by the cookies is transmitted by Google to a server in the USA for analysis and stored there. You can find out what risks this may entail in our privacy policy above.

Further information on the processing of personal data by Google can be found at

https://policies.google.com/privacy?hl=en&gl=en.  

The processing of personal data takes place on the basis of your previously given consent on our Consent Manager in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do so, please click on the following link:

Use of the LinkedIn Insight tag

We use the LinkedIn Insight tag (via the Google Tag Manager) on our website. This is a service provided by LinkedIn Ireland Unlimited Company, Gardner House 2, Wilton PI, Dublin 2, Ireland (hereinafter "LinkedIn").

The tag is a small snippet of code that we have added to our website to track conversions, retarget our website visitors and gain additional information about the people who view our ads. Among other things, this helps us to better target advertising outside our website and thus improve the relevance of our ads.

The referrer URL, IP address, device and browser properties as well as the timestamp are recorded and processed by LinkedIn as part of the analysis. The IP addresses are shortened or hashed and direct identifiers of LinkedIn members are removed within seven days in order to pseudonymize the data. The remaining pseudonymized data is deleted within 90 days. LinkedIn itself does not share any personal data with us, but merely evaluates your data and sends us statistical reports and messages (in which you can no longer be identified by us).

LinkedIn members can also control the use of their personal data for advertising purposes in their account settings at https://www.linkedin.com/psettings/advertising/actions-that-showed-interest.

Further information on the processing of personal data by LinkedIn can be found in LinkedIn's data protection information at https://de.linkedin.com/legal/privacy-policy. 

The processing of personal data takes place on the basis of your previously given consent on our Consent Manager in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do so, please click on the following link:

Use of the Facebook Pixel and Facebook Custom Audiences:

On our website, we use the so-called "Facebook Pixel" of the social network Facebook, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Facebook"). By using the Facebook pixel, we can determine so-called "custom audiences", i.e. user-defined target groups to which you are assigned as part of tracking by the pixel. The Facebook ads placed by us are then only displayed to people who are assigned to the appropriate target group. In this way, you should only receive advertising for products and services in which you are interested. In this way, we want to ensure that our advertising corresponds to the potential interest of users and does not have a harassing effect. During transmission, the Facebook pixel also transmits personal data directly to Facebook. You can find out exactly what data is involved and for what other purposes Facebook processes the data in Facebook's privacy policy at https://www.facebook.com/policy.php. 

The processing of personal data takes place on the basis of your previously given consent on our Consent Manager in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do so, please click on the following link:

Use of AddThis:

We use a website plugin from AddThis (Oracle Nederland B.V.
Hertogswetering 163-167, 3543 AS Utrecht, Netherlands) on our website. The plugin allows you to share content from our website quickly and easily on various social media channels such as Facebook, Twitter or Instagram or by email. If you are logged in with your own account on the social media channel through which you share the content as a website visitor, this process (and other associated information, such as the visit to our website, etc.)
can be assigned to your account. Addthis also collects various information about your visitor behavior in cookies. The following data may be processed:

Cookie IDs, website URLs, time of website visit, length of stay on the website, IP addresses, mobile advertising IDs, browser and device information

The information collected can also be shared with other companies. You can find more information on this at

https://www.oracle.com/legal/privacy/.

The processing of personal data takes place on the basis of your previously given consent on our Consent Manager in accordance with Art. 6 para. 1 a GDPR. You can revoke your consent at any time with effect for the future. To do so, please click on the following link:

Embedding YouTube videos

Our website uses plugins from the Google-operated YouTube site. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

YouTube uses various cookies to track user interaction with the embedded content and to ensure optimal functionality of the video content. These cookies have different functions:

Tracking user interaction: a cookie is used to track user interaction with embedded YouTube videos. This helps to analyze and improve the use and performance of the videos.
Registration of a unique ID: Another cookie registers a unique ID to create statistics about the videos that a user has watched. These statistics help YouTube to improve the user experience.
Functionality of YouTube video content: Some cookies are necessary for the implementation and functionality of YouTube video content on our website. Without these cookies, the videos may not be displayed or played correctly.
User bandwidth estimation: A cookie attempts to estimate the user bandwidth on pages with integrated YouTube videos. This allows YouTube to adjust the video quality according to the available bandwidth.
Storage of user preferences: When a user views a YouTube video on our website, a cookie saves the user settings. These settings are taken into account the next time an integrated YouTube video is accessed on other websites.
 By using our website, you consent to the collection, processing and use of the automatically collected data by YouTube LLC, Google LLC and their representatives.

You can find further information on the handling of user data in YouTube's privacy policy at: https://policies.google.com/privacy?hl=en&gl=en  

Integration of Typeform

Our website uses the services of Typeform, a company of Typeform S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain. Typeform enables us to embed interactive forms and surveys on our website. As part of the use of Typeform, various cookies are used to ensure optimal functionality and user experience. These cookies have the following functions:

Load balancing: a cookie registers which server cluster is serving the visitor. This is used in connection with load balancing to optimize the user experience and ensure that the forms are always available and performant.
Implementation of forms: Some cookies are necessary to implement the forms on our website. Without these cookies, the forms may not be displayed or used correctly.
Website behavior and analysis: Another cookie registers data about the behavior of visitors to our website. This data is used for internal analysis and to optimize the website. They help us to continuously improve the user experience and better tailor content to the needs of visitors.

 By using our website, you consent to the collection, processing and use of the automatically collected data by Typeform S.L. and its representatives.

 Further information on the handling of user data can be found in Typeform's privacy policy at: https://admin.typeform.com/to/dwk6gt

Further general information:

Changes to this Privacy Statement

We check this Privacy Statement on a regular basis to ensure that it complies with the legal provisions, the jurisprudence and the statements of the supervisory authorities, as well as to align it to emerging trends and the technological state of the art. In this respect, we reserve the right to change this Privacy Statement in order to adjust it in line with new legal data protection requirements or other changes in the factual or legal circumstances. We kindly ask, therefore, that you always check the information in our Privacy Statement applicable at the time prior to using our website.

Who is responsible for data processing? (Art. 13, para. 1 (a), (b) GDPR)

Responsible for data processing on our website is Aengevelt Immobilien GmbH & Co. KG (“Aengevelt”). Please refer to our Imprint for contact details: https://www.aengevelt.com/en/imprint/

Our Data Protection Officer can be reached at:

Aengevelt Immobilien GmbH & Co. KG

Attn: Data Protection Officer

Kennedydamm 55 / Ross-Str. 166
40476 Düsseldorf, Germany
Tel. +49 211 8391-0
Fax +49 211 8391-255
datenschutz@aengevelt.com 

Who receives your personal data? (Art. 13, para. 1 (e), (f) GDPR)

We treat your personal data confidentially and never pass these on to third parties unless you have provided us with your consent to do so, where these are made available based on a legal or contractual commitment or where their forwarding is necessary in order to complete pre-contractual measures, resp. fulfill a contract. In individual cases, we may contract a processor (e.g., IT service provider) to process your personal data. This is then carried out in accordance with Art. 28 GDPR and on the basis of a respective commissioned data processing contract.

How long is the data stored? (Art. 13, para. 2 (a) GDPR)

The legislator has imposed numerous retention periods and deadlines.

We only store your data as long as this is legally required.

Once these periods have lapsed, we delete the respective data as a matter of routine, in as far as they are no longer required with a view to fulfilling the contract. We store data that are processed based on your consent until this consent is revoked, resp. as long as these data are required. We store data that are processed based on a legitimate interest as long as this legitimate interest continues to exist.

In line with the legal provisions, commercial law data or financially-relevant data ensuing from a closed financial year are deleted after a further ten years have passed, in as far as no longer retention periods have been stipulated or are required for legitimate reasons. In as far as the data are not subject to specific retention periods, they are deleted when the purpose for which they were processed ceases to exist.

For which purposes and on which legal basis do we process your personal data? (Art. 13, para. 1 (c), (d) GDPR)

We have already outlined the purposes and legal basis for processing data. In addition, the following generally applies: Where required, we process your data to safeguard our legitimate interests or those of other third parties in accordance with Art. 6, para. 1 (f) GDPR, for example, to establish legal claims or to defend ourselves in legal disputes or to uphold our IT operations or security.

We process your data for purposes of external communications and marketing on the basis of Art. 6, para. 1 (a) or (f) GDPR in cases where we have a legitimate interest in doing so, or where we have received your written consent to process your personal data. You have the right to revoke your consent at any time.

In order to be able to comply with legal obligations, we are allowed to, or must, where required, process your data and pass these on to third parties (in accordance with Art. 6, para. 1 (c)).

In no case shall we use your data in an automated decision-making process or for profiling purposes.

Furthermore, we use cookies to be able to offer you an improved service when using our website and to make this website more convenient for you to use (Art. 6, para. 1 (f) GDPR).

Which rights and obligations do you have? (Art. 13, para. 2 (b), (c), (d), (e) GDPR)

All data subjects have the following rights:

• In accordance with Art. 15 GDPR, you have the right to receive information. This means that you can request confirmation from us as to whether your personal data are being processed by ourselves.
• In accordance with Art. 16 GDPR, you have the right to rectification. This means that you can demand that we rectify any incorrect personal data concerning your person.
• In accordance with Art. 17 GDPR, you have the right to erasure (“right to be forgotten”). This means that you can demand that we erase any personal data concerning your person without undue delay - unless we are unable to erase your data, for example, due to being required to observe legal retention periods.
• In accordance with Art. 18 GDPR, you have the right to restriction of processing. This means that we are virtually no longer allowed to process your personal data - apart from storing them.
• In accordance with Art. 20, GDPR, you have the right to data portability. This means that you have the right to receive the personal data concerning your person and that you have made available to us in a structured, commonly used and machine-readable format and to transmit these data to another controller.
• In accordance with Art. 7, para. 3 GDPR, you have the right to revoke any consent you have provided at any time with future effect.
• In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the responsible supervisory authority.

In addition, you also have the right to object which we will be explaining in more detail at the end of this data protection information sheet.

If you would like to exercise any of your above rights, please contact our Data Protection Officer (see contact details listed above).

Responsible supervisory authority

State Data Protection Officer

North Rhine-Westphalia

Office address: Kavalleriestr. 2–4, 40312 Düsseldorf, Germany

Postal address: P.O. Box 200444, 40102 Dusseldorf, Germany

Tel.: +49 (0)211 38424-0

Email address: poststelle@ldi.nrw.de

Information on your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR)

 You have the right to object, on grounds resulting from your particular situation, at any time to the processing of personal data concerning your person which is carried out based on Art. 6, para. 1 (f) GDPR (data processing based on the weighing up of legitimate interests); this also applies to potential profiling based on this provision as provided for in Art. 4 (4) GDPR.

Should you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms or where this processing is for the establishment, exercise or defense of legal claims.

Please direct your objection in writing (via email or post) to the attention of our Data Protection Officer (see contact details listed above).