Max-Dohrn-Straße 8-10, 10589 Berlin
Phone +49 (0)30 20044550
Fax +49 (0)30 224455-9100
Purposes for which personal data may be processed
We may process your personal data for the following reasons:
- Contacting you
- Quality assurance
- Compiling Statistics
- Contract fulfilment and billing
- Conducting Surveys
Legal basis for processing personal data
Your personal data is processed based on the following legal frameworks:
- Your consent, Article 6 (1) (a) of the GDPR
- Legitimate interests, Article 6 (1) (f) of the GDPR (see below)
- For contract fulfilment, Article 6 (1) (b) of the GDPR
When processing your personal data, we are guided by the following legitimate interests:
- Improvement of our product offers
- Protection against misuse
Recipients or categories of recipients of personal data
When processing your data, we work with the following service providers, which have access to your data:
- Advertising networks (for pop-up advertisements)
- Providers of web analysis tools
- When processing your data in order to carry out credit enquiries, we use contractually agreed to service providers who have access to your data.
Duration for which the personal data is stored:
We store your data,
- if you have given your consent for the processing, until you revoke your consent,
- if we are using your data for a legitimate interest, for as long as your interest in deletion or anonymization does not outweigh ours.
We get the data from you (including through the devices you use).
Data transfer to third countries
Data is transferred to third countries outside the European Union, based on legal regulations, which are intended to ensure adequate protection of your data and which you can view on request.
Rights of the data subject to disclosure of information as well as to correction, deletion or restriction of the processing, as well as a right to objection against processing and the right to data transferability:
If your personal data is being processed, then you are a data subject in the meaning of the GDPR. As a data subject, you have the right, partly under certain preconditions
- To demand information about the processing of your data,
- To have your data corrected and/or supplemented,
- To have your data deleted or blocked,
- To have the processing of your data restricted,
- To object to the processing of your data,
- To receive your data in a transferable format and to transfer it to a third party,
- To revoke your consent for the processing of your data in future, and
- To complain to the responsible supervisory authority about unauthorised data processing. The responsible supervisory authority is the Berlin-based officer in charge of data protection and information freedom.
Requirement or obligation to provide data
As long as this is not explicitly stated during data collection process, providing your personal data is not necessary or obligatory.
Further information on data protection: registration, contact form and e-mail contact.
You can enter your personal data on the app when you create a customer account. Your information is transmitted to us and stored in our data base. It is possible to remove your personal data from our data base at any time, if you request this in written form.
Sending a text message, e-mail or letter with a clear request to delete your personal data is sufficient. In order to prevent unauthorised use by third parties, such requests must be strictly verified before we can take action. When you provide us personal data via e-mail, this information will not be stored or transferred to third parties, your data is only used for processing your request.
Specific purpose of the data processing.
Contact via e-mail constitutes a necessary legitimate interest in the processing of data.
Duration of storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.
Possibility of objection and removal
The user has the possibility to revoke their consent to the processing of personal data at any time. In this case, please contact us using the contact details mentioned above. All your personal data stored until this point will be deleted.
Provision of the website and creation of log files
Description and scope of data processing
Each time you access our website and app, our system automatically collects data and information from the computer system or device that you are accessing from. The following data is collected:
- Information about the browser type and the version used
- The user’s operating system
- The device type of the user
- The Internet service provider of the user
- The IP address of the user
- Date and time of access
- Websites from which the user accessed our website
- Websites to which the user accessed through our website
The data is also stored in the log files of our system.
Specific purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the delivery of the website and the app to the user. For this purpose, the IP address of the user must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the app. The data is also used to optimize the website and the app and to ensure the security of our information technology systems.
These purposes also include our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.
Duration of storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data to provide the website, this is the case when the session in question has ended.
If the data is stored in log files, this is the case after 30 days at the latest. A storage going beyond this is possible. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
Possibility of objection and removal
The collection of data for the provision of the website and the app and the storage of data in log files is mandatory for the operation of the website and the app. Consequently, there is no possibility for the user to object.
Participation in surveys
For individual surveys we use SurveyMonkey (SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland), a web service for creating and evaluating online surveys. Participation is voluntary and the respondents thereby declare their consent to the processing of their personal data in accordance with Art. 6 para. 1 lit. A of the GDPR. The data will be stored for the duration of the survey and evaluation.
Please note that SurveyMonkey will store the data on your servers and reserves the right to collect, process, use, and disclose information for its own purposes. In particular, cookies, ad tracking, and IP addresses are used or collected for this purpose. SurveyMonkey also reserves the right to share this information with third parties, including in other countries. Because the information collected also ends up on U.S. servers, where it is collected, used, and stored, SurveyMonkey is certified under the Privacy Shield Agreement, thereby ensuring compliance with European data protection laws.
When the evaluation of a survey is complete, the survey data is deleted from the SurveyMonkey account. Within 90 days, the data will also be permanently removed from SurveyMonkey’s system.
Survey participants can contact us at any time to request that their survey data, including personal information if collected, be deleted. No subsequent correction of individual responses is possible after the survey has been submitted.
Description and scope of data processing
In the process, the following data is stored and transmitted in the Cookies:
- Language settings
- Items in a shopping cart / selected advisors
- Log-in information
Caution: If you delete your Cookies in the browser, this will result in even the Opt-Out-Cookie stored in your browser being deleted and the revocation must, if necessary, be carried out once again in the same way outlined earlier.
Amazon Web Services
We use the product “S3” from Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA, (“AWS”) to host and distribute the content of our web pages. AWS processes our data on our behalf. The hosting exclusively takes place in the AWS computer centre in Frankfurt a. M. Moreover, AWS is Privacy Shield certified and thus guarantees that personal data outside the European Economic Area is processed in accordance with European data protection laws https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active.
We use Atlas from MongoDB as our central database, Inc. 3 Shelbourne Building, Crampton Avenue Ballsbridge, Dublin 4, Ireland. Data processing is based on our legitimate interests (Art.6 para.1 lit. f DSGVO) in the technically error-free and optimised provision of our services.
We use the log management tool “LogEntries” from RAPID7, Inc., The One Building, 2nd Floor, 1 Grand Canal Street Lower, Dublin 2, Dublin, Ireland (“LogEntries”), to evaluate the log files. Log files (such as your IP address, operating system used, name of the internet service provider) are transmitted to LogEntries in order to evaluate them in anonymous form. The evaluation is carried out to ensure the functionality of the website. The data is also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Further information on this can be found at: https://www.rapid7.com/privacy-policy/. Data processing also takes place in the United States. An adequate level of data protection is ensured by RAPID7, Inc.’s participation in the EU-US Privacy Shield.
Use of Facebook Custom Audiences
We also use retargeting technologies. This technology makes it possible to address Internet users who have already shown interest in our products and services, as well as Internet users who are also likely to be interested, on the websites of our partners (e.g. Facebook) with advertisements. This advertising is displayed on the pages of our partners on the basis of cookie technology and an analysis of previous usage patterns. This form of advertising is pseudonymous. Retargeting technology is used in compliance with the applicable statutory data protection regulations.
Pinterest Conversion Tracking:
Our app uses the conversion tracking technology of the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), which enables us to show our visitors who have already taken an interest in our app and our content/offerings and are Pinterest members, advertisements and offers relevant to them on Pinterest. For this purpose, a conversion tracking pixel from Pinterest is integrated into our app, which tells Pinterest when you visit our app that you have called up our app and which parts of our offer you are interested in. For example, if you are interested in
You can opt-out of the collection of data for the display of interest-based advertising on Pinterest at any time in your Pinterest account settings at https://www.pinterest.de/settings (where you can disable the “Use information from our partners to better tailor recommendations and ads on Pinterest to you” button under “Customization”) or at https://help.pinterest.com/de/article/personalization-and-data#info-ad (where you can disable the checkbox under “Disable customization”).
Google Ads tracking
adviqo GmbH uses the Conversion-Tracking system of Google Ireland Limited (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), being the latter’s advertising customer (“Google Ads customer”), for purposes of marketing performance measurement. For this purpose, a Google Ads pixel is integrated on each of the registration pages of adviqo, and this pixel transmits the registration event to Google without any details of the customer concerned – besides the common technical features of every web page visit (e.g. browser, IP-address). For purposes of recognition and assignment of the users, a Cookie will be installed by Google, provided you accessed the web pages through a Google advert. These Cookies will lose their validity after 30 days. Each Google Ads user receives a different Cookie. Cookies cannot therefore be tracked via the websites of Ads users. For further information on data protection at Google, visit https://policies.google.com/. Besides, users can also deactivate or revoke Google adverts as a whole or in parts at https://privacy.google.com/?hl=de#google-experience (Opt-Out).
Google Tag Manager
This website uses the Google Tag Manager by Google Ireland Ltd, , Gordon House, Barrow Street, Dublin 4, Irland. This service allows website tags to be managed through an interface. Google Tool Manager only implements tags. This means that no cookies are used and no personal information is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.
We use the list provider MailChimp for sending out our newsletter. MailChimp is a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318 (“Rocket”). Rocket signed the so-called “Safe Harbor Agreement” on 22/07/2008. This is a data protection agreement between the European Union and United States.
For further information on data protection at MailChimp, visit http://mailchimp.com/legal/privacy/.
Emarsys eMarketing Systems AG (Stralauer Platz 34, 10243 Berlin; www.emarsys.com/de) is also used in the technical processing of newsletter mailings and is an Austrian enterprise with headquarters in Berlin, which provides the software and infrastructure for sending consent-based electronic messages. Emarsys is aware of its obligation towards recipients of such messages and has a zero-tolerance policy for spam.
Furthermore, Emarsys offers various possibilities of analysing how the despatched newsletters are opened and used, e.g. to how many users was an e-mail sent, whether the e-mails were rejected, and whether the users unsubscribed after receiving the e-mail. These analyses are, however, only group-related and we do not use them to evaluate individuals. If you don’t wish to continue receiving our newsletter, you can unsubscribe any time by clicking on the relevant link contained in every mailing. For further information on data protection at Emarsys, visit https://www.emarsys.com/en/privacy-policy/.
We use the services of Adjust, an App analysis service, for analysing the App usage (adjust GmbH, Saarbrücker Str. 38a, 10405 Berlin). The Adjust service has been tested and certified according to ePrivacyseal (European Seal for your Privacy) – see http://www.eprivacy.eu/vergebene-siegel/). Adjust uses the IP and Mac-addresses of the UserApp-users, but these are used exclusively in an anonymised form. It is therefore not possible to trace this data back to a natural person. The information collected through the use of Adjust is used merely to analyse the function and use of the App by creating anonymous evaluations and graphics of the number of visits, number of web pages accessed per user, etc. The analyses are used exclusively for personal market research as well as for the optimisation and a needs-oriented design of the App. There is a possibility of revocation. You can stop any tracking associated with the App in future by selecting the “Data protection” item on the menu and adjusting the sliding switch accordingly (“Turn off Tracking”).
We use the service provider YouTube for the integration of videos, among other things, in our website. YouTube is operated by YouTube LLC with headquarters in 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. with headquarters in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you visit pages of our website equipped with a Plugin – for example, our media library – a connection is established with the YouTube servers, and the Plugin is displayed in the process. Through this, a message will be sent to the YouTube server indicating which of our web pages you visited. If you are logged into YouTube as a member, YouTube will assign this information to your personal user account. If the Plugin is used, e.g. when the start button of a video is clicked, this information will also be assigned to your user account. You can prevent this assignment by logging out of your YouTube user account as well as other user accounts belonging to YouTube LLC and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. and deleting the relevant Cookies of those companies before using our website. You can find further information on data processing and data protection by YouTube (Google) at www.google.de/intl/de/policies/privacy/.
Facebook visitor action pixel
With your consent, we use the “visitor action pixel” from Facebook Inc. within our websites. With the help of these pixels, we can track the actions of users after they have seen or clicked on an advert. This will enable us to gauge the effectiveness of adverts on the mentioned platforms for market research purposes. The data collected in this way is anonymous to us; that is, we do not see the personal data of individual users. This data is, however, stored and processed by the respective platform providers – something we shall inform you of to the best of our knowledge. For more information, we refer you to the respective privacy policies: https://www.facebook.com/about/privacy/.
Plugins of the social network provider, Facebook, are integrated on our website. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognise the Facebook Plugins by the Facebook logo or the “Like-Button” on our web page. You can find an overview of the Facebook Plugins here: http://developers.facebook.com/docs/plugins/.
Facebook Connect (Social Network Connect)
On this website we use the Customer Relationship Management (CRM) service of Zendesk Inc. 989 Market Street #300, San Francisco, CA 94102, USA.
To send push messages in the Android and iOS apps, the service Braze is used, a program of Braze Inc. NYC, 318 West 39th Street, 5th Floor, New York, NY 10018, USA. Braze stores data about the use of the app under an anonymized ID, but no personal data. For more information on Braze’s privacy practices, please go to https://www.braze.com/privacy.
Verification of a mobile number
In order to ensure that all relevant information on a rental and leasing by SMS is received, the mobile number is verified by the provider NEXMO (https://www.nexmo.com/) by means of an opt-in procedure. The verification is done on our site under “Contact details”.
Contact by mobile number
As soon as the mobile number is verified, we store it in our database. It will be disclosed to the contracting party in the event of a successful rental or lease in order to establish contact. It is not publicly accessible.
Sending voice messages
When you send voice messages via CloudMatic, the data you provide will be sent to Nexmo Inc, 217 Second Street, 4th Floor, San Fran-cisco, CA 94105 as part of the delivery. The data is passed on in accordance with Art. 6 para. 1 lit. b DSGVO and only to the extent necessary for sending the message:
- The mobile telephone number(s) to which the message(s) is/are to be sent
- The message to be sent
Google Cloud Platform (GCP)
We use the Google Cloud for hosting. For the hosting in the Google Cloud (Google Cloud Platform, GCP) we use the region Frankfurt, Germany (europe-west3) However, the Google Cloud works according to the principle of a multi-tenant environment, so that data is replicated between several geographically distributed data centres (fail-safe of the data centres). Personal data is transferred to countries outside the EU as part of the hosting. The legal basis for this are the corresponding EU standard contract clauses, see GCP sample contract clauses and further information on data protection in the Google Cloud at https://cloud.google.com/security/gdpr/resource-center/contracts-and-terms?hl=en
We use the tool Firebase in our app. This is a real-time database that we use for real-time data exchange and storage in our app to improve and develop our app. The user data is transmitted to Firebase anonymously. Firebase is a Google subsidiary and is based in San Francisco (CA), USA.
Find the Firebase pirvacy polic here: https://www.firebase.com/terms/privacy-policy.html and the Google privacy policxy here: https://www.google.de/intl/de/policies/privacy/.
Use of the analysis tool “Google Analytics”
Furthermore, you can prevent the collection and processing of this data by Google Ireland Ltd,. by downloading and installing the browser add-on available through the following link: https://tools.google.com/dlpage/gaoptout
As an alternative, or within browsers on mobile devices, you can click on the following link: Deactivating Google Analytics An Opt-Out-Cookie will be stored in your device for our web pages and effective for the browser you are currently using. If you delete your Cookies in this browser, you must click on the following link afresh.
Native Google & Apple Store
If you download our app, the necessary information will be transferred to the respective app store. This includes in particular user name, e-mail address, time of download and the individual device identification number. However, we have no influence on this data collection, as this is based on the respective app store operator. We process the data provided as far as this is necessary for downloading the app to your mobile device (e.g. smartphone or tablet). Furthermore, they are not stored with us. In this context, please also note the data protection information of the app store operators:
- for the iOS App Store: Apple Inc, 1 Infinite Loop, Cupertino, CA 95014, USA, available at https://www.apple.com/de/privacy/privacy-policy/, and
- for the Google Play Store: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, available at https://www.google.de/intl/de/policies/privacy/.
Updated: November 12, 2019
When you visit our Facebook Fanpage or Instagram Page (hereinafter “Facebook”), we are jointly responsible with Facebook for the processing of your personal data. Instagram is part of the Facebook group of companies and shares infrastructure, systems and technology with Facebook and other Facebook companies (https://www.facebook.com/help/111814505650678?ref=dp).
Below we inform you about the associated data processing:
Information about the collection of personal data and contact details of the person responsible
|Data||Purpose of Use||Legal Basis|
|1||User interactions (postings, likes etc.)||User communication via social media||Art. 6 para. 1 lit. f) GDPR|
|2||Cookies||Target group advertising||Art. 6 para. 1 lit. f) GDPR|
|3||Demographic data (e.g. based on age, location, language or gender)||Target group advertising||Art. 6 para. 1 lit. f) GDPR|
|4||Aggregated data without personal reference (e.g. page activities, page views, page previews, likes, recommendations, articles, videos, page subscriptions including origin, times of day)||Target group advertising||Art. 6 para. 1 lit. f) GDPR|
The promotional use of your personal data is particularly important for Facebook. We use the statistics function to learn more about the visitors of our fan page. Using this function enables us to adapt our content to the respective target group, by using demographic information about the users, such as age and locations.
To provide the social media service in the form of our Facebook fan page and to use the Insight function, Facebook usually stores cookies on the user’s device. These include session cookies that are deleted when the browser is closed and persistent cookies that remain on the device until they expire or are deleted by the user.
A cookie is a tiny text file that allows a website to recognize a browser. When a website is called up, cookies are stored in a text file on the computer and are called up and read the next time the web server is called up. As a user, you can decide yourself via your browser settings whether and which cookies you wish to allow, block or delete.
According to Facebook, the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurements, website functions and services, performance, and analysis and research. Details of the cookies used by Facebook (e.g., cookie names, duration of function, content collected and purpose) can be found at on the following links: https://www.facebook.com/policies/cookies/ and https://help.instagram.com/1896641480634370?ref=ig There you will also find the option to deactivate the cookies used by Facebook. The collection and storage of data through the use of the above-mentioned Facebook cookies can also be refused at any time with effect for the future by clicking on the following opt-out link: http://www.youronlinechoices.com/de/praferenzmanagement/.
Note about Facebook Insights:
Pursued legitimate interests, provided that the legal basis is Art. 6 para. 1 lit. f) GDPR
We see our legitimate interest in data processing in the presentation of our company and our products and services for your information.
Transmission and use of personal data
Recipients or categories of recipients: Facebook and Instagram
If you interact within Facebook and Instagram directly, Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA, also has access to your data. Facebook is located here in a third country where the level of data protection is lower. Facebook is subject to the EU-U.S. Privacy-Shield in order to guarantee an adequate level of data protection according to European standards.
We cannot fulfil our information obligations according to Art. 13 EU-DSGVO, as only Facebook has full access to the user data. If you wish to exercise your rights as a data subject, please contact Facebook directly here. You are entitled to the following rights:
- Right of access by the data subject: Art. 15 EU-GDPR
- Right to rectification: Art. 16 EU-GDPR
- Right to erasure (‘right to be forgotten’): Art. 17 EU-GDPR
- Right of restriction of processing: Art. 18 EU-GDPR
- Right to object: Art. 21 EU-GDPR
- Right to data portability: Art. 20 EU-GDPR
- Right to lodge a complaint with a supervisory authority: Art. 77 EU-GDPR
- Right of withdrawal consent at any time: Art. 7 Para. 3 EU-GDPR
According to Art. 21 EU-GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. 2 The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. if personal data are processed for the purpose of direct marketing, you also have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is necessary to ensure that the data are not processed for the purpose of direct marketing.
Data protection officer
You can contact the data protection officer of Facebook via the online contact form provided by Facebook at https://www.facebook.com/help/contact/540977946302970
Updated: November 12, 2019