Privacy policy

Privacy policy on the processing of data in accordance with Art. 13 EU General Data Protection Regulation (as of 19 December 2022)

We, Aco­pio Faci­li­ty GmbH & Co. KG (her­ein­af­ter "Aco­pio", infor­ma­ti­on about our com­pa­ny can be found here), a com­pa­ny within Covi­vio Immo­bi­li­en SE, are plea­sed that you are visi­ting our web­site (www.coviviotoshare.de).

This pri­va­cy poli­cy informs you about the pro­ces­sing of your per­so­nal data at Aco­pio and your exis­ting data pro­tec­tion rights in this regard in accordance with the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) and the new Fede­ral Data Pro­tec­tion Act (her­ein­af­ter refer­red to as "BDSG new").

If you have any ques­ti­ons about the con­tent of the pri­va­cy poli­cy, you can cont­act us at any time at the fol­lo­wing address:

datenschutz@covivio.immo

As chan­ges to the law or chan­ges to our inter­nal com­pa­ny pro­ces­ses may make it neces­sa­ry to amend this pri­va­cy poli­cy, we would like to draw your atten­ti­on to occa­sio­nal chan­ges to this pri­va­cy policy.

§ 1 Scope of application

This pri­va­cy poli­cy appli­es to the pro­ces­sing of your data in the con­text of your use of the Aco­pio web­site, which is available under the domain www.coviviotoshare.de as well as the various sub­do­mains and indi­vi­du­al pages (her­ein­af­ter coll­ec­tively refer­red to as the "Web­site"). In addi­ti­on, if you use the offers on the web­site as an inte­res­ted par­ty and/or ten­ant or have alre­a­dy con­cluded a ren­tal agree­ment with us.

§ 2 Definitions

Recei­ver is a natu­ral or legal per­son, public aut­ho­ri­ty, agen­cy or ano­ther body, to which the per­so­nal data are dis­c­lo­sed, whe­ther a third par­ty or not. Howe­ver, public aut­ho­ri­ties which may recei­ve per­so­nal data in the frame­work of a par­ti­cu­lar enquiry in accordance with Uni­on or Mem­ber Sta­te law shall not be regard­ed as reci­pi­ents; the pro­ces­sing of tho­se data by tho­se public aut­ho­ri­ties shall be in com­pli­ance with the appli­ca­ble data pro­tec­tion rules accor­ding to the pur­po­ses of the processing.

Per­so­nal data is any infor­ma­ti­on rela­ting to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son. An iden­ti­fia­ble natu­ral per­son is one who can be iden­ti­fied, direct­ly or indi­rect­ly, in par­ti­cu­lar by refe­rence to an iden­ti­fier such as a name, an iden­ti­fi­ca­ti­on num­ber, loca­ti­on data, an online iden­ti­fier or to one or more fac­tors spe­ci­fic to the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, men­tal, eco­no­mic, cul­tu­ral or social iden­ti­ty of that natu­ral person.

Per­son respon­si­ble is the natu­ral or legal per­son, public aut­ho­ri­ty, agen­cy or other body which, alo­ne or joint­ly with others, deter­mi­nes the pur­po­ses and means of the pro­ces­sing of per­so­nal data. Whe­re the pur­po­ses and means of such pro­ces­sing are deter­mi­ned by Uni­on or Mem­ber Sta­te law, the con­trol­ler or the spe­ci­fic cri­te­ria for its nomi­na­ti­on may be pro­vi­ded for by Uni­on or Mem­ber Sta­te law.

Pro­ces­sing is any ope­ra­ti­on or set of ope­ra­ti­ons which is per­for­med on per­so­nal data or on sets of per­so­nal data, whe­ther or not by auto­ma­ted means, such as coll­ec­tion, recor­ding, orga­ni­sa­ti­on, struc­tu­ring, sto­rage, adapt­a­ti­on or altera­ti­on, retrie­val, con­sul­ta­ti­on, use, dis­clo­sure by trans­mis­si­on, dis­se­mi­na­ti­on or other­wi­se making available, ali­gnment or com­bi­na­ti­on, rest­ric­tion, era­su­re or destruction.

§ 3 Pur­po­ses and legal bases of data processing

In addi­ti­on to the pro­ces­sing of your data to car­ry out pre-con­trac­tu­al mea­su­res or to ful­fil a con­tract on the basis of Art. 6 para. 1 sen­tence 1 lit. b) GDPR and to ful­fil a legal obli­ga­ti­on pur­su­ant to Art. 6 para. 1 sen­tence 1 lit. c) GDPR, we pro­cess your data in order to pro­tect our legi­ti­ma­te inte­rests or tho­se of third par­ties, Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. The pro­ces­sing of your per­so­nal data may be neces­sa­ry, for exam­p­le, to ensu­re IT secu­ri­ty and IT ope­ra­ti­ons, to obtain infor­ma­ti­on on cre­dit­wort­hi­ness and to exch­an­ge data with cre­dit agen­ci­es, for manage­ment and con­trol by affi­lia­ted com­pa­nies of the Covi­vio Group or the cor­re­spon­ding super­vi­so­ry bodies or con­trol­ling bodies (e.g. for the bil­ling of ancil­la­ry cos­ts, for com­mer­cial admi­nis­tra­ti­on and com­mis­sio­ning of third par­ties as vica­rious agents (e.g. for repairs, main­ten­an­ce, ser­vicing, refur­bish­ment, moder­ni­sa­ti­on, emer­gen­cy mea­su­res, for the coll­ec­tion of receiv­a­bles by our receiv­a­bles manage­ment and, if neces­sa­ry, a debt coll­ec­tion or fac­to­ring com­pa­ny, for the asser­ti­on of legal claims

and defence in legal dis­pu­tes by lawy­ers, for the sett­le­ment of insu­rance claims (e.g. buil­ding insu­rance, pro­per­ty insu­rance), for the pre­ven­ti­on and inves­ti­ga­ti­on of cri­mi­nal offen­ces (if neces­sa­ry also through video sur­veil­lan­ce), to ensu­re buil­ding and plant secu­ri­ty, to exer­cise infor­ma­ti­on obli­ga­ti­ons in the con­text of requests for infor­ma­ti­on from third par­ties (e.g. aut­ho­ri­ties), also for the veri­fia­bi­li­ty of orders and other agree­ments, for inter­nal eva­lua­ti­on to ana­ly­se the real estate mar­ket and the demand situa­ti­on, for risk assess­ment (due dili­gence) in cor­po­ra­te tran­sac­tions. The legal basis for data pro­ces­sing is Art. 6 para. 1

  1. 1 lit. b) and lit. c) GDPR and to pro­tect our legi­ti­ma­te inte­rests or tho­se of third par­ties, Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. We offer you various digi­tal ser­vices The legal basis for this data pro­ces­sing is also the ful­film­ent of a con­tract on the basis of Art. 6 para. 1 sen­tence 1 lit. b) GDPR. If you cont­act our cus­to­mer ser­vice by tele­pho­ne or in wri­ting, we will also pro­cess your per­so­nal data. The pro­ces­sing depends on the sub­ject of your enquiry. In order to be able to pro­cess your enquiry as quick­ly as pos­si­ble and to your satis­fac­tion, we use per­so­nal data that has been stored in our sys­tems as part of other data pro­ces­sing (e.g. data that you pro­vi­ded when arran­ging a vie­w­ing appoint­ment with us or when con­clu­ding a ren­tal agree­ment with us or during a pre­vious cus­to­mer cont­act). If you pro­vi­de us with health data as part of your enquiry, we will only pro­cess this data to deal with your request. The legal basis for the pro­ces­sing of your per­so­nal data is, depen­ding on the enquiry, con­tract initia­ti­on, exe­cu­ti­on or, if appli­ca­ble, con­tract pro­ces­sing with you (Art. 6 para. 1 sen­tence 1 lit. b) GDPR), ful­film­ent of legal obli­ga­ti­ons towards you (Art. 6 para. 1 sen­tence 1 lit. c) GDPR) and our legi­ti­ma­te inte­rest in ans­we­ring your enquiry on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. As part of the sale of our pro­per­ties, we pro­cess your per­so­nal data for the pre­pa­ra­ti­on, con­clu­si­on and exe­cu­ti­on of the purcha­se con­tract on the basis of 6 para. 1 sen­tence 1 lit. b) GDPR and on the basis of our legi­ti­ma­te inte­rest in the sale of our pro­per­ties on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. We pro­cess per­so­nal data of our adver­ti­sing exis­ting ten­ants and poten­ti­al future ten­ants as part of the "Ten­ants recruit ten­ants" cam­paign on the basis of our legi­ti­ma­te inte­rest in car­ry­ing out mar­ke­ting mea­su­res and fin­ding sui­ta­ble new ten­ants for our pro­per­ties on the basis of 6 para. 1 sen­tence 1 lit. f) GDPR and for the pur­po­se of initia­ting a ren­tal agree­ment with the inte­res­ted par­ty on the basis of Art. 6 para. 1 sen­tence 1 lit. b) GDPR.

  1. We con­duct cus­to­mer sur­veys to deter­mi­ne and pro­mo­te the satis­fac­tion of our cus­to­mers with the pur­po­se of cus­to­mi­sing our ser­vices to your wis­hes and needs and to impro­ve them. If you take part in such a cus­to­mer sur­vey, your per­so­nal data will be pro­ces­sed on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. In addi­ti­on, we pro­cess your per­so­nal data to ful­fil legal obli­ga­ti­ons such as regu­la­to­ry requi­re­ments, age and iden­ti­ty checks whe­re appli­ca­ble, to pre­vent fraud and money laun­de­ring, to pre­vent, com­bat and inves­ti­ga­te cri­mi­nal offen­ces, to ful­fil legal, offi­ci­al or com­mer­cial and tax law reten­ti­on or con­trol and report­ing obli­ga­ti­ons (such as, for exam­p­le Legio­nella test­ing), to com­ply with the legal­ly requi­red rent review (legal­ly com­pli­ant coll­ec­tion of rent, veri­fi­ca­ti­on of occu­p­an­cy of the pro­per­ty in accordance with legal requi­re­ments), due to offi­ci­al / judi­cial mea­su­res for the pur­po­se of gathe­ring evi­dence, cri­mi­nal pro­se­cu­ti­on or the enforce­ment of legal claims, as well as to com­ply with legal obli­ga­ti­ons under the Fede­ral Regis­tra­ti­on Act and the Housing Bin­ding Obli­ga­ti­ons Act. In this case, the legal basis for the pro­ces­sing is the respec­ti­ve legal regu­la­ti­on in con­junc­tion with Art. 6 para. 1 sen­tence 1 lit. c) GDPR.

  1. In indi­vi­du­al cases, your per­so­nal data may also be pro­ces­sed on the basis of your vol­un­t­a­ri­ly given con­sent, 6 para. 1 sen­tence 1 lit. a) GDPR. We will inform you about the pur­po­ses and the con­se­quen­ces of not gran­ting or with­dra­wing con­sent sepa­ra­te­ly in the text. With­dra­wal of con­sent is only effec­ti­ve for the future. Pro­ces­sing that took place befo­re con­sent was with­drawn is not affec­ted and remains lawful. This data is pro­ces­sed on the basis of our legi­ti­ma­te inte­rest in fin­ding sui­ta­ble ten­ants for our pro­per­ties on the basis of Art. 6 Para. 1 S. 1 lit. f) GDPR and for the pur­po­se of initia­ting a ren­tal agree­ment with the inte­res­ted par­ty on the basis of Art. 6 Para. 1 S. 1 lit. b) GDPR.

  1. Fur­ther per­so­nal data may be pro­ces­sed in the con­text of the use of Coviviotoshare:

  • Meta/communication data (e.g. device IDs, IP addresses).

The data and infor­ma­ti­on are stored under the data sove­reig­n­ty of Aco­pio on the ser­ver of its exter­nal IT ser­vice provider/web hos­ting pro­vi­der in Ger­ma­ny on the basis of over­ri­ding inte­rests pur­su­ant to Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  • Deli­very address

  • Bil­ling address

You can add this infor­ma­ti­on after sig­ning the ten­an­cy agreement.

We need this data to veri­fy your iden­ti­ty and to match the bil­ling address given in the ren­tal agree­ment in order to be able to send you any docu­ments by post.

  1. To get in touch with us, we offer you a cont­act form on our website

When using our cont­act form, the fol­lo­wing data is reques­ted, wher­eby the details mark­ed with * are mandatory:

  • First name

  • Sur­na­me

  • E-mail address*

  • Mes­sa­ge (as free text)

We use the data to ful­fil your request to rent a fur­nis­hed room and to cont­act you. We also use it to pro­cess your enquiry during the cur­rent tenancy.

This data is pro­ces­sed on the basis of Art. 6 para. 1 sen­tence 1 lit. b) and lit. f) GDPR for the dura­ti­on of the respon­se to the enquiry, for a maxi­mum of three months and inso­far as it is neces­sa­ry for the ful­film­ent of sta­tu­to­ry reten­ti­on obli­ga­ti­ons (e.g. § 257 HGB or § 147 AO).

  1. We would like to point out that you are not obli­ged to pro­vi­de us with your per­so­nal data via our web­site. Every time you access our web­site and every time you retrie­ve a file, data about this pro­cess is auto­ma­ti­cal­ly stored in a log file. The­se are

  • infor­ma­ti­on on which pages were acces­sed, the time spent on the indi­vi­du­al pages,

  • the exit page (i.e. the point at which you left the web­site), the search terms and the search engi­ne that brought you to the web­site. coviviotoshare.com have forwarded,

  • the screen resolution,

  • the brow­ser,

  • the ope­ra­ting system,

  • the coun­try from which the access was made,

  • infor­ma­ti­on on whe­ther and when (date and time) down­loads were made,

  • Date and time of the

  • The sto­rage ser­ves exclu­si­ve­ly inter­nal sys­tem-rela­ted and sta­tis­ti­cal pur­po­ses and is for the sta­tis­ti­cal recor­ding of the use and opti­mi­sa­ti­on of our web­site as well as to ensu­re data secu­ri­ty and the smooth ope­ra­ti­on of the IT sys­tems used for this pur­po­se. The sto­rage of data and infor­ma­ti­on takes place under the data sove­reig­n­ty of Aco­pio on the ser­ver of its exter­nal IT ser­vice provider/web hos­ting pro­vi­der in Ger­ma­ny on the basis of over­ri­ding inte­rests pur­su­ant to Art. 6 para. 1 sen­tence 1 lit. f) GDPR and inso­far as it is requi­red by legal pro­vi­si­ons (e.g. § 257 HGB or § 147 AO).

If we wish to pro­cess your per­so­nal data for a pur­po­se not men­tio­ned abo­ve, we will inform you in advan­ce in accordance with the sta­tu­to­ry provisions.

§ 4 Data pro­tec­tion of children

The pro­tec­tion of child­ren on the Inter­net is a mat­ter of cour­se and par­ti­cu­lar­ly desi­ra­ble for Aco­pio. For this reason, Aco­pio advi­ses all par­ents and guar­di­ans to encou­ra­ge their child­ren to hand­le per­so­nal data on the Inter­net respon­si­bly. Child­ren should not trans­mit any per­so­nal data to Aco­pio or via the Inter­net wit­hout the con­sent of their par­ents or guardians.

§ 5 Use of cookies

We use so-cal­led "coo­kies". Coo­kies are small text files that are sent to your brow­ser by our web ser­ver during your visit to our web­site and stored on your device for later retrie­val. We only use so-cal­led ses­si­on coo­kies (also known as "tem­po­ra­ry coo­kies"), i.e. coo­kies that are only stored tem­po­r­a­ri­ly for the dura­ti­on of your use of one of our websites.

The coo­kies used ser­ve in par­ti­cu­lar to deter­mi­ne the fre­quen­cy of use and the num­ber of users of our web­sites and to con­ti­nue to iden­ti­fy your end devices during a visit to our web­site or when swit­ching from one of our web­sites to ano­ther of our web­sites and to be able to deter­mi­ne the end of your visit. In this way, we learn which area of our web­site and which other web­sites our users have visited.

We use the web ana­ly­sis tool Mato­mo. This is open source soft­ware that is used to ana­ly­se access to the Aco­pio web­site. Mato­mo uses coo­kies. Your IP address is anony­mi­sed imme­dia­te­ly after pro­ces­sing by mas­king the last two IP blocks. Only your anony­mi­sed IP address is stored. Howe­ver, this usa­ge data does not allow any con­clu­si­ons to be drawn about the user. All of this anony­mi­sed usa­ge data will not be mer­ged with your per­so­nal data in accordance with § 2 of this pri­va­cy poli­cy and will be dele­ted imme­dia­te­ly after the end of the sta­tis­ti­cal ana­ly­sis. At the end of the ses­si­on, i.e. as soon as you end your brow­ser ses­si­on, the coo­kies on your end device are also deleted.

Most brow­sers are pre­set to accept coo­kies auto­ma­ti­cal­ly. You can deac­ti­va­te the sto­rage of coo­kies or set your brow­ser to noti­fy you befo­re coo­kies are stored. Users who do not accept coo­kies may not be able to access cer­tain are­as of our website.

You can deci­de here whe­ther a uni­que web ana­ly­sis coo­kie may be stored in your brow­ser to enable Aco­pio, as the ope­ra­tor of the web­site, to coll­ect and ana­ly­se various sta­tis­ti­cal data. If you wish to opt out, plea­se click on the fol­lo­wing link to place the Mato­mo deac­ti­va­ti­on coo­kie in your browser.

This web­site uses Borlabs Coo­kie, which sets a tech­ni­cal­ly neces­sa­ry coo­kie (borlabs-coo­kie) to save your coo­kie con­sent. If you wish to revo­ke this con­sent, sim­ply dele­te the coo­kie in your brow­ser. When you re-enter/­rel­oad the web­site, you will be asked for your coo­kie con­sent again. Borlabs Coo­kie does not pro­cess any per­so­nal data.

We use the open source map ser­vice "Open­Street­Maps" (also known as "OSM") from the Open­Street­Map Foun­da­ti­on, 132 Maney Hill Road, Sut­ton Cold­field, West Mid­lands, B72 1JU, United King­dom. OSM is used to pro­vi­de an inter­ac­ti­ve map on our web­site that shows you whe­re our pro­per­ties can be found.

This ser­vice enables us to dis­play our web­site in an appe­al­ing way by loa­ding map mate­ri­al from an exter­nal ser­ver. The fol­lo­wing data is trans­mit­ted to the OSM ser­ver during the dis­play: The pages of our web­site that you have visi­ted and the IP address of your device. The legal basis for the pro­ces­sing of your data in rela­ti­on to the "OSM" ser­vice is Art. 6 para. 1 sen­tence 1 let­ter f) GDPR (legi­ti­ma­te inte­rest in data pro­ces­sing). The legi­ti­ma­te inte­rest ari­ses from our need for an appe­al­ing pre­sen­ta­ti­on of our online offer and the easy findabili­ty of the places indi­ca­ted on our homepage.

You can find more infor­ma­ti­on on the hand­ling of user data in OSM's pri­va­cy poli­cy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

§ 6 Ori­gin and cate­go­ries of data that we do not recei­ve direct­ly from you

We pro­cess per­so­nal data that we have legi­ti­m­ate­ly recei­ved from other com­pa­nies or other third par­ties (e.g. cre­dit agen­ci­es), inso­far as this is neces­sa­ry for the pro­vi­si­on of our ser­vices. We also pro­cess per­so­nal data that we have legi­ti­m­ate­ly obtai­ned, recei­ved or acqui­red from publicly acces­si­ble sources (e.g. tele­pho­ne direc­to­ries, popu­la­ti­on regis­ters, deb­tor direc­to­ries, land regis­ters, press, inter­net and other media) and are aut­ho­ri­sed to pro­cess. This includes, in par­ti­cu­lar, data cate­go­ries such as cont­act data (e.g. name, address, e-mail address, tele­pho­ne num­ber), per­so­nal details (e.g. date of birth, profession/industry), regis­tra­ti­on data, infor­ma­ti­on about your finan­cial situa­ti­on (cre­dit­wort­hi­ness data, such as data for asses­sing eco­no­mic risk) and com­pa­ra­ble data.

§ 7 Trans­fer of per­so­nal data to third parties

Your per­so­nal data will be pas­sed on to third par­ties in accordance with the regu­la­ti­ons, unless devia­ting regu­la­ti­ons are con­tai­ned else­whe­re in this "Data pro­tec­tion" appen­dix. A trans­fer will only take place if this is neces­sa­ry for the ful­film­ent of the pur­po­ses sta­ted here or if you have con­sen­ted to the trans­fer of your data.

  1. Your per­so­nal data will be trans­mit­ted by us within the Covi­vio Group and to third par­ties com­mis­sio­ned by the Covi­vio Group as part of a pro­cess based on the divi­si­on of labour within our Group for the pre­pa­ra­ti­on, exe­cu­ti­on and pro­ces­sing of your ren­tal agree­ment or a purcha­se agree­ment. If you wish to sign the ren­tal agree­ment inclu­ding attach­ments using a simp­le digi­tal signa­tu­re, we will pass on the per­so­nal data requi­red for this to Docu­Sign. You can find more infor­ma­ti­on on data pro­tec­tion at Docu­Sign here: https://docusign.com/company/data-protection.

  1. In order to ful­fil our con­trac­tu­al and legal obli­ga­ti­ons, we make use of exter­nal pro­per­ty mana­gers who­se main task is the tech­ni­cal and com­mer­cial manage­ment of the pro­per­ty within which your ren­tal pro­per­ty is loca­ted. This also includes third par­ties ent­rus­ted with advi­sing on or main­tai­ning our pro­per­ties (e.g. craft­smen and other ser­vice pro­vi­ders in the con­text of dama­ge repair and/or hazard pre­ven­ti­on) or ser­vice pro­vi­ders com­mis­sio­ned to sup­port our busi­ness pro­ces­ses (e.g. main­ten­an­ce com­pa­nies, mea­su­ring ser­vices, was­te dis­po­sal ser­vice pro­vi­ders, finan­cial ser­vice pro­vi­ders and IT ser­vice pro­vi­ders), banks and savings banks as well as exter­nal bro­kers to car­ry out pro­per­ty inspec­tions as part of our ren­tal process.

  1. Spe­cia­li­sed com­pa­nies or divi­si­ons of our group of com­pa­nies per­form cer­tain data pro­ces­sing tasks (e.g. IT ser­vices, cus­to­mer ser­vice or ser­vices in con­nec­tion with legal, tax and audi­ting) cen­tral­ly for the com­pa­nies affi­lia­ted in the Covi­vio Group. If and to the ext­ent neces­sa­ry for this pur­po­se, the­se com­pa­nies of the Covi­vio Group Ger­ma­ny will recei­ve your per­so­nal data for the pro­vi­si­on of the­se ser­vices within the scope of the abo­ve-men­tio­ned pur­po­ses. The trans­fer of your per­so­nal data takes place on the basis of Art. 6 para. 1 sen­tence 1 lit. a), lit. b), lit. c) or lit. f) GDPR.

  1. In the case of pro­per­ty sales, we trans­mit the ten­ant files and the cur­rent sta­tus of the ren­tal col­la­te­ral for the pro­per­ty in ques­ti­on to the buy­er after the purcha­se agree­ment has been con­cluded. We may also trans­fer your per­so­nal data to estate agents and nota­ries. Your per­so­nal data is pro­ces­sed on the basis of Art. 6 para. 1 sen­tence 1 lit. c) GDPR so that we can ful­fil our legal obli­ga­ti­ons towards buy­ers when sel­ling our pro­per­ties and to pro­tect our legi­ti­ma­te inte­rest in sel­ling our ren­tal pro­per­ties and taking the mea­su­res neces­sa­ry for this on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. In addi­ti­on, your per­so­nal data may be pas­sed on to other reci­pi­ents to ful­fil our legal obli­ga­ti­ons on the basis of 6 para. 1 sen­tence 1 lit. c) GDPR, such as to aut­ho­ri­ties to ful­fil legal report­ing obli­ga­ti­ons (e.g. tax aut­ho­ri­ties, social secu­ri­ty insti­tu­ti­ons or law enforce­ment aut­ho­ri­ties). In addi­ti­on, due to our legi­ti­ma­te inte­rest in the con­text of a request for infor­ma­ti­on to aut­ho­ri­ties, sup­pli­ers and net­work ope­ra­tors if suf­fi­ci­ent con­di­ti­ons are met on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR.

  1. In the event of brea­ches of duty under the ten­an­cy agree­ment and resul­ting legal dis­pu­tes, the data may be for­ward­ed to cre­dit agen­ci­es, pos­si­bly to exter­nal debt coll­ec­tion ser­vice pro­vi­ders and exter­nal lawy­ers. In addi­ti­on, despi­te remin­ders having been sent to social and/or non-pro­fit orga­ni­sa­ti­ons and ser­vices in the event of rent arre­ars rele­vant to ter­mi­na­ti­on. Your per­so­nal data is pro­ces­sed on the basis of Art. 6 para. 1 sen­tence 1 lit. b) GDPR for the exe­cu­ti­on and pro­ces­sing of the ren­tal agree­ment and on the basis of Art. 6 para. 1 sen­tence 1 lit. f) GDPR for the pro­tec­tion, defence and enforce­ment of our legi­ti­ma­te legal interests.

§ 8 Order data pro­ces­sing by exter­nal ser­vice providers

We some­ti­mes use exter­nal ser­vice pro­vi­ders who pro­cess per­so­nal data on our behalf (e.g. IT ser­vice pro­vi­ders such as Immo­sol­ve GmbH as part of the let­ting pro­cess) as part of our housing bro­kera­ge ser­vices, our let­ting pro­cess and for con­duc­ting cus­to­mer sur­veys. The­se ser­vice pro­vi­ders have been com­mis­sio­ned by us in wri­ting and careful­ly sel­ec­ted. They are bound by our ins­truc­tions and are regu­lar­ly moni­to­red by us with regard to com­pli­ance with data pro­tec­tion requirements.

All sys­tems in which your per­so­nal data is stored and to which exter­nal ser­vice pro­vi­ders have access are pass­word-pro­tec­ted and only acces­si­ble to tho­se per­sons who need your data to pro­cess the pur­po­ses aut­ho­ri­sed by you. We ensu­re within the frame­work of the sta­tu­to­ry pro­vi­si­ons that the data is pro­ces­sed, used and trans­mit­ted to the rele­vant exter­nal ser­vice pro­vi­ders in the man­ner agreed here.

§ 9 Data sto­rage abroad

We ensu­re the legal­ly bin­ding data pro­tec­tion in the Euro­pean Uni­on. In some cases - par­ti­cu­lar­ly for tech­ni­cal reasons - your data ent­rus­ted to us may be stored on ser­vers out­side the coun­try (inclu­ding out­side the Euro­pean Uni­on) in which you ori­gi­nal­ly ente­red the data. In this case, and in the event of a risk that count­ries to which your data is trans­fer­red are not sub­ject to equal­ly strict legal data pro­tec­tion as is the case in your home coun­try or the coun­try from which you use our ser­vices, we will ensu­re that your data is trea­ted in accordance with the pro­vi­si­ons of this pri­va­cy policy.

§ 10 Hyper­links to exter­nal websites

Our web­site may con­tain so-cal­led hyper­links to web­sites of other pro­vi­ders. If you acti­va­te the­se hyper­links, you will be for­ward­ed direct­ly from our web­site to the web­site of the other pro­vi­der. You can reco­g­ni­se this by the chan­ge of URL, among other things.

Aco­pio has no influence on the design and con­tent of third-par­ty web­sites. We the­r­e­fo­re can­not accept any respon­si­bi­li­ty for the con­fi­den­ti­al hand­ling of your data on third-par­ty web­sites, as we have no influence on whe­ther the­se third par­ties com­ply with data pro­tec­tion regulations.

Plea­se refer direct­ly to the rele­vant web­sites for infor­ma­ti­on on how your per­so­nal data is hand­led by the­se third parties.

§ 11 Secu­ri­ty mea­su­res to pro­tect the data stored by us

It is important to us to pro­tect your pri­va­cy and to tre­at your per­so­nal data con­fi­den­ti­al­ly. We have taken exten­si­ve secu­ri­ty pre­cau­ti­ons to pre­vent the loss or misu­se of the data we store. We review the­se pre­cau­ti­ons at regu­lar inter­vals and ensu­re that they meet the latest tech­ni­cal stan­dards. Your data is stored in our

data­ba­ses. The data­ba­ses are only acces­si­ble to us and our employees who have been spe­ci­al­ly trai­ned in data pro­tec­tion and, whe­re appli­ca­ble, to exter­nal ser­vice pro­vi­ders com­mis­sio­ned by us, with whom we agree an appro­pria­te level of security.

We attach gre­at importance to the stan­dards we adhe­re to. Howe­ver, we would like to point out that we can­not rule out the pos­si­bi­li­ty that the rules of data pro­tec­tion and the secu­ri­ty mea­su­res taken by us may also be obser­ved by other per­sons or insti­tu­ti­ons out­side our area of respon­si­bi­li­ty. For this reason, it is pos­si­ble that unen­crypt­ed data dis­c­lo­sed via the Inter­net may be read by third par­ties. We have no tech­ni­cal influence over this. It is your respon­si­bi­li­ty to pro­tect the data you pro­vi­de against misu­se through encryp­ti­on or in any other way

§ 12 Dura­ti­on of data storage

We only store your per­so­nal data for as long as this is per­mit­ted by law for the abo­ve-men­tio­ned purposes.

Stored per­so­nal data will the­r­e­fo­re be dele­ted if the sto­rage of this data is no lon­ger requi­red to ful­fil the pur­po­se for which it was stored or if you have vol­un­t­a­ri­ly pro­vi­ded us with your data with your con­sent and you have with­drawn this con­sent. Per­so­nal data may be stored for the peri­od during which claims can be asser­ted against our com­pa­ny (sta­tu­to­ry limi­ta­ti­on peri­od of three or up to thir­ty years). We also store your per­so­nal data inso­far as we are legal­ly obli­ged to do so. Cor­re­spon­ding pro­of and reten­ti­on obli­ga­ti­ons ari­se from the Ger­man Com­mer­cial Code, the Ger­man Fis­cal Code and the Ger­man Money Laun­de­ring Act, among others. The sto­rage peri­ods are up to ten years. Once the reten­ti­on peri­ods have expi­red, we will dele­te your data wit­hout you having to ask us to do so.

§ 13 Exis­tence of auto­ma­ted decis­i­on-making in indi­vi­du­al cases (inclu­ding profiling)

We do not use purely auto­ma­ted decis­i­on-making pro­ces­ses in accordance with Artic­le 22 GDPR or profiling.

§ 14 What rights do you have?

You have the oppor­tu­ni­ty to exer­cise various rights. For exam­p­le, you have the right to

  • Infor­ma­ti­on about which data we have stored about you. If, despi­te our endea­vours to keep your data cor­rect and up-to-date, we have stored incor­rect data, we will cor­rect it.

  • You also have the right to request the dele­ti­on of your data; we will com­ply with this request for dele­ti­on unless the­re is an excep­tio­nal case that jus­ti­fies fur­ther processing.

  • In addi­ti­on, you can request the rest­ric­tion of pro­ces­sing if the­re is a legi­ti­ma­te reason for doing so.

  • Fur­ther­mo­re, you have the right to object to the data pro­ces­sing and the right to request a copy of the data and, if neces­sa­ry, to have it trans­fer­red to ano­ther controller.

  • If you have given us your con­sent to pro­cess your data or if you have vol­un­t­a­ri­ly pro­vi­ded us with your per­so­nal data in non-man­da­to­ry fields in the online forms on our web­site, you can revo­ke the pro­ces­sing of this data at any time with effect for the future.

In all of the abo­ve cases, plea­se cont­act the orga­ni­sa­ti­on respon­si­ble for data processing:

Aco­pio Faci­li­ty GmbH & Co. KG Esse­ner Stra­ße 66, 46047 Oberhausen

Pho­ne: 0208 97064 - 0 datenschutzverantwortlicher@covivio.immo

The per­so­nal­ly lia­ble share­hol­der is Aco­pio GmbH, Essen (Essen Local Court HRB 26641)

If you have any ques­ti­ons, you can cont­act us and our data pro­tec­tion offi­cer at any time.

datenschutzbeauftragter@covivio.immo

If you have reason to com­plain, you can also lodge a com­plaint with a super­vi­so­ry aut­ho­ri­ty. The super­vi­so­ry aut­ho­ri­ty pri­ma­ri­ly respon­si­ble for us is

Sta­te Com­mis­sio­ner for Data Pro­tec­tion and Free­dom of Infor­ma­ti­on North Rhi­ne-West­pha­lia Kaval­le­rie­str. 2-4

40213 Düs­sel­dorf Pho­ne: 0211/38424-0 Fax: 0211/38424-999

e-mail: poststelle@ldi.nrw.de

§ 15 Amend­ment of the pri­va­cy policy

The pro­vi­si­ons of this pri­va­cy poli­cy app­ly in the ver­si­on valid at the time. The con­tent of this pri­va­cy poli­cy may be amen­ded or chan­ged. The updated data pro­tec­tion infor­ma­ti­on appli­es from the time it is published on our website.

You will be given the oppor­tu­ni­ty to view, print and save the amen­ded data pro­tec­tion infor­ma­ti­on free of charge.