Privay Policy

Sta­tus: Mai 2023

Thank you for your inte­rest in our com­pa­ny and our web­site.

The pro­tec­tion and inte­gri­ty of your per­so­nal data and the gua­ran­tee of your pri­va­cy are of par­ti­cu­lar con­cern to us.

In this pri­va­cy noti­ce you will find infor­ma­ti­on about data pro­ces­sing in the con­text of visi­ting our web­site and social media pre­sen­ces.

In addi­ti­on, we inform you about the data pro­ces­sing in the con­text of a ten­an­cy with us. We want to offer you the most com­for­ta­ble living expe­ri­ence pos­si­ble, tail­o­red to your needs and cha­rac­te­ri­sed by a varie­ty of social events and con­nec­tion oppor­tu­ni­ties, so that you feel as com­for­ta­ble as at home in your new city and always recei­ve your offer tail­o­red to your inte­rests. Our pri­va­cy noti­ce explains what per­so­nal data we coll­ect from you, eit­her direct­ly or indi­rect­ly, for this pur­po­se and how we use it.

This pri­va­cy noti­ce also con­ta­ins infor­ma­ti­on about data pro­ces­sing when you cont­act us in gene­ral, in the appli­ca­ti­on pro­cess and in the con­text of busi­ness rela­ti­onships.

The Con­trol­ler pur­su­ant to Art. 4 para. 7 EU Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) for data pro­ces­sing by us is the

Inter­na­tio­nal Cam­pus GmbH
Blu­men­stras­se 28, 80331 Munich
Tele­pho­ne: +49 89 212 6880 – 0
Fax: +49  89  212  6880 – 290
info@ic-campus.com 

To exer­cise your rights, report data pro­tec­tion inci­dents, make sug­ges­ti­ons and com­plaints regar­ding the pro­ces­sing of your per­so­nal data and with­draw your con­sent, we recom­mend that you cont­act our Data Pro­tec­tion Offi­cer:

PROLIANCE GmbH
Leo­pold­str. 21
80802 Munich

www.datenschutzexperte.de
datenschutzbeauftragter@datenschutzexperte.de

USE OF OUR WEBSITE

Pro­vi­si­on of the web­site

When you use our web­site for infor­ma­ti­on pur­po­ses only (wit­hout cont­ac­ting us), we only coll­ect the per­so­nal data that your brow­ser trans­mits to our ser­ver. If you want to visit our web­site, we coll­ect the data that is tech­ni­cal­ly neces­sa­ry for us to dis­play our web­site to you. This may invol­ve acces­sing infor­ma­ti­on (e.g. IP address) or sto­ring infor­ma­ti­on (e.g. coo­kies) in your ter­mi­nal equip­ment.

In this con­text, the IP address, date and time of the request, time zone dif­fe­rence to Green­wich Mean Time (GMT), con­tent of the request (spe­ci­fic page), access status/HTTP sta­tus code, amount of data trans­fer­red, web­site from which the request comes, brow­ser, ope­ra­ting sys­tem and its inter­face, lan­guage and ver­si­on of the brow­ser soft­ware are recor­ded. We pro­cess your data on the basis of Sect. 25 para. 1 p. 1, para. 2 no. 2 Tele­com­mu­ni­ca­ti­ons-Tele­me­dia Data Pro­tec­tion Act (TTDSG), Art. 6 para. 1 p. 1 (f) GDPR and base the data pro­ces­sing on our legi­ti­ma­te inte­rest in the smooth pro­vi­si­on of our web­site and in ensu­ring the sta­bi­li­ty and secu­ri­ty of our web­site.

We use the web hos­ting ser­vice pro­vi­der RAIDBOXES GmbH, to whom data of our web­site visi­tors is pas­sed on within the scope of hos­ting. We have con­cluded a data pro­ces­sing agree­ment with the pro­vi­der in accordance with the requi­re­ments of Art. 28 GDPR, in which we obli­ge the pro­vi­der to pro­tect our cus­to­mers’ data and not to pass it on to third par­ties.

For reasons of tech­ni­cal secu­ri­ty, in par­ti­cu­lar to defend against attempt­ed attacks on our web ser­ver, this data is stored by us for a short time and dele­ted after XX days at the latest.

Gene­ral infor­ma­ti­on on the use of coo­kies

Our web­site uses so-cal­led “coo­kies”. Coo­kies are small text files that are stored eit­her tem­po­r­a­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or per­ma­nent­ly (per­ma­nent coo­kies) on your ter­mi­nal device. Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted at the end of your visit. Per­ma­nent coo­kies remain stored on your ter­mi­nal device until you dele­te them yours­elf or until they are auto­ma­ti­cal­ly dele­ted by your web brow­ser.

Coo­kies have various func­tions. Many coo­kies are tech­ni­cal­ly neces­sa­ry, as cer­tain web­site func­tions would not work wit­hout them (e.g. the shop­ping cart func­tion or lan­guage set­tings). Other coo­kies are used to eva­lua­te user beha­viour or to dis­play adver­ti­sing.

The pro­ces­sing of data through the use of abso­lut­e­ly neces­sa­ry coo­kies takes place on the basis of Sect. 25 para. 2 no. 2 TTDSG. The pro­ces­sing of the data coll­ec­ted in this way is based on a legi­ti­ma­te inte­rest in accordance with Art. 6 para. 1 (f) GDPR in the tech­ni­cal­ly error-free pro­vi­si­on of our ser­vices. For details on the pur­po­ses of the pro­ces­sing and legi­ti­ma­te inte­rests, plea­se refer to the expl­ana­ti­ons on the spe­ci­fic data pro­ces­sing.

 

The pro­ces­sing of per­so­nal data through the use of other coo­kies is based on con­sent pur­su­ant to Sect. 25 para. 1 TTDSG. and the fur­ther pro­ces­sing of the data thus coll­ec­ted is based on con­sent pur­su­ant to Art. 6 para. 1 (a) GDPR. The con­sent can be revo­ked at any time for the future. Inso­far as such coo­kies are used for ana­ly­sis and opti­miza­ti­on pur­po­ses, we will inform you sepa­ra­te­ly about this within the scope of this pri­va­cy noti­ce and obtain your con­sent. 

 

You can set your brow­ser so that you

  • are infor­med about the set­ting of coo­kies,
  • allow coo­kies only in indi­vi­du­al cases,
  • exclude the accep­tance of coo­kies for cer­tain cases or in gene­ral,
  • acti­va­te the auto­ma­tic dele­ti­on of coo­kies when clo­sing the brow­ser.

The coo­kie set­tings can be mana­ged under the fol­lo­wing links for the respec­ti­ve brow­sers:

You can also mana­ge the coo­kies of many com­pa­nies and func­tions used for adver­ti­sing indi­vi­du­al­ly. To do this, use the cor­re­spon­ding user tools, available at https://www.aboutads.info/choices/

or http://www.youronlinechoices.com/uk/your-ad-choices.  

 

Most brow­sers also offer a so-cal­led “do-not-track” func­tion. When this func­tion is acti­va­ted, the respec­ti­ve brow­ser tells adver­ti­sing net­works, web­sites and appli­ca­ti­ons that you do not want to be “tra­cked” for the pur­po­se of beha­viou­ral adver­ti­sing and the like.

 

For infor­ma­ti­on and ins­truc­tions on how to edit this func­tion, depen­ding on your brow­ser pro­vi­der, see the links below:

In addi­ti­on, you can pre­vent the loa­ding of so-cal­led scripts by default. “NoScript” allows the exe­cu­ti­on of Java scripts, Java and other plug-ins only on trus­ted domains of your choice. Infor­ma­ti­on and ins­truc­tions on how to edit this func­tion can be obtai­ned from the pro­vi­der of your brow­ser (e.g. for Mozil­la Fire­fox at: https://addons.mozilla.org/de/firefox/addon/noscript/). 

 

Plea­se note that if you disable coo­kies, the func­tion­a­li­ty of our web­site may be limi­t­ed.

 

Use of Goog­le Ana­ly­tics

Our web­site uses Goog­le Ana­ly­tics, an inter­net ana­ly­sis ser­vice pro­vi­ded by Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land (“Goog­le”). Goog­le Ana­ly­tics uses so-cal­led “coo­kies”.

Goog­le will use this infor­ma­ti­on on behalf of the ope­ra­tor of this web­site for the pur­po­se of eva­lua­ting your use of the web­site, com­pi­ling reports on web­site acti­vi­ty and pro­vi­ding other ser­vices rela­ting to web­site acti­vi­ty. Goog­le will also use this infor­ma­ti­on to pro­vi­de the web­site ope­ra­tor with other ser­vices rela­ted to the use of the web­site and the inter­net. The IP address sent by your brow­ser as part of Goog­le Ana­ly­tics will not be com­bi­ned with any other data held by Goog­le. The pro­ces­sing is car­ri­ed out in accordance with Art. 6 para. 1 (a) GDPR on the basis of your con­sent.

We only use Goog­le Ana­ly­tics with IP anony­mi­sa­ti­on acti­va­ted. This means that your IP address is only pro­ces­sed by Goog­le in abbre­via­ted form.

We have con­cluded a con­tract with the ser­vice pro­vi­der in which we obli­ge them to pro­tect the data of our web­site visi­tors and not to pass it on to third par­ties.

As a trans­fer of per­so­nal data to the USA may occur, fur­ther pro­tec­tion mecha­nisms are requi­red to ensu­re the level of data pro­tec­tion of the GDPR. To ensu­re this, we have agreed stan­dard data pro­tec­tion clau­ses with the pro­vi­der in accordance with Art. 46 para. 2 © GDPR. The­se obli­ge the reci­pi­ent of the data in the USA to pro­cess the data in accordance with the level of pro­tec­tion in Euro­pe. In cases whe­re this can­not be ensu­red even through this con­trac­tu­al exten­si­on, we endea­vour to obtain addi­tio­nal regu­la­ti­ons and com­mit­ments from the reci­pi­ent in the USA.

The Goog­le Ana­ly­tics terms of use and infor­ma­ti­on on data pro­tec­tion can be acces­sed via the fol­lo­wing links:

http://www.google.com/analytics/terms/de.html

https://www.google.de/intl/de/policies/   

 

The data is dele­ted as soon as it is no lon­ger requi­red to achie­ve the pur­po­se for which it was coll­ec­ted. Era­su­re of user-level and event-level data asso­cia­ted with coo­kies, user iden­ti­fiers (e.g. User ID) and adver­ti­sing IDs (e.g. Dou­ble­Click coo­kies, Android adver­ti­sing ID, IDFA [Apple adver­ti­ser iden­ti­fier]) will occur no later than 14 month after coll­ec­tion .

 

Use of Goog­le Ads

Our web­site uses the func­tions of Goog­le Ads Remar­ke­ting. The pro­vi­der is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

If you have given us your con­sent to do so, this func­tion makes it pos­si­ble to link the adver­ti­sing tar­get groups crea­ted with Goog­le Ads Remar­ke­ting with the cross-device func­tions of Goog­le Ads and Goog­le Mar­ke­ting Plat­form. The legal basis is your con­sent pur­su­ant to Art. 6 para. 1 p. 1 (a) GDPR, Sect. 25 para. 1 TTDSG. In this way, inte­rest-rela­ted, per­so­na­li­sed adver­ti­sing mes­sa­ges that have been adapt­ed to you on one ter­mi­nal device (e.g. mobi­le pho­ne) depen­ding on your pre­vious usa­ge and sur­fing beha­viour can also be dis­play­ed on ano­ther ter­mi­nal device (e.g. tablet or com­pu­ter).

If you have given your con­sent, Goog­le will link your web and app brow­sing histo­ry to your Goog­le Account for this pur­po­se. In this way, the same per­so­na­li­sed adver­ti­sing mes­sa­ges can be ser­ved on every ter­mi­nal device on which you log in with your Goog­le Account.

To sup­port this fea­ture, Goog­le Ana­ly­tics coll­ects authen­ti­ca­ted user IDs that are tem­po­r­a­ri­ly lin­ked to our Goog­le Ana­ly­tics data to defi­ne and crea­te audi­en­ces for cross-device ad tar­ge­ting.

You can per­ma­nent­ly opt out of cross-device remarketing/targeting by deac­ti­vat­ing per­so­na­li­sed adver­ti­sing in your Goog­le Account by fol­lo­wing this link: https://adssettings.google.com/.

We have con­cluded a data pro­ces­sing agree­ment with the ser­vice pro­vi­der in which we obli­ge them to pro­tect the data of our web­site visi­tors and not to pass it on to third par­ties.

As a trans­fer of per­so­nal data to the USA may occur, fur­ther pro­tec­tion mecha­nisms are requi­red to ensu­re the level of data pro­tec­tion of the GDPR. To ensu­re this, we have agreed stan­dard data pro­tec­tion clau­ses with the pro­vi­der in accordance with Art. 46 para. 2 © GDPR. The­se obli­ge the reci­pi­ent of the data in the USA to pro­cess the data in accordance with the level of pro­tec­tion in Euro­pe. In cases whe­re this can­not be ensu­red even through this con­trac­tu­al exten­si­on, we endea­vour to obtain addi­tio­nal regu­la­ti­ons and com­mit­ments from the reci­pi­ent in the USA.

Fur­ther infor­ma­ti­on and the pri­va­cy noti­ce can be found in Goo­g­le’s pri­va­cy noti­ce at: https://www.google.com/policies/technologies/ads/.

Use of Goog­le Maps

Our home­page uses the online map ser­vice pro­vi­der Goog­le Maps via an inter­face. Pro­vi­der of the map ser­vice is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land. This allows us to dis­play inter­ac­ti­ve maps direct­ly on the web­site and makes it easy for you to use the map func­tion. To use the func­tion­a­li­ties of Goog­le Maps it is neces­sa­ry to save your IP address.

Goog­le uses Coo­kies, to coll­ect infor­ma­ti­on about user beha­viour. The legal basis for the pro­ces­sing of your per­so­nal data is your given con­sent accor­ding to Art. 6 para. 1 (a) GDPR, Sect. 25 para. 1 TTDSG.

We have con­cluded a data pro­ces­sing agree­ment with the ser­vice pro­vi­der in which we obli­ge them to pro­tect the data of our web­site visi­tors and not to pass it on to third par­ties.

 

Sin­ce a trans­fer of per­so­nal data to the USA takes place, fur­ther appro­pria­te safe­guards are requi­red to ensu­re the level of data pro­tec­tion under the GDPR. To gua­ran­tee this, Goog­le uses stan­dard con­trac­tu­al clau­ses in accordance with Art. 46 para. 2 © GDPR. The­se obli­ge the reci­pi­ent of the data in the USA. to pro­cess the data accor­ding to the level of pro­tec­tion in Euro­pe. In cases in which this can­not be gua­ran­teed even by this con­trac­tu­al exten­si­on, we endea­vour to obtain addi­tio­nal regu­la­ti­ons and com­mit­ments from the reci­pi­ent in the USA.

 

Fur­ther infor­ma­ti­on on the hand­ling of user data can be found in Goo­g­le’s pri­va­cy poli­cy:

https://www.google.de/intl/de/policies/privacy/
Opt-out: https://www.google.com/settings/ads/

Use of Insta­gram

Our web­site uses so-cal­led social plug­ins (“plug­ins”) from Insta­gram, which is ope­ra­ted by Insta­gram LLC., 1601 Wil­low Road, Men­lo Park, CA 94025, USA (“Insta­gram”). The plug­ins are mark­ed with your Insta­gram logo, for exam­p­le in the form of your “Insta­gram came­ra”.

When you call up a page of our web­site that con­ta­ins such a plug­in, your brow­ser estab­lishes a direct con­nec­tion with the ser­vers of Insta­gram. The con­tent of the plug­in is trans­mit­ted by Insta­gram direct­ly to your brow­ser, which then inte­gra­tes it into the page. Through this inte­gra­ti­on, Insta­gram recei­ves the infor­ma­ti­on that your brow­ser has cal­led up the cor­re­spon­ding page of our web­site, even if you do not have an Insta­gram pro­fi­le or are not curr­ent­ly log­ged in to Insta­gram. This infor­ma­ti­on (inclu­ding your IP address) is trans­mit­ted by your brow­ser direct­ly to the Insta­gram ser­ver in the USA and stored the­re.‍

If you are log­ged in to Insta­gram, Insta­gram can direct­ly assign your visit to our web­site to your Insta­gram account. If you inter­act with the plug­ins, for exam­p­le by cli­cking the “Insta­gram” but­ton, this infor­ma­ti­on is also trans­mit­ted direct­ly to the Insta­gram ser­ver and stored the­re. The infor­ma­ti­on is also published on your Insta­gram account and dis­play­ed the­re to your cont­acts.‍

For the pur­po­se and scope of the data coll­ec­tion and the fur­ther pro­ces­sing and use of the data by Insta­gram, as well as your rights in this regard and set­ting opti­ons for pro­tec­ting your pri­va­cy, plea­se refer to Insta­gram’s pri­va­cy noti­ce: https://help.instagram.com/155833707900388/.

If you do not want Insta­gram to direct­ly assign the data coll­ec­ted through our web­site to your Insta­gram account, you must log out of Insta­gram befo­re visi­ting our web­site. You can also com­ple­te­ly pre­vent the loa­ding of Insta­gram plug­ins with add-ons for your brow­ser.

 

Use of You­tube

On our web­site we use com­pon­ents (vide­os) of the com­pa­ny You­Tube LLC 901 Cher­ry Ave., 94066 San Bru­no, CA, USA (“You­Tube”), a com­pa­ny of Goog­le LLC (“Goog­le”), Amphi­theat­re Park­way, Moun­tain View, CA 94043, USA.‍

[Here we use the ” – pri­va­cy-enhan­ced mode — ” opti­on pro­vi­ded by You­Tube].

When you call up a page that has an inte­gra­ted video, your con­nec­tion to the You­Tube ser­vers is estab­lished and the con­tent is dis­play­ed on the web­site by informing your brow­ser.‍

[Accor­ding to You­Tube’s infor­ma­ti­on, in ” — exten­ded data pro­tec­tion mode -” only data is trans­mit­ted to the You­Tube ser­ver, in par­ti­cu­lar which of our Inter­net pages you have visi­ted when you watch the video].

If you are log­ged in to You­Tube at the same time, this infor­ma­ti­on will be assi­gned to your You­Tube mem­ber account. You can pre­vent this by log­ging out of your mem­ber account befo­re visi­ting our web­site.

 

Fur­ther infor­ma­ti­on on You­Tube’s data pro­tec­tion is pro­vi­ded by Goog­le under the fol­lo­wing link: https://www.google.de/intl/de/policies/privacy/.

Use of Hot­jar

Our web­site uses the Hot­jar web ana­ly­tics ser­vice pro­vi­ded by Hot­jar Ltd, Level 2, St Juli­ans Busi­ness Cent­re, 3, Elia Zam­mit Street, St Juli­ans STJ 1000, Mal­ta, Euro­pe (“Hot­jar”).

Using Hot­jar’s tech­no­lo­gy, we get a bet­ter under­stan­ding of our users’ expe­ri­en­ces (e.g. how much time users spend on which pages, which links they click on, etc.). This helps us to tail­or our offe­ring to our users’ feed­back. Hot­jar uses coo­kies and other tech­no­lo­gies to coll­ect infor­ma­ti­on about our users’ beha­viour and their ter­mi­nal devices, in par­ti­cu­lar the IP address of the device (only coll­ec­ted and stored anony­mously while you are using the web­site), screen size, device type (uni­que device iden­ti­fiers), infor­ma­ti­on about the brow­ser used, loca­ti­on (coun­try only), pre­fer­red lan­guage for vie­w­ing our web­site. Hot­jar stores this infor­ma­ti­on on our behalf in a pseud­ony­mi­sed user pro­fi­le.

The use of Hot­jar and the asso­cia­ted pro­ces­sing of per­so­nal data takes place on the basis of your con­sent pur­su­ant to Art. 6 para. 1 (a) GDPR, Sect. 25 para. 1 TTDSG.

We have con­cluded a data pro­ces­sing agree­ment with the ser­vice pro­vi­der in which we obli­ge him to pro­tect the data of our web­site visi­tors and not to pass it on to third par­ties.

As a prin­ci­ple, Hot­jar stores cus­to­mer data in the Euro­pean Uni­on. Howe­ver, the­re may be trans­fers of per­so­nal data to third count­ries out­side the EU and the EEA. In the­se cases, the imple­men­ta­ti­on of fur­ther pro­tec­tion mecha­nisms is neces­sa­ry to ensu­re the level of data pro­tec­tion in accordance with the requi­re­ments of the GDPR. To ensu­re this, we have agreed stan­dard data pro­tec­tion clau­ses with the pro­vi­der in accordance with Art. 46 para. 2 © GDPR. The­se obli­ge the reci­pi­ent in the third coun­try to pro­cess the data in accordance with the level of pro­tec­tion in the EU.

Hot­jar offers every user the opti­on to pre­vent the use of the Hot­jar tool via a “Do-Not-Track hea­der” so that no data is coll­ec­ted about the visit to the respec­ti­ve web­site. This is a set­ting that is sup­port­ed by all com­mon brow­sers in the cur­rent ver­si­ons. For this pur­po­se, your brow­ser sends a request to Hot­jar with the infor­ma­ti­on to deac­ti­va­te the track­ing of the respec­ti­ve user. If you use our web­sites with dif­fe­rent browsers/computers, you must set up the “Do-Not-Track hea­der” sepa­ra­te­ly for each of the­se browsers/computers. You can pre­vent the use of Hot­jar by cli­cking on the opt-out page https://www.hotjar.com/legal/compliance/opt-out  and click on “Deac­ti­va­te Hot­jar”.

For more infor­ma­ti­on about Hot­jar Ltd. and the Hot­jar tool, plea­se visit: https://www.hotjar.com.

You can find the pri­va­cy noti­ce of Hot­jar Ltd. at: https://www.hotjar.com/privacy

Cont­ac­ting us

If you cont­act us by e‑mail, the infor­ma­ti­on you pro­vi­de in the e‑mail, inclu­ding the per­so­nal data you enter the­re, will be stored by us for the pur­po­se of pro­ces­sing the enquiry and in case of fol­low-up ques­ti­ons. The spe­ci­fi­ca­ti­on of an e‑mail address is requi­red for cont­ac­ting us, the spe­ci­fi­ca­ti­on of e.g. first and last name and tele­pho­ne num­ber is free­ly given. The legal basis for the pro­ces­sing of the data is our legi­ti­ma­te inte­rest in ans­we­ring your request in accordance with Art. 6 para. 1 (f) GDPR and, if appli­ca­ble, Art. 6 para. 1 (b) GDPR if your request is aimed at con­clu­ding a con­tract. Your data will be dele­ted once the enquiry has been pro­ces­sed, pro­vi­ded the­re are no legal obli­ga­ti­ons to retain data. For email com­mu­ni­ca­ti­on, we use the email pro­vi­der Out­look of Micro­soft Ire­land Ope­ra­ti­ons Limi­t­ed, One Micro­soft Place, South Coun­ty Busi­ness Park, Leo­pard­stown, Dub­lin 18 D18 P521.

 

We have con­cluded a data pro­ces­sing agree­ment with the ser­vice pro­vi­der in which we obli­ge him to pro­tect our cus­to­mers’ data and not to pass it on to third par­ties.

As a trans­fer of per­so­nal data to the USA may take place, fur­ther pro­tec­tion mecha­nisms are requi­red to ensu­re the data pro­tec­tion level of the GDPR. To ensu­re this, we have agreed on stan­dard data pro­tec­tion clau­ses with the pro­vi­der in accordance with Art. 46 para. 2 © of the GDPR. The­se obli­ge the reci­pi­ent of the data in the USA to pro­cess the data in accordance with the level of pro­tec­tion in Euro­pe. In cases whe­re this can­not be ensu­red even through this con­trac­tu­al exten­si­on, we endea­vour to obtain addi­tio­nal regu­la­ti­ons and com­mit­ments from the reci­pi­ent in the USA.‍

 

 

ENTERING INTO RENTAL AGREEMENTS WITH US/ MAKING USE OF THE RANGE OF SERVICES WE OFFER

Our busi­ness model con­sists of ren­ting fur­nis­hed stu­dent flats and, within the frame­work of this, pro­vi­ding a com­pre­hen­si­ve media (e.g. inter­net use) and lei­su­re offer, such as orga­ni­s­ing social events in our hou­ses. Within the frame­work of the initia­ti­on, ful­film­ent and pro­ces­sing of the con­trac­tu­al rela­ti­onships exis­ting with us, data will be coll­ec­ted from you that is neces­sa­ry for the respec­ti­ve con­tract pro­ces­sing or data that ari­ses during the use of our ser­vices (e.g. use of the inter­net).

We want to offer every resi­dent a flat that is as adapt­ed and com­for­ta­ble as pos­si­ble, and diver­si­ty is important to us. The­r­e­fo­re, you can tell us your spe­cial wis­hes and needs at any time. You can tell us that your flat should be bar­ri­er-free or that you need spe­cial housing equip­ment becau­se of your reli­gious ori­en­ta­ti­on. Such data are often so-cal­led spe­cial cate­go­ries of data within the mea­ning of Art. 9 GDPR (e.g. data con­cer­ning health, reli­gious data). The use of our ser­vices is pos­si­ble over­all wit­hout such noti­fi­ca­ti­on. We pro­cess spe­cial per­so­nal data on the basis of your express con­sent. Under no cir­cum­s­tances do we use this data for pur­po­ses that go bey­ond the per­for­mance of a con­tract and the needs-based design of your stay with us.

 

We also pro­cess your data on the con­sump­ti­on of hea­ting and hot water for the pur­po­se of bil­ling ope­ra­ting cos­ts. Infor­ma­ti­on on ren­tal beha­viour and dama­ge can be pro­ces­sed within the frame­work of our con­trac­tu­al rela­ti­onship or when com­mis­sio­ning trades­men, as can the con­tent of cor­re­spon­dence bet­ween us by e‑mail, tele­pho­ne or post.

If the­re is video sur­veil­lan­ce in or around the buil­ding, you can find infor­ma­ti­on on data pro­ces­sing on the noti­ce boards on site.

For the pur­po­ses men­tio­ned abo­ve, we coll­ect name, address, tele­pho­ne num­ber, e‑mail address, natio­na­li­ty, date of birth (optio­nal:) stu­dy data, pay­ment infor­ma­ti­on (bank details), IP address (when using the inter­net con­nec­tion ope­ra­ted by us), con­sump­ti­on data, pos­si­bly other infor­ma­ti­on from cor­re­spon­dence.

The pro­ces­sing of your data is based on the ful­film­ent of the exis­ting ren­tal con­tract bet­ween us or in the con­text of con­tract initia­ti­on in accordance with Art. 6 para. 1 p. 1 (b) GDPR.  In the case of pro­ces­sing spe­cial cate­go­ries of per­so­nal data, we base the pro­ces­sing on your con­sent in accordance with Art. 9 para. 1 (a) GDPR. Data may also be pro­ces­sed within the scope of our legi­ti­ma­te inte­rest pur­su­ant to Art. 6 para. 1 (f) GDPR in ensu­ring smooth cor­re­spon­dence, hand­ling claims, orga­ni­zing events or enfor­cing legal claims.

Data is pro­ces­sed in intern­al­ly-used IT sys­tems and pas­sed on to the respec­ti­ve sys­tem pro­vi­ders in this con­text and, in the case of e‑mail com­mu­ni­ca­ti­on bet­ween us, to the respec­ti­ve e‑mail pro­vi­der. If you use the inter­net ser­vice as part of the ren­tal agree­ment, your data requi­red for this pur­po­se will be pro­ces­sed by the respec­ti­ve inter­net pro­vi­der. As part of the pro­ces­sing of the ten­an­cy, ser­vice pro­vi­ders may pro­cess data on the con­sump­ti­on of heating/hot water for meter­ing pur­po­ses, banks may recei­ve data from you as part of the pay­ment pro­ces­sing and, in the event of dama­ge sett­le­ment, data may be pas­sed on to trades­men and insu­rance com­pa­nies. In addi­ti­on, in the con­text of legal dis­pu­tes, your data may be pas­sed on to a lawy­er appoin­ted by us.

Your pay­ment infor­ma­ti­on will only be stored by us inso­far as you have con­cluded ren­tal con­tracts or make use of other char­geable ser­vices. The per­so­nal data reques­ted by us in this con­text will only be stored for as long as is neces­sa­ry for the exe­cu­ti­on of the con­tract and sub­se­quent con­tract-rela­ted cor­re­spon­dence or, in the case of docu­ments rele­vant under com­mer­cial and/or tax law that con­tain per­so­nal data, for as long as the sta­tu­to­ry reten­ti­on peri­ods of the Ger­man Com­mer­cial Code (HGB) and the Fis­cal Code of Ger­ma­ny (AO) pro­vi­de for your reten­ti­on of the­se docu­ments (up to 6 and 10 years respec­tively). Your traf­fic data, which is coll­ec­ted during the use of the Inter­net con­nec­tion offe­red and ope­ra­ted by us, is stored by us for 7 days for the pur­po­se of abu­se con­trol and trou­ble­shoo­ting and then dele­ted, inso­far as this is legal­ly per­mis­si­ble. Spe­cial data free­ly given by you, such as data con­cer­ning health, will only be stored by us for as long as is neces­sa­ry for the pur­po­se in ques­ti­on or as long as we are legal­ly obli­ged to store it. Other data will only be stored by us for as long as is neces­sa­ry for the respec­ti­ve pur­po­se or until the expiry of any sta­tu­to­ry reten­ti­on peri­ods.

Social Media

Gene­ral infor­ma­ti­on

We ope­ra­te web­sites or “fan pages” on various social media plat­forms. For the pro­ces­sing of your per­so­nal data in con­nec­tion with your visit to our web­site or our “fan page” on the Face­book and Lin­ke­dIn plat­forms, we are joint­ly respon­si­ble with the ope­ra­tors of the respec­ti­ve plat­form, inso­far as they pro­vi­de us with aggre­ga­ted infor­ma­ti­on on visi­tors to our fan page or our web­site (“insights”).

The ope­ra­tor of the Face­book plat­form is Meta Plat­forms Ire­land Ltd, 4 Grand Canal Squa­re, Grand Canal Har­bour Dub­lin 2. The ope­ra­tor of the Lin­ke­dIN plat­form is Lin­ke­dIn Ire­land Unli­mi­t­ed Com­pa­ny, Wil­ton Place, Dub­lin 2, Ire­land.

We have con­cluded an agree­ment with the ope­ra­tors in accordance with Art. 26 GDPR on joint con­trol­ler­ship for the pro­ces­sing of your per­so­nal data (Con­trol­ler Adden­dum). This agree­ment spe­ci­fies the data pro­ces­sing ope­ra­ti­ons for which we or the respec­ti­ve ope­ra­tor are respon­si­ble when you visit our fan page or our pre­sence on the plat­form of the respec­ti­ve ope­ra­tor. You can view this agree­ment under the fol­lo­wing link:

Face­book: https://www.facebook.com/legal/terms/page_controller_addendum

Lin­ke­dIn: https://legal.linkedin.com/pages-joint-controller-addendum

If you wish to exer­cise your rights (infor­ma­ti­on, cor­rec­tion, dele­ti­on, rest­ric­tion, data por­ta­bi­li­ty, com­plaint to the super­vi­so­ry aut­ho­ri­ty, objec­tion or with­dra­wal), you can cont­act Face­book or Lin­ke­dIn as well as us. You can adjust your adver­ti­sing set­tings yours­elf in your user account. To do so, click on the fol­lo­wing link:

https://www.facebook.com/settings?tab=ads or http://www.youronlinechoices.com.

For fur­ther details, plea­se refer to Face­boo­k’s pri­va­cy noti­ce:  https://www.facebook.com/about/privacy/.

To cont­act Face­boo­k’s Data Pro­tec­tion Offi­cer, you can use the online cont­act form pro­vi­ded by Face­book at the fol­lo­wing link https://www.facebook.com/help/contact/540977946302970.

For more infor­ma­ti­on on data pro­ces­sing by Lin­ke­dIn, plea­se refer to Lin­ke­dIn’s pri­va­cy noti­ce: https://www.linkedin.com/legal/privacy-policy.

To cont­act the Data Pro­tec­tion Offi­cer of Insta­gram, you can use the cont­act form under the link https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

The ran­ge of ser­vices we offer includes set­ting up so-cal­led Face­book com­mu­ni­ties for the respec­ti­ve loca­ti­ons. When you have con­cluded your ten­an­cy agree­ment with us, you have the oppor­tu­ni­ty to exch­an­ge infor­ma­ti­on with other resi­dents of your loca­ti­on within the com­mu­ni­ties. Access to the respec­ti­ve Face­book com­mu­ni­ties is only per­mit­ted to the ten­ants of your respec­ti­ve loca­ti­on and our employees who mana­ge the respec­ti­ve com­mu­ni­ty.

We and the plat­form ope­ra­tor are each inde­pendent­ly respon­si­ble for the pro­ces­sing of your per­so­nal data in con­nec­tion with your visit to our web­site on the Twit­ter and Insta­gram plat­forms. For the asser­ti­on of your data sub­ject rights, we would like to point out that the­se can most effec­tively be asser­ted with the respec­ti­ve pro­vi­ders. Only they have access to the data coll­ec­ted from you.

The ope­ra­tor of the Twit­ter plat­form is Twit­ter Inter­na­tio­nal Com­pa­ny, One Cum­ber­land Place, Feni­an Street, Dub­lin 2, D02 AX07 Ire­land. The ope­ra­tor of the Insta­gram plat­form is Insta­gram, Meta Plat­forms Ire­land Ltd, 4 Grand Canal Squa­re, Grand Canal Har­bour Dub­lin 2, Ire­land.

If we pass on per­so­nal data to the pro­vi­ders of social media plat­forms, the lat­ter are the reci­pi­ents of the data. Sin­ce per­so­nal data may be trans­fer­red to the USA when visi­ting and inter­ac­ting with the social media plat­forms used by us, fur­ther pro­tec­tion mecha­nisms are requi­red to ensu­re the level of data pro­tec­tion of the GDPR. To ensu­re this, we have agreed stan­dard data pro­tec­tion clau­ses with the pro­vi­ders of all social media plat­forms used by us in accordance with Art. 46 para. 2 © GDPR. The­se obli­ge the reci­pi­ent of the data in the USA to pro­cess the data in accordance with the level of pro­tec­tion in Euro­pe. In cases whe­re this can­not be ensu­red even through this con­trac­tu­al exten­si­on, we take addi­tio­nal safe­guards to pro­tect the per­so­nal data of visi­tors to our social media sites.

 

In cases whe­re Con­trol­lers pro­cess your per­so­nal data on their own respon­si­bi­li­ty, we have no influence on the pro­ces­sing of this data by the Con­trol­ler and its hand­ling of this data (at least after trans­mis­si­on of the data). For fur­ther infor­ma­ti­on, plea­se refer to the pri­va­cy noti­ces of the respec­ti­ve pro­vi­der. If appli­ca­ble, you can use the opt-out/­per­so­na­li­sa­ti­on opti­ons with regard to the data pro­ces­sing by the pro­vi­der:

  • Twit­ter
  • Insta­gram
    • Pri­va­cy noti­ce /Opt-out: http://instagram.com/about/legal/privacy/
    • Insta­gram (Face­book), accor­ding to its pri­va­cy noti­ce, uses stan­dard data pro­tec­tion clau­ses to ensu­re an ade­qua­te level of data pro­tec­tion in accordance with the requi­re­ments of the GDPR for data trans­fers to the US or other third count­ries out­side the EU:

http://instagram.com/about/legal/privacy/

 

Coo­kies

When you visit our Face­book fan page or our other social media pages, one or more coo­kies are set on your ter­mi­nal device by the plat­form pro­vi­der. Coo­kies are small text files that are stored eit­her tem­po­r­a­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or per­ma­nent­ly (per­ma­nent coo­kies) on your ter­mi­nal device. Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted after the end of your visit. Per­ma­nent coo­kies remain stored on your ter­mi­nal device until you dele­te them yours­elf or until they are auto­ma­ti­cal­ly dele­ted by your web brow­ser.

Coo­kies have various func­tions. Many coo­kies are tech­ni­cal­ly neces­sa­ry, as cer­tain web­site func­tions would not work wit­hout them (e.g. the shop­ping cart func­tion or lan­guage set­tings). Other coo­kies are used to eva­lua­te user beha­viour or dis­play adver­ti­sing.

By inter­ac­ting with our Face­book fan page or our other social media sites, infor­ma­ti­on (e.g. your IP address) may be acces­sed or stored (e.g. coo­kies) on your ter­mi­nal equip­ment. This access or sto­rage may invol­ve fur­ther pro­ces­sing of per­so­nal data within the mea­ning of the GDPR.

The acti­vi­ty or vali­di­ty peri­od of coo­kies can vary great­ly, but you can dele­te them manu­al­ly at any time using your web brow­ser set­tings. If you have any tech­ni­cal ques­ti­ons, plea­se cont­act the manu­fac­tu­rer of your web brow­ser. Fur­ther infor­ma­ti­on on the use of coo­kies and their legal basis can be found in the pro­vi­der’s pri­va­cy noti­ce (see abo­ve).

Mar­ket rese­arch and adver­ti­sing pur­po­ses

As a rule, per­so­nal data on the com­pa­ny web­site is pro­ces­sed for mar­ket rese­arch and adver­ti­sing pur­po­ses of the pro­vi­der of the social media plat­form. For this pur­po­se, a coo­kie is set in your brow­ser, which enables the respec­ti­ve pro­vi­der to reco­g­ni­se you when you visit a web­site. In addi­ti­on, an eva­lua­ti­on of your inter­ac­tions on the social media plat­form is car­ri­ed out by the pro­vi­der. By means of the coll­ec­ted data, usa­ge pro­files can be crea­ted. The­se are used to dis­play adver­ti­se­ments within and out­side the plat­form that pre­su­ma­b­ly cor­re­spond to your inte­rests. Fur­ther­mo­re, data can also be stored in the usa­ge pro­files regard­less of the devices you use. This is regu­lar­ly the case if you are a mem­ber of the respec­ti­ve plat­forms and log­ged in to them. Fur­ther infor­ma­ti­on on this can be found in the pri­va­cy noti­ce of the respec­ti­ve pro­vi­der.

 

When you visit or inter­act with our social media site, we may recei­ve per­so­nal data from you, which we pro­cess on our own respon­si­bi­li­ty in addi­ti­on to the pro­vi­der. This may be infor­ma­ti­on that you actively pro­vi­de (comm­ents, likes and infor­ma­ti­on that you pro­vi­de publicly, such as your pro­fi­le pic­tu­re or name).

 

Depen­ding on the pro­vi­der and your set­tings on the pro­vi­der’s plat­form, we may also be infor­med about who has acces­sed our web­site or page within the plat­form.

 

Our access to the afo­re­men­tio­ned data results from the ope­ra­ti­on of our social media pre­sence; no fur­ther pro­ces­sing of this data by us takes place except in the cases men­tio­ned in this pri­va­cy noti­ce. We have a legi­ti­ma­te inte­rest in the ope­ra­ti­on of our social media pre­sence and the asso­cia­ted pro­ces­sing of per­so­nal data that you actively publish or make available to us pur­su­ant to Art. 6 para. 1 p. 1 (f) GDPR. Our legi­ti­ma­te inte­rest is to address you in an adver­ti­sing man­ner and to pro­vi­de you with an effec­ti­ve means of com­mu­ni­ca­ti­on and inter­ac­tion with our com­pa­ny. The data will be dele­ted as soon as it is no lon­ger requi­red for addres­sing and com­mu­ni­ca­ting with you.

 

Data pro­ces­sing when cont­ac­ting us

We our­sel­ves coll­ect per­so­nal data when you cont­act us, for exam­p­le via a cont­act form or a mes­sen­ger ser­vice of the respec­ti­ve plat­form. Which data is coll­ec­ted depends on the infor­ma­ti­on you pro­vi­de and the cont­act details you have given or released. This data is stored by us for the pur­po­se of pro­ces­sing the enquiry and in the event of fol­low-up ques­ti­ons. The legal basis for the pro­ces­sing of the data is our legi­ti­ma­te inte­rest in respon­ding to your enquiry in accordance with Art. 6 para. 1 (f) GDPR and, if appli­ca­ble, Art. 6 para. 1 (b) GDPR if your enquiry is aimed at con­clu­ding a con­tract. After the enquiry has been dealt with, your data will be dele­ted unless the­re is a legal obli­ga­ti­on to retain it. We assu­me that the pro­ces­sing is com­ple­ted when it can be infer­red from the cir­cum­s­tances that the mat­ter con­cer­ned has been con­clu­si­ve­ly cla­ri­fied.

 

Data pro­ces­sing for the per­for­mance of the con­tract

If your cont­act via a social net­work is aimed at per­forming a con­tract with us, we pro­cess your data for the per­for­mance of a con­tract or for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res or for the pro­vi­si­on of the reques­ted ser­vices. In this case, the legal basis for the pro­ces­sing of your data is Art. 6 para. 1 (b) GDPR. Your data will be dele­ted if it is no lon­ger requi­red for the per­for­mance of the con­tract or if it is deter­mi­ned that the pre-con­trac­tu­al mea­su­res do not lead to the con­clu­si­on of a con­tract in accordance with the pur­po­se of the cont­act. It may also be neces­sa­ry to store per­so­nal data of our con­trac­tu­al part­ners after the con­clu­si­on of the con­tract in order to com­ply with con­trac­tu­al or legal obli­ga­ti­ons.

 

Data pro­ces­sing on the basis of con­sent

 

If you are asked by the respec­ti­ve plat­form pro­vi­der for con­sent to pro­ces­sing for a spe­ci­fic pur­po­se, the legal basis of the pro­ces­sing is Art. 6 para. 1 (a), Art. 7 GDPR. Con­sent given can be with­drawn at any time with effect for the future.

Insights func­tion­a­li­ty

When you visit our social media site, per­so­nal data is pro­ces­sed by the plat­form ope­ra­tor and by us. Inso­far as this data pro­ces­sing takes place in con­nec­tion with the Insights func­tion­a­li­ty of Face­book (Meta Plat­forms Ire­land Ltd. or Meta Plat­forms Inc.), we are joint­ly respon­si­ble for it with Face­book (Art. 26 para. 1 GDPR). Inso­far as this data pro­ces­sing takes place in con­nec­tion with the Insights func­tion­a­li­ty of Lin­ke­dIn (Lin­ke­dIn Ire­land Unli­mi­t­ed Com­pa­ny. or Lin­ke­dIn Cor­po­ra­ti­on.), we are joint­ly respon­si­ble for it with Lin­ke­dIn (Art. 26 para. 1 GDPR).

 

Page insights allow us to obtain aggre­ga­te data about visi­tor inter­ac­tion.

Site insights may be based on per­so­nal data coll­ec­ted in con­nec­tion with an indi­vi­dual’s visit to or inter­ac­tion with our site and in con­nec­tion with con­tent pro­vi­ded. Your data may be pro­ces­sed for mar­ket rese­arch and pro­mo­tio­nal pur­po­ses. For exam­p­le, user pro­files can be crea­ted from the usa­ge beha­viour and resul­ting inte­rests of the users. The user pro­files can in turn be used, for exam­p­le, to dis­play adver­ti­se­ments within and out­side the plat­forms that pre­su­ma­b­ly cor­re­spond to the inte­rests of the users. This data coll­ec­tion takes place via coo­kies that are stored on your ter­mi­nal device. Fur­ther­mo­re, data that is inde­pen­dent of the devices used by the users may also be stored in the user pro­files; in par­ti­cu­lar, if the users are mem­bers of the respec­ti­ve plat­forms and log­ged in to them.

We only recei­ve sum­ma­ri­sed (aggre­ga­ted) data from the plat­form ope­ra­tor, which does not allow any con­clu­si­ons to be drawn about indi­vi­du­al per­sons.

The pro­ces­sing of your per­so­nal data may be used by us to increase the reach and awa­re­ness of our social media pre­sen­ces through tar­get group-spe­ci­fic design of posts and to eva­lua­te the suc­cess of mar­ke­ting cam­paigns.

The legal basis for the pro­ces­sing of your per­so­nal data in con­nec­tion with your visit to or inter­ac­tion with our Face­book fan page is Art. 6 para. 1 (f) GDPR. We have a legi­ti­ma­te inte­rest in using aggre­ga­ted infor­ma­ti­on about inter­ac­tions with our social media pre­sence for pro­mo­tio­nal pur­po­ses.

Infor­ma­ti­on on the pur­po­ses pur­sued by the plat­form ope­ra­tor with the pro­ces­sing of your per­so­nal data and the legal basis of this data pro­ces­sing can be found in the pri­va­cy noti­ce of the respec­ti­ve plat­form ope­ra­tor.

Plea­se note that we have no influence on the data coll­ec­tion and fur­ther pro­ces­sing under the respon­si­bi­li­ty of the plat­form ope­ra­tor. As a result, we can­not pro­vi­de any infor­ma­ti­on about the scope, loca­ti­on and dura­ti­on for which the data is stored by the plat­form ope­ra­tor.

Sto­rage peri­od

The per­so­nal data coll­ec­ted by us will be dele­ted if it is no lon­ger requi­red for the pur­po­ses spe­ci­fied when it was coll­ec­ted or if you have exer­cis­ed your right of with­dra­wal or objec­tion. Legal reten­ti­on peri­ods remain unaf­fec­ted. We have no influence on the sto­rage peri­od of your data, which is stored by the social media pro­vi­ders for their own pur­po­ses.‍

 

APPLICATIONS

You can app­ly for one of our adver­ti­sed posi­ti­ons via our online appli­ca­ti­on por­tal. We pro­cess your data inso­far as this is neces­sa­ry for the decis­i­on on the estab­lish­ment of an employ­ment rela­ti­onship with us. The legal basis for this is Artic­le 88 GDPR in con­junc­tion with Sect. 26 of the Ger­man Fede­ral Data Pro­tec­tion Act (BDSG).

Fur­ther­mo­re, we may pro­cess your per­so­nal data if this is neces­sa­ry for the ful­film­ent of legal obli­ga­ti­ons (Art. 6 para. 1 © GDPR) or for the defence or asser­ti­on of legal claims. The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legi­ti­ma­te inte­rest is, for exam­p­le, a duty of pro­of in pro­cee­dings under the Gene­ral Act on Equal Tre­at­ment (AGG).

If you give us express con­sent to pro­cess per­so­nal data for spe­ci­fic pur­po­ses, the lawful­ness of this pro­ces­sing is based on your con­sent in accordance with Art. 6 para. 1 (a) GDPR, Sect. 26 para. 2 BDSG. You can with­draw your con­sent at any time with future effect. This appli­es in par­ti­cu­lar to inclu­si­on in our talent pool. If you give your con­sent, we will include your appli­ca­ti­on infor­ma­ti­on in our talent pool if no employ­ment rela­ti­onship is estab­lished in order to cont­act you again in the event of sub­se­quent vacan­ci­es. In this case, we store your data for a peri­od of 12 months and then dele­te the data, unless you give us your con­sent to keep the data lon­ger.

If an employ­ment rela­ti­onship ari­ses bet­ween you and us, we may, in accordance with Art. 88 GDPR in con­junc­tion with Sect. 26 BDSG, fur­ther pro­cess the per­so­nal data alre­a­dy recei­ved from you for the pur­po­ses of the employ­ment rela­ti­onship, inso­far as this is neces­sa­ry for the imple­men­ta­ti­on or ter­mi­na­ti­on of the employ­ment rela­ti­onship or for the exer­cise or ful­film­ent of the rights and obli­ga­ti­ons of the employee repre­sen­ta­ti­ve body resul­ting from a law or a coll­ec­ti­ve agree­ment, a com­pa­ny or ser­vice agree­ment (coll­ec­ti­ve agree­ment).

 

We only pro­cess data that is rela­ted to your appli­ca­ti­on. This can be gene­ral per­so­nal data (name, address, cont­act details, etc.), infor­ma­ti­on on your pro­fes­sio­nal qua­li­fi­ca­ti­ons and school edu­ca­ti­on, infor­ma­ti­on on fur­ther pro­fes­sio­nal trai­ning and, if appli­ca­ble, other data that you pro­vi­de to us in con­nec­tion with your appli­ca­ti­on. We coll­ect your name and e‑mail address (man­da­to­ry fields) via our cont­act form for the pur­po­ses men­tio­ned abo­ve. In addi­ti­on, you can tell us your title, mobi­le num­ber, ear­liest start­ing date and peri­od of noti­ce, tell us how you beca­me awa­re of us and attach comm­ents and docu­ments.

We may trans­fer your per­so­nal data to com­pa­nies affi­lia­ted with us, pro­vi­ded you have given your con­sent in accordance with Art. 88 GDPR in con­junc­tion with Sect. 26 para. 2 BDSG.

 

We use the HRworks GmbH per­son­nel manage­ment sys­tem in which we mana­ge and store appli­ca­ti­ons. In this con­text, your data is pas­sed on to the sys­tem pro­vi­der. We have con­cluded a data pro­ces­sing con­tract with the ser­vice pro­vi­der in which we obli­ge them to pro­tect our appli­cants’ data and not to pass it on to third par­ties.

Other­wi­se, data is only pas­sed on to reci­pi­ents out­side the com­pa­ny if this is per­mit­ted or requi­red by law, the trans­fer is neces­sa­ry to ful­fil legal obli­ga­ti­ons or we have your con­sent.

We store your per­so­nal data as long as this is neces­sa­ry for the decis­i­on on your appli­ca­ti­on. Your per­so­nal data or appli­ca­ti­on docu­ments will be dele­ted no later than six months after the end of the appli­ca­ti­on pro­cess (e.g. noti­fi­ca­ti­on of the rejec­tion decis­i­on), unless lon­ger sto­rage is legal­ly requi­red or per­mit­ted. We store your per­so­nal data bey­ond this only inso­far as this is requi­red by law or in the spe­ci­fic case for the asser­ti­on, exer­cise or defence of legal claims for the dura­ti­on of a legal dis­pu­te.

In the event that you have agreed to a lon­ger sto­rage of your per­so­nal data, we will store it in accordance with your decla­ra­ti­on of con­sent.

If an employ­ment, trai­ning or intern­ship rela­ti­onship is estab­lished fol­lo­wing the appli­ca­ti­on pro­cess, your data will initi­al­ly con­ti­nue to be stored to the ext­ent neces­sa­ry and per­mis­si­ble and then trans­fer­red to the per­son­nel file.

 

BUSINESS RELATIONS WITH THIRD PARTIES / DELIVERY AND PERFORMANCE TO US

We pro­cess and store the per­so­nal data pro­vi­ded by busi­ness part­ners (or poten­ti­al busi­ness part­ners) in the con­text of enqui­ries, the trans­mis­si­on of offers, the trans­mis­si­on of mas­ter data, orders/contracts or other busi­ness cor­re­spon­dence, and for the per­for­mance of pre-con­trac­tu­al mea­su­res (busi­ness initia­ti­on) or the per­for­mance of a con­tract.

We only store per­so­nal data for as long as is neces­sa­ry for the sup­p­ly and ser­vice rela­ti­onship or the admi­nis­tra­ti­on of the busi­ness rela­ti­onship. The legal basis for this is Art. 6 para. 1 p. 1 (b) GDPR, inso­far as the data pro­ces­sing is car­ri­ed out for the per­for­mance of a con­tract or the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res. We base the data pro­ces­sing on our legi­ti­ma­te inte­rest in accordance with Art. 6 para. 1 (f) GDPR in the smooth pro­ces­sing of enqui­ries and busi­ness cor­re­spon­dence, inso­far as the data pro­ces­sing is neces­sa­ry for the­se pur­po­ses.

For the abo­ve pur­po­ses, we coll­ect name, busi­ness tele­pho­ne num­ber, busi­ness e‑mail address, busi­ness address, pay­ment data of the company/business part­ner (bank details) and, if appli­ca­ble, data pro­vi­ded by you within the scope of cor­re­spon­dence and con­tract pro­ces­sing.

Data is pro­ces­sed in intern­al­ly used IT sys­tems and pas­sed on in this con­text to the respec­ti­ve sys­tem pro­vi­ders and, in the case of e‑mail com­mu­ni­ca­ti­on bet­ween us, to the respec­ti­ve e‑mail pro­vi­der. Banks may recei­ve data from you in the cour­se of pay­ment pro­ces­sing. In addi­ti­on, in the con­text of legal dis­pu­tes, your data may be pas­sed on to a lawy­er appoin­ted by us.

The data will be dele­ted as soon as it is no lon­ger requi­red for con­trac­tu­al pur­po­ses or busi­ness cor­re­spon­dence. In addi­ti­on, we are requi­red by appli­ca­ble law to retain cer­tain per­so­nal data for legal­ly defi­ned peri­ods of time (such as in con­nec­tion with busi­ness tran­sac­tions).

 

OTHER DATA TRANSFER

We will never offer your data for sale to third par­ties.

In addi­ti­on to the dis­clo­sure of your data alre­a­dy men­tio­ned in this pri­va­cy noti­ce, we may share data with affi­lia­ted com­pa­nies if this is neces­sa­ry for inter­nal admi­nis­tra­ti­ve pur­po­ses. We base this data sha­ring on our legi­ti­ma­te inte­rest in the effi­ci­ent and smooth inter­nal admi­nis­tra­ti­on of the asso­cia­ti­on in accordance with Artic­le 6 para. 1 (f) of the GDPR.

In addi­ti­on, we may be legal­ly obli­ged to pass on data (Art. 6 para. 1 ©) GDPR). This is the case, for exam­p­le, vis-à-vis the natio­nal regis­tra­ti­on aut­ho­ri­ties (e.g. Sec­tions 19, 30 of the Fede­ral Regis­tra­ti­on Act (BMG)) or in the case of dis­clo­sure obli­ga­ti­ons vis-à-vis law enforce­ment agen­ci­es and inves­ti­ga­ting aut­ho­ri­ties.

If your data is also trans­fer­red to non-Euro­pean count­ries in this con­text, we ensu­re spe­cial pro­tec­tion of your data by eit­her only trans­fer­ring it to third count­ries for which the Euro­pean Com­mis­si­on has issued an ade­quacy decis­i­on or by using so-cal­led stan­dard con­trac­tu­al clau­ses of the Euro­pean Com­mis­si­on.

Sale or mer­ger

We may share your per­so­nal data in the event of a mer­ger, acqui­si­ti­on or sale of all or part of our assets. We will of cour­se noti­fy you by email and/or your pro­mi­nent noti­ce on our web­site and inform you of your rights.‍

HOW WE ENSURE THE SECURITY OF THE DATA WE COLLECT

Pro­tec­ting your per­so­nal data is very important to us. Alt­hough we take reasonable pre­cau­ti­ons to pro­tect the per­so­nal data we coll­ect, plea­se note that your secu­ri­ty sys­tem is infal­li­ble.

 

We use seve­ral appro­pria­te tech­ni­cal and orga­niza­tio­nal mea­su­res and indus­try stan­dards to pro­tect your per­so­nal data from loss, theft, misu­se, unaut­ho­ri­zed access and unaut­ho­ri­zed dis­clo­sure, altera­ti­on and des­truc­tion. The per­so­nal data we store about you resi­des on com­pu­ter sys­tems with rest­ric­ted access. In addi­ti­on, we requi­re third par­ties con­trac­ted by us to main­tain appro­pria­te secu­ri­ty mea­su­res for the infor­ma­ti­on we trans­mit. When you visit our web­site or send us infor­ma­ti­on via the web­site, your data is pro­tec­ted by encryp­ti­on tech­no­lo­gies, such as trans­port lay­er secu­ri­ty (https encryp­ti­on).

YOUR RIGHTS

You have the fol­lo­wing rights in rela­ti­on to our use of your per­so­nal data:‍

Right to object accor­ding to Art. 21 GDPR

If your per­so­nal data is pro­ces­sed by us on the basis of legi­ti­ma­te inte­rests pur­su­ant to Artic­le 6 para. 1 (f) GDPR, you have the right under Artic­le 21 GDPR to object to the pro­ces­sing of your per­so­nal data on grounds rela­ting to your par­ti­cu­lar situa­ti­on. If the objec­tion is direc­ted against the pro­ces­sing of per­so­nal data for the pur­po­se of direct mar­ke­ting, you have a gene­ral right of objec­tion wit­hout the requi­re­ment of spe­ci­fic grounds.

 

Right of access accor­ding to Art. 15 GDPR

You can ask us to pro­vi­de you with infor­ma­ti­on about the pro­ces­sing of your per­so­nal data and a copy of the per­so­nal data we hold about you.

Right to rec­ti­fi­ca­ti­on or era­su­re pur­su­ant to Art. 16, 17 GDPR

You can let us know if your per­so­nal data has chan­ged or if you want us to chan­ge the per­so­nal data we coll­ect about you.

In cer­tain cases, you can ask us to dele­te the per­so­nal data we have coll­ec­ted about you.‍

 

Right to rest­ric­tion of pro­ces­sing Art. 18 GDPR

In cer­tain cases you have the right to ask us to rest­rict the pro­ces­sing of your data.

Right to with­draw con­sent given and objec­tion to pro­ces­sing pur­su­ant to Art. 7 para. 3 GDPR

If you have given your con­sent to the pro­ces­sing of your data, you can with­draw this con­sent at any time with effect for the future. Such a with­dra­wal does not affect the lawful­ness of pro­ces­sing of your per­so­nal data that has alre­a­dy taken place befo­re the with­dra­wal.

 

Of cour­se, you can object to the pro­ces­sing of your per­so­nal data for pur­po­ses of adver­ti­sing and data ana­ly­sis at any time. You can find more infor­ma­ti­on on this under Use of Coo­kies and other (Marketing-)Tools.

 

Right to lodge a com­plaint with a super­vi­so­ry aut­ho­ri­ty pur­su­ant to Art. 77 GDPR

We will always endea­vour to find a solu­ti­on with you if you expe­ri­ence pro­blems with our use of your data. Howe­ver, if you feel that we have not been able to help you resol­ve the pro­blem, you also have the right to com­plain to your data pro­tec­tion super­vi­so­ry aut­ho­ri­ty about our pro­ces­sing of your per­so­nal data.

We rely on you to ensu­re that your per­so­nal data is com­ple­te, accu­ra­te and up to date. Plea­se noti­fy us imme­dia­te­ly of any chan­ges or inac­cu­ra­ci­es in your per­so­nal data by sen­ding your email to [datenschutz@ic-campus.com].‍