DATA Privacy Policy

Data protection advice by CENTRUM Berlin, Ku’damm-Eck Vermögensverwaltung GmbH & Co. KG

Effective as of February 2020

We take your privacy very seriously and will process your personal data in compliance with the applicable statutory data protection requirements. Personal data within the meaning of this Policy is any information that may be related to you, for example, your name, address, e-mail address and IP address, and your user behaviour. The following Data Privacy Policy provides information about how we will process your personal data. In addition, we provide you with an overview of your data privacy rights. Which data will be processed and how such data will be used will primarily depend on the services used, requested, or contracted.

1. Responsible party

The controller within the meaning of Art. 4 para. 7 of the General Data Protection Regulation (hereinafter “GDPR”) and the service provider within the meaning of § 13 German Telemedia Act (hereinafter “TMG”) is:

CENTRUM Berlin, Ku’damm-Eck Vermögensverwaltung GmbH & Co. KG
Kaistrasse 8B
40221 Düsseldorf
Germany

2. Source of person-related data

We will process personal data that we receive in the course of your visit on our website or in the context of you contacting us by e-mail.

3. Categories of personal data that are processed

(1) If you visit/use our website for information purposes only, meaning you do not register or otherwise transmit information to us, we will only collect personal data that is transmitted to our server by your browser. If you choose to view our website, we will collect the following data, which we need for technical reasons in order to show our website to you and to ensure stability and security:

- Your IP address,
- Date, time and duration of your visit,
- Content of the request (specific page),
- Access status/http-status code,
- Data volume transmitted,
- Website from which the request is received,
- Your browser, and
- Your operating system.
This data will be used exclusively for internal statistical purposes.

(2) In addition to the aforementioned data, during your use of our website temporary or persistent cookies will be stored on your computer. Cookies are small text files that are stored on your hard drive and are assigned to the browser you are using and that transmit certain information to the party that has placed the cookie. Cookies cannot execute programs or transmit viruses to your computer. Their purpose is to make the website as a whole more user-friendly and effective.

(3) Most browsers are configured by default to accept cookies. However, you can block cookies in your browser at any time or select settings in your browser to receive a notification as soon as a cookie is transmitted. Please note, however, that you may not be able to use all features of this website.

(4) Data stored this way will be stored separately from any additional data you may have provided to us. In particular, data from cookies will not be linked to any other data relating to you.

4. Additional features and services of our website

(1) In addition to purely informational use of our website we offer various services that you may use if you are interested. To use those services you will generally have to provide additional personal data, which we will then use to provide the respective service.

(2) If you contact us by email, we will store the data you transmit to us (your email address, possibly also your name and phone number) in order to answer your request. Data we receive in this connection will be erased as soon as its storage is no longer necessary, or if we are subject to legal retention obligations, we will restrict the processing of such data.

5. Categories of recipients of personal data

(1) For some of the aforementioned processes and services we have carefully selected third-party service providers in conformity with applicable data protection law. Such third-party service providers are bound by our instructions and are audited by us on a regular basis. They will not transfer your data to third parties.
(2) In terms of transferring data to other recipients, we will transfer information about you only if we are required to do so by law, if you have consented, or if we otherwise are authorized to do so. Provided that these requirements are satisfied, we may transfer personal data, for example, to the following recipients:
Government agencies and institutions (e.g. tax authorities, criminal investigation authorities) in the event of a legal or regulatory obligation,
Other companies or comparable institutions to whom we transfer your personal data for the purpose of business relationship with you.

6. Purposes for which personal data is processed, and legal bases of data processing

We will process your personal data in compliance with applicable data protection laws. Data processing is lawful if one of the following conditions is met:

Consent (Art. 6 para. 1 a) of the GDPR):
The processing of your personal data is lawful if you have consented to processing for specific purposes (e.g., processing of your inquiry, use of data for marketing purposes). Consent that has been given can be revoked at any time with effect for the future. This also applies to the revocations of consents you gave us before the GDPR took effect, meaning prior to May 25, 2018.

Contractual obligations (Art. 6 para. 1 b) of the GDPR):
We process personal data in order to comply with our contractual obligations or to perform pre-contractual measures upon request. The purposes of data processing depend primarily on your inquiry.

Legal requirements (Art. 6 para. 1 c) of the GDPR):
CENTRUM Berlin, Ku’damm-Eck Vermögensverwaltung GmbH & Co. KG is subject to different legal obligations, including the following:
Retention obligations under the German Commercial Code (HGB) and the German Tax Code (AO),
Audit and reporting obligations under tax law.

Legitimate interests (Art. 6 para.1 f) of the GDPR):
To the extent necessary, we will process your data beyond the actual performance of the agreement with you in order to preserve our legitimate interests or those of third parties. Examples:
To assert legal claims or defend legal actions,
To guarantee IT security and IT operation.
To analyse and improve use of our website.

7. Intent to transfer personal data to a third country or international organizationAbsicht, die personenbezogenen Daten an ein Drittland oder eine internationale Organisation zu übermitteln

Active transmission of personal data to third countries only takes place if this is expressly disclosed in connection with the aforementioned services.

8. Criteria for determining the duration for which personal data will be storedKriterien für die Festlegung der Dauer, für die die personenbezogenen Daten gespeichert werden

(1) Data will be stored in compliance with applicable data processing laws and in conformity with legal retention obligations. We will process and use your data only for the purposes for which we are authorized and as long as the data is required for these purposes.

(2) If the data is no longer required for the purpose or for compliance with legal obligations, it will generally be erased unless further processing for a limited period of time and, where applicable, on a restricted basis is necessary for one of the following purposes:
Compliance with obligations under commercial or tax law: in particular the German Commercial Code (HGB) and the German Tax Code (AO). According to them, retention and/or documentation periods are stated as up to 10 years.
Preserving evidence in connection with statute of limitations provisions: According to §§ 195 et seq. of the German Civil Code (BGB), the standard limitation period is three years, but may be up to 30 years under special circumstances.

9. Your data privacy rights

(1) Every data subject has a right to information under Art. 15 of the GDPR, a right to rectification under Art. 16 of the GDPR, a right to erasure under Art. 17 of the GDPR, a right to restricted data processing under Art. 18 of the GDPR, a right of revocation under Art. 21 of the GDPR, and a right to data portability under Art. 20 of the GDPR. The right to information and the right to erasure are subject to limitations of §§ 34 and 35 of the German Federal Data Protection Act (BDSG 2018). In addition, every data subject has a right to file a complaint with a responsible data protection supervisory authority (Art. 77 of the GDPR in conjunction with § 19 of the German Federal Data Protection Act (BDSG 2018).

(2) Your consent to the processing of personal data by us may be revoked at any time with effect for the future. This also applies to revoking declarations of consent that were given to us before the General Data Protection Regulation took effect, i.e., prior to May 25, 2018.

(3) You have a right to object at any time to the processing of your personal data based on Art. 6 para. 1 e) of the GDPR (data processing in the public interest) and Art. 6 para. 1 f) of the GDPR (data processing on the basis of a legitimate interest) for reasons that arise from your particular situation; this also applies to profiling within the meaning of Art. 4 no. 4 of the GDPR on the basis of that provision.
In some cases your personal data will be processed for direct advertising purposes. You have the right to object to processing of your personal data for direct advertising purposes at any time; this also applies to profiling related to such direct advertising. If you object to processing of your personal data for the purpose of direct advertising, your personal data will no longer be processed for such purposes. If you object, we will no longer process your personal data unless we can demonstrate that there are compelling, legally protected reasons for upholding the processing that outweigh your interests, rights, and freedoms, and unless your data is processed to assert, exercise, or defend legal rights or claims. Objections may be made informally and should be addressed as follows:

CENTRUM Berlin, Kudamm-Eck Vermögensverwaltung GmbH & Co. KG

Kaistrasse 8B
40221 Düsseldorf
Germany

10. Obligation to make available personal data and potential consequences of failing to make available personal dataVerpflichtung zur Bereitstellung und mögliche Folgen einer Nichtbereitstellung von personenbezogenen Daten

In connection with using our services, you must make available all personal data which is required to fulfil the purpose for which it is collected or which we are required to collect by law. Without this data, we will generally be unable to provide the service required.

11. Automated decision-making process, including profilingBestehen einer automatisierten Entscheidungsfindung einschließlich Profiling

As a matter of principle, we do not use fully automated decision-making processes within the meaning of Art. 22 of the GDPR to establish or maintain a business relationship with you. Should we use such a method in particular cases, we will inform you separately if required by law.

12. Changes to this Data Privacy PolicyÄnderungen der Datenschutzhinweise

We continuously develop and optimize our services. We may therefore add new functionalities. Should this have an impact on how your personal data is processed, we will provide you with timely notice in our Data Privacy Policy.