Data protection

Responsibility and obligations concerning own content


In accordance with general legislation, we are responsible for our own content on these web pages. As a service provider, however, we are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate unlawful activities.

This does not affect our obligation to delete, remove or prevent the use of information in accordance with general legislation. However, such an obligation shall only arise from the point at which we become aware of a possible, concrete legal infringement. Should we become aware of any such legal infringements, we will fulfil this obligation.

Copyright


The content provided on this website (e.g. texts, graphics, photos, illustrations, audio playback/music etc.) may be subject to copyright or industrial property rights. The use of this content outside the limits of the applicable copyright or industrial property rights is not permitted without the consent of the copyright holder.

Data protection statement/data protection information

Last updated: May 2018

As the controller, we are hereby fulfilling our information and disclosure obligations with regard to the processing of personal data in connection with this website and informing you about the nature, extent and purpose of our processing of personal data.

Firstly, we will provide any general information concerning the processing of data that may be relevant to you, particularly concerning the purpose of the processing, criteria surrounding the storage period, recipient categories, planned transfers of data to third countries or international organisations and whether we use contracted service providers. This will be followed by information concerning processing in individual cases.

With regard to the terms used – “personal data”, “processing”, “controller”, “data subject”, “third parties” – the reader is referred to the definitions contained in Article 4 of Regulation (EU) 2016/679 (GDPR).

Please note that this data protection information may be amended on an ad hoc basis or as the result of regular reviews. Therefore, we recommend that you check for any changes when you visit this website.


General information

This website is intended for general communication in connection with providing and presenting our services and information about our company. The processing of personal data is necessary for the purpose of providing the website in order to fulfil our legitimate advertising interests. The legal basis for data processing in this respect is point f of Article 6(1) sentence 1 GDPR. Data subjects are the respective users of this website.

Further details on the processing of individual personal data and other or additional purposes or legal bases are provided in the appropriate sections of this data protection statement.

Controller:


Managing Director:
Mr Andreas Eisele

Registered office:
Eisele Real Estate GmbH
Maximilianstrasse 45
D-80538 Munich
Germany
Tel.: +49 89 716 77 46 - 11
email: andreas.eisele@eisele-realestate.de

Your rights as a data subject (user) and the right to lodge a complaint


As a data subject whose data is being processed by us (hereinafter also referred to as “user”), you may assert the following rights with respect to us:

  • You may request information in accordance with Article 15 GDPR, particularly concerning whether we process personal data pertaining to you. If this is the case, you may request information about the categories of the personal data concerned and the purposes for which we process it as well as its origin, if applicable (if the data is not collected by us) and the categories of the recipients of this data, among other things.
  • You may demand the rectification of incorrect personal data or the completion of incomplete personal data we have stored pertaining to you pursuant to Article 16 DGPR.
  • You may demand the deletion of personal data we have stored pertaining to you as specified in Article 17 GDPR. If there are reasonable grounds preventing the deletion of the data, the processing of the data will be restricted (blocking). In order to ensure that data can be blocked effectively and that the related restriction of processing can be enforced, the affected data may need to be stored in a lock file under certain circumstances.
  • You are entitled to demand the restriction of processing from us under Article 18 GDPR.
  • Pursuant to Article 19 GDPR, you may request information concerning recipients if a notification obligation applies in the case of the rectification, deletion or restriction of processing of personal data.
  • In accordance with Article 20 GDPR, you are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format or demand the transmission of the data to another controller.
  • You may assert your right under Article 21 GDPR to object to the processing of personal data concerning you which is based on point e or f of Article 6(1) sentence 1 GDPR, particularly if your personal data is used for direct advertising or on grounds relating to your particular situation.

You may withdraw your consent to the processing of personal data at any time with future effect. Any processing of data prior to the withdrawal of consent shall not be affected.

You may also assert your right to lodge a complaint with the competent supervisory authority pursuant to Article 77 GDPR.

Disclosure and distribution of data


Personal data will only be transmitted or distributed to third parties to the extent that this is done on legal grounds and to the extent outlined by us in relation to the individual data being processed or where one of the following reasons applies:

  • It is necessary for the performance of a contract or to take steps prior to entering into a contract (point b of Article 6(1) sentence 1 GDPR).
  • Processing is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that you have a prevailing, compelling interest in the non-transmission of your data (point f of Article 6(1) sentence 1 GDPR).
  • There is a legal obligation to transmit the data (point c of Article 6(1) sentence 1 GDPR).
  • We have your valid consent (point a of Article 6(1) sentence 1 GDPR).

Within this context, data will only be transmitted to or processed in third countries (outside the EU and the EEA) if the specific conditions set forth in Article 44 ff. GDPR are fulfilled.

Criteria for the definition of the storage period


We generally store personal data for as long as is required to fulfil the purpose for which it is processed, where statutory or regulatory storage periods apply or if we have a legitimate interest in storing the data or if you have consented to the same.

We store specific data in accordance with the following rules for the respective duration indicated and then delete the data once the storage period indicated has elapsed:

  • 3 years: Data and content concerning legal transactions (including preparation for the same) and data enabling us to provide information and defend our position, as well as for the purposes of asserting or defending against legal claims.
  • 6 years: Commercial papers (Section 257 Paragraph 1 points 2 and 3, Paragraph 4 of the German Commercial Code/HGB) Reference files (Section 50 Paragraph 1 of the German Federal Lawyers’ Act/BRAO)
  • 10 years: Tax-relevant documents, accounting documents, trading books (Section 147 Paragraph 1 Fiscal Code of Germany/AO, Section 257 Paragraph 1 items 1 and 4, Paragraph 4 German Commercial Code/HGB) Medical records
  • 30 years: Data stored due to specific circumstances in our interests or in the interests of third parties because corresponding limitation periods or specific retention periods apply (e.g. enforcement orders, specific limitation periods).

Should circumstances (e.g. conclusion of contracts, negotiations concerning claims, legal disputes etc.) arise during the storage of the data that would necessitate a longer storage period, these storage periods shall be extended accordingly.

The storage period shall usually begin at the end of the calendar year in which the last event connected with the processing of the data occurred (e.g. order placement, delivery, end of a contract, invoicing).

We provide more specific details pertaining to the storage period for specific forms of processing in the respective appropriate place.

Website hosting:


This website is hosted by a provider located within the EU, with which we have concluded a contract for the processing of orders and which has provided sufficient guarantees with respect to compliance with appropriate technical and organisational measures to ensure that data protection requirements are fulfilled and the rights of the data subject are protected. Unless otherwise indicated, the data is processed on the provider’s systems on our behalf and in accordance with our instructions, whereby the provider’s employees do not have direct access to the data.

General data security


We use the following measures to safeguard the processing of the data and protect it against improper use and unauthorised access, alteration, transmission or destruction:

  • The website can be accessed via HTTPS. When it is accessed in this way, the content is protected by a state-of-the-art encryption algorithm during its transmission between your browser and the server. However, this does not apply to addresses accessed via the website (links/URLs). For technical reasons, these are always unencrypted.



Processing

Processing of website access and server log files


When you use our website, we collect personal data, which your browser transmits to the server when you access pages. This data is required for technical reasons to enable us to provide the website and the services you require. The following data is processed in this regard:

  • Public IP address from which the website is requested or the proxy server used, if applicable.
  • Time of request.
  • Requested URL (address) and URL from which the request was launched (referrer).
  • Browser used, operating system and its interface, browser software language and version.
  • Technical information concerning access: Access status/HTTP status code, respective quantity of data transferred.
  • Content data accessed and linked to (texts, photos, videos, graphics, other files etc.).

This data is stored in a log file.

Log files are deleted after 6 months. Only in exceptional cases will the data be stored for a longer period for evidential and analytical purposes and deleted as soon as the reason for such storage expires.

The purposes of the processing of the data are:

  • Provision of the website and its content, services and functions.
  • To ensure seamless, convenient use of the website.
  • To ensure system security and stability through the evaluation of errors and incidents.
  • Performance of administrative tasks.

The legal basis for data processing is point f of Article 6(1) sentence 1 GDPR. Our legitimate interest with regard to data processing lies in general communication in connection with providing and presenting our services and information about our company.

The data will not be used to draw any conclusions about you.

We also use cookies on our website. For more information, please read the information on cookies in this data protection statement.

Cookies during simple use of the website


We use cookies (small files which are created automatically and are stored on your end device by your browser) on this website. Cookies do not cause any damage on your end device and do not contain any viruses, Trojans or other malware. They are used for the purposes of making the website more user-friendly and more pleasant to use.

Temporary cookies (session cookies/transient cookies) are stored on your computer to make our internet offerings more user-friendly and more effective. They contain what is known as a session ID, which is used to associate the various requests of your browser with a single session. This allows your computer to be recognised if you access other pages of our website. Temporary cookies are deleted regularly when you close your browser. These cookies are not used to analyse user behaviour.

In addition, persistent cookies are used under certain circumstances to detect whether you have visited the website in the past. When you visit the website once again, it automatically recognises that you have visited previously and recalls the input you entered and the settings you selected so that you do not need to enter/select these again. These cookies are automatically deleted by your browser after the specified expiry period of 12 months.

The data stored in the cookies is processed for the aforementioned purposes to uphold our legitimate interests concerning the provision of this service in accordance with point f of Article 6(1) sentence 1 GDPR.

Users may configure their browser settings as desired and, for example, disable cookies if they wish. In this case, however, it may not be possible to use all of the functions of this website.

General contact:


If you contact us (e.g. using the contact form, email, telephone or via social media), we will store and process the contact information you provide (name, email address, telephone number) and the information and content transmitted in connection with your contacting us for the purpose of responding to your request.

If you use the contact form, we will be sent an email containing the details of your request. You may provide your name if you wish, so that we can address you specifically.

We process data within the scope of steps taken prior to entering into a contract if your request is of a nature requiring such processing (legal basis: point b of Article 6(1) sentence 1 GDPR). Furthermore, we have a legitimate interest in responding to requests addressed to or pertaining to us and our services and in processing data accordingly to this end (legal basis: point f of Article 6(1) sentence 1 GDPR).

We delete the data arising in this context once its storage is no longer required. This will generally take place after one year if no more communication takes place on the basis of the request and provided that no further processing arises as a result of the request (e.g. a subsequent contractual relationship) that requires another storage period (see above).