Privacy policy

Last updated: 01.07.2021

[The content of this page has been machine translated from German]

The protection of your personal data ("data") is important to us. With this privacy policy we inform you about what happens with your personal data,

when you visit this website (hereinafter referred to as section A),

if you are interested in renting our apartments (hereinafter under Section B),

if you have rented an apartment (below under section C)

or if you apply to live with us (below under section D).

In addition, we have summarized the information that governs our handling of your personal information,

when you use one of our social_media channels (below under Section E).

Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person. This includes information such as civil name, address, telephone number and date of birth. Processing of your data means any use by us, such as the use, storage, deletion or disclosure of this data.

Our privacy policy is based on the General Data Protection Regulation ("DSGVO") and the Federal Data Protection Act ("BDSG"). The technical terms we use coincide in content with the GDPR definitions of these terms.

We refer in particular to the definitions of terms in Art. 4 GDPR.

Section A

Privacy policy

for the use of the website

As the operator of this website, we take the protection of your personal data extremely seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations. When you use our website, various personal data is collected. How, for what purposes and on what basis this is done is explained in the following data protection information.

 

1. General information

 

1.1 The responsible party for data processing within the meaning of Art. 4 No. 7 GDPR is:

Adler Immobilien Management GmbH
George-Stephenson-Str. 17
10557 Berlin

Telephone: +49 30 403 907 900
E-mail: info@adler-group.com

Where processing operations involve joint responsibility (Art. 26 (1) GDPR), for example, a note can be found in the relevant subsection.

 

1.2 Data Protection Officer

You can reach the Adler Group's data protection team at: datenschutz@adler-group.com.

You can reach the data protection officer of Adler Immobilien Management GmbH at: dsb-adler-immobilien@intersoft-consulting.de.

 

1.3 Your rights

Data subjects have the following rights:

- To request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;

- in accordance with Art. 16 GDPR, to demand the correction of incorrect data or the completion of your data stored by us without delay;

- in accordance with Art. 17 GDPR, to request the deletion of your data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;

- in accordance with Art. 18 GDPR, to request the restriction of the processing of your data, insofar as the accuracy of the data is disputed by you or the processing is unlawful;

- pursuant to Art. 20 GDPR, to receive your data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller ("data portability");

- complain to a data protection supervisory authority about the processing of your personal data in our company in accordance with Art. 77 GDPR. The competent supervisory authority is, for example, the data protection commissioner of the federal state in which (a) our company has its registered office or (b) you have your place of residence. A list of data protection commissioners can be found on the website of the Federal Commissioner for Data Protection (www.bfdi.bund.de).

 

1.4 Right of objection

According to Art. 21 (1) GDPR, data subjects may object at any time to data processing that we carry out on the basis of Art. 6 (1) p.1 lit. e) (public interest) and f) GDPR (legitimate interest) for reasons arising from their particular situation. In particular, data subjects may object to the use of their data for direct marketing purposes at any time with effect for the future. Unless it is an objection to direct advertising, when exercising such an objection, we ask you to explain the reasons why we should not process your data as we have done. In the event of your justified objection, we will examine the merits of the case and either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.

 

1.5 Right of withdrawal

Pursuant to Art. 7 (3) GDPR, data subjects may revoke consent given to us at any time and without giving reasons. However, the revocation does not affect the lawfulness of the processing carried out until the revocation.

 

1.6 Exercising your rights under the GDPR

If you wish to exercise your right to information, rectification, erasure, restriction, transfer, complaint, revocation and/or objection, please contact us.

By email:

datenschutz@adler-group.com

or by post:

Adler Immobilien Management GmbH
Data protection
George-Stephenson-Str. 17
10557 Berlin

 

1.7 Automated decision-making / profiling

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

 

2. data security on our website

In accordance with Art. 32 of the GDPR, we use appropriate technical and organisational security measures to protect data against manipulation, unauthorised processing and accidental loss of any kind. In particular, our site is SSL / TLS encrypted at all levels. You can recognise an encrypted connection by the fact that the lock symbol is displayed in the address bar of the browser. This is a typical sign of an encrypted connection. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. However, we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps and that complete protection of data against access by third parties is not possible.

As far as possible, Javascript applications and fonts are hosted and implemented by us on the server. In addition, we use data protection-friendly standard settings and overall data protection-friendly software. We keep ourselves technically up-to-date and improve our services at regular intervals in order to continue to maintain the security of data in our services.

Some sections of our websites contain links to third-party websites. These websites are governed by their own privacy policies. We are not responsible for their operation, including their data handling practices. If you send information to or through such third-party sites, you should review their privacy statements before sending them any information that could be personally identifiable.

 

3. data collection on our website

 

3.1 No obligation to provide data

In principle, you are not obliged to provide us with your data. However, for certain areas of the website, you are required to provide data, as otherwise your enquiry to us cannot be answered or we cannot enter into a contract or pre-contractual agreements. Data that is mandatory is marked with an *, all other data is voluntary.

 

3.2 Collection and processing of anonymous and pseudonymous data in log files

This type of data is used for the technical provision of our online services. In principle, you can visit our website without having to provide any personal information. When you visit our website, we automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are:

IP address
Browser type / browser version, e.g. Mozilla / 5.0
Time and date of access
Operating system used
Referrer URL
Host name of the accessing terminal
This information is of a general nature and is not used to draw conclusions about the person visiting the website. This data is not merged with data from other sources. The IP address is changed immediately by deleting the last three digits. This makes it almost impossible to identify the connection used.

The processing of this data takes place

in order to ensure the functionality of the website (in particular connection establishment). Without this data, it would not be technically possible to deliver and display the contents of the website. In addition, we use the data to optimise the website, to protect against misuse and to ensure the security and stability of our systems. This is also our legitimate interest. The legal basis for this processing is therefore Art. 6 Para. 1 S.1 lit. f) GDPR, and / or
to ensure the initiation or execution of a contract. If the visit to this website occurs in connection with a contract concluded or to be concluded between the data subject and the operator of this website, the processing is based on Art. 6 para. 1 p.1 lit. b) GDPR.
Recipients of this data are hosting providers.

All visitors to our website are affected by these processing operations.

The data is deleted or anonymised as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the processing of data to provide the website, this is the case when the respective session has ended. If the data is stored in log files, it will be deleted after 24 hours at the latest.

 

3.3 Recipients of data

Under certain circumstances, it may be appropriate to pass on data to e.g. an order processor in order to ensure a smooth process. In the relevant section for individual processing operations, you will find information on which recipients receive data. We only use carefully selected and commissioned service providers.

If data is passed on within the scope of a commissioned processing, this passing on takes place on the basis of a commissioned processing contract within the meaning of Art. 28 GDPR. Such a contract defines how data of affected persons is to be handled and guarantees protection for them.

 

3.4 Storage period

We delete your data when they are no longer required for the purpose for which they were processed (e.g. the performance of contracts) and there are no longer any legal obligations to retain them or legal grounds for justification. The retention periods regulated in the German Commercial Code (HGB) and the German Fiscal Code (AO) are six to ten years. In addition, the statutory limitation periods also influence the storage period. According to §§ 195 ff. of the German Civil Code (BGB), the regular statute of limitations is three years, but in certain cases the statute of limitations can be thirty years. Additional information on the storage period can be found in the respective subsection.

 

3.5 Cookies

We use cookies within our online offer. In this context, we would like to point out that cookies can also originate from third parties and / or be loaded from third-party servers, even though you are only visiting our website. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small files that are stored on the devices used to use the online offers (computers, mobile phones, tablets, TV sets or similar). These files store information related to the use of the online services and the device used to use them. There are "permanent cookies" that store data for a defined period of time beyond the visit to the online offer. "Non-permanent cookies" or so-called "session cookies" are deleted directly after the end of the visit to the online offer. Cookies can also be used to store various preferences of the user for marketing purposes, whereby such use with our online offers only takes place with the consent of the user. More on this in the section on technically unnecessary cookies.

Cookies enable us to recognise your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

a) Technically necessary cookies

NameProvider Intended useExpiry
PHPSessIDAdler GroupSaves the user's current session.End of session
omCookieConsentAdler GroupStores the user's cookie settings.1 year
fe_typo_userAdler GroupThis cookie is set by the CMS (Content Management System) TYPO3 for the unmistakable identification of a user. It provides the user with better user guidance, e.g. saving search settings or form data. Typically, this cookie is deleted when the browser is closed.End of session

We do not use the user data processed by technically necessary cookies for advertising purposes or user profiles without the consent of the person concerned. These cookies are used exclusively to provide our websites with their technical functions. Some functions of our websites cannot be offered without the use of cookies. For this purpose, it is necessary that the browser is recognised when you visit our online offer again. A cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. We use this circumstance to identify the user across all calls. This function also justifies our legitimate interest.

The legal basis for the processing of data using technically necessary cookies is Art. 6 para. 1 sentence 1 lit. f) GDPR and is justified by the interests mentioned. If you visit our online offers in order to obtain specific information about our products or to make a purchase, these are (pre-)contractual measures within the meaning of Article 6 (1) sentence 1 lit. b) GDPR.

Until cookies are switched off via our website or in the settings of the browser used, all visitors to our online offers are affected by this processing.

Users can delete cookies themselves at any time via their browser. The validity of cookies is defined separately in our cookie banner and in the table above.

If you do not wish to have cookies on your devices, we ask you to switch off the storage of cookies in the settings of your browser and to block the use of cookies. The most common browsers also offer the option of deleting already stored cookies and data from websites. If you decide not to accept cookies, please note that this may impair the functions of our online services.

 

We use the following analysis tools:

It is possible that when using the tools of Google LLC (or Google Ireland Ldt.), a transfer of the personal data named in the above table to the U.S.A. takes place. We would like to point out that this transfer is associated with dangers and risks for the protection of personal data. A level of data protection equivalent to the GDPR does not exist.

Google LLC (or Google Ireland Ldt.) uses EU standard data protection clauses to protect personal data, which assures the protection of the personal data processed. Nevertheless, we would like to point out that there is no adequacy decision for transfers of personal data to the U.S.. In particular, based on your consent, there is a possibility that U.S. investigative authorities may have broad access to your personal data. You will not be able to object to processing or access of your data in the U.S.. We ask that you take this into account when consenting to the use of the tool.

 

3.6 Google Tools

If you have given your consent, we use various services of Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043 or, if you have your habitual residence in the European Union (EU), the European Economic Area (EEA) or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") on our websites.

3.6.1 Google Analytics

These services use cookies and pursue the purpose of supporting the operator of this website in analysing visitor flows and visitor behaviour, such as peak visit times or test procedures of different versions.

The information generated by the cookie about your use of our websites is usually transmitted to a Google server in the USA and stored there.

IP anonymisation (extension "_anonymizeIp()") has been activated on our websites. If IP addresses are forwarded to Google, they will be shortened beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases completely transferred to Google servers in the USA and only shortened on site.

Google will use the information on the basis of the cookies on our websites for the purpose of evaluating your use of the websites, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

We also use the "demographic characteristics" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described below.

We process your data for statistical analysis of the use of our websites on the basis of Art. 6 para. 1 p.1 lit. a) GDPR.

You can prevent the storage of these cookies by making the appropriate setting in your browser software or a setting in our cookie banner.

You can prevent the collection of the data generated by the cookie and related to your use of our websites (incl. your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout.

As an alternative to the browser plugin, you can click this link to prevent the collection of data by e.g. Google Analytics on our website in the future. This will place an opt-out cookie on your terminal device. Please note that you must activate the opt-out cookie in each browser you use on all of your end devices and also reactivate it if necessary once you delete all cookies in a browser. You can deselect each individual cookie in the table above. Finally, you can also revoke your consent to the use of Google Analytics at any time via our cookie management tool.

You can find more information on the terms of use and data protection of Google Analytics at https://www.google.com/analytics/terms/ or at https://policies.google.com/.

3.6.2 Google Tag Manager

On our websites, we use the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The Google Tag Manager is a solution with which marketers can manage website markers/labels, so-called tags, via an interface. The Google Tag Manager service itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The Google Tag Manager service triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. For more information, please visit marketingplatform.google.com

3.6.3 Google Maps

This site uses the map service Google Maps from Google via an interface (API). To use the functions of Google Maps, it is necessary to save your IP address. We have implemented the so-called Shariff procedure for your protection. This means that Google Maps must first be activated by the user by clicking on it before the data is transmitted to Google. If you activate Google Maps and thus consent to data processing by Google (Art. 6 para. 1 p. 1 lit. a GDPR), this information is usually transmitted to a Google server in the USA and stored there. We would like to point out in particular that the data transfer described above takes place regardless of whether you have an account with Google and that if you have such an account and are logged in, your data collected by us can be directly assigned to your Google account. We have no influence on this data transmission. More information on the handling of user data can be found in Google's privacy policy: https://policies.google.com/privacy.

 

3.7. jQuery

We use the JavaScript library jQuery to operate our online offer. This library is hosted on our servers. There is only one data transfer between your end device and our servers.


3.8. Web analysis using Matoma (formerly Piwik) 

Scope of processing of personal data
We use the software "Matomo" (www.matomo.org) on this website, a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. The software sets a cookie (a text file) on your research, with which your browser can be recognised. If sub-pages of our website are called up, the following data is stored:

  • the user's IP address, shortened by the last two bytes (anonymised)
  • the sub-page called up and the time of the call-up
  • the page from which the user accessed our website (referrer)
  • which browser with which plugins, which operating system and which screen resolution is used
  • the time spent on the website
  • the pages visited from the sub-page accessed

The data collected with Matomo is stored on our own servers. It is not passed on to third parties. 

Legal basis
The legal basis on which we process personal data using Matomo is Art. 6 para. 1 lit. f of the DSGVO. 

Purpose of data processing
We need the data to analyse the surfing behaviour of users and to obtain information on the use of the individual components of the website. This enables us to continuously optimise the website and its user-friendliness. These purposes constitute our legitimate interest according to Art. 6 Para. 1 lit. f DSGVO. By anonymising the IP address, we take into account the interest of users in the protection of personal data. The data is never used to personally identify the user of the website and is never merged with other data. 

Duration of storage
The data is deleted when it is no longer needed for our purposes.

Possibility to object
You can object to the recording of data in the manner described above in three different ways:

  1. you can completely prevent the storage of cookies in your browser. However, this may mean that you can no longer use some of the functions on our website that require identification (personal settings, etc.).
  2. You can activate the "Do-not-track" setting in your browser. Our Matoma system is configured in such a way that it respects this setting.
  3. you can create a so-called opt-out cookie here, which is valid for two years. The result is that Matomo will not register your further visits. Please note, however, that the opt-out cookie is deleted when you delete all cookies.

 

3.9. Other services

It may happen that third-party content, such as videos from YouTube, RSS feeds or graphics from other websites, is integrated within this website. This always requires that the providers of this content (hereinafter referred to as "third-party providers") are aware of your IP address. Without the IP address, they could not send the content to the browser of the respective user. The IP address is therefore necessary for the presentation of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we will inform you of this.

When integrating these services, we ensure that we make recommended data protection settings and that data processing by the service provider only begins when you actively click on the video or use the maps. If you are logged in to YouTube at this time, the information about the videos you have viewed will be assigned to your member account with YouTube. You can prevent this by logging out of your member account before visiting our website.

The legal basis for this data processing is your consent, Art. 6 para. 1 p. 1 lit. a GDPR.

Our website and newsletter may contain links to and from third-party websites. If you follow a link to one of these websites, please note that these websites have their own privacy policies and that we do not assume any responsibility or liability for these privacy policies or the compliance with data protection regulations by such third parties, unless required by law.

 

3.10. E-mail and contact form

If you send us enquiries by e-mail or via the contact form on our website, the information you provide, including your contact details, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions on the basis of your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke your consent at any time, e.g. by sending an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation. The data remains with us until you request us to delete it, revoke your consent or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

 

4. data transfer to third countries

If we share your personal data in accordance with this privacy policy, this may include the transfer of your personal data to countries outside the European Economic Area (EEA). If we transfer your personal data to countries outside the European Economic Area, we will always ensure that an adequate level of protection is in place there by ensuring, where required by law, that at least one of the following appropriate safeguards is in place:

  • Transfer of personal data to countries that the European Commission considers to provide an adequate level of protection for personal data (so-called "adequacy decision");
  • Use of specific contracts approved by the European Commission which ensure the same level of protection for personal data as is afforded in the EEA; or
  • Transferring personal data to an entity that has implemented binding, internal data protection rules that are equivalent to the EU level of protection for personal data.

You may be legally entitled to request a copy of the relevant safeguards. Please feel free to contact us as described in the "Contact Us" section.

 

Section B

Privacy policy

for prospective tenants

We are pleased that you are interested in renting one of our flats. The protection of your personal data is important to us. We are therefore pleased to provide you with some information below on the processing of your personal data in connection with the process of renting a flat.

 

1. general information

 

1.1 The data controller within the meaning of Art. 4 No. 7 GDPR is:

Adler Immobilien Management GmbH
George-Stephenson-Str. 17
10557 Berlin

Telephone: +49 30 403 907 900
E-mail: info@adler-group.com

The contact details of our data protection officer can be found above in Part A under section 1.2.

Information on your rights can be found above in Part A under point 1.3. Automated decision-making / profiling, including profiling in the sense of Art. 22 GDPR, does not take place.

 

2. Type of personal data, purposes and legal basis for processing

We collect and process your personal data as part of the processing of the management of prospective tenants. The purpose pursued by us is primarily the implementation of pre-contractual measures in the context of initiating a tenancy agreement with the landlord (Art. 6 para. 1 p. 1 lit. b GDPR). For this purpose, we process personal data such as surname, first name, address, telephone number, e-mail address, date of birth, special needs of the prospective tenant such as accessibility, information on income, information on creditworthiness, if applicable information from the certificate of eligibility for housing and data on any outstanding debts in the interest of the landlord.

In the event that you have given your consent, Art. 6 para. 1 p. 1 lit. a GDPR serves as the legal basis for the processing of personal data. This is the case when sending e-mail newsletters, flat offers and when arranging viewing appointments. In this case, you can revoke your consent at any time. However, the revocation of consent does not affect the lawfulness of the data processing carried out until the revocation.

In addition, the processing of personal data may be based on Art. 6 (1) p. 1 lit. f GDPR if the data processing goes beyond the fulfilment of pre-contractual measures. In this case, our legitimate interest, which is outweighed in the context of a balancing of interests, is, for example, the performance of brokerage services, the determination of creditworthiness and default risks and defence in the context of legal disputes. You can object to this data processing at any time in accordance with Article 21 of the GDPR.

Furthermore, as a company we are subject to various legal obligations. In order to fulfil these legal obligations, it may be necessary to process personal data in accordance with Art. 6 (1) sentence 1 lit. c GDPR. These are, for example, age and identity checks, prevention and defence against criminal offences, prevention of money laundering and terrorist financing as well as the performance of background checks and screening activities in accordance with the AMLA.

 

3. provision of personal data

We usually receive your data from you yourself, for example when you contact us to arrange an appointment to view a property. In the course of initiating a contract, personal data must be provided which is necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations or which we or the landlord are legally obliged to collect. Without this data, it is not possible for us or the landlord to conclude a contract with you or to carry it out.

On the other hand, we also receive personal data from the following agencies:

Credit agencies: Schufa, Creditreform.
Publicly accessible sources: Commercial or association registers, debtors' registers, land registers.
LexisNexis database (https://www.lexisnexis.com/global/privacy/de/article-14-bis.page)
Other group companies

 

4. recipients to whom personal data is transmitted

Upon receipt, your personal data will be viewed by our staff responsible for managing prospective tenants. The data of suitable prospective tenants will then be forwarded internally to the decision-makers responsible for the respective advertised flat. Then the further procedure is coordinated. As a matter of principle, only those persons in our company have access to your data who need it for the proper course of our letting process.

Other recipients of your data outside our company may include affiliated companies of Adler Immobilien Management GmbH, brokerage service providers, IT service providers, service providers for document destruction, law firms, service providers for telephone support, SCHUFA Holding AG and other credit agencies. We would like to point out that we transmit data on the non-contractual settlement of due claims from contractual relationships to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, insofar as the person concerned has not disputed the claim, the aforementioned claim is not settled and the transmission of the data is necessary to protect our legitimate interests or those of a third party.

We also use the services of a specialised software provider to manage the data of our prospective tenants. This provider acts as a service provider for us and may also become aware of your personal data in connection with the maintenance and servicing of the systems.

We have concluded order processing agreements with the service providers who act as processors for us, which ensure that the processors handle your data in a data protection-compliant manner.

We have obliged service providers who do not qualify as processors to maintain confidentiality.

 

5. SCHUFA information

For the purpose of checking the creditworthiness of the prospective tenant after narrowing down the number of persons, we transmit personal data collected on the application for a tenancy agreement as well as data on non-contractual or fraudulent behaviour to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden (SCHUFA) prior to the conclusion of the tenancy agreement. On the basis of the transmitted data, including address data, SCHUFA calculates the statistical probability of a credit default and thus your solvency.  Our transmission is based on the legal grounds of Art. 6 para. 1 p. 1 lit. b and Art. 6 para. 1 p. 1 lit. f of the GDPR. Our legitimate interest according to Art. 6 Para. 1 S. 1 lit. f of the GDPR, which is outweighed by our interests, as well as the legitimate interest of the landlord, lies in the possibility of assessing the creditworthiness of the prospective tenant and in the proper implementation of the selection procedure.

SCHUFA processes data on the basis of mathematical-statistical procedures and also uses them for the purpose of profiling (scoring) in order to provide its contractual partners in the European Economic Area and in Switzerland and, if applicable, other third countries (insofar as an adequacy decision of the European Commission exists in respect of these) with information, among other things, for assessing the creditworthiness of natural persons. Further information on SCHUFA's activities can be found at https://www.schufa.de/de/ueber-uns/daten-scoring.

 

6. storage period

If no rental contract is concluded with you, the data provided by you will be deleted after 6 months at the latest, unless other legal retention periods apply. Storage beyond this period is possible with your express consent.

In addition, please note that statutes of limitation according to § 197 of the German Civil Code (BGB) can be up to 30 years, e.g. in the case of the existence of a legal title. The regular limitation period is otherwise three years according to § 195 of the German Civil Code (BGB).

 

Section C

Privacy policy

for tenants

We are pleased to welcome you as a tenant. The protection of your personal data is important to us. We are therefore pleased to provide you with some information below on the processing of your personal data in connection with the handling of your tenancy agreement:

 

1. general information

 

1.1 The responsible party for data processing within the meaning of Art. 4 No. 7 GDPR is:

Adler Immobilien Management GmbH
George-Stephenson-Str. 17
10557 Berlin

Telephone: +49 30 403 907 900
E-mail: info@adler-group.com

and the respective letting company. You will find the name and contact details of your landlord in your rental agreement.

The name and contact details of our data protection officer can be found above in Part A under section 1.2.

Information on your rights can be found above in Part A under point 1.3. Automated decision-making / profiling, including profiling within the meaning of Article 22 of the GDPR, does not take place.

 

2. Type of personal data, purposes and legal basis for processing

We collect and process your personal data as part of the processing of the rental agreement. The purposes pursued by us are primarily the fulfilment of contractual obligations pursuant to Art. 6 para. 1 p. 1 lit. b GDPR as well as the proper processing of the tenancy. For this purpose, we process personal data such as surname, first name, date of birth, telephone number, e-mail address, postal address at the time of conclusion of the tenancy agreement, contract master data, special needs of the tenant such as accessibility, data on payments as well as any outstanding debts, data on income, details from the certificate of eligibility for housing, if applicable, account data, correspondence during the tenancy, consumption data for heating and hot water as well as data on the persons living in the household. Insofar as you are not our tenant yourself, but live in the same household as the tenant, we process your data in accordance with Art. 6 (1) sentence 1 lit. f of the GDPR on the basis of our legitimate interest in being able to identify the residents of our properties.

In the event that you have given your consent, Art. 6 (1) p. 1 lit. a GDPR serves as the legal basis for the processing of personal data. This is the case, for example, when communication data is passed on to external service providers to arrange appointments in the context of defect rectification, renovations and refurbishments. In this case, you can revoke your consent at any time. However, the revocation of consent does not affect the lawfulness of the data processing that took place until the revocation.

In addition, we process your personal data on the basis of Art. 6 para. 1 p. 1 lit. c GDPR, insofar as the processing is necessary for the fulfilment of a legal obligation to which we are subject as a responsible body. This is the case, among other things, for the implementation of measures for the maintenance of the rental properties, for control and reporting obligations, for creditworthiness, age and identity checks, for the prevention of criminal acts and for drinking water testing.

In addition, personal data may be processed on the basis of Art. 6 (1) p. 1 lit. f GDPR if this goes beyond the actual performance of the rental agreement. In this case, our legitimate interest, which is outweighed in the context of a balancing of interests, consists, for example, in the assertion of legal claims, the defence in the context of legal disputes, measures for repair and maintenance, obligations in the supply of cable television as well as in the implementation of measures for building and system security. To this end, we may process data such as tenant behaviour when using the flat, for example, about breaches of contract and behaviour that may lead to damage.

Furthermore, we may receive information about you from other tenants, for example in connection with complaints. In such a case, depending on the facts of the case and the assessment of the communication, we may request your statement and thus collect further information.

In addition, surveillance cameras may be installed in the lifts of the rented properties for the purpose of protecting the rented property and the tenants. More detailed information on this can be found on the respective notice board on site. 

 

3. provision of personal data

Within the framework of the rental agreement, those personal data must be provided which are necessary for the implementation of the business relationship and the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, it is not possible for us to carry out a contractual relationship with you.

 

4. recipients to whom personal data is transferred

In our company, only those persons have access to your data who need this for the proper course of our letting process and the subsequent handling of the tenancy.

Recipients of your data outside our company may include, among others, affiliated companies of Adler Immobilien Management GmbH, IT service providers, brokerage service providers, heating service providers, credit institutions, law firms, auditors, debt collection companies, external craft businesses, accounting companies, printing service providers, SCHUFA Holding AG, other credit agencies, service providers for the destruction of files, service providers for telephone support, service providers for marketing and sales, prospective buyers, buyers as well as public bodies. Public authorities are, for example, tax authorities, social security institutions, job centres, district offices and housing offices.

In addition, tenants who wish to inspect the statement of operating costs can obtain your name and contact details in accordance with Section 259 (1) of the German Civil Code (BGB).

We also use the services of a specialised software provider for tenant management. This company acts as a service provider for us and may also obtain knowledge of your personal data in connection with the maintenance and servicing of the systems.

We have concluded order processing agreements with the service providers who act as processors for us, which ensure that the processors handle your data in a data protection-compliant manner.

Service providers who do not qualify as processors have been obliged to maintain confidentiality.

 

5. storage period

When a tenancy agreement is concluded with you, the transmitted data is stored for the purpose of implementing the tenancy relationship in compliance with the statutory provisions. Upon termination of the tenancy, the data will be deleted after three years. If legal retention periods prevent deletion, your personal data will be restricted in processing.

It should also be noted that limitation periods under the German Civil Code (BGB) can be up to 30 years in accordance with § 197 BGB. The regular limitation period is otherwise three years pursuant to § 195 BGB.

Section D

Privacy policy

for applicants

We attach great importance to data protection and thus also to the protection of your personal data that we process as part of the application procedure.  We need your data to check your suitability for the advertised position and to be able to carry out the application procedure. Without your data, we can neither conduct a proper application procedure nor conclude an employment contract with you.

 

1. general information

 

1.1 The office responsible for processing the data of applicants is:

Adler Immobilien Management GmbH
George-Stephenson-Str. 17
10557 Berlin

Telephone: +49 30 403 907 900
E-mail: info@adler-group.com

The contact details of our data protection officer can be found above in Part A under section 1.2.

Your rights can be found above in Part A under section 1.3. Automated decisions in individual cases, including profiling as defined by Article 22 of the GDPR, do not take place.

 

2. Categories and sources of data, data collection

As a rule, we receive your personal data directly from you by sending us your application documents by e-mail. The personal data are in particular:

personal details, e.g. surname, first name, date of birth, gender, marital status if applicable, nationality, address, e-mail address, telephone number;
professional qualifications and any other personal data contained in your CV, such as information about your professional and work history, education, language skills, work permit, if applicable, as well as the cover letter and any testimonials, references, certificates and other supporting documents sent.
We may use the services of personnel service providers to fill selected positions. They provide us with the personal data that you have made available to the respective personnel service provider. In cases where we receive unsolicited profiles of potential candidates from personnel service providers, these profiles are usually anonymised, which makes it impossible to establish a personal reference.

We hire temporary workers for individual projects. For the application and recruitment process, we use external personnel service providers who send us profiles of potential candidates. These may contain your personal data unless they are anonymised. After the application process, a contract is concluded with the suitable candidate, either directly with us or with the staffing service provider.

If you claim your travel expenses from us, we will reimburse your travel costs based on the most cost-effective public transport fare. To do this, we need to process your personal data such as email address, address, name and bank details.

As soon as we make an offer of employment to you, we process your personal data in order to draw up your employment contract. For this purpose, we process all data relevant to the contract, such as name, address, title (if applicable), start of contract, end of contract, place of work, salary, bank data, national insurance number and health insurance fund. In this context, we also process special categories of personal data such as your religious denomination and, if applicable, data on criminal convictions by requesting your police clearance certificate.

 

3. purposes of the data processing

We process your data in order to check your suitability for the position (or other open positions in our company, if applicable) and to carry out the application procedure. The data processing includes the examination of the application documents, the execution of video/telephone interviews and job interviews, the decision on an acceptance or rejection.

Furthermore, in the event of an acceptance, we process your personal data for the preparation and conclusion of your employment contract.

In addition, we may process your data for travel expense accounting purposes, as described above.

 

4. Legal basis for data processing

 

4.1 Implementation of the application procedure

The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. b DSGVO, because the processing is necessary to carry out the application procedure and thus to initiate a contract.

For the processing of special categories of personal data, such as religious denomination or data on criminal convictions and offences, Section 26 (3) sentence 1 BDSG in conjunction with Article 9 (2) b GDPR serves as the legal basis.

 

4.2 Data processing based on our legitimate interest and your consent

Should the data be required for legal prosecution after completion of the application process, data processing may be carried out on the basis of the requirements of Art. 6 para. 1 p. 1 lit. f GDPR. In this case, our legitimate interest, which is outweighed by our interests, is the assertion or defence of claims. If you have consented to further storage of your personal data (e.g. in our applicant pool), this will be done on the basis of your consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR.

 

5. passing on your data

After receipt of your application, your applicant data will be viewed by the personnel department. Suitable applications are then forwarded internally to the department heads of the respective Adler Group companies. In our company as well as in the entire Adler Group, only those persons have access to your data who require it for the proper conduct of the application process.

Other recipients of your data outside the Adler Group may include IT service providers or document destruction service providers. We have concluded order processing agreements with the service providers who act as order processors for us, which ensure that the order processors handle your data in a data protection-compliant manner. We have obliged the service providers who do not qualify as processors to maintain confidentiality.

 

6. storage period

Data of applicants will be deleted after six months at the latest in the event of rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years. If you have been accepted for employment during the application process, the data from the applicant data system will be transferred to our personnel administration system and processed for the purpose of implementing the employment relationship.

Section E

Privacy policy

for the use of our offers in social networks

Social media have become an integral part of the internet and modern communication. In order to stay in contact with our customers and interested parties, we have set up company pages on various social networks. In addition, we would like to draw attention to services and offers of the Adler Group. For more information about us, our activities and the company, please visit our website at https://www.adler-group.com.

 

General information on data processing

 

Legal basis for the processing of personal data

Insofar as we or the social network obtain the consent of the data subjects for the processing operations of personal data, Art. 6 (1) lit. a) GDPR serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. If the processing is necessary to protect a legitimate interest and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) (f) GDPR serves as the legal basis for the processing.

 

Data deletion and storage period

We delete the personal data of the data subject or restrict processing as soon as the purpose of storage ceases to apply. The social networks are also subject to this legal obligation. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.

 

LinkedIn

If you visit our LinkedIn company page, we are jointly responsible with LinkedIn for the processing of your personal data. Below we inform you about the related data processing on our company page, of which LinkedIn's terms of use remain unaffected.

 

Responsibility

We, Adler Immobilien Management GmbH, are responsible for the processing of your personal data.

Adler Real Estate Management GmbH
George-Stephenson-Str. 17
10557 Berlin

Telephone: +49 30 403 907 900
E-mail: info@adler-group.com

(Adler Group or "we") and

LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland

Contact form: https://www.linkedin.com/help/linkedin/solve 

hereinafter "LinkedIn" jointly responsible.

 

The LinkedIn page of the Adler Group

Processing of personal data by us
We operate our LinkedIn page to inform and communicate with you as a user of and interested in our services or as a potential employee/applicant/investor. In accordance with the LinkedIn Terms of Use, which each user has agreed to as part of creating a LinkedIn profile, we may identify subscribers to the page and view their profiles and other information shared by them. For example, your LinkedIn name and their profile picture are visible to us (and other LinkedIn users) when you visit our site or comment on posts by us. We therefore only collect the personal data that has become an obvious part of the Adler's LinkedIn page through corresponding participation on your part. We have no interest in collecting and further processing your individual personal data for marketing purposes. Accordingly, we use the data at most to adapt and improve our offer.

 

Processing of personal data by LinkedIn

Although we do not use your data for marketing purposes, we are aware that LinkedIn uses users' data for the following purposes, among others: Advertising (analysis, creation of personalised advertising), creation of user profiles and market research. 

LinkedIn uses cookies, i.e. small text files that are stored on the various end devices of the users, to store and further process this information. According to LinkedIn, the cookies used by LinkedIn are used for authentication, security, preferences, functions and services, personalised advertising, and analysis and research. Details of the cookies used by LinkedIn can be viewed here: de.linkedin.com/legal/cookie-policy

LinkedIn's privacy policy contains further information on data processing.

 

Statistical data that can be viewed by us ("Insight Tag")

Via the so-called "Insight-Tag" of the LinkedIn page, statistical data of different categories can be accessed by us. These statistics are generated and provided by LinkedIn without us having any influence on the collection, presentation and storage of the data. We use this data to make our posts and activities on our LinkedIn page more attractive and interesting for you as a user. The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor's browser and enables the following data to be collected for this cookie: metadata such as IP address, timestamp and page events (e.g. page views). We receive the data on the users of our LinkedIn company page in anonymised form. It is therefore not possible for us to draw any conclusions about your person.

 

Legal basis for the operation of our LinkedIn company page

The operation of this LinkedIn page, including the processing of the users' personal data, is based on Art. 6 (1) f) GDPR for the implementation of our legitimate interests in an information and interaction opportunity via LinkedIn for and with our users and visitors. Further legal bases for data processing may arise in individual cases from Art. 6 para. 1 lit. a), b), c) GDPR. The legal bases relied upon by LinkedIn can be found in LinkedIn's "Data Policy".

 

Storage period of personal data

We delete personal data as soon as the purpose of the data processing has been achieved and there are no other legal reasons against deleting the data.

We generally delete private messages in our LinkedIn account manually after 6 months.

 

Your rights

Provided that the conditions specified in the law are met, you have the right against LinkedIn and us to information, correction, deletion, restriction of processing, objection to processing, to data portability, to complain to the competent supervisory authority and revocation with effect for the future, provided that consent has been given.
 

In accordance with Article 21 of the GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.

If personal data are processed for the purpose of direct marketing, you also have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

To exercise your rights, contact LinkedIn or us at datenschutz@adler-group.com.

Changes


We reserve the right to amend this data protection declaration at any time on the basis of legitimate interests, in particular in the event of changes to the legal situation. Any changes will be announced by publishing the amended data protection declaration on our websites. Unless otherwise specified, such changes will take effect immediately. Please therefore check this data protection declaration regularly to see the latest version.