privacy policy

We are delighted that you are visiting our website www.rheinwert.com and are interested in our company.

We attach a great deal of importance to protecting your personal data, such as your date of birth, name, phone number, address, etc.
The purpose of this privacy policy is to inform you of how your personal data that we collect from you when you visit our website is processed. Our data protection practices comply with the legal regulations set out in the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The following privacy policy serves to fulfil the duties to provide information arising from the GDPR. These can be found in the likes of Arts. 13 and 14 et seq. of the GDPR.
 

Controller

The controller according to Art. 4 (7) of the GDPR is the party that, alone or jointly with others, determines the purposes and means of personal data processing.
With regard to our website, the controller is:

Rheinwert Immobilien GmbH
Steinstraße 16-18
40212 Düsseldorf
Deutschland
Email: info@rheinwert.com
Tel.: +49 (0) 211 176007 0
Fax: +49 (0) 211 176007 49

 

Providing the website and creating log files

Each time our website is accessed, our system automatically records data and information from the accessing device (e.g. computer, mobile phone, tablet, etc.).
 

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and the version used;
(2) The accessing device’s operating system;
(3) The host name of the accessing computer;
(4) The accessing device’s IP address;
(5) The date and time of access;
(6) Websites and resources (images, files, other page contents) that were accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Message confirming whether access was successful;
(9) The amount of data transmitted
This data is stored in our system’s log files. This data is not stored together with personal data belonging to a specific user, so individual site visitors are not identified.

This data is stored in our system’s log files. This data is not stored together with personal data belonging to a specific user, so individual site visitors are not identified.

 

Legal basis for personal data processing

Art. 6 (1) f of the GDPR (legitimate interest). Our legitimate interest is to guarantee achievement of the purpose outlined below.

 

Purpose of data processing

Temporary (automated) data storage is necessary for a visit to a website to proceed to enable delivery of the website. Personal data is also stored and processed to maintain our website’s compatibility for all visitors where possible and to combat misuse and eliminate faults. To this end, it is necessary to log the accessing computer’s technical data, so that we can respond to display errors, attacks on our IT systems and/or functionality errors on our website as early as possible. Additionally, we also use the data to optimise the website and to ensure the general security of our IT systems.
 

Duration of storage

The above technical data is deleted as soon as it is no longer needed to guarantee the website’s compatibility for all visitors, but at the latest within three months of our website being accessed.
 

Opportunity for objection and erasure/h6>
You may object to processing at any time according to Art. 21 of the GDPR and request that your data be erased according to Art. 17 of the GDPR. You will find the rights that you are entitled to and information on how to assert them at the bottom of this privacy policy.

 

Automated credit check / scoring

If you would like to conclude a contract with us, we reserve the right to perform exclusively automated processing of your personal data to check your creditworthiness. We are also entitled to make an automated decision such as this according to Art. 22 (2) a of the GDPR. Whether the contract can be concluded or not depends on the result of the automated credit check. Statistical probabilities of default are calculated during a credit check. The credit report may include probability values (score values), which are calculated based on scientifically recognised mathematical / statistical methods. Conclusions are thereby drawn as to the customer’s future risk of payment default using a wide range of features, such as income, address data, occupation, marital status and previous payment history. The result is expressed in the form of a payment value (‘score’). The information obtained in this way forms the basis of our decision on whether to establish, execute or terminate a contractual relationship. If you believe that you have been wrongfully excluded from concluding a contract due to the credit check, you are welcome to send us an email explaining your point of view. We will then review the automated decision according to Art. 22 (3) of the GDPR on a specific case-by-case basis. We may store and process your personal data according to Art. 6 (1) b of the GDPR to be able to carry out the credit check.
Due to the possibility of a contract being concluded imminently, in the following cases we will transfer your data to the following provider(s):

 

    • Creditsafe Deutschland GmbH:

      Creditsafe Deutschland GmbH, Schreiberhauer Straße 30, 10317 Berlin, Deutschland (https://www.creditsafe.com): When it concludes contracts and in certain cases in which a legitimate interest exists, our company regularly checks your creditworthiness even if you are an existing customer. To this end, we work together with Creditsafe Deutschland GmbH, Schreiberhauer Strasse 30, 10317 Berlin, Germany, from which we receive the necessary data. We send your name and contact details to Creditsafe Deutschland GmbH for this purpose.

 

Statistical evaluation of visits to this website – web trackers

When this website or individual files on the website is/are accessed, we collect, process and store the following data: IP address, web page that the file was accessed from, name of the file, the date and time of access, the volume of data transmitted and the access success notification (‘web log’). We only use this access data in a non-personalised form with a view to continuously improving our website and for statistical purposes.
 

Integration of external web services and data processing outside the EU

We use active contents from external providers (‘web services’) on our website. When you access our website, these external providers may receive personal information about your visit to our website. Data may be processed outside the EU in this regard. You can prevent this from happening by installing an appropriate browser plugin or by disabling the execution of scripts in your browser. This can lead to functional restrictions on websites you visit.
We use the following external web services:
 

    • JQuery

      We use the JQuery service provided by The Linux Foundation, 1 Letterman Drive, Building D, Suite D4700, CA 94129 San Francisco, USA, Email: legal@js.foundation, Website: https://js.foundation/. Processing also takes place in a third country that is not covered by a Commission adequacy decision. So the usual level of protection afforded by the GDPR cannot be guaranteed for the transfer, since it cannot be ruled out that e.g. authorities can access the collected data in the third country.
      The legal basis for personal data transfer is your consent according to Art. 6(1) a of the GDPR or Art. 9 (2) a of the GDPR, which you have given on our website.
      JQuery is a free JavaScript library that is required for our website to operate properly. It contains a code database, which is a basic requirement for many of our website’s functions.
      You can revoke your consent at any time. You can find more information about revoking your consent either with the consent itself or at the end of this privacy policy.
      You will find more information about how the transferred data is handled in the provider’s privacy policy at https://js.foundation/wp-content/uploads/sites/33/2017/03/JS-Foundation-IP-Policy.pdf.

 

    • website-check.de

      We use the website-check.de service provided by Website-Check GmbH, Beethovenstrasse 24, 66111 Saarbrücken, Germany, eMail support@website-check.de, Website: https://website-check.de/on our website. Personal data transfer and processing takes place exclusively on servers in the European Union.
      The legal basis for personal data transfer is our legitimate interest in processing according to Art. 6 (1) f of the GDPR. Our legitimate interest is to guarantee achievement of the purpose outlined below.
      With regard to processing, you have the right to object as set out in Art. 21. You can find more information at the end of this privacy policy.
      You will find more information about how the transferred data is handled in the provider’s privacy policy at https://website-check.de/datenschutzerklaerung/.

 

Data security and data protection, communication by email

When it is collected, stored and processed, your personal data is protected by means of technical and organisational measures to ensure that it is inaccessible to third parties. Since we cannot guarantee complete data security on the transmission path to our IT systems during unencrypted communication by email, we advise sending highly confidential information using encrypted communication or by post.
 

Automatic email archiving

 

    • Extent of personal data processing

      We would like to expressly point out that our email system has an automated archiving process. It digitally archives all incoming and outgoing emails in an audit-proof manner.

 

    • Legal basis for personal data processing

      Art. 6 (1) c of the GDPR (legal obligation). The legal obligation is to comply with specifications set out in fiscal law and commercial law (e.g. Sections 146 and 147 of the German Tax Code, Sections 238 and 257 of the German Commercial Code).

 

    • Purpose of data processing

      The purpose of archiving is to comply with the specifications set out in tax law (e.g. Sections 146 and 147 of the German Tax Code – obligation to store emails that are relevant to tax law) and commercial law (e.g. Sections 238 and 257 of the German Commercial Code – obligation to archive business correspondence).

 

    • Duration of storage

      Our email communication is saved until the retention requirements under fiscal and commercial law have expired. The storage period may be up to ten years.

 

    • Opportunity for objection and erasure

      You may object to processing at any time according to Art. 21 of the GDPR and request that your data be erased according to Art. 17 of the GDPR. You will find the rights that you are entitled to and information on how to assert them at the bottom of this privacy policy.

 

  • Dealing with application documents

    We would also like to point out that we only consider application documents in PDF format. Zipped (WinZip, WinRAR, 7Zip, etc.) files are filtered out by our security systems and are not delivered. We do not consider applications made in the Word file format or other file formats and will delete the same without reading them. Please note that it may be possible for third parties to open application documents sent in unencrypted format by email before they reach our IT systems. We assume that we may also answer unencrypted application emails in unencrypted format. If you would not like us to do so, please inform us to this effect in your application email.

 

Right of access and rectification requests – Erasure and restriction of data – Revocation of consent – Right to object

 

Right of access

You have the right to request confirmation as to whether we process your personal data. If we do, you have a right of access to the information specified in Art. 15 (1) of the GDPR, provided that the rights and freedoms of others are not adversely affected (cf. Art. 15 (4) of the GDPR). We are also happy to provide you with a copy of the data.

 

Right to rectification

According to Art. 16 of the GDPR, you have the right to have incorrectly stored personal data (such as your address, name, etc.) corrected by us at any time. You can also request that the data we store be completed at any time. Adjustment to this effect will be performed without delay.

 

Right to erasure

According to Art. 17 (1) of the GDPR, you have the right to request that we erase the personal data collected about you if

  • the data is either no longer needed;
  • the legal basis of processing is no longer applicable due to you revoking your consent;
  • you have objected to processing and there are no legitimate grounds for processing;
  • your data is being processed unlawfully;
  • a legal obligation requires this or collection according to Art. 8 (1) of the GDPR has taken place.

According to Art. 17 (3) of the GDPR, the right does not exist if

  • processing is necessary to exercise the right to freedom of expression and information;
  • your data was collected based on a legal obligation;
  • processing is necessary for reasons of public interest;
  • the data is necessary to establish, exercise or defend legal claims.

 

Right to restriction of processing

According to Art. 18 (1) of the GDPR, you have the right to request on a case-by-case basis that processing of your personal data be restricted.
This applies if

  • you dispute the correctness of the personal data;
  • processing is unlawful and you do not consent to erasure of the data;
  • the data is no longer required for the purpose for which it is being processed, but the data collected is being used to assert, exercise or defend legal claims;
  • an objection has been made against processing according to Art. 21 (1) of the GDPR and it is still unclear which interests take precedence.

 

Right of revocation

According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected based on Art. 6 (1) f (in the context of a legitimate interest). You are only entitled to this right if special circumstances preclude storage and processing.
 

Right to objection

According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected based on Art. 6 (1) f (in the context of a legitimate interest). You are only entitled to this right if special circumstances preclude storage and processing.

 

How do you exercise your rights?

You can exercise your rights at any time by using the contact details provided below:

Rheinwert Immobilien GmbH
Steinstraße 16-18
40212 Düsseldorf
Germany
Email: info@rheinwert.com
Tel.: +49 (0) 211 176007 0
Fax: +49 (0) 211 176007 49

 

Right to data portability

According to Art. 20 of the GDPR, you are entitled to have personal data concerning you transferred. We provide the data in a structured, commonly used and machine-readable format. The data can be sent either to yourself or to a controller named by you.
We will provide you with the following data on request according to Art. 20 (1) of the GDPR:

  • Data collected based on express consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR;
  • Data that we have received from you according to Art. 6 (1) b of the GDPR in the context of existing contracts;
  • Data processed in the context of an automated procedure.

We will transfer the personal data directly to a controller of your choosing insofar as doing so is technically feasible. Please note that we are not allowed to transfer data that interferes with the rights and freedoms of others according to Art. 20 (4) of the GDPR.

 

Right to lodge a complaint with the supervisory authority according to Art. 77 (1) of the GDPR

If you suspect that your data is being processed unlawfully on our website, you can naturally obtain judicial clarification of the issue at any time. Every other legal option is open to you too. Regardless of this, you have the option of contacting a supervisory authority according to Art. 77 (1) of the GDPR. You have a right to lodge a complaint according to Art. 77 of the GDPR in the EU member state of your place of residence, your workplace and/or the place of the suspected violation, i.e. you can choose the supervisory authority you wish to contact from the aforementioned locations. The supervisory authority with whom the complaint was lodged then informs you of the status and results of your petition, including the possibility of a judicial remedy according to Art. 78 of the GDPR.

Created by:

© DURY LEGAL Rechtsanwälte – www.dury.de

© Website-Check GmbH – www.website-check.de