DATA PROTECTION DECLARATION
We, Berlin Income One GmbH, operate the website https://www.berlinincomeone.com and collect certain data from our visitors and customers to the extent necessary. In the following privacy policy you will learn what we do with your data, so-called personal data, and why we do this. We also tell you how we protect your data, when the data will be deleted and what rights you have thanks to data protection.
Who can I contact?
Responsible for this website is:
Berlin Income One GmbH
Geschwister-Scholl-Str. 5
10117 Berlin
Data Protection Officer:
Fresh Compliance GmbH
Schönhauser Allee 43a
10435 Berlin
You can also use these contact details to reach our data protection officer or another contact relevant to data protection. Please contact us at any time if you have specific questions about your data, its deletion or your rights.
WHAT ARE MY RIGHTS?
You can contact us at any time if you have questions about your data protection rights or wish to assert your rights below:
- Right to withdraw consent Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to withdraw consent previously given for a newsletter)
- Right of access Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
- Rectification Art. 16 GDPR (e.g. you can contact us if your email address has changed and you want us to replace the old email address)
- Erasure Art. 17 GDPR (e.g. you can contact us if you want us to erase certain data that we have stored about you)
- Restriction of processing Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your email address but only want us to use it to send you essential emails)
- Data portability Art. 20 GDPR (e.g. you can contact us to receive your data stored by us in a compressed format, e.g. because you want to make the data available to another website)
- Objection Art. 21 GDPR (e.g. you can contact us if you do not agree with one of the advertising or analysis procedures specified here)
- Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 para. 1 GDPR (e.g. you can also contact the data protection supervisory authority in your federal state directly with complaints: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html)
DELETION OF DATA AND STORAGE DURATION
Unless otherwise stated, we will delete your data as soon as it is no longer required, e.g. your email address after you unsubscribe from our newsletter. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract. Certain data may have to be stored for longer for legal reasons. You can of course request information about the stored data at any time.
VISITING THE WEBSITE
If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser transmits to enable you to visit the website, in particular
- IP address (e.g. 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)
- Approximate location based on IP range (e.g. Berlin & surrounding area)
- Internet provider (e.g. Kabel Deutschland or Deutsche Telekom)
- Internet speed (e.g. 120 Mbit)
- Date and time (e.g. 11:45 on 25.05.2018)
- Last website visited (e.g. google.de)
- Browser (e.g. Chrome or Safari)
- Operating system (e.g. Mac OS)
- Hardware (e.g. Intel processor)
As a protective measure for your privacy, we delete or anonymize the IP address after your visit to our website. This means that the other technical data can no longer be traced back to you and is only used for anonymous, statistical purposes to optimize our website. The purpose of the temporary storage of the data is, on the one hand, the technical necessity for establishing a connection and the correct, error-free display of our website. The IP address and the aforementioned technical data are required to display the website, to avoid display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures and in accordance with the European data protection requirements of Art. 6 para. 1 lit. f GDPR.
DATA PROCESSING IN THE APPLICATION PROCESS
If you respond to one of the positions offered or to one of our job advertisements, we collect and process the personal applicant data for the purpose of handling the application process. Data is processed electronically if an applicant submits the relevant application documents electronically, for example by email, via an external platform or via the form on the website.
If we conclude an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment contract is concluded with the applicant, the application documents will be stored for a maximum of 6 months after notification of the rejection decision and then deleted. This storage period is primarily due to mutual interests in the context of any claims arising from Section 15 (4) of the General Equal Treatment Act (AGG). The application documents will only be stored for longer if the applicant has given their express consent.
If you apply via the external platforms LinkedIn, Xing or Indeed, we will receive access to your profile with information about yourself that you have provided on the respective platforms. You can find out exactly what data is involved before you establish the connection with the respective platform. You can disconnect from these platforms at any time and prevent us from accessing your data. Further information on this and on the data protection of the respective platform can be found at https://privacy.linkedin.com/de-de (when applying via LinkedIn) or https://de.indeed.com/legal#privacy (when applying via Indeed).
The legal basis for the above-mentioned storage and processing of the application documents is Section 26 (1) BDSG, as the purpose of the application procedure is the recruitment or rejection of the applicant. The application procedure in this form is therefore absolutely necessary in the course of personnel recruitment. The legal basis in the context of the application via the external platforms described above is your consent in accordance with the European data protection regulations pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke this at any time by disconnecting from the platform or sending us a corresponding message.
Transfer of data to third parties:
The data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers personnel administration and applicant management software (https://www.personio.de/impressum/). Personio is our processor in this context in accordance with Art. 28 GDPR. The basis for the processing is an order processing contract between us as the controller and Personio.
DATA PROCESSING OF PROSPECTIVE TENANTS/ TENANT SELF-ASSESSMENT
We process your data for the purpose of concluding a tenancy agreement. We carry out a credit check immediately before concluding the tenancy agreement. There are no plans to change these purposes.
Type of data:
Address data/contact details of contact persons (name, address, e-mail address)
Details of the business, details of rental space/ details of the rental application, credit information
Documents as evidence: Proof of income (e.g. business management analysis (BWA), SCHUFA information or Creditreform information, copy of ID of owners/managing directors (for all natural persons) with the following details: Name, current registration address, date/place of birth, validity of the document, photo
The legal basis for processing is Article 6(1)(b) GDPR (pre-contractual measure for the rental agreement). The credit check is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest, namely checking the creditworthiness of contractual partners).
The provision of data is both legally and contractually mandatory for interested parties. Without providing data, no offers can be made and no tenancy can be established. Data is not transferred to third countries. We do not use any automated individual decision-making processes.
Storage period: Unless a contract is concluded, the data will be deleted immediately after the purpose of processing no longer applies (usually after 6 months). If a contract is concluded, the data for which there is no statutory retention obligation will be deleted upon termination of the contractual relationship.
DATA PROCESSING OF PROSPECTIVE BUYERS
We process your data for the purpose of concluding a purchase contract. When checking a prospective buyer, we carry out a credit check. There are no plans to change these purposes.
Type of data:
Address data/contact details of contact persons (name, address, e-mail address)/credit rating information
Documents as evidence: Proof of income (e.g. business management analysis (BWA), bank and deposit statements, land register extracts, SCHUFA information or Creditreform information, copy of ID of owners/managing directors (for all natural persons) with the following details: Name, current registration address, date/place of birth, validity of the document, photo
The legal basis for processing is Article 6(1)(b) GDPR (pre-contractual measure for the purchase contract). The credit check is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest, namely checking the creditworthiness of contractual partners).
The provision of data is both legally and contractually mandatory for interested parties. Without providing data, no offers can be made and no tenancy can be established. Data is not transferred to third countries. We do not use any automated individual decision-making processes.
Storage period: Unless a contract is concluded, the data will be deleted immediately after the purpose of processing no longer applies (usually after 6 months). If a contract is concluded, the data for which there is no statutory retention obligation will be deleted 12 months after the purchase price has been paid.
DATA PROCESSING BUSINESS PARTNERS
We process your data for the purpose of
the initiation and conclusion of business relationships, for example with regard to a purchase contract / service contract / contract for work and services / consulting contract
the support / processing of existing business relationships with customers and suppliers
invoicing and collection of payments
the fulfillment of payment obligations
the provision of the requested services
Compliance with legal and official regulations
Type of data:
Address data / contact details of contact persons (name, address, e-mail address, telephone number)
For the processing of payments: Account number / payment totals
For the fulfillment of money laundering and compliance regulations: Date of birth, proof of residence, identity card, passport, registration certificate
The legal basis for the processing is Article 6 (1) (b) GDPR (pre-contractual measure for the purchase contract / service contract / contract for work and fulfillment of an existing contract).
Storage period: The data will only be stored for as long as we need it for legitimate business purposes or for legal reasons.
COOKIES
Our website sometimes uses so-called cookies. Cookies are small text files that are usually stored in a folder in your browser. Cookies contain information about the current or last visit to the website:
Name of the website
Expiration date of the cookie
Any value
If cookies do not contain an exact expiration date, they are only stored temporarily and automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date remain stored even if you close your browser or restart your device. Such cookies are only deleted on the specified date or when you delete them manually.
We use the following three types of cookies on our website:
Required cookies (we need these, e.g. to display the website correctly for you and to temporarily store certain settings)
Functional and performance-related cookies (these help us, for example, to evaluate technical data of your visit and thus avoid error messages)
Advertising and analysis-related cookies (these ensure that, for example, advertisements for shoes are displayed if you have previously searched for shoes)
You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. The Federal Office for Information Security provides helpful information and instructions for the most common browsers: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html
GOOGLE FONTS
Google Fonts (https://fonts.google.com) from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), a font collection from Google, is used to visually improve the typeface. These fonts are transferred to your browser’s storage folder and activated when you access this website or other websites. If this is not supported, the text on the website will only be displayed in a standard font. To enable this, a request is sent to domains such as fonts.googleapis.com or fonts.gstatic.com, which contains your IP address for technical reasons. However, your data will not be merged with other data or traced back to you personally.
As a protective measure, we have ensured that the retrieval of the Google font collection does not result in the data being merged with other Google offers, e.g. if you have a Google user account. English information on data protection at Google Fonts confirms this (https://developers.google.com/fonts/faq). In addition, the high security standards of the Google platform and the associated Google privacy policy apply (http://www.google.com/intl/de-DE/privacy). As Google is based in the USA and therefore a so-called third country, further guarantees are required to ensure an adequate level of data protection in Europe. Google provides standard contractual clauses that contractually guarantee an adequate level of data protection for international data. The standard contractual clauses have been evaluated and jointly agreed.
The purpose of the data transfer is the correct display of the fonts in the form we have set. The IP address is required to establish a connection with Google’s servers in order to download the font collection if it is not already stored on the end device. The legal basis is the so-called legitimate interest, which has been examined for the pursuit of the purpose and in the context of the aforementioned protective measures and in accordance with the European data protection requirements of Art. 6 para. 1 lit. f GDPR.
GOOGLE ANALYTICS
Wir verwenden Google Analytics, einen Webanalysedienst der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics verwendet die weiter oben beschriebenen Werbe- und Analysecookies, um unsere Webseite hinsichtlich Ihres Nutzungsverhaltens zu analysieren. Die durch Cookies erzeugten Informationen über die Benutzung dieser Webseite werden an einen Server von Google in den USA übertragen und dort gespeichert. Ihre IP-Adresse wird jedoch vor der Auswertung der Nutzungsstatistiken gekürzt, so dass keine Rückschlüsse auf Ihre Person erfolgen können. Hierzu wurde Google Analytics auf unserer Webseite um den Code „anonymizeIp” erweitert, um eine anonymisierte Erfassung von IP-Adressen zu gewährleisten. Google wird die durch die Cookies gewonnenen anonymisierten Informationen benutzen, um Ihre Nutzung der Webseite auszuwerten, um Reports über die Webseiteneaktivitäten für die Webseitenbetreiber zusammenzustellen und um weitere mit der Webseitennutzung und der Internetnutzung verbundene Dienstleistungen zu erbringen. Auch wird Google diese Informationen gegebenenfalls an Dritte übertragen, sofern dies gesetzlich vorgeschrieben ist oder soweit Dritte diese Daten im Auftrag von Google verarbeiten.
Sie können Ihren Browser auch so konfigurieren, dass er Cookies abweist, oder Sie können die Erfassung und Analyse der Daten durch Google verhindern, indem Sie ein Browser-Plugin (https://tools.google.com/dlpage/gaoptout?hl=de) von Google herunterladen und installieren.
Als Schutzmaßnahmen nutzen wir das von Google angebotene Anonymisierungsverfahren, womit eine anschließende Auswertung der Daten nicht auf Basis Ihrer Person erfolgt, sondern lediglich auf statistischer Basis. Zusätzlich gelten die hohen Sicherheitsstandards der Google Plattform und die damit verbundene Datenschutzerklärung von Google (http://www.google.com/intl/de-DE/privacy). Wir haben zudem mit Google einen speziellen Datenschutzvertrag geschlossen, der den Schutz Ihrer Daten durch technische und organisatorische Schutzmaßnahmen vorschreibt. Da Google seinen Sitz in den USA und damit einem sogenannten Drittstaat hat, sind weitere Garantien zur Gewährleistung eines angemessenen europäischen Datenschutzniveaus erforderlich. Google stellt Standardvertragsklauseln bereit, mithilfe derer ein ausreichendes Datenschutzniveau für internationale Daten vertraglich zugesichert wird. Die Standardvertragsklauseln wurden evaluiert und gemeinsam abgestimmt.
Zweck der Nutzung von Google Analytics ist die anonymisierte Analyse Ihres Nutzungsverhaltens auf unseren Webseiten. Die daraus gewonnen Erkenntnisse helfen dabei, unser Angebot zu verbessern. Rechtsgrundlage ist Ihre Einwilligung in Einklang mit den europäischen Datenschutzanforderungen aus Art. 6 Abs. 1 lit. a DSGVO.
Stand der Datenschutzerklärung: Oktober 2024