Privacy policy and consents

Table of contents
1. objective and responsible body
2. basic information on data processing
3. processing of personal data
4. collection of access data
5. cookies & reach measurement
6. piwik statistics
7. integration of third-party services and content
8 User rights and deletion
9. changes to the privacy policy

1. objective and responsible body

This privacy policy clarifies the nature, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data within our online offer and the associated websites, functions and content (hereinafter collectively referred to as “online offer” or “website”). The privacy policy applies regardless of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offer is executed.

The provider of the online offer and the party responsible for data protection is REBTY, owner: Stefan Rauer, Lindwurmstraße 75, 80337 Munich (hereinafter referred to as “provider”, “we” or “us”). For contact details, please refer to our legal notice

The term “user” includes all customers and visitors to our online offering. The terms used, such as “user”, are to be understood as gender-neutral.

2. basic information on data processing

We process users’ personal data only in compliance with the relevant data protection regulations in accordance with the principles of data minimization and data avoidance. This means that user data is only processed if there is legal permission, in particular if the data is required for the provision of our contractual services and online services or is required by law or if consent has been given.

We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

If content, tools or other means from other providers (hereinafter jointly referred to as “third-party providers”) are used within the scope of this privacy policy and their registered office is abroad, it can be assumed that data will be transferred to the countries in which the third-party providers are based. The transfer of data to third countries takes place either on the basis of legal permission, user consent or special contractual clauses that guarantee the legally required security of the data.

3. processing of personal data

In addition to the uses expressly stated in this privacy policy, personal data is processed for the following purposes on the basis of legal permissions or user consent:
– The provision, execution, maintenance, optimization and security of our services and user services;
– Ensuring effective customer service and technical support.

We only transfer user data to third parties if this is necessary for billing purposes (e.g. to a payment service provider) or for other purposes if these are necessary to fulfill our contractual obligations to the users (e.g. address notification to suppliers).

When contacting us (via contact form or email), the user’s details are stored for the purpose of processing the inquiry and in the event that follow-up questions arise.
Personal data is deleted if it has fulfilled its intended purpose and there are no retention obligations to the contrary.

4. collection of access data

We collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

We use the log data without allocation to the person of the user or other profiling in accordance with the statutory provisions only for statistical evaluations for the purpose of the operation, security and optimization of our online offer. However, we reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence.

5. cookies & reach measurement

Cookies are pieces of information that are transferred from our web server or third-party web servers to the user’s web browser and stored there for later retrieval. Users are informed about the use of cookies in the context of pseudonymous reach measurement in this privacy policy.

It is also possible to view this online offer without cookies. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

It is possible to manage many online advertising cookies from companies via the US site http://www.aboutads.info/choices or the EU site http://www.youronlinechoices.com/uk/your-ad-choices/.

6. piwik statistics

We use Piwik, an open source software for the statistical analysis of user access. Piwik uses cookies, which are stored on the user’s computer and which enable an analysis of the use of this online offer by the user. Pseudonymous user profiles can be created from the processed data.

The information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized immediately after processing and before it is stored.

7. integration of third-party services and content

It may happen that content or services from third-party providers, such as city maps or fonts from other websites, are integrated into our online offering. The integration of content from third-party providers always presupposes that the third-party providers are aware of the user’s IP address, as they would not be able to send the content to the user’s browser without the IP address. The IP address is therefore required to display this content. Furthermore, the providers of third-party content can set their own cookies and process user data for their own purposes. User profiles can be created from the processed data. We will use this content in a data-saving and data-avoiding manner as far as possible and select reliable third-party providers with regard to data security.

The following presentation provides an overview of third-party providers and their content, together with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, options for objection (so-called opt-out):

– External fonts from Google, Inc, https://www.google.com/fonts (“Google Fonts”). Google Fonts are integrated by calling up a Google server (usually in the USA). Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.

– Maps of the “Google Maps” service of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.

– Videos from the “YouTube” platform of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.

8 User rights and deletion of data

Users have the right, upon request and free of charge, to receive information about the personal data that we have stored about them.
In addition, users have the right to correct incorrect data, revoke consent, block and delete their personal data as well as the right to lodge a complaint with the competent supervisory authority in the event of the assumption of unlawful data processing.

The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

9. changes to the privacy policy

We reserve the right to amend the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. If user consent is required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.
Users are requested to inform themselves regularly about the content of the privacy policy.

Status: August 2022