Privacy Policy

1. General Information

Köbeck eGbR takes the protection of personal data very seriously. We treat personal data confidentially and in accordance with legal data protection regulations and this privacy policy. The legal foundations can be found in particular in the General Data Protection Regulation (GDPR).

This privacy policy informs you, in accordance with Art. 12 ff. GDPR, about the handling of your personal data when visiting our website apartment-augsburg.com, as well as as a customer of Köbeck eGbR. It explains in particular which data we collect, how we use it, and on what legal basis the respective data processing takes place.

II.  Name and Contact Information of the Data Controller

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g., names, contact details, birth dates, etc.). The controller within the meaning of the GDPR and the applicable national data protection laws as well as other data protection regulations is:

 

Köbeck eGbR

Friedrich-Ebert-Straße 15

82256 Fürstenfeldbruck

Germany

Tel.: +49 179 4391089

Email: augsburg@fondsakademie.de

III.  Purposes and Legal Basis for Data Processing

1. Contact via Email or Phone

If you contact us by email or phone, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. This data will not be shared without your consent.

The processing of this data is based on Art. 6 para. 1 sentence 1 lit. b GDPR if your request is related to the fulfillment of a contract or necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 para. 1 sentence 1 lit. f GDPR) or on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR) if it was requested.

The data you send to us via contact inquiries will remain with us until you request its deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—especially legal retention periods—remain unaffected.

2. Accessing and Visiting Our Website – Server Log Files

 

For the purpose of the technical provision of the website, it is necessary that we process certain information automatically transmitted by your browser so that our website can be displayed in your browser and you can use it. This information is automatically collected each time you access our website and is automatically stored

in so-called server log files. These include:

• Browser type and version
• Operating system used
• Website from which access is made (referrer URL)
• Host name of the accessing computer
• Date and time of access
• IP address of the requesting computer

 

The storage of the aforementioned access data is necessary for technical reasons to provide a functional website and to ensure system security. This also applies to the storage of your IP address, which is necessarily required and, under certain circumstances, may theoretically allow attribution to you. Beyond the purposes mentioned above, we use server log files exclusively for the demand-oriented design and optimization of our website offering in a purely statistical manner without drawing conclusions about your person. We do not combine this data with other data sources, nor do we analyze the data for marketing purposes.

The access data collected during your use of our website will only be retained for as long as necessary to achieve the aforementioned purposes. Your IP address will be stored on our web server for a maximum of 7 days for IT security purposes.

If you visit our website to obtain information about our products and services or to use them, the legal basis for the temporary storage and processing of access data is Art. 6 para. 1 sentence 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or for the implementation of pre-contractual measures. Furthermore, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest lies in providing you with a technically functional and user-friendly website as well as ensuring the security of our systems.

3.  Newsletter

Provided you have explicitly consented under Art. 6 para. 1 sentence 1 lit. a GDPR, we use your email address to send you occasion-based and/or regular newsletters. If the contents of the newsletter are specifically described during registration, these details are decisive for the user’s consent. Otherwise, our newsletters include information about our services, offers, and promotions. To receive the newsletter, only a valid email address is required. If additional details are requested, their provision is always voluntary.

We use the so-called double opt-in procedure for newsletter registration, meaning we will only send you a newsletter via email after you have explicitly confirmed that you wish to activate the newsletter service. For this purpose, we will send you a notification email asking you to confirm your subscription either by replying from your registered email address or by clicking on a link contained in the email.

When registering for the newsletter, we store your IP address and the date of registration. This storage serves as proof of your subscription to our newsletter. Changes to your data stored by the mailing service provider are also logged.

Data processing occurs based on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The revocation can be made via a link in the newsletter itself or by notifying us via the contact details provided above.

4.  Processing Customer Data

To fulfill the contract concluded with you, we process the following personal data:

Salutation, first name, last name, email address, address, telephone number (landline and/or mobile), ID card, bank details, information on professional activity, net income, income from rent/lease/self-employment/pension/child benefits, rent/housing costs, living expenses, insurance contributions, information on assets and liabilities, information on existing dunning procedures, ZVS procedures, and credit score (Schufa).

This data processing is necessary for the fulfillment of the contract between you and us. The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

5. Use of Cookies and Related Functions/Technologies

 We use cookies on our website in some cases. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure and to enable the provision of certain functions. Cookies are small text files stored on your computer by your browser. A cookie contains a characteristic string that enables unique identification of your browser when revisiting the website.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit or your browser session (so-called transient cookies). Other cookies remain stored on your device for a specified period or until you delete them (so-called persistent cookies). These cookies allow us to recognize your browser on your next visit. Upon written request, we are happy to provide further information about the functional cookies used. Please contact us at the contact details above.

You can set your browser to inform you about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or generally, and activate the automatic deletion of cookies when closing the browser. You can regularly obtain instructions on disabling cookies via the “Help” function of your internet browser. When disabling cookies, the functionality and/or full availability of this website may be limited. For further cookie-specific settings and disabling options, please also refer to the individual explanations below regarding the cookies and related functions/technologies specifically used when visiting our website.

Some of the cookies we use on our website originate from third parties who help us analyze the impact of our website content and the interests of our visitors, measure the performance of our website, or provide demand-based advertising and other content on our or other websites. On our website, we use both first-party cookies (visible only to the domain you are currently visiting) and third-party cookies (visible across domains and regularly set by third parties).

Cookie-based data processing occurs based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR (legal basis) or on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (legal basis) to safeguard our legitimate interests. Our legitimate interests lie particularly in providing you with a technically optimized, user-friendly, and demand-oriented website and ensuring the security of our systems. Consents you have granted can be revoked at any time, e.g., by disabling the individual cookie-based tools/plugins listed below. You can also object to processing based on legitimate interests by adjusting the respective settings.

1. YouTube

Our website uses plugins from the video platform YouTube to embed and play videos directly on our site. The operator of the video platform is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). YouTube is affiliated with Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

 

Videos are embedded in “enhanced privacy mode,” which, according to the provider, only begins storing user information once the video(s) is/are played. However, using the enhanced privacy mode does not necessarily prevent data from being transmitted to YouTube partners. YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.

 

When you activate embedded videos on our website, a connection to YouTube’s servers is established, and data transmission begins. We have no control over the extent and content of the data transmitted to YouTube and potentially its partners upon activating the plugin. Among other things, the YouTube server is informed which of our pages you have visited. According to YouTube, this information is used to collect video statistics, improve user-friendliness, and prevent abusive behavior. YouTube uses cookies to gather information about user behavior. These cookies remain on your device until you delete them. You can prevent YouTube from storing cookies by adjusting your browser settings (see above).

If you are logged into your YouTube account, YouTube can directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account before activating the play button.

The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

 

For more information on how YouTube handles user data, please refer to YouTube’s privacy policy at: https://www.google.de/intl/en/policies/privacy.

 

7. Additional Purposes of Data Processing

Compliance with Legal Obligations: We also process your personal data to comply with other legal obligations that may arise in connection with our business activities. These include, in particular, commercial, trade, or tax retention periods. We process your personal data based on Art. 6 para. 1 sentence 1 lit. c GDPR (legal basis) to fulfill a legal obligation to which we are subject.

Enforcement of Legal Claims: We also process your personal data to assert our rights and enforce our legal claims. Additionally, we process your personal data to defend against legal claims. Finally, we process your personal data where necessary to prevent or prosecute crimes. In this context, we process your personal data to safeguard our legitimate interests under Art. 6 para. 1 sentence 1 lit. f GDPR (legal basis), provided we assert legal claims or defend ourselves in legal disputes or aim to prevent or uncover criminal acts (legitimate interest).

Consent: If you have given us consent to process personal data for specific purposes (e.g., sending information materials and offers), the lawfulness of this processing is based on your consent. You can revoke your consent at any time. Please note that the revocation only takes effect for the future and does not affect processing that occurred prior to the revocation.

IV. Recipients of Data

Within Köbeck eGbR, those entities that require your data to fulfill our contractual and legal obligations will have access to it.

Personal data of our customers is shared with the following parties:

As part of the execution of the contract concluded with you, we pass on the personal data listed under section III, point 4, to the independent affiliate responsible for you and to our cooperation partner in the area of insurance advice and mediation, WIFO GmbH, Gewerbering 15, 76287 Rheinstetten, Germany, for the purpose of arranging insurance suitable for you. The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

Additionally, your data may be shared with service providers and agents (e.g., technical service providers) as required.

Some recipients process your personal data as data processors and are strictly bound to our instructions regarding the handling of your personal data. Other recipients act independently and are also obliged to comply with the GDPR and other data protection regulations.

Finally, we may transfer personal data on a case-by-case basis to our legal or tax advisors, who are bound by their professional confidentiality and secrecy obligations.

Service providers and agents (e.g., technical service providers, IT service providers, payment service providers, hosting providers) may also receive data for these purposes. We limit the transfer of your personal data to the necessary minimum, considering data protection regulations. The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR.

We are authorized to enter into sub-contracting relationships with subcontractors (“subcontractor relationships”) as part of our contractual obligations. This list can always be found in this privacy policy.

Data processors include:

• Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin

V. Data Transfer to Third Countries

In the context of using the aforementioned service providers, we transfer your IP address and personal data stored in the back office to the USA (see above). The data transfer is based on the EU’s standard contractual clauses for the respective data transfers. Otherwise, we do not transfer your personal data to countries outside the EU or the EEA or to international organizations unless explicitly stated otherwise in this privacy policy.

VI. Automated Decision-Making/Profiling

We do not use automated decision-making that has legal effects on you or significantly affects you.

VII. Data Retention Period

We process and store your personal data initially for the duration required for the respective purpose (see above for individual processing purposes). This may also include the periods of initiating a contractual relationship (pre-contractual relationship) and fulfilling a contract. Based on this, personal data is regularly deleted as part of fulfilling our contractual and/or legal obligations unless temporary further processing is required for the following purposes:

• Compliance with legal retention obligations arising from applicable laws. The retention or documentation periods specified therein are up to ten years.
• Preservation of evidence in consideration of limitation periods.

VIII. Data Security

We protect personal data through appropriate technical and organizational measures to ensure an adequate level of protection and to safeguard the personal rights of the data subjects. The measures taken aim, among other things, to prevent unauthorized access to the technical facilities we use and to protect personal data from unauthorized disclosure to third parties. In particular, this website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator. You can recognize an encrypted connection by the browser’s address bar changing from “http://” to “https://” and the lock symbol in your browser bar. If SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties. Nevertheless, we point out that data transmission on the internet (e.g., during email communication) can have security gaps. Complete protection of data from third-party access is not possible.