Privacy Policy

This privacy policy informs you of the type, extent and purpose of the processing of person-specific data (hereinafter “data”) within our online offer and the websites, function and contents connected with it, as well as external online presences including our media profile (hereinafter “online offer). Regarding the terminology used, such as “processing” or “responsible person”, we refer to the definitions in art. 4 of the General Data Protection Regulation (GDPR)

Person responsible

KVN Betriebsgesellschaft mbH
Pfälzer-Wald-Str. 2
81539 Munich
GERMANY

Management: Michael Niedermann

Email : info@kvngmbh.de
Homepage : http://www.concept-living-munich.de
Imprint: http://www.concept-living-munich.de/de/impressum.html

Types of processed data:

- Basic data (e.g.names, addresses).
- Contact data (e.g. email, telephone numbers).
- Content data (e.g. text entries, photographs, videos).
- Usage data (e.g. visited web sites, contents of interest, access times).
- Meta-/communication data (z.B., device information, IP-addresses).

Categories of affected persons

Visitors and users of the online offer (affected persons are hereinafter summarised as “users”)

Categories of recipients

- Registration office (in terms of the Registration Act)
- Fiscal authority
- Consultants (tax advisors / auditors)
- Payment service providers
- Fees offices

Purpose of processing

- Provision of the online offer, its functions and contents.
- Replying to contact requests and communication with users.
- Security measures
- Reach assessment/marketing
- Fulfilment of legal requirements

Terminology

”Person-specific data” are all data that refer to identified or identifiable natural persons (hereinunder “affected person”); a natural person that can be directly or indirectly identified by means of assignation to an identifier such as a name, an identification number, location data, to an online identification (e.g. cookie), or to one or several particulars that are expressions of the physiological, genetic, psychological, economic, cultural or social identity of this natural person.

“Processing” means any operation, or series of operations, that is carried out with or without the help of automated procedures in connection with person-specific data. The term is comprehensive and includes virtually any handling of data.

Any natural or legal person, authority, establishment or other institution that can, alone or in conjunction with others, decide upon the purposes and means of processing of person-specific data is referred to “person responsible”.

Relevant legal bases

In terms of art. 13 GDPR, we inform you of the legal bases of our data processing. Inasmuch as the legal basis is not identified in the privacy statement, the following applies: The legal basis for obtaining consent is art. 6 para. 1 lit. a and art. 7 DGPR; the legal basis for processing serving the provision of our services and performance of contractual measures, as well as replying to requests is art. 6 para. 1 lit. b GDPR, the legal basis for processing serving compliance with legal requirements is art. 6 para. 1 lit. c GDPR, and the legal basis for processing serving the safeguarding of our legitimate interests is art. 6 para. 1 lit. f GDPR. In case vital interests of the affected person or another natural person require processing of person-specific data, art. 6 para. 1 lit. d GDPR serves as legal basis.

Collaboration with contract processors and third parties

If we reveal data to other persons or companies (contract processors or third parties) in the course of processing, transmit, or otherwise grant them access to this data, this only occurs on the basis of legal permission (e.g. if transmission of data to third parties such as payment service providers is required for contract performance according to art. 6 para. 1 lit. b DGPR, you have given your consent, a legal obligation provides for it, or on the basis of our legitimate interests (e.g. when deploying agents, web hosts, etc.).

If we instruct third parties to process data on the basis of a so-called “order data processing agreement”, this happens on the basis of art. 28 GDPR.

Transfer to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the course of the availment of third party services or in the course of disclosure or transfer of data to third persons, this only occurs if it is necessitated by our (pre)contractual obligations, on the basis of your consent, on the basis of a statutory requirement, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process, or instruct to be processed, data in a third country under the specific conditions outlined in art. 44 ff. DGPR. This means that processing occurs e.g. on the basis of special guarantees, such as the officially recognised assessment of a data protection level in conformity with the EU (e.g. by the “Privacy Shield” for the USA), or compliance with officially recognised contractual obligations ( so-called “standard contractual clauses”).

Rights of the affected persons

You are entitled to request confirmation whether the relevant data are processed, as well as information about this data, and other information and copies of the data pursuant to art. 15 GDPR.

According to art. 16 GDPR, you are entitled to request the completion or correction of data concerning your person.

In terms of art. 17 GDPR, you are entitled to demand the immediate deletion of relevant data, or, alternatively, in terms of art. 18 GDPR, to request a limitation of data processing.

In terms of art. 20 GDPR, you are entitled to request data relating to your person that you have provided to us and to request transfer thereof to other responsible persons;

According to art. 77 GDPR, you are furthermore entitled lo lodge an appeal with the competent authorities.

In order to exercise your rights, you can contact us under the following email address: info@kvngmbh.de

Right of cancellation

According to art. 7 para. 3 GDPR, you are entitled to revoke given consent for the future.

Right to object

According to art. 21 GDPR, you can at any time object to future processing of your personal data. The user can specifically object to having their data processed for the purposes of direct marketing.

Cookies and right to object in case of direct marketing

Small files that are saved on users’ computers are known as “cookies”. Various data can be saved within cookies. A cookie primarily serves the purpose of saving data concerning the user (or the computer on which the cookie is saved) during and possibly after his visit to the online offering. Cookies that are deleted after a user leaves an online offering and shuts his browser are known as temporary cookies, “session cookies” or “transient cookies”. Such a cookie may contain data such as the content of a shopping cart in an online shop, or a login status. Cookies that remain saved after shutting the browser are known as “permanent” or “persistent” cookies. Particulars such as the login status can thus be saved when users revisit them after several days. User interests that are used for reach assessment or marketing purposes can equally be saved in such a cookie. “third party cookies” are cookies that are offered by provider other than the responsible person who operates the online offer (the responsible person’s own cookies are known as “first party cookies”)

We can use temporary and permanent cookies un inform thereof within the framework of our privacy policy.

If users do not wish for cookies to be saved on their computers, we ask them to activate the appropriate option in their browser’s system preferences. You can delete stored cookies using your browser’s system preferences at any time. The exclusion of cookies can lead to function limitations in this online offering.

A general objection against the use of online marketing related cookies can be lodged for a multitude of services, especially in case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the blocking of cookies can be achieved by disabling them in the browser’s settings. Please note that the functionality of this online offering is limited in this case.

Deletion of data

Person-specific data that is retrieved by us in connection with a booking is only saved for as long as required for contract processing and possible subsequent, contract-related correspondence, or, in case of documents that have relevance under commercial and/or fiscal law and contain person-specific data, as long as the statutory periods of the Commercial Code and the Fiscal Code require retention of these documents. According to the stipulations of art. 17 and 18 GDPR, data processed by us is deleted or restricted in its processing. Unless expressly stated otherwise in this privacy policy, data we save is deleted as soon as they are no longer required for their intended purpose and no legal retention obligations are in the way of their deletion. If the data cannot be deleted, because it is required for statutory and other legally permissible purposes, their processing is restricted. This means the data is blocked and not processed for other purposes. This applies for example to data required to be retained for purposes relating to commercial or fiscal law.

According to legal requirements in Germany, the retention period is 6 years according to § 257 para. 1 of the Commercial Code (trading books, inventories, opening balances, annual accounts, commercial letters, accounting records, etc.), as well as 10 years according to § 147 para. 1 of the Fiscal Code (accounts, records, reports, accounting records, commercial- and business letters, documents relevant for taxation, etc.).

Purpose, type and extent of processing

In case of general requests that are addressed to us via email or contact form, the relevant person-specific data is only saved fo the purpose of the correspondence at hand. No additional processing is carried out.

Person-specific data, such as name, address, telephone number or email address is not captured, unless you provide such information voluntarily, e.g. for dealing with enquiries, processing of bookings in case of comments, when registering for the newsletter, or for enquiries via the contact form. Voluntarily submitted data is only used for the intended purpose.

Business-related processing

In addition, we process - Contract data (e.g. subject matter of the contract, duration, customer category). - Payment data (e.g. bank details, payment history) from our customers, interested parties and business partners, for the purpose of contract performance, services and customer care, marketing, advertising and market research,

Hosting

Hosting services used by us serve the provision of the following services: Infrastructure- and platform services, computing capacity, data storage, databank services, security services, as well as technical maintenance that we deploy for the operation of this online offering.

In doing so, we, or our hosting service provider, process basic data, contact data, content data contract data, usage data, meta- and communication data of customers, interested parties and visitors of this online offering on the basis of our legitimate interest in an efficient and secure provision of this online offering according to art. 6 para. 1 lit. f GDPR in conjunction with art. 28 GDPR (conclusion of order data processing agreement)

Collection of login data and logfiles

On the basis of art. 6 para. 1 lit. f GDPR, we, or our hosting service provider, collect data regarding every access to the server that contains this service (so-called server logfiles). Access data include the name of the website visited, the file accessed, the date and time of the visit, the volume of data transferred, notification of a successful visit, the browser type and version, the user’s operating system, the referring URL (previously visited site), the IP address and the querying provider.
The data contained in the logfiles is used for statistical purposes only. An identification of the user does not take place - unless it is legally required. For security reasons (e.g. for the investigation of improper or fraudulent use), logfile information is stored for a duration of no more than 7 days, then deleted. Data which must be stored for purposes of documentation is excluded from deletion until the event in question is fully clarified.

Administration, financial accounting, office organisation, contact administration

We process data within the framework of administrative tasks, and organisation of our operations, financial accounting and compliance with statutory requirements, such as archiving. In so doing, we process the same data as in the course of provision of our contractual services. The basis for processing are art. 6 para. 1 lit.c. GDPR, art. 6 para. 1 lit. f GDPR. Customers, interested parties, business partners and site visitors are concerned by processing. The purpose of, and our interest in processing is in the administration, financial accounting, office organisation and archiving of data, thus tasks that serve the maintenance of our business activities, performance of our functions and performance of our services. Deletion of data with a view to contractual services and contractual communication correspond to the statements made in these contractual activities.

We thereby disclose or transfer data to fiscal authorities, consultants, such as tax advisors or auditors, as well as fees offices and payment service providers.

Furthermore, on the basis of our business interests, we store information regarding suppliers, organisers and other business partners, e.g. for later contact. Such predominantly company-related data is usually stored permanently.

Business analysis and market research

In order to operate our business efficiently and recognise market trends, customer- and user requirements, we analyse data regarding business transactions, contracts, enquiries, etc. In so doing, we process basic data, communication data, contract data, payment data and metadata on the basis of art. 6 para. 1 lit. f. GDPR, whereas affected persons include customers, business partners, visitors and users of the online offering.

Analyses are carried out for the purposes of business analysis, marketing and market research. We can thereby take into account user profiles with information regarding for example their purchase transactions. Analyses serve to improve user friendliness, optimise our offering, and business efficiency. We are the sole users of such analyses and they will not be disclosed externally, unless they are anonymous analyses with summarised values.

If such analyses or profiles are person-specific, they are deleted or anonymised at the time of user termination, otherwise deleted after two years from contract conclusion. Apart from that, general business analyses and trend assessments are compiled on an anonymous basis whenever possible.

Contact

When contact is made with us (e.g. via contact form, email, telephone or social media), user data is processed for the processing and implementation of the enquiry according to art. 6 para. 1 lit. b) GDPR. User information can be stored in a customer relationship management system (“CRM system”) or similar enquiry organisation.

We delete the information once it is no longer required. We review necessity every two years; in addition, legal archiving obligations apply.

Google Analytics

On the basis of our legitimate interests (i.e. interest in analysis, optimisation and efficient operation of our online offering), we use Google Analytics, a web analytics service by Google LLC (“Google”) in accordance with art. 6 para. 1 lit.f. GDPR. Google uses cookies. The information about the user’s use of this website gathered by the cookie is, as a rule, transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

On our behalf, Google will use this information to evaluate use of our online offering by users, to collate reports on activities within this online offering and to provide us with further services related to the use of this online offering and internet use. Pseudonymous user profiles of users can thereby be generated from processed data.

We only use Google Analytics with activated IP anonymisation. This means that your IP address will be abbreviated by Google within the member states of the European Union or in other countries that have signed the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the US and abbreviated there.

The IP address transmitted by your browser will not be merged with any other Google data. Users can prevent the storage of cookies by using the corresponding setting of their browser software; users can furthermore prevent the collation of cookie-generated data relating to the use of the online offering by Google if they download and install the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on the way Google uses data, settings and the possibilities of objection on the Google websites:https://www.google.com/intl/de/policies/privacy/partners (“Data usage by Google when you use our partners’ websites or apps“), http://www.google.com/policies/technologies/ads („Dat a usage for advertising purposes“), http://www.google.de/settings/ads („manage information used by Google to display advertising to you“).

Online presence in social media

We maintain an online presence within social media and platforms, in order to be able to communicate with customers, interested parties and users that are active there, and to inform them of our services. When accessing the respective networks and platforms, the terms of use and data processing regulations of the respective provider apply.

Unless otherwise specified in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. create contributions on our online presence, or send us messages.

Inclusion of services and content from third parties

On the basis of our legitimate interests (i.e. interest in analysis, optimisation and efficient operation of our online offering in terms of art. 6 para. 1 lit. f. GDPR), we use third party content- or service offerings in order to include their contents and services, such as videos or fonts (hereinunder “contents”).

This always takes for granted that third party providers for these contents detect users’ IP address, because they cannot send contents to their browser without the IP address. This means the IP address is needed to display the content in question. We make every attempt to use only the type of content where the supplier only uses the IP address to deliver the content. Third party providers can furthermore use so-called pixel tags (invisible graphics, also known as “web beacons” for statistical or marketing purposes. Through these “pixel tags”, information such as visitor traffic on the pages of this website can be processed. Pseudonymous information can furthermore be stored in cookies on the users’ device and may contain technical information on the browser and operating system, referring websites, visiting time, as well as additional information regarding the use of our online offering, and merged with such information form other sources.

Google Maps

We include the maps of the service “Google Maps” from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

External links

Our site contains links to external websites and we have no influence over the content of these sites. For this reason, we cannot accept liability for such third-party content. The contents of third party websites that are linked here do not reflect the opinion of the website operator, but merely serve informational purposes, and the illustration of contexts. The respective provider or operator of any linked site is always individually responsible for its content. Linked pages were checked for possible legal violations at the time of linking. Illegal content was not evident at that time. However, any permanent control of the content of linked pages is unreasonable without any substantial evidence of a violation. We will immediately remove any links of this type upon being notified of such violations.

Supplemented and adjusted by the website owner.

Compiled using Datenschutz-Generator.de by RA Dr. Thomas Schwenke

Apartment prices

City Guide Munich

Book now!
0049 - 89 / 660 089 10
info@concept-living-munich.de

Location

Book now
Contact | Imprint | Ts&Cs | Privacy Policy