MIWO
dedeutsch

Privacy policy

We, MIWO, have two data protection declarations, one for visitors to our website and one for our tenants and those who want to become tenants, for example. Interested persons.

  1. Data protection declaration for our website
    Below you will find information about the processing of your personal data and your rights when using our website.
  2. Data protection declaration for tenants of our properties/apartments and those who want to become tenants.

Data protection declaration for our website

1. Information about the collection of personal data

(1) Below we provide information about the processing of personal data when using our websites at the Internet addresses

https://miwo.eu/, https://Burggartenbonn.de and https://www.romhof.de/.

Personal data is all data that can be related to you personally, e.g. name, address, email addresses, user behavior. We would like to inform you about our processing operations and at the same time comply with legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR).

(2) The person responsible in accordance with Article 4 Paragraph 7 of the GDPR is

MIWO Gesellschaft mbH & Co. KG Lotharstraße 106, 53115 Bonn

represented by MIWO Beteiligungsgesellschaft mbH, Lotharstraße 106, 53115 Bonn

Contact

Telephone: +49 (0) 228 91 46 20

Fax: +49 (0) 228 91 46 240

Email: info@miwo.eu

(3) When you contact us by email or via a contact form, we will store the data you provide (your email address, if applicable your name and telephone number) in order to answer your questions. If the request is assigned to a contract, we delete the data arising in this context after the deadlines for the contract term, otherwise after storage is no longer necessary, or restrict processing if there are statutory retention requirements.

(4) If we use commissioned service providers for individual functions of our offer or want to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below. We also mention the defined storage period criteria.

2. Your rights

(1) You have the following rights vis-à-vis the person responsible with regard to personal data concerning you:

    – Right to information,

    – Right to rectification or deletion,

    – Right to restriction of processing,

    – Right to object to processing,

    – Right to data portability.

(2) You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

3. Processing of personal data when you visit our websites

When using one of the websites mentioned under 1 for information purposes, i.e. simply viewing it without you providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 Section. 1 S. 1 lit. f GDPR:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (page visited)
  • Access status/HTTP status code
  • amount of data transferred in each case
  • previously visited page
  • Browser
  • operating system
  • Language and version of the browser software.
4. Other functions and offers on our websites 

(1) In addition to the purely informational use of our websites mentioned under 1., we offer various services that you can use if you are interested and use other common functions to analyze or market our offers, which are presented in more detail below. To do this, you usually have to provide additional personal data or we process such additional data that we use to carry out the respective services. The aforementioned data processing principles apply to all data processing purposes described here. 

(2) We sometimes use external service providers to process your data. These are carefully selected by us, are bound to our instructions and are checked regularly.

(3) We may also pass on your personal data to third parties if we offer participation in campaigns, competitions, contracts or similar services together with partners. Depending on the service, your data may also be collected by the partners under their own responsibility. You will receive further information when you provide your details or in the description of the respective offers below.

(4) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer.

5. Objection or revocation against the processing of your data 

(1) If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the lawfulness of the processing of your personal data after you have given it to us. The admissibility of processing your data until the time of your revocation remains unaffected.

(2) If we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is not necessary to fulfill a contract with you, which is explained by us in the following description of the functions. If you exercise such an objection, we will ask you to explain the reasons why we should not process your personal data in the way we do. If you object, we will examine the situation and will either stop or adjust data processing or show you our compelling legitimate reasons on the basis of which we continue processing.

(3) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to exercise your objection to advertising is to use the contact details provided above.

6. Processing of data from your devices (“Cookie Policy”)

(1) In addition to the data mentioned above, when you use our website, we use technical tools for various functions, in particular cookies, which can be stored on your device. When you access our website and at any time later, you can choose whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our consent manager. Below we first describe cookies from a technical perspective (2), before we go into more detail about your individual choices by describing technically necessary cookies (3) and cookies that you can voluntarily select or deselect (4). 

(2) Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you use so that certain information can flow to the entity that sets the cookie. Cookies cannot run programs or transfer viruses to your computer, but are primarily used to make the Internet offering faster and more user-friendly. This website uses the following types of cookies, whose functionality and legal basis we will explain below:

– Transient cookies: These, especially session cookies, are automatically deleted when you close the browser or log out. They contain a so-called session ID. In this way, various requests from your browser can be assigned to the shared session and your computer can be recognized when you return to our website.

– Persistent cookies: These are automatically deleted after a specified period of time, which varies depending on the cookie. You can view the cookies set and the expiry times in your browser settings at any time and delete the cookies manually.

– Other technologies: These functions are not based on cookies, but on similar technical mechanisms, such as Flash cookies, HTML5 objects or an analysis of your browser settings. The result is also that we can use the techniques described below. Here too, you can of course agree or object.

(3) Mandatory functions that are technically necessary to display the website: The technical structure of the website requires that we use technologies, in particular cookies. Without these techniques, our website may not be displayed (completely correctly) or support functions may not be possible. These are generally transient cookies that are deleted at the end of your website visit, at the latest when you close your browser. You cannot opt out of these cookies if you want to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 Section. 1 S. 1 lit. f GDPR. 

(4) Optional cookies when you give your consent: We only set various cookies with your consent, which you can select when you first visit our website using the so-called cookie consent tool. The functions are only activated with your consent and can be used in particular to enable us to analyze and improve visits to our website, to make it easier for you to use it across different browsers or devices, to recognize you during a visit or to display advertising (possibly also to to orient advertising based on interests, to measure the effectiveness of advertisements or to show interest-oriented advertising). The legal basis for this processing is Art. 6 Section. 1 S. 1 lit. a GDPR. You can revoke your consent at any time without affecting the permissibility of processing up to the point of revocation. 

We describe the functions we use, which you can select and revoke individually via the Consent Manager, below 

(1) Google Analytics 

In order to tailor our websites to your needs, we create pseudonymous usage profiles using Google Analytics. Google Analytics uses targeting cookies that are stored on your device and can be read by us. In this way, we are able to recognize and count repeat visitors and find out how often our websites were accessed by different users. The data processing takes place on the basis of Art. 6 Section. 1 lit. a GDPR (consent).

The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there. However, since we have activated IP anonymization on our website, your IP address will be shortened by Google within member states of the European Union. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and only shortened there (further information on the purpose and scope of data collection can be found, for example, at https://policies.google.com/privacy?hl=de&gl =en). We also have an order processing contract with Google LLC (USA) in accordance with Art. 28 GDPR closed. Google will therefore only use all information for a strictly intended purpose in order to evaluate the use of our websites for us and to compile reports on website activity.

(2) Google Maps

We also use the map service Google Maps for this website. The provider is Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland. 

As part of the processing described below, data is also regularly transmitted to Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). Google Ireland Limited and Google LLC are hereinafter collectively referred to as “Google”. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

You can find more information on how to handle user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

(3) Openstreetmap Leaflet API

To display the location of our objects, we use the Leaflet API service, a map service that makes it possible to integrate OpenStreetMap - another open source alternative to Google Maps - into the website. From a technical perspective, it is necessary to send requests to other servers for the correct display. Through these requests it would generally be possible for information about your use of this website (including your IP address) to be transmitted to other servers and stored there. The other servers are limited to maps.wikimedia.org (map layers) and unpkg.com (leaflet files) after analysis by the developer tools.
You have the option of deactivating the OpenStreetMap service and thus preventing data transfer to third parties by deactivating JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display on our website or will only be able to use it to a limited extent.
The use of Openstreetmap is in the interest of enhancing our online offering. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR.
You can find more information about OpenStreetMap at https://www.openstreetmap.de. You can find more information about the API Leaflet used at https://www.leafletjs.com

(4) Squarespace

We use the services of Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland for web hosting for our websites Romhof.de & Burggartenbonn.de and have concluded an order processing contract with Squarespace in accordance with Art. 28 GDPR. For more information, please see Squarespace's privacy policy at https://de.squarespace.com/privacy/

The legal basis is our legitimate interest in operating and maintaining the operational security of these websites in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR.

(5) Momento360

To display 360 degree photos, we use the service of Momento360 Inc. 388 Market Street #1300 San Francisco, CA 94111 USA, or Momento360 for short.

As soon as you start a 360 degree photo on this page, a connection to the Momento360 servers will be established. Data (at least your IP address) is sent to Momento360's servers. The use of Momento360 is in the interest of an attractive and simple display of 360 degree photos. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR. 

You can view Momento360's privacy policy here: https://momento360.com/ps/

(6) Theasys – 360 VR Online Virtual Tour Creator

To display 360 degree photo tours, we use the service of 360COB, INC., 2093 Philadelphia Pike #8755, Claymont, DE 19703, USA, or Theasys for short.

As soon as you start a 360 degree photo tour on this page, a connection to the Theasys servers will be established. Data (at least your IP address) is sent to Theasys servers. Theasys is used in the interest of an attractive and simple presentation of 360 degree photo tours. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR. 

You can view Theasys’ privacy policy here: https://www.theasys.io/privacy/

(7) Cookie Consent Manager CCM19

To obtain user consent for cookies requiring consent and cookie-based applications, we use the cookie consent tool “CCM19” from Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn (“CCM19”).
By integrating a corresponding JavaScript code, users are shown a banner when they access the page, in which consent can be given for certain cookies and/or cookie-based applications by ticking a box. The tool blocks the setting of all cookies requiring consent until the respective user gives the relevant consent by checking the box. This ensures that such cookies are only set on the user's device if consent has been given.

So that the cookie consent tool can clearly assign page views to individual users and individually record, log and store the user's consent settings for a session duration, certain user information (including the IP address) is collected when our website is accessed by the cookie consent tool. collected, transmitted to CCM19 servers and stored there.
This data processing is carried out in accordance with Article 6 Paragraph 1 Letter f of the GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and therefore in a legally compliant design of our website.
Another legal basis for the data processing described is Article 6 (1) (c) GDPR. As those responsible, we are subject to the legal obligation to make the use of cookies that are not technically necessary dependent on the respective user consent.
For more information about CCM19's use of data, see https://www.ccm19.de/datenschutzerklaerung.html

(8) Youtube

We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is a partnership with Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”) affiliated company.
The function displays videos stored on YouTube in an iFrame on the website. The “Extended data protection mode” option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA.
Data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR out of the legitimate interest in the needs-based and targeted design of our website. For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection information at https://www.youtube.com/t/privacy.

Data protection declaration for tenants of our properties/apartments and those who want to become tenants.

This data protection declaration applies to data processing by 

MIWO Gesellschaft mbH & Co. KG Lotharstraße 106, 53115 Bonn

represented by MIWO Beteiligungsgesellschaft mbH, Lotharstraße 106, 53115 Bonn

Contact

Telephone: +49 (0) 228 91 46 20

Fax: +49 (0) 228 91 46 240

Email: info@miwo.eu

The data protection declaration for those on the Internet presence of MIWO Gesellschaft mbH & Co. KG at the addresses

https://miwo.eu/, https://Burggartenbonn.de and https://www.romhof.de/

The processing of your personal data can be found at the Internet address

https://miwo.eu/dse/ or. https://www.burggartenbonn.de/datenschutzerklrung or. https://www.romhof.de/datenschutzerklrung.

1. Collection and storage of personal data as well as type, purpose and their use

For the purpose of initiating and executing a rental agreement, we collect, if necessary also via the platform at https://www.immobilienscout24.de/ and data provided by you, staggered in terms of the initiation and the degree of initiation If necessary (contact, viewing appointment, specific selection of the tenant, conclusion of the rental agreement) the following data:

  1. First name, last name, address
  2. ID details/residence permit
  3. if necessary. Permit for subsidized housing
  4. Email address, telephone number
  5. Number of persons living in the household
  6. Income status and job/employment relationship
  7. Rent arrears
  8. Opened and ongoing consumer insolvency proceedings
  9. Account details
  10. Pets with the exception of small animals
  11. Amount of rent and operating costs
  12. Consumption data and operating costs according to BetrKV and HeizKV
  13. Data on receipt of rents and operating costs
  14. Correspondence during the rental agreement
  15. if necessary. Creditworthiness data from Creditreform Bonn Trier Rossen Eberhard GmbH & Co. KG

Data processing is required in accordance with Article 6 Paragraph 1 Sentence 1 Letters b and f of the GDPR for the stated purposes and for the mutual fulfillment of obligations arising from the rental agreement.

The tenant's personal data is regularly stored until the expiry of the statutory three-year limitation period (§ 195 BGB) and deleted upon expiry of the period. If we are obliged to store for a longer period of time in accordance with Article 6 Para. 1 Sentence 1 lit 6 Paragraph 1 Sentence 1 Letter a GDPR, these deadlines are relevant. We store certain documents that contain personal data for up to 30 years, for example if there is a legal title or if there is a threat of legal dispute. 

If no rental agreement is concluded with you, the data you provided will be deleted after 6 months at the latest, unless other legal retention periods conflict with this.

An automated decision in individual cases, including profiling within the meaning of Art. 22 GDPR, does not take place.

2. Disclosure of data to third parties

Your personal data will not be passed on to anyone other than the third parties listed below for the purposes listed.

To the extent that this is necessary for the processing of the rental agreement with you in accordance with Article 6 Paragraph 1 Sentence 1 Letter b of the GDPR, your personal data will only be passed on to third parties to the extent necessary and in each individual case.

  1. For the purpose of providing our services to the extent necessary to IT service providers who process this data on our behalf. As part of the rental process, we sometimes also use external IT service providers who, among other things, provide us with platforms, databases or tools (“tools”) for our services (e.g. for communication with interested parties), various contact options or marketing measures.
  2. For the purpose of obtaining credit information from Creditreform Bonn Trier Rossen Eberhard GmbH & Co. KG: (last name, first name, street, house number, zip code, city, date of birth)
  3. For the purpose of opening a rental deposit account with Volksbank Köln Bonn eG (last name, first name, street, house number, zip code, city, date of birth, tax ID)
  4. For the purpose of billing the operating costs, the consumption data for heating/hot water is collected by the commissioned measurement service company. These (and any following) will be forwarded to the commissioned billing company.
  5. For the purpose of fulfilling repair and maintenance obligations for the rental premises, your name and contact details will, if necessary, be passed on to craftsmen/service managers or experts or the respective building insurer and liability insurer for the property.
  6. For the purpose of fulfilling legal claims, other tenants will be granted access to all original receipts and consumption records on which the respective annual statements are based upon their request.

The data passed on may only be used by them for the stated purposes. The personal data may only be passed on to the extent that this is necessary for the proper fulfillment of the rental agreement. Employees and commissioned service providers are obliged to maintain confidentiality and comply with data protection regulations. Data will not be passed on for advertising purposes.

If necessary, a contract for so-called order data processing is concluded with these service providers. We have obliged service providers who do not qualify as processors to maintain confidentiality. We will only share your personal information with third parties if:

a) You have given your express consent to this in accordance with Article 6 Paragraph 1 Letter a) GDPR.

b) This is legally permissible and is necessary in accordance with Article 6 Paragraph 1 Letter b) GDPR to fulfill a contractual relationship with you or to carry out pre-contractual measures.

c) According to Art. 6 Para. 1 lit. c) GDPR there is a legal obligation for the transfer.

d) We are legally obliged to transmit data to government authorities, e.g. tax authorities, social security institutions, health insurance companies, supervisory authorities and law enforcement authorities.

e) The transfer in accordance with Art. 6 Para. 1 lit. f) GDPR is necessary to protect legitimate company interests, as well as to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data have.

f) In accordance with Art. 28 GDPR, we use external service providers, so-called processors, who are obliged to handle their data carefully.

When transferring data to external bodies in third countries, i.e. outside the EU or EEA, we ensure that these bodies treat your personal data with the same care as within the EU or EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection, or if we ensure the careful handling of the personal data through contractual agreements or other appropriate guarantees.

3. Rights of those affected

Upon request, we will provide you with information free of charge in accordance with legal requirements about the status of the personal data collected about you and about the further processing of this data. For example, we correct, block or delete some or all of your personal data in accordance with legal requirements: 

a) Right to information (Article 15 GDPR)

With the right to information, you gain access to the data concerning you or their categories and some other important criteria, such as the purposes of processing or the duration of storage. Please note that your right to information may be restricted under certain circumstances in accordance with legal regulations (e.g. Section 34 BDSG).

b) Right to rectification (Article 16 GDPR)

If the data concerning you is not - or no longer - accurate, you can request correction under the conditions of Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

c) Right to deletion (Art. 17 GDPR)

You can request the deletion of your personal data under the conditions of Art. 17 GDPR. Your right to deletion may be limited, for example, by the fact that we still need the data to fulfill legal retention obligations. If we have made your personal data public, you may also have a “right to be forgotten”. You can request proportionate measures to ensure that we inform other responsible parties about your request for deletion. Please note that your right to deletion may be restricted under certain circumstances in accordance with legal regulations (e.g. Section 35 BDSG).

d) Right to restriction of processing (Article 18 GDPR)

Under the conditions of Art. 18 GDPR, you can request the restriction of processing. We mark your stored personal data with the aim of restricting its future processing. You can refer to this right, for example, in the review phase of other rights management.

d) Right to information (Art. 19 GDPR)

If rights are exercised, we will inform all recipients of the correction, deletion or restriction of processing under the conditions of Article 19 GDPR. Upon request, we will inform you about these recipients.

e) Right to data portability (Article 20 GDPR)

You are entitled to receive the personal data concerning you from us in a common, machine-readable format under the conditions of Article 20 GDPR. You can also request that the data be forwarded directly to another person responsible, provided this is technically feasible.

f) Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1 Letter f of the GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 of the GDPR, provided there are reasons for doing so. that arise from your particular situation. If you exercise your right to object, please contact the person responsible at the address given above

g) Right of withdrawal

In accordance with Article 7 Paragraph 3 of the GDPR, you have the right to revoke your consent to us at any time. This means that we are no longer allowed to continue data processing based on this consent in the future.

h) You can also complain to a supervisory authority in accordance with Art. 77 GDPR. The supervisory authority responsible for us is the 

    State Commissioner for Data Protection and Freedom of Information for North Rhine-Westphalia

    Cavalry Street 2-4

    40213 Düsseldorf

    Tel.: +49 211 38424-0

    Fax: +49 211 38424-10

    Email: poststelle@ldi.nrw.de