IMMOVATE Realita GmbH data privacy declaration
We take data privacy very seriously
Protecting your privacy while processing personal data is vitally important to us. When you visit our website, it is standard practice for our webservers to save the IP address of your internet service provider, the website from which you came to our website, the particular web pages that you visit while with us and the date and duration of your visit. This information is absolutely necessary in order to be able to provide the web pages from a technical perspective and to operate the server securely. There will not be a personalised analysis of this data.
If you send us data using the contact form, this data will be stored on our servers as part of data protection. Your data will be used only for the purpose of processing your query. Your data will be handled with the utmost confidentiality. This data will not be transferred to third parties.
Company: IMMOVATE Realita GmbH
Address: Wipplingerstrasse 1/1. Top floor, 1010 Vienna, Austria
E-mail: [email protected]
Data protection officer
In accordance with Article 37 of the GDPR, we are not required to appoint a data protection officer.
Personal data is data about you as an individual. This includes your name, address and e-mail address. You are not required to disclose any personal data in order to visit our website. In some cases, we may need your name and address in addition to other information to offer you the service you are looking for.
This also applies if we are supplying you with the information you request and/or if we are answering your queries. In these cases, we will always notify you of this. Otherwise, we save only the data that you automatically or voluntarily transfer to us.
When you use our services, we generally collect only the data that is necessary in order to offer you these services. We may ask you for more information but this would be in a voluntary capacity. Whenever we process personal data, we do this in order to enable us to offer you our services or in order to pursue our commercial aims.
Automatically stored data
The website provider automatically collects and stores information in server log files that your browser transfers to us automatically. These are the:
- Date and time of the request
- Name of the file requested
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- Web browser and operating system used
- Full IP address of the requesting computer
- Amount of data transferred
This data is not merged with other data sources. Data processing occurs in accordance with Article 6 (1) (f) of the GDPR, based on our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, particularly to protect against attempted attacks on our webserver, we store this data for a short period of time. We are not able to infer the identity of individual persons from this data. After seven days at the latest, this data is anonymised by abbreviating the IP address at the domain level so that it is no longer possible to establish a link to the individual user. Meanwhile, the data is processed in an anonymised form for statistical purposes; this data is not compared with other databases or passed on to third parties, even partially. There will only be a presentation of the number of web page visits as part of our server statistics, which we publish every two years in our progress report.
If you visit our web pages, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an internet server to your browser and stored on its hard drive. This stores only the Internet Protocol (IP) address – no personal data is stored. The information that is stored in cookies makes it possible to recognise you automatically the next time you visit our website, which also makes using the website easier for you. The legal basis for using cookies is our legitimate interest in accordance with Article 6 (1) (f) of the GDPR.
Google Tag Manager
This website uses Google Tag Manager. The Tag Manager does not gather personal data. This tool ensures the activation of other tags that sometimes collect data on your end. Google Tag Manager does not access this data. If deactivation takes place at the domain or cookie level, this will remain in force for all tracking tags implemented using Google Tag Manager. Google’s data privacy information about this tool can be found here: https://www.google.com/analytics/tag-manager/use-policy/
Use of Google Analytics with an anonymisation function
On our website, we use Google Analytics, a web analysis service from the company Google Inc., 1600 Amphitheatre Parkway, Mountain View CA 94043, USA, hereinafter referred to as “Google”. Google Analytics uses what are known as “cookies”, which are text files that are stored on your computer and allow analysis of your use of the website.
The information produced by these cookies, e.g. time, place and frequency of your website visits (along with your IP address), is transferred to Google in the USA and stored there.
On our website, we use Google Analytics with the addition “_gat._anonymizeIp”. As part of this, your IP address will be shortened and thus anonymised by Google while still within the member states of the European Union or in other contractual States of the Agreement on the European Economic Area.
Google will use this information to analyse your use of our website in order to compile reports about website activities for us and to perform additional services associated with website and internet usage. Google may also transfer this information to third parties, if this is legally required or if third parties are processing the data on behalf of Google.
Under no circumstances will Google connect your IP address with other Google data, according to their own statements. You can prevent the installation of cookies by changing the relevant setting in your browser software; however, we draw your attention to the fact that if you do so, you may not be able to make full use of all the functions offered on our website.
If you visit our website using a mobile device (smartphone or tablet), you will instead have to click on the deactivation button below, under Section 9 of this page, in order to prevent Google Analytics from tracking you on this website in future. This is also possible as an alternative to the browser add-on above. By clicking the link, an opt-out cookie that is only valid for this browser and this domain will be placed on your browser. If you delete the cookies in this browser, the opt-out cookie will also be deleted so you will have to click the link again.
This deactivates tracking services by both Google Analytics and Facebook on this website.
Please note: This setting shall remain in force for all subsequent visits. However, you must select this setting again in every browser and every device and whenever you delete your browser cache.
Use of the Facebook Custom Audience pixel
In order to show visitors to our website interest-based advertisements when they visit Facebook, we use the Custom Audiences pixel by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). For this purpose, we have activated a Facebook pixel on our website that creates a direct connection to Facebook servers when our website is visited. This informs the Facebook server that you have visited our website and Facebook matches this information with your personal Facebook user account. More information about Facebook’s collection and use of data, as well as about your rights and options in relation to this for protecting your privacy, can be found in Facebook’s data privacy information at https://www.facebook.com/about/privacy/.
If you would like to object to the Facebook connection described above, you can do this by clicking the button at the bottom of this declaration.
Use of LinkedIn conversion tracking
On our website, we use conversion tracking functions from the LinkedIn network. LinkedIn is a service provided by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. This makes it possible to show you relevant advertising based on your interests. Furthermore, we receive aggregate and anonymous reports about advertisement activities and information about how you interact with our website.
Details about data collection by LinkedIn, as well as your rights and settings options, can be found in LinkedIn’s data privacy information. You can find this here: http://www.linkedin.com/legal/privacy-policy
If you object to your usage behaviour being analysed by LinkedIn and to being shown interest-based recommendations, you can always opt out by clicking on the “Opt Out on LinkedIn” button (for LinkedIn members) or the “Opt Out” button (for other users) via the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Use of Google Maps
This website uses Google Maps to show maps and create route maps.
Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View CA 94043, USA.
By using our website, you agree to allow Google, one of Google’s representatives or a third-party provider to record, process and use automatically collected data and data entered by you.
The terms of service for Google Maps can be found here.
The data privacy declaration for Google Maps can be viewed here.
Online job application
Your application details will be collected and processed electronically by us for the purpose of handling the application process. If your application should result in concluding an employment contract, we can store the data you transferred in your personnel file for the purpose of conducting typical organisational and administrative processes in compliance with the pertinent legal regulations.
If your job application is rejected, the data you transferred will be deleted automatically two months after you are notified of the rejection. This does not apply if it is necessary to store the data for a longer period as a result of legal requirements (e.g. the burden of proof as per the General Act on Equal Treatment) or if you have given express permission for it to be stored for a longer period in our prospective employee database.
We have implemented technical and administrative security measures in order to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees, as well as service providers working for us, are bound by the applicable data privacy laws.
Whenever we collect and process your personal data, it will be encrypted before being transferred. This means that your data cannot be misused by third parties. Our security measures are also subject to constant improvement processes and our data privacy declarations are continuously reviewed. Please ensure that you have the latest version.
Information about collecting your data in accordance with Article 13 of the GDPR
1. What data is processed and where does this data come from?
We process the data that we receive from you when drawing up and executing the contract on the basis of the consent provided, or as part of your application/employment.
Personal data includes:
Your key data/contact details, which for clients includes information such as first and surname, address, contact details (e-mail address, phone number, fax), bank details, photograph.
For applicants and employees, this includes information such as first and surname, address, contact details (e-mail address, phone number, fax), date of birth, details from the CV and employer references, bank details, religious affiliation, photograph.
For business partners, this includes information such as the name of their representatives in legal transactions, company name, commercial register number, VAT ID number, company number, address, the contact details for the point of contact (e-mail address, phone number, fax), bank details.
Furthermore, we also process the following other personal data:
- Information about the type and content of contract details, order details, sale and receipt data, client and supplier history and advisory documents
- Marketing and sales data
- Information from your electronic communication with us (e.g. IP address, log-in details)
- Other data that we receive as part of our business relationship (e.g. in client meetings)
- Data that we generate ourselves from key data/contact details or from other data sources, such as analyses of client requirements and potential
- Documents for your declaration of consent to receive, for example, newsletters
- Photographs from events
2. For what purposes and on what legal basis is the data processed?
We process your data in compliance with the provisions of the currently applicable versions of both the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 (Bundesdatenschutzgesetz):
- In order to fulfil (pre)contractual obligations (Art. 6 (1) (b) GDPR):
Your data is processed online or in one of our branches to execute the contract of your employment with our company. In particular, the data is processed when initiating business transactions and realising contracts with you.
- In order to fulfil legal obligations (Art. 6 (1) (c) GDPR):
It is necessary to process your data for the purpose of fulfilling various legal obligations, e.g. obligations from the Austrian Commercial Code (Handelsgesetzbuch) or the Fiscal Code of Austria (Abgabenordnung).
- In order to protect legitimate interests (Art. 6 (1) (f) GDPR):
After weighing up the interests at stake, data processing may take place beyond the actual execution of the contract in order to protect the legitimate interests of us or of third parties. Data processing for the protection of legitimate interests may take place, for example, in the following cases:
- Advertising or marketing (see no. 4)
- Measures for business management and further development of services and products
- Maintaining a company-wide client database in order to improve customer service
- As part of legal prosecution
- Based on your consent (Art. 6 (1) (a) GDPR):
If you have consented to your data being processed, e.g. to being sent our newsletter, the publication of photos, etc.).
3. Who will receive my data?
If we employ a service provider for the purpose of processing orders, we shall nevertheless remain responsible for the protection of your data. All order processors have a contractual obligation to treat your data as confidential and to process it only within the scope of providing the service. The order processors we commission shall receive your data if they require it in order to complete the tasks assigned. For instance, these include IT service providers that we require for the operation and security of our IT system, as well as commercial and directory publishers for our own marketing campaigns.
Your data is processed in our client database. The client database helps to increase the data quality of the existing client data (clearing up duplicates, marking those who have moved to a new address/passed away, correcting addresses) and makes it possible to augment the data with data from public sources.
This data is made available to affiliated companies if this is necessary for executing the contract. Client data is stored separately and according to the company, for which our parent company functions as a service provider for the individual participating companies.
If there is a legal obligation or as part of legal prosecution, authorities, courts and external auditors may receive your data.
Furthermore, for the purpose of drawing up and executing the contract, insurance companies, banks, credit agencies and service providers may receive your data.
4. Processing personal data for marketing purposes
You can raise an objection to the use of your personal data for marketing purposes in general or for individual measures at any time, without incurring transmission costs beyond the basic tariffs.
In accordance with the legal requirements of Article 7 (3) of the Act Against Unfair Competition (UWG), we are entitled to use your e-mail address, provided to us when the contract was signed, for direct marketing of our similar products or services. You will receive these product recommendations from us regardless of whether you have subscribed to the newsletter.
If you would not like to receive such e-mail recommendations from us, you can raise an objection to the use of your e-mail address for this purpose at any time, without incurring transmission costs beyond the basic tariffs. Informing us of this in writing is sufficient for this purpose. Of course, a link to unsubscribe is also provided in every e-mail.
5. For how long will my data be stored?
We process your data until the end of the business relationship or until the expiry of the applicable legal retention period (as specified in the Austrian Commercial Code, the Fiscal Code of Austria, the Nursing Home Act (Heimgesetz) or the Working Hours Act (Arbeitszeitgesetz)), and beyond this until the conclusion of any legal disputes for which the data is required as evidence.
6. Will my personal data be transferred to a third country?
Generally, we do not transfer any data to third countries. In individual cases, data may be transferred only on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees or your explicit consent.
7. What data privacy rights do I have?
You have the right to access, rectify, erase or restrict processing of your stored data at any time. You also have a right to object to the processing, a right to data portability and a right to make a complaint in accordance with the provisions of the Data Protection Act.
Right to access:
You can demand that we inform you of whether and to what extent we process your data.
Right to rectification:
If we process data of yours that is incomplete or inaccurate, you can demand that we rectify this or complete it, at any time.
Right to erasure:
You can demand that we delete your data, provided that we are processing the data unlawfully or the processing encroaches excessively on your legitimate interests in protection. Please be aware that there may be reasons that prevent immediate erasure, e.g. in the event of legally regulated retention obligations.
Independently of recognising your right to erasure, we will erase your data completely and immediately provided there is no transactional or legal retention obligation on this matter.
Right to restriction of processing:
- You can demand that we restrict the processing of your data if
- you contest the accuracy of the data, first allowing us a period to review the accuracy of the data
- the data processing is unlawful but you decline the right to erasure and instead demand restriction of data usage
- we no longer require the data for the intended purpose but you still require the data for asserting or defending legal claims, or
- you have filed an objection to the data processing.
Right to data portability:
You can demand that we provide you with the data that you disclosed to us, in a structured, common and machine-readable format and that you can transfer this data to another data controller without us impeding this if
- we are processing the data on the basis of a retractable agreement granted by you or in order to execute a contract between us, and
- this processing is taking place using automated processes.
If it is technically feasible, you can demand that we transfer your data directly to another data controller.
Right to object:
If we are processing your data on the basis of a legitimate interest, you can file an objection against this data processing at any time. This also applies to profiling based on these regulations. Following this, we will no longer process your data unless we can prove compelling grounds for the processing that should be protected and that outweigh your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without providing reasons.
Right to complain:
If you believe that we are violating the German Data Protection Act or European Data Protection Regulation when processing your data, we would ask you to contact us in order to answer any questions. Naturally, you also have the right to approach your appropriate supervisory authority, the data protection authority.
If you would like to assert one of these rights against us, please contact us at [email protected]. If in doubt, we may ask you for additional information in order to confirm your identity.
8. Do I have an obligation to provide data?
Processing your data is necessary in order to conclude and perform the contract you enter into with us. If you do not provide us with this data, we will generally have to decline to conclude the contract or we will no longer be able to perform an existing contract and will therefore have to terminate it. However, you do not have an obligation to consent to data processing with regard to data that is not relevant to or legally required for the completion of the contract.
9. Deactivate cookies on this website
Tracking is currently activated. Deactivate it now.
In doing so, you deactivate all of the cookies that we require on this website to optimise our services.
Please note: This setting shall remain in force for all subsequent visits. However, you must select this setting again in every browser and every device and whenever you delete your browser cache.
Changes to this data privacy declaration
We reserve the right to change our data privacy declarations if this should become necessary as a result of new technologies. Please ensure that you have the latest version. If fundamental changes are made to this data privacy declaration, we shall announce this on our website.
For questions concerning data privacy, all interested parties and visitors to our website can reach us at:
IMMOVATE Realita GmbH
Wipplingerstrasse 1/Top floor
1010 Vienna, Austria
Tel.: +43 1 5320872
E-mail: [email protected]