Data protection

Tattersall Lorenz Immobilienmanagement GmbH takes the protection of your personal data very seriously. When you use this website, various personal data is collected with which you can be personally identified. We treat your personal data (defined according to Art. 4 (1) GDPR) confidentially and in accordance with the statutory data protection regulations. This privacy policy explains what data we collect, what we use it for, how and for what purpose.

1. Basic information on data processing

We collect, process and use personal data of users only in compliance with the relevant data protection regulations. This means that the data of the users will only be used if there is a legal permission or consent. We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and thus to protect the data managed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

In the course of the GDPR, the following information obligations are imposed on us, as the person responsible for the data processing of personal data. In accordance with Articles 13 and 14 GDPR, we therefore inform you about the following points.


1.1. Name and address of the person responsible
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Tattersall Lorenz Immobilienmanagement GmbH
Karl-Heinrich-Ulrichs-Strasse 24
10785 Berlin, Germany
Germany
Phone: 030 45805890
E-mail: info@tattersall-lorenz.de
Website: www.tattersall-lorenz.de

1.2.  Name and address of the data protection officer
The data protection officer of Tattersall Lorenz Immobilienmanagement GmbH  can be reached at datenschutzbeauftragter@tattersall-lorenz.de.

1.3. Scope of processing of personal data
In principle, we process personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.

1.4. Purpose of the processing of personal data

Provision of information to customers, prospects, suppliers and business partners

1.5. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

1.6. Duration of data storage

After the purpose of the data processing has ceased to exist and the statutory retention periods have expired, your personal data will be deleted. As a rule, there are 6- or 10-year retention obligations for companies.

If the storage is based on your consent, we will delete your personal data if you revoke your consent.

1.7. Recipients of your personal data

In our company, only those employees who need this data to perform their tasks receive access to your personal data to the extent necessary. All employees are committed to confidentiality and data protection.

Service providers used may receive your data to fulfil the purposes described if they meet the confidentiality requirements under data protection law. These can be, for example, companies in the following categories: IT services, printing and shipping services, data destruction, service providers for credit checks, banking/banking service providers. These service providers are so-called AV service providers (processors), who are particularly contractually obliged according to legal requirements.

Public institutions, e.g. tax offices, will only receive your personal data if legally binding. There are obligations to do so.

Your data will not be transferred outside the EU/EEA.

2. Hosting and Content Delivery Networks (CDN)

2.1. Hosting
ALL-INKL.COM - New Media Münnich
We host our website at ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf (hereinafter: ALL-INKL).
When you visit our website, ALL-INKL collects  various log data, such as your IP address, browser type and browser language, as well as the date and time you accessed the website. Jimdo also stores cookies. This data is used for the analysis and maintenance of the technical operation of the website as well as for the fight against misuse.  The use of ALL-INKL is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Order processing
We have concluded a contract for order processing (DPA) with the above-mentioned provider.  This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

2.2. Content Delivery Networks (CDN)
CDN77
We use the Content Delivery Network CDN77. The provider is DataCamp Limited, 207 Regent Street, London W1B 3HH, United Kingdom.
CDN77 offers a globally distributed content delivery network. Technically, the transfer of information between your browser and our website  is  routed via the CDN77 network.  This allows us to increase the worldwide accessibility and performance of our website.  The use of CDN77 is based on our legitimate interest in providing our website as error-free and securely as possible (Art. 6 para. 1 lit. f GDPR).

Bunny CDN
We use the Content Delivery Network Bunny CDN. Provider is BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia.
Bunny CDN offers a globally distributed content delivery network. Technically, the transfer of information between your browser and our website is routed via the Bunny CDN network  . This allows us to increase the worldwide accessibility and performance of our website. The use of Bunny CDN is based on our legitimate interest in providing our website as error-free and securely as possible (Art. 6 para. 1 lit. f GDPR).

2.3. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6 (1) (f) GDPR.

2.4. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The storage in log files takes place to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.

2.5. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

2.6. Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

 

3. Matomo

This website uses the open source web analysis service Matomo.

3.1 Purpose of data processing
Matomo uses technologies that enable the cross-page recognition of the user for the analysis of user behavior (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before storage. With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us to find out, among other things, when which page views were made and from which region they come. In addition, we collect various log files (e.g. IP address, referrer, browsers used and operating systems) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.). The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

You have the option of preventing actions you have taken here from being analyzed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improve usability for you and other users.

 

3.2. IP anonymization
When analyzing with Matomo, we use IP anonymization. Your IP address is shortened before the analysis, so that it can no longer be clearly assigned to you.

3.3.  Hosting
We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on. For more information, see: https://matomo.org/docs/privacy .

4. Personio for the application process

We use the "Personio" service. The provider is Personio GmbH & Co. KG, Rundfunkplatz 4, 80335 Munich.

4.1 Purpose of data processing
We use Personio to integrate job advertisements into our homepage. When you access our job advertisements, a connection is established between your browser and the company Personio. Personio stores a cookie required for the display of the website in your browser, which is deleted after the end of the session. Cookies are text files that are stored on your computer and that enable an analysis of your use of the website. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

4.2. Legal basis for data processing
The use of Personio on our homepage is based on our legitimate interest (Art. 6 para. 1 f DSGO).  The website operator has a legitimate interest  in an application processwith applicants that is as uncomplicated as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Information on data protection at Personio and for the application process can be found via the following link: https://talyopropertyservices.jobs.personio.de/privacy-policy?language=de
We have concluded a contract for order processing (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

4.3. Duration of data storage
Application documents will be deleted no later than 6 months after rejection. If the storage is based on your consent, we will delete your personal data if you revoke your consent.

5. TLS encryption

This site uses TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

6. Cookies

Diese Cookie-Tabelle wurde erstellt und aktualisiert von der CookieFirst consent management platform.
 

 

7. Consent Manager

Cookiefirst
Our website uses Cookiefirst to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document them in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V., Plantage Middenlaan 42a, 1018DH, Amsterdam (NL) (hereinafter "Cookiefirst").
When you enter our website, a connection to cookiefirst's servers is  established in order to  obtain your consent and other explanations of cookie use. Cookiefirst then stores  a cookie in your browser in order to be able to assign the consent given to you or their revocation. The data collected in this way will be stored until you ask us to delete it, delete the Cookiefirst cookie yourself or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected.  Cookiefirst is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

Order processing
We have concluded a contract for order processing (DPA) with the above-mentioned provider.  This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

8.Handling of application data

We offer you the opportunity to apply to us (e.g. by e-mail, post or via online

Application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated as strictly confidential.

 

8.1. Scope and purpose of data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.), insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in the processing of your application.  If the application is successful, the data you submit will be stored in  our data processing systems on the basis of §  26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of carrying out the employment relationship.

 

8.2. Retention period of data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to store the data transmitted by you with us on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application).  The data is then deleted and the physical application documents are destroyed. The storage serves in particular for purposes of proof in the event of a legal dispute. If it is apparent that the data will be required after expiry of the 6-month period (e.g. due to an imminent or pending legal dispute), deletion will only take place if the purpose for further storage no longer applies.  Longer storage can also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.

 

8.3. Inclusion in the applicant pool

If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.  Admission to the applicant pool takes place exclusively on the basis of your express consent (Art. 6 para. 1 lit. a GDPR). The submission of consent is voluntary and bears no relation to the ongoing application process. The data subject can revoke his consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal reasons for retention. The data from the applicant pool will be  irrevocably deleted  no later than two years after the consent has been given.

 

9. What rights do you have unter the GDPR?

The aim of the GDPR is to ensure the greatest possible control and transparency over your personal data as a data subject. In order for you to effectively exercise control over your data, you have the following rights vis-à-vis us:

  • Right of access pursuant to Article 15 of the EU GDPR,
  • the right to rectification in accordance with Article 16 of the EU GDPR,
  • the right to erasure in accordance with Article 17 of the EU GDPR,
  • the right to restriction of processing pursuant to Article 18 of the EU GDPR
  • the right to object under Article 21 of the EU GDPR.

 

9.1. Right to object

You have the right to object to the data storage of your personal data at any time. With the use of your right of objection, no data will be used, unless these are absolutely necessary for the assertion, exercise or defense of legal claims.

 

For our direct advertising (e.g. real estate offers by e-mail), personal data is required, the use of which you can object to at any time without comment. The data will no longer be processed for this purpose immediately after your objection. This right can be exercised informally using the contact details mentioned above.

 

In connection with the use of information society services, you have the possibility – notwithstanding Directive 2002/58/EC – to exercise your right to object by automated means using technical specifications.

 

9.2 Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR.

 

Contact: Berlin Data Protection Officer, Friedrichstraße 219, 10969 Berlin, mailbox@datenschutz-berlin.de

 

9.3. Right to data portability

The right to data portability pursuant to Art. 20 is only relevant when visiting our website if you have the opportunity to create a profile (e.g. applicant profile, member profile, etc.) or to enter corresponding information about yourself.

10. Our social media appearances

10.1. Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

 

10.2. Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

 

10.3. Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

 

10.4. Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.

We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).

 

10.5. Individual social networks

XING

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on their handling of your personal data can be found in the XING Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

 

LinkedIn

We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

 

If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.

For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

11. Report Information Security Incident


To report information security / or data protection incidents, please send an e-mail to ism@tattersall-lorenz.de stating the specific facts - we will get back to you without being asked.

This address is not for contacting us for other matters, these will not be answered. We ask for appropriate attention.

Status:  25/04/2023