I. What is Personal Data?

Personal data means any information relating to an identified or identifiable natural person (Art. 4 (1) of the EU General Data Protection Regulation – “GDPR”); this includes details such as your name, email address, postal address or telephone number.  

Who is responsible for processing your personal data?

The controller within the meaning of the GDPR and other national data protection laws of the Member States as well as other data protection provisions is:

For Fürstenerker GmbH & Co. KG,
Nikolaistraße 1, D-04109 Leipzig

Telefon: +49 341 477 25 07

E-Mail: info[at]fuerstenkerker-leipzig.de

Contact details of the Data Protection Officer

Our Data Protection Officer can be reached at the following contact details:

Data Protection Officer

For Fürstenerker GmbH & Co. KG,
Nikolaistraße 1, D-04109 Leipzig

Telefon: +49 341 477 25 07

E-Mail: datenschutz[at]fuerstenerker-leipzig.de

Purpose and Legal Bases of Processing, and Duration of Storage

Below we inform you about the various purposes for which we process personal data, the legal basis on which such processing is carried out, and how long we store the data. The legal basis in connection with the processing of personal data is Article 6 (1) GDPR. We adhere to the principles of data minimisation and data avoidance and therefore store your personal data only for as long as is necessary to achieve the purposes stated in the GDPR or as long as storage is required by statutory retention periods. Once the relevant purpose ceases to apply or such periods expire, the corresponding data will routinely be blocked or deleted in accordance with statutory provisions.  

1. Data Processing When Using Our Website and in the Course of Our Activities as a Capital Management Company  
2. General Access to Our Website

Each time our website is accessed, we automatically collect data and information from the device used to access the site and store these data and information in the server log files. The following may be collected: 1. the browser types and versions used, 2. the operating system used by the accessing system, 3. the website from which an accessing system reaches our website (the “referrer”), 4. the subpages accessed via an accessing system on our website, 5. the date and time of access, 6. an Internet Protocol (IP) address, 7. the Internet service provider of the accessing system, and 8. other similar data and information that serve to avert danger in the event of attacks on our IT systems. For security purposes – i.e. to be able to trace attacks on our platforms – we store these data, including the IP address, for a period of 14 days and thereafter anonymise the IP addresses or delete the data. The IP address is required during the connection in order to transmit the contents of our platform to your browser. The legal basis for the processing and subsequent storage of the IP address is our legitimate interest pursuant to Article 6(1)(f) GDPR. The legitimate interest in transmitting the IP address lies in the fact that this is necessary for the display of our platform’s content; without it, the website cannot be displayed. Our legitimate interest in limited storage is based on our security interests. 

Contact Form and Email Contact

Our website contains contact forms which can be used for electronic communication. By clicking the “Send” button, you consent to the transmission of the data entered in the input mask to us. We additionally store the date and time of your enquiry.

Alternatively, it is possible to contact us via the email address provided. In this case, the personal data transmitted with the email and our reply will be stored. The personal data voluntarily provided to us in this context are used to process your enquiry and to establish contact with you. The legal basis for the transmission of the data is your consent under Article 6 (1) (a) GDPR. We use the data for this purpose until the respective conversation with you has ended. The conversation is deemed to have ended when it can be inferred from the circumstances that the relevant matter has been conclusively clarified.  

To ensure a high level of security in line with current standards, we use SSL encryption. You can easily recognise when encryption is active: the display in your browser bar changes from “http://” to “https://”. Data encrypted via SSL cannot be read by third parties. Please only transmit confidential information when SSL encryption is activated, and contact us by alternative means if in doubt. 

Disclosure of Data to Third Parties

Personal data will be disclosed to third parties if:

• the data subject has expressly consented in accordance with Article 6 (1) (a) GDPR,
• disclosure is necessary for the establishment, exercise or defence of legal claims pursuant to Article 6 (1) (f) GDPR and there is no reason to assume that the data subject has an overriding legitimate interest in non-disclosure,
• there is a legal obligation for disclosure pursuant to Article 6 (1) (c) GDPR, and/ or
• this is necessary for the performance of a contractual relationship with the data subject pursuant to Article 6 (1) (b) GDPR.

In all other cases, personal data will not be disclosed to third parties.

Data Processing Concerning Entrepreneurs or Employees of Companies

In the course of our activities, we conduct a wide variety of business relating to property and capital investment. In this context, we process personal data of entrepreneurs (insofar as the entrepreneur is a natural person) or of employees of companies. The respective companies or entrepreneurs may be in a contractual or pre-contractual relationship with us; in some cases, however, we may also process data of companies and their employees without such a relationship existing. 

In the following sections we inform you of the purposes, the relevant legal basis, the storage periods for such processing of entrepreneurs or employees of companies, as well as the data categories, insofar as we do not collect the personal data directly from the data subject. The data are deleted once they are no longer required for the achievement of the respective purpose, i.e. when no contract with the business partner or customer exists, and we also no longer intend to enter into such a contract, no legitimate interest exists, and we are otherwise not legally obliged to retain records in which personal data may be contained. 

Data Processing for the Purposes of Contract Administration and Preparation

We process personal data for the purposes of contract administration – i.e. to enable us to provide our business partners or customers with the contractual services – as well as for the purposes of preparing corresponding contracts. Where the business partner or customer is a natural person, the legal basis is that the processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 (1) (b) GDPR. If we process personal data of employees of the business partner or customer, the legal basis is our legitimate interest pursuant to Article 6(1)(f) GDPR. Our legitimate interest lies in the conduct of our business activities and those of the business partner or customer. There is no overriding interest of the data subject to the contrary, as from the perspective of our business partner or customer the processing by us is necessary within the framework of the existing employment relationship with the data subject (§ 26 German Federal Data Protection Act – BDSG).  

For this purpose, we store personal data for the term of the contract. In addition, we retain accounting records for ten years and business correspondence – i.e. any communication concerning the preparation, execution or reversal of a transaction – for six years in order to comply with our statutory retention obligations pursuant to § 257 (1) (2) German Commercial Code (HGB) and § 147 German Fiscal Code (AO). The retention period begins at the end of the calendar year in which the business correspondence was received or sent, or the accounting record was created. The legal basis for this retention is Article 6 (1) (c) GDPR.

Business and Customer Care

We process the personal data obtained in the context of our activities from our business partners or customers, prospective customers, or their employees acting as contact persons, during the initiation, conclusion and execution of a contract, as well as after termination of a contract or in cases where no contract is concluded. This is done for the purpose of business and customer care, and in order to be able to offer appropriate services based on previous contractual relationships, offers or enquiries should the business partner, customer or prospective customer contact us again. The legal basis is our legitimate interest pursuant to Article 6 (1) (f) GDPR. Our legitimate interest lies in the conduct of our business operations. For this purpose, we store personal data as long as we assume that the respective customer may in future enter into a new or initial contract with us. This is the case until the respective business partner, customer or prospective customer explicitly declares that they will under no circumstances enter into a contract with us. 

II. Cookies and Similar Technologies

We use cookies on our websites. Cookies are text files that are placed and stored on a computer system via an internet browser. We use such cookies both as a technical means of providing services on our websites (e.g. enabling certain functionalities) and to analyse the behaviour of visitors in order to make our services more user-friendly. For these purposes, we may also employ other techniques, such as tracking pixels or embedded code in apps.  

Some of the cookies we use are deleted again after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser on your next visit (persistent cookies).  

You can find out the exact storage period of a cookie by viewing the respective cookie in your browser. You may configure your browser to inform you whenever cookies are set and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, or to activate automatic deletion of cookies when closing the browser. If you do not accept cookies, the functionality of our website may be restricted. Below we explain the specific cookies and similar technologies we use:  

1. Technically Necessary Cookies

We use technical cookies, i.e. those required solely to record certain information on our websites in order to provide a service requested or desired by you as a user. This includes navigation or session cookies that allow smooth navigation and use of the website (e.g. access to restricted areas); analytics cookies set directly by us to gather aggregated information on visitor numbers and user behaviour; and functional cookies that enable navigation according to certain criteria in order to optimise our service.

The legal basis for these cookies is our legitimate interest pursuant to Article 6 (1) (f) GDPR, namely the pursuit of our business purposes.

2. Cookies and Technologies Provided by Third Parties

In various areas we also use cookies or other technologies provided by external suppliers. Below we inform you about the respective providers and how you can object to the use of such cookies or technologies.

III. Use of Google Services

Google Analytics 

We use Google Analytics on our websites, a web analytics service of Google Inc. (“Google”). Google Analytics also uses cookies (see Section II). The information generated by the cookie about your use of this website is generally transmitted to a Google server in the United States and stored there.  

If IP anonymisation is activated on this website, your IP address will first be shortened by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services relating to website and internet usage for the website operator. The IP address transmitted by your browser within the framework of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser software accordingly; however, please note that in this case you may not be able to use all the functions of this website in full. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google,

by downloading and installing the browser plugin available via the following link: Browser Add-on for Deactivation of Google Analytics. Browser-Add-on zur Deaktivierung von Google Analytics.

In addition, you can prevent collection by Google Analytics by clicking on the following link. An opt-out cookie will then be set, preventing the future collection of your data when visiting this website: Deactivate Google Analytics. Google Analytics deaktivieren

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html bzw. unter https://www.google.com/intl/de/analytics/privacyoverview.html

We point out that on this website Google Analytics has been extended by the code “gat._anonymizeIp();” in order to ensure anonymised collection of IP addresses (so-called IP masking). The legal basis for the use of Google Analytics is our legitimate interest pursuant to Article 6 (1) (f) GDPR, namely the pursuit of our business purposes.

Google Maps

Fürstenerker GmbH & Co. KG uses the Google Maps API service to display the company’s location and to make it easier to find us. Please note that when using Google Maps, Google also collects, processes, and uses data about visitors’ use of the map functions.

Detailed information on data processing by Google can be found in Google’s privacy notices,where you can also adjust your personal privacy settings in the Privacy Centre.

External References and Links

Our website may contain references to external providers and social networks such as Facebook, Twitter, Xing and LinkedIn. Links to content provided by external providers are to be distinguished from our own content. By setting a link to third-party websites (“hyperlinks”), we do not adopt those websites or their content as our own, since we cannot continuously control the content of those pages. Furthermore, the company is not responsible for the availability of these websites or their content. The use of such hyperlinks to these contents is at the user’s own risk.

We accept no liability for direct or indirect damage arising for the user from the use of the information on these websites or their existence, nor for the freedom from viruses of the information accessed by the user. 

Rights of the Data Subject

If personal data concerning you are processed, you are a “data subject” within the meaning of the GDPR and you have the following rights in relation to the controller:

Right of Access

You may request confirmation from us as to whether personal data concerning you are being processed. Where this is the case, you may request information on:

1. the purposes for which the personal data are processed;
2. the categories of personal data concerned;
3. the recipients or categories of recipients to whom the personal data have been or will be disclosed;
4. the envisaged period for which the personal data will be stored, or, if specific information is not possible, the criteria used to determine that period;
5. the existence of the right to request rectification or erasure of your personal data, the right to restrict processing by the controller, or the right to object to such processing;
6. the existence of a right to lodge a complaint with a supervisory authority;
7. any available information on the origin of the data, where the personal data are not collected from you;

whether your personal data are transferred to a third country or an international organisation; in such cases, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.

Right to Rectification and Restriction of Processing

You have the right to obtain from the controller without undue delay the rectification of inaccurate or the completion of incomplete personal data concerning you. Under certain conditions, you may also request the restriction of processing of your personal data.

Right to Erasure

You have the right to obtain from us the erasure of personal data concerning you without undue delay, unless an exception applies, where one of the following grounds applies: 

1. the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
2. you withdraw your consent on which the processing was based according to Article 6 (1) (a) or Article 9 (2) (a) GDPR and there is no other legal basis for the processing;
3. you object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) GDPR;
4. the personal data have been unlawfully processed;
5. the personal data must be erased for compliance with a legal obligation under Union or Member State law to which we are subject;
6. the personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.

Where we have made personal data public and are obliged pursuant to Article 17 (1) GDPR to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure of any links to, or copies or replications of, those personal data.

Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from us, provided that:

1. the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) GDPR, or on a contract pursuant to Article 6 (1) (b) GDPR, and
2. the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. The rights and freedoms of others must not be adversely affected thereby.

This right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Right to Object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Article 6 (1) (e) or (f) GDPR, including profiling based on those provisions.

We shall then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of such data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

You also have the option, in connection with the use of information society services (notwithstanding Directive 2002/58/EC), to exercise your right to object by automated means using technical specifications. You further have the right, on grounds relating to your particular situation, to object to the processing of your personal data for statistical purposes pursuant to Article 89 (1) GDPR.

Right to Withdraw Consent

You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR. 

Reservation of Changes / Updates to this Privacy Policy

We reserve the right to amend this privacy policy in compliance with the applicable data protection provisions. The current version can be found at this location or another equivalent, easily accessible section of our website. If we intend to process your data for purposes other than those for which they were collected, we will inform you in advance in compliance with the statutory provisions.

Status: 10 August 2023