Data protection
We have written this data protection declaration (version 24.01.2023-312397026) in order to provide you with information in accordance with the requirements ofGeneral Data Protection Regulation (EU) 2016/679and applicable national laws to explain which personal data (data for short) we as the responsible party - and the processors commissioned by us (e.g. providers) - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.

​

Scope of application

This data protection declaration applies to all personal data processed by us in the company and to all personal data that companies commissioned by us (processors) process. By personal data we mean information within the meaning of Art. 4 No. 1 GDPR such as a person's name, e-mail address and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites) that we operate

• email communication

​

Legal bases

In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the gateway to the EU -Right, underhttps://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679read.

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered on a contact form.

2. Contract (Article 6 Paragraph 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a sales contract with you, we need personal information in advance.

3. Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are required by law to keep invoices for accounting purposes. These usually contain personal data.

4. Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to be able to operate our website securely and economically. This processing is therefore a legitimate interest.

Other conditions such as the perception of recordings in the public interest and the exercise of public authority as well as the protection of vital interests do not usually apply to us. If such a legal basis should be relevant, it will be shown in the appropriate place.

In addition to the EU regulation, national laws also apply:

• In Austria, this is the federal law for the protection of natural persons when processing personal data (data protection law), DSG for short.

• In Germany, the Federal Data Protection Act, BDSG for short, applies.

If other regional or national laws apply, we will inform you about them in the following sections.

​

Contact details of the person responsible

If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible body below:
Richert Group Real Estate Investments
grolman street 36
10623 Berlin

E-mail:info@richertgroup.com
Phone:+49 30288840850
Imprint:https://www.richertgroup.com/impressum

​

Storage duration

The fact that we only store personal data for as long as is absolutely necessary for the provision of our services and products is a general criterion for us. This means that we delete personal data as soon as the reason for the data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.

If you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and provided there is no obligation to store it.

 

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 GDPR, we inform you about the following rights to which you are entitled so that data is processed fairly and transparently:

• According to Article 15 GDPR, you have a right to information as to whether we are processing your data.

• According to Article 16 GDPR, you have the right to have the data corrected, which means that we have to correct data if you find any errors.

• According to Article 17 GDPR, you have the right to erasure ("right to be forgotten"), which specifically means that you can request the erasure of your data.

• According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.

• According to Article 20 GDPR, you have the right to data portability, which means that we can provide you with your data in a common format upon request.

• According to Article 21 GDPR, you have the right to object, which will result in a change in processing after enforcement.​

• According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).

• According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

​

If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority.  The following local data protection authority is responsible for our company:

Berlin data protection authority

State Commissioner for Data Protection: Maja Smoltczyk
Address: Friedrichstrasse 219, 10969 Berlin
Telephone number: 030/138 89-0
Email address: mailbox@datenschutz-berlin.de
site:https://www.datenschutz-berlin.de/

​

Automatic data storage
When you visit websites today, certain information is automatically created and stored, including on this website.

If you visit our website as you are right now, our web server (computer on which this website is stored) automatically saves data such as

​

the address (URL) of the accessed website

 

• Browser and browser version

• the operating system used

• the address (URL) of the previously visited page (referrer URL)

• the hostname and IP address of the device from which access is being made

• Date and Time

• in files (web server log files).

​

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data will be viewed in the event of illegal behavior.

​

Data transfer to third countries

We only transfer or process data to countries outside the EU (third countries) if you agree to this processing, if this is required by law or is contractually necessary and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason that we have data processed in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, may mean that personal data is processed and stored in unexpected ways.

We expressly point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing by US services (such as Google Analytics) may result in data not being processed and stored anonymously. In addition, US government authorities may have access to individual data. In addition, it may happen that collected data is linked to data from other services from the same provider, provided you have a corresponding user account. If possible, we try to use server locations within the EU, if this is offered.

We will inform you in more detail about data transfer to third countries at the appropriate points in this data protection declaration, if this applies.

​

Security of data processing

In order to protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymise personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data.

Art. 25 GDPR speaks here of “data protection through technology design and through data protection-friendly default settings” and means that one always thinks of security and corresponding security both with software (e.g. forms) and hardware (e.g. access to the server room). measures. If necessary, we will go into specific measures below.

​

TLS encryption with https

TLS, encryption and https all sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transmit data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured - nobody can "eavesdrop".

We have thus introduced an additional security layer and comply with data protection by design (Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection for data transmission by the small lock symbol in the top left of the browser, to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend a Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to further information.

​

Cookies
Our website uses HTTP cookies to store user-specific data.

In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.

​

What exactly are cookies?
Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC.

​

There are 4 types of cookies: Strictly Necessary Cookies: These cookies are necessary to ensure basic functions of the website. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. Targeting Cookies: These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved. Advertising cookies: These cookies are also called targeting cookies. They are used to provide the user with customized advertising. 

Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.

​

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.

​

​

Evaluation of visitor behavior
In the following data protection declaration we inform you whether and how we evaluate data from your visit to this website. The evaluation of the collected data is usually anonymous and we cannot draw any conclusions about your person from your behavior on this website.

You can find out more about the possibilities of objecting to this evaluation of visit data in the following data protection declaration.

Google Fonts Privacy Policy
We use Google Fonts on our website. These are the “Google fonts” from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe.

You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, typefaces/fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't have to worry about your Google account data being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. How the data storage looks exactly, we will look at in detail.

​

What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses.

​

Which data is stored by Google?
When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was designed to reduce the use, storage and collection of end-user data to what is necessary for proper font delivery. Incidentally, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests on Google and is therefore protected. The collected usage figures allow Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to examine and move large amounts of data.

It should be noted, however, that with each Google Font request, information such as language settings, IP address, browser version, browser screen resolution and browser name are automatically transmitted to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.

​

How long and where is the data stored?
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts using a Google style sheet. A style sheet is a template that you can use to change the design or font of a website, for example, quickly and easily.

The font files are stored by Google for one year. Google is thus pursuing the goal of fundamentally improving the loading time of websites. When millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

​

How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=321253240. In this case, you only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and thus get the best out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=321253240. Although Google addresses data protection issues there, it does not contain really detailed information about data storage. It is relatively difficult to get really precise information about stored data from Google.

You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

​