Data Protection

Thank you for visiting our website as well as our social media pages and for your interest in our company. We take the protection of your personal data seriously and want you to feel safe and comfortable when visiting our site and pages.

Name and contact details of the Controller and the Data Protection Officer

Within the meaning of the General Data Protection Regulation (“GDPR”), the Controller is:

Berlin Hyp AG
Corneliusstr. 7
10787 Berlin
Germany

If you have any questions regarding the processing of your personal data, you can get in touch with our Data Protection Officer; he is also at your disposal if you have any queries, claims or complaints:

Data Protection Officer:
Berlin Hyp AG
Nikolaus Renner
Corneliusstr. 7
10787 Berlin
Germany
T: +49 30 2599 9381
email: datenschutz@berlinhyp.de

1. Processing on the website
Collection and processing of personal data to display the website and to ensure its stability and security (especially server log files)

We process our users’ personal data as far as this is necessary to provide a functional, stable and secure website. In particular, we automatically collect and store information in so-called server log files, which your browser automatically transmits to us. In this context the following data, which is required for technical use only, will be processed during the informational use of the website:

• IP address of the terminal device you are using;
• Date and time of access / server request;
• Screen resolution;
• The browser type, version and operating system you are using;
• Host name of the requesting computer /Referrer URL.

The storage is only temporary, the server log files are erased after 14 days.
The processing of the aforementioned data takes place to protect legitimate interests (the functionality, stability and security of our website) on the basis of a balancing of interests pursuant to Art. 6 Para. 1 Sentence 1 (f) of the GDPR.

The collection of the data for the provision of the website and the storage of the data in the log files is essential for the operation of our website.

Usage of PHP session cookies

We use so-called session cookies (also called non-persistent or transient cookies) on our website. Cookies are small text files that our web server sends to your device, where they are usually stored on your hard drive. They do not become part of your system and cannot cause any damage. These session cookies are stored exclusively for the duration of your use of our website. The session cookies we use are only used to identify you while you are logged on to our website. At the end of each session the session cookies are deleted. There is no further use of the session cookies.

These cookies are essential for the function of our website and cannot be deactivated in our systems. Usually, these cookies are only set in response to actions you take by transmitting a service request, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, in this case some areas of the website may not work.

The use of these session cookies is based on Art. 6 Para. 1 (f) of the GDPR. Without the use of these cookies, it is technically impossible for you to request, access and use the website.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

Provided that your request is connected with the fulfilment of a contract or is necessary for the implementation of pre-contractual measures, the processing of this data is carried out based on Art. 6 Para. 1 (b) of the GDPR. In all other cases the processing is based on your consent (Art. 6 Para. 1 (a) of the GDPR).

The data entered by you in the contact form remains with us. You can revoke your consent or the purpose for the data storage is no longer applicable (e.g. after completion of the processing of your enquiry). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Use of Google Maps

Provided that you accept the optional services via Data protection settings, Berlin Hyp uses “Google Maps API” map service from Google Inc. to display locations on an interactive map when searching for Berlin Hyp branch offices. As a result, information about the use of the Berlin Hyp website, including your IP address, may be transmitted to and stored by Google on servers in the US. If you use the advanced features of Google Maps, for example by clicking on the map displayed, your browser will establish a direct connection with Google’s servers. The map content is transmitted by Google directly to your browser and integrated into the website by it. We therefore have no influence on the extent of the data collected by Google in this way.
Google undertakes not to disclose any information to third parties as part of its data protection declaration, but makes exceptions to this commitment. The data collected in this way may therefore be transferred to third parties if this is required by law in the US or if third parties process the data on behalf of Google. The data protection declaration of Google Inc. can be found here: http://www.google.com/policies/privacy/.
You have the option of deactivating the map service and preventing data transmission to Google. To do this, deactivate JavaScript in your browser or revoke the optional service via the Data protection settings. Once done, you can no longer use the location finder.

E-mail communication

Communication via e-mail can have security gaps. E-mails sent to our employees, for example, can be intercepted and viewed by experienced Internet users. If we receive an e-mail from you, we assume that we are entitled to reply by e-mail. If not, express reference must be made to a different method of communication.

Safety and security

To protect the data you have provided us with from accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we use technical and organisational security measures. Our security measures are under continuous improvement in line with technological developments.

2. Social Media pages

Berlin Hyp AG operates the following social media pages:
Twitter: https://twitter.com/berlin_hyp?lang=de
Xing: https://www.xing.com/companies/berlinhypag
Kununu: https://www.kununu.com/de/berlin-hyp
LinkedIn: https://www.linkedin.com/company/berlin-hyp-ag/?originalSubdomain=de
Instagram: https://www.instagram.com/BerlinHyp/

Processing is carried out to safeguard legitimate interests (up-to-date information and opportunities for interaction with users) on the basis of a balancing of interests pursuant to Art. 6 Para. 1 Sentence 1 (f) of the GDPR.

Instagram

When visiting the profile of Berlin Hyp AG on Instagram, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, stores and processes personal data to the extent described in its data protection declaration. Instagram’s data protection declaration can be found here: https://help.instagram.com/519522125107875

Berlin Hyp has no influence on the type and scope of the data processed by Instagram, the type of processing and use or the disclosure of this data to third parties. In this respect, Berlin Hyp also has no effective means of control.

Twitter

When you visit the Twitter channel of Berlin Hyp AG, Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, (hereinafter "Twitter Inc.") stores and processes personal data to the extent described in its data protection declaration. Twitter Inc.’s privacy policy can be found here: https://twitter.com/en/privacy.
Twitter Inc. is committed to the principles of the EU-US Privacy Shield. For further information, please visit https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
Berlin Hyp has no influence on the type and scope of the data processed by Twitter, the type of processing and use or the disclosure of this data to third parties. In this respect, Berlin Hyp also has no effective means of control.
Data processing also takes place via the Twitter Analytics statistics service. This service records your activity on our site and makes it available to us in anonymous statistics. Conclusions on individual users and access to individual user profiles by the administrator are not possible. Further information about Twitter Analytics can be found here: https://analytics.twitter.com/about.

Xing

When visiting the employer branding profile of Berlin Hyp AG, XING SE, Dammtorstrasse 29-32, 20354 Hamburg, Germany (hereinafter referred to as “XING”), stores and processes personal data to the extent described in its data protection declaration. XING’s data protection declaration can be found here: https://privacy.xing.com/de.
Data processing takes place via the XING statistics service provided for employer branding profiles. This service records your activity on our site and makes it available to us in anonymous statistics.

LinkedIn

When visiting the profile of Berlin Hyp AG, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, (hereinafter referred to as “LinkedIn”) stores and processes personal data to the extent described in its privacy policy. LinkedIn’s privacy policy can be found here: https://www.linkedin.com/legal/privacy-policy.
Data processing takes place among other things via the page analytics of LinkedIn. This service records your activity on our site and makes it available to us in anonymous statistics.

3. Your Rights in Data Protection

• Vis-à-vis Berlin Hyp AG, you have the following rights regarding any personal data relating to you:
• Right of access (Art. 15 GDPR);
• Right to rectification (Art. 16 GDPR);
• Right to erasure (Art. 17 GDPR);
• Right to restriction of processing (Art. 18 GDPR);
• Right to data portability (Art. 20 GDPR).

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw a previously given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out up to the point of revocation remains unaffected by the withdrawal.

Right to object in individual cases

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data pursuant to Article 6 Para. 1 (f) of the GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4 (4) of the GDPR.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds which outweigh your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Right to object to the processing of data for direct marketing purposes

If the data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, your personal data we will no longer process your personal data for such purposes.

In all cases described, the objection can be made informally and should, if possible, be addressed to:

Berlin Hyp AG
Corneliusstr. 7
10787 Berlin
unsubscribe@berlinhyp.de

Right to lodge a complaint

You also have the right to lodge a complaint in connection with the processing of your personal data at the following supervisory authority responsible for us in terms of data protection:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Germany

4. General Information on Data Protection
Information on data protection - Our handling of your data and your rights
Information pursuant to Articles 13, 14 and 21 of the General Data Protection Regulation – GDPR

In general, beyond our website we process personal data also in the context of our business relationship. Information on this data processing and your claims and rights concerning data protection, some of which also affect data processing on our website, can be found in our Information on Data Protection .

Our website uses the web analytics service Matomo in the on-premise version. Matomo is an open source software solution.
Matomo uses “cookies”. These are small text files that your web browser stores on your device and which allow an analysis of the website usage to take place. Information generated by cookies about the use of our website is stored on our server. Your IP address will be anonymised before it is saved.
Cookies from Matomo remain on your device until you delete them. The storage time on our server ranges from 30 minutes to one year, a detailed list is available in the data protection settings/cookie bar at the end of the data protection declaration.
Matomo cookies are set on the basis of Art. 6 (1) lit. f of the GDPR. As the operator of this website, we have a legitimate interest in the anonymised analysis of user behaviour in order to optimise both our website and, where applicable, our advertising.
No information stored in the Matomo cookie about the use of this website is disclosed. It is possible to prevent the setting of cookies by your web browser. However, some functionalities of our website could be limited by this.
By means of the data protection settings/cookie bar at the end of the data protection declaration, you can deactivate the storage and use of your data. Your browser sets an opt-out cookie, which prevents the storage of Matomo usage data. If you delete your cookies, the Matomo opt-out cookie will also be erased. If you visit our website again, the opt-out cookie must be set again to prevent the storage and use of your data.


The data protection settings/cookie bar can be linked so that you can scroll right down to the bottom with one click.