Privacy policy according to EU Data Protection Regulation (DSGVO)
(Regulation EU (2016/679 of the European Parliament and of the Council of 27.04.2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46EG in the Official Journal of the European Union, OJ L 119/1; entry into force: 25 May 2018).
to the website www.citrocasa.com
We, Citrocasa GmbH, as the provider of the aforementioned telemedia service, take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection provisions under European law (esp. in accordance with the Data Protection Regulation/DSGVO and the German Telemedia Act/TMG) and the following declaration.
This data protection declaration refers solely to the aforementioned website. If you are forwarded to other websites via links on this website, please inform yourself there about the respective handling of your data and its processing and responsibility there.
The legal basis for data processing, including on websites, is essentially the following provisions and legal regulations:
In accordance with the principles of data avoidance and data economy, we process personal data only for as long as is necessary in the sense of the following statement or as long as is required by law (statutory storage period). If the purpose or the right to process the collected personal data ceases to apply or the permissible storage period ends, we block or delete the data; unless their - temporary - further processing is necessary, in particular for the following purposes:
However, in order to be able to take a data block into account at any time, it is necessary to keep the data in a blocking file for control purposes. If there is no legal archiving obligation, you can also request the deletion of such data. If there is a legal archiving obligation, we will block such data if you so request. If the provision of personal data is required by law or contract, or is necessary for the conclusion of a contract, we point out the adverse consequences due to non-provision.
In particular, the following terms used in this Agreement are defined in accordance with Art. 4 GDPR as follows:
For further definitions and information on the scope of the statutory data protection provisions, we refer in particular to Art. 4 DSGVO (dejure.org/laws/DSGVO).
1. processing of personal data; nature and purpose of use
a. Calling up the website (server log files)
When accessing this website www.citrocasa.com information is automatically sent to the server of this website by the browser used on your terminal device. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automated deletion:
Conclusions about your person are not possible through this automatically generated information. The aforementioned data is processed by us for the following purposes:
The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
In this respect, we only store access data without personal reference. Non-personal information includes all information that is processed anonymously and cannot be assigned to a person. This includes aggregated key figures, such as the average time spent on or the frequency with which websites are called up (see above under section 2.a.). When non-personal information is stored, the IP addresses and domain data of visitors in particular are also only stored in abbreviated form, so that it is not possible to draw conclusions about individual visitors.
b. Data processing when contacting
You can contact us by mail or e-mail (especially via office@citrocasa.com, see contact details in the imprint). We will then process the data that you provide to us when contacting us. This may include in particular your full name (first name/last name), your postal address (street, house number, postal code, city), your telephone number and your e-mail addresses. We process the data you provide when contacting us for the purpose of providing you with appropriate feedback.
The personal data collected by us for your contact and received from you will be deleted after completion of your request, unless there is a legitimate interest for further - temporary - storage (eg applicant data or for subsequent correspondence) or you give your consent otherwise.
Data processing for the purpose of contacting us is based on your voluntarily given consent according to Art. 6 para. 1 p. 1 lit. a DSGVO.
c. Google Search Console
For this website, the SEO tool Google Search Console is used for optimization purposes. Personal data is not collected, stored or processed in any other way. Cookies are not set, tracking does not take place. You can find more information about the Google Search Console here: https://search.google.com/search-console/about?hl=de
2. disclosure of personal data
Your personal data will only be transferred to third parties for the purposes listed below. We only pass on your personal data to third parties
Insofar as we intend to use the personal data for a purpose other than the aforementioned purposes, we will provide you with information about this other purpose and all other relevant information in accordance with Article 13 (2) of the GDPR prior to this further processing.
3. cookies
4. tracking tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) p. 1 lit. f DSGVO.
With the tracking measures used, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our website offering for you.
These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
a) Matomo
Description and purpose
This website uses Matomo (formerly Piwik), an open source software for statistical analysis of visitor traffic. The provider of Matomo is InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand.
Matomo uses cookies that are stored on your computer, which make an anonymous analysis of your website usage possible. As a rule, it is not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage.
We use Matomo to improve the quality of our website and its content. By learning how our website is used, we can continuously optimize our website offering.
The following data is stored when you call up the individual pages of our website:
1. two bytes of the IP address of the user's calling system.
2. the accessed web page
3. the web page from which the user has reached the accessed web page (referrer url)
4. subpages that are called from the called web page
5. dwell time on the website
6. frequency of access to the website.
The software runs exclusively on the servers of our website or our website support, a storage of the personal data of the users takes place exclusively there. The IP address of the user is not stored in full but only shortened by masking only 2 bytes of the IP address. An assignment of the IP address shortened in this way to the end device of the user is then not possible.
The processing of users' personal data enables the analysis of usage behavior on our website.
Legal basis
The legal basis for this processing of your personal data is Art. 6 para. 1 lit. f) DSGVO.
Data recipients, data sharing and data transfer to third countries
The recipient of your anonymized data is the website operator and website support. A data transfer to a third country does not take place. There is also no other transfer of data to third parties.
Duration and scope of data storage
The data will be deleted as soon as the data is no longer required to achieve the purpose for which it was collected and processed. Likewise, the data will be deleted if you assert your right to data deletion pursuant to Art. 17 (1) DSGVO.
For further data subject rights, see below in this privacy statement.
There is no contractual or legal obligation for the provision of the data.
Further information on the processing of your personal data by Matomo can be found here: https://matomo.org/privacy-policy/ .
5. social media plug-ins
Plug-ins that directly link you to our website or, conversely, directly link this website to your social media account, for example, and by which a certain usage behavior of yours would be recognizable, are not used by us on this website.
6. data subject rights
You have the right in each case free of charge
To exercise the rights of the data subject, send an e-mail to office@citrocasa.com.
7. right of objection and right of revocation
Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO.
If your personal data is processed on the basis of your express consent pursuant to Art. 6 (1) p. 1 lit. a DSGVO, you may revoke this consent - provided that there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to office@citrocasa.com with the corresponding request.
8. data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. You can tell whether an individual page of our website is encrypted when you see the closed key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
9. up-to-dateness and modification of this privacy policy
This privacy policy is currently valid and has the status of 25 May 2018 (entry into force of the GDPR).
Due to the further development of our website and offers on it or due to changing legal or regulatory requirements, it may become necessary to change this privacy policy. The data protection declaration will then always apply in the correspondingly adapted version published here.