Privacy Policy


Last updated on January 31st, 2020

Controller, Art. 4 Nr. 7 GDPR

McMakler GmbH
Am Postbahnhof 17
10243 Berlin – Deutschland
Tel.: 0800 500 80 02
datenschutz@mcmakler.de

Preamble

The protection of your personal data is very important to us. This Privacy Policy describes how McMakler GmbH and the McMakler Group companies (hereafter McMakler) process your personal information on this website and through our online services. In addition, you will receive data protection information (Articles 13 and 14 GDPR) in advance of processing operations and contractual relationships in a simple, precise, transparent, understandable and easily accessible form (Art. 12 (1) GDPR). In order to protect your personal data, McMakler has concluded appropriate agreements with the contracted service providers and cooperation partners (especially Art. 26 and 28 GDPR) and has taken technical and organizational measures to ensure the protection of your personal data. This site uses state-of-the-art SSL or TLS encryption for security purposes and to protect the transmission of confidential content that you send to us as the operator of the website via online forms. Our employees are regularly trained in the handling of personal data and are obliged to the confidentiality of personal data (Article 5 (1) (f), Art. 32 (4) GDPR). You can also make privacy-prone preferences using your web browser settings, such as: Through the Do-Not-Track feature, security updates, or blocking cookies/third party-cookies. Additional settings can be made by browser extensions and / or these are described separately in this privacy policy. We point out that a complete protection of data transfer on the Internet is not possible and the protection of your data can depend strongly on the individual surfing behavior. Never share your information with third parties who may misuse it.

This privacy policy was last updated on: 11.09.2019

In the event of changes to this privacy policy, we will post the amended policy and the effective date of the amended policy on this website. We therefore recommend that you check our website regularly. Changes that affect your consent will only be made by renewed consent.

1. Definitions / Scope

In the context of this privacy policy, we use the following terms. For a better understanding, here is a brief explanation of the terms used in the sense of Art. 4 (1) GDPR.

1.1. Personal data

‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.2. Processing

‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.3. Restriction of processing

‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

1.4. „Profiling“

‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

1.5. Pseudonymisation

‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

1.6. Controller

‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

1.7. Processor

‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

1.8. Recipient

‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

1.9. Third party

‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. General information about data processing

We take the protection of your personal data very seriously. Therefore, we process them in the sense of the General Data Protection Regulation (GDPR), in accordance with other applicable data protection regulations as well as in the sense of this privacy policy. Certain processing is required to provide a functional website. In addition, we can enable our content and services. The data processing takes place only insofar as it is lawful. Legality exists if at least one of the conditions set out in Article 6 (1) of the GDPR is met. We will delete your data as soon as the purpose of the storage is no longer necessary, a period prescribed by legal regulations has expired and / or there are no compelling requirements for the retention of a deletion. Information on your data subject rights can be found in this privacy policy under point 9. "Rights of the data subject".

If a personal data transfer to a third country or an international organization takes place by McMakler and / or a processor, McMakler will verify to the processor / partner, in particular, the existence of an adequacy decision pursuant to Art. 45 (3) GDPR or the existence of appropriate guarantees by type 46 GDPR. Otherwise, a transfer will only take place if one of the requirements according to Art. 49 (1) lit. a) to g) is fulfilled.

In addition, we do not operate exclusively automated decision-making ("profiling") in order to establish and conduct a business relationship.

If we pass on personal data to third parties, this usually takes place on the basis of your consent in accordance with Art. Art. 6 (1) lit. a) GDPR, unless justified by a legitimate interest or operational requirement of McMakler, Art. 6 (1) lit. f) GDPR or the processing is required precontractual or by contract, Art. 6 (1) lit. b) GDPR. A legitimate interest can in principle also exist in the transfer for purposes of direct marketing, Recital 47 GDPR. Advertising measures are also subject to § 7 Abs. 3 Gesetz gegen den unlauteren Wettbewerb (UWG) permissible on our part and / or as far as another legal regulation permits. In addition, disclosure to third parties is only made on the basis of a legal obligation to which the person responsible is subject (eg statutory information and notification obligations).

We have appointed a data protection officer for our companies. You can achieve this as follows:

Data Protection Officer (DPO)
McMakler GmbH
Am Postbahnhof 17
10243 Berlin – Deutschland
Tel.: 0800 500 80 02
datenschutz@mcmakler.de

3. Server log files

When you visit our website, our system automatically collects data and information from the computer system of your computer. The following data is collected:

a. IP address of the requesting computer,
b. Date and time of access,
c. Name and URL of the expired file,
d. Website from which access is made (referrer URL),
e. used browser and, if applicable, the operating system of your computer as well as the name of your access provider

This data is stored as standardized on any other web server in the log files of our system. A combination of these data together with other personal data is not done. The storage in the log files is done by us to ensure the functionality of our website and to protect us from abusive or illegal use of the website as well as to analyze attack patterns ("hacking"). With this data, we can also optimize our website and ensure the security of our information technology systems. In addition, this information may be relevant for law enforcement purposes and may only then be merged with other data, such as: Your identity. We can not produce a direct personal reference based on the information itself.

For these purposes, our legitimate interest in the processing of data according to Art. 6 (1) lit. f) GDPR. The server log data is kept for 90 days.

4. Cookies

We use so-called "cookies" on our website. These are text files that are stored on your device. Some of the cookies we use, called session cookies, are deleted immediately when you close your browser, that is, when the session ends. Other cookies will continue to be stored on your device and allow us and our third party providers (see 5.2. an following) to recognize your browser the next time you visit our website (persistent cookies). Cookies are processed to an individual extent and collect data such as browser and location data as well as (anonymized) IP address values. Persistent cookies are automatically deleted after a specified period of time.

Cookies do not harm your computer and are designed to make your visit to our website attractive and to enable the use of certain functions. If the cookies set by us or third parties process personal data, the processing is carried out in accordance with Art. 6 (1) lit. b) GDPR either for contractual purposes or pursuant to Art. 6 (1) lit. f) GDPR lawfully for the protection of our legitimate interests of analytics purposes an to provide you with a user-friendly website and services.

For third-party cookies, please refer to 5.2. and following the type and extent of data processing as well as the availability of appropriate privacy settings. The periods of storage of cookies strongly depends on your browser settings and the perception of your rights of objection. Further information can be found in the respective privacy policy of the provider as well as in this privacy policy.

To prevent the setting of cookies, you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for certain cases in general. The type of browser setting is different for each browser. A description of the cookie and privacy settings can be found for the respective browser under the following links:

Internet Explorer
Firefox
Chrome
Safari
Opera

Please note that if you do not accept cookies, the functionality of our website may be limited. If the browser you listed is not listed, feel free to contact us.

5. Collection and use of data

As part of your visit to our website, we process personally identifiable information you provide in particular through online forms provided by McMakler. Below is a list of possible data processing by us as well as the online forms integrated on partner sites. This data will be deleted as soon as the purpose of storage no longer exists and there are no legal and / or legitimate retention periods. In addition to the purposes and legal bases specified below, the data may also be used for purposes of contract performance and fulfillment, Art. 6 (1) lit. b) GDPR as well as for marketing purposes on the basis of your consent (Art. 6 (1) lit. a) GDPR) or based on legitimate interests pursuant to Art. 6 (1) lit. f) GDPR, if necessary in conjunction with recital 47 GDPR are processed accordingly, insofar as a other legal basis (eg § 7 (3) UWG) is not relevant.

5.1. McMakler forms and data collected about them

In order for you to be able to use our services, we provide these forms for your specific needs. If you fill out one or more of these forms and submit, we will receive the data entered and process them on our systems. The following illustration of forms used by McMakler may not be exhaustive. We reserve the right to change the content of individual online forms, to rename them or to process comparable information through those services.

5.1.1. Form: Property/real estate valuation (land, house, flat or business/commercial real estate)

This form will give you a free initial evaluation of your property. At the same time we accept your request and provide our agency/brokerage services. If required, information provided by telephone or by e-mail is supplemented. The processing is based on your consent in accordance with. Art. 6 (1) lit. a) as well as, if applicable, based on legitimate interest pursuant to Art. 6 (1) lit. f), if necessary in conjunction with recital 47 GDPR (marketing purposes) as well as for purposes of pre-contractual measures, which are carried out at the request of the data subject, Art. 6 (1) lit. b) GDPR (sales and/or buying interest). In order for you to get a realistic rating of your property/real estate, the specification of specific data is required in addition to your personal contact information. In addition, these will be processed accordingly for the offered agency/brokerage services as well as the further communication with you. The details can be found in the online form.

5.1.2. Form: Create search request

Through this form, we take inquiries from prospective buyers into our search index and make our services available. If necessary, information about your search request issued by telephone and/or by e-mail will be added. The processing is based on your consent in accordance with. Art. 6 (1) lit. a) or due to legitimate interests Art. 6 (1) lit. f), if necessary in conjunction with recital 47 GDPR (marketing purposes) as well as for purposes of precontractual measures, which are carried out at the request of the data subject, Art. 6 (1) lit. b) GDPR. In order to be able to present you suitable real estate/property, in addition to providing your personal contact details, you must provide specific property details and preferences regarding our agency/brokerage services. These data are processed for the offered agency/brokerage services as well as the further communication with you. The details can be found in the online form.

5.1.3. Form: Application for property/real estate

Through this form we accept applications for real estate, which are marketed by us on behalf of the customer. In order to enable you to apply with success chances usually only the indication of your personal contact data for the object and optional information in the free text field (voluntary information) is required. These data are processed for the offered agency/brokerage services as well as the further communication with you. Legal basis is Art. 6 (1) lit. b) GDPR (pre-contractual and contractual measures) as well as processing for marketing purposes your consent, Art. 6 (1) lit. a) GDPR, as well as legitimate interests, Art. 6 (1) lit. f), if necessary in conjunction with recital 47 GDPR (Marketing Purposes). The details can be found in the online form.

5.1.4. Prospect portal (login area):

As part of the lending, we accept your request for financing in the login area and support you through our subsidiary company, McMakler Finanz GmbH, Am Postbahnhof 17,10243 Berlin, in the real estate financing/credit mediation. This information is required, which meet your individual criteria. These can be:

Identity and contact information
Information and documents on personal assets / creditworthiness
Details of the financing object
Information and documents for financing and settlement

These data are processed for the offered agency/brokerage services as well as the further communication with you. Legal basis is Art. 6 (1) lit. b) GDPR (pre-contractual and contractual measures) as well as for processing for marketing purposes your consent, 6 (1) lit. a) and, if applicable, Art. 6 (1) lit. f) in conjunction with recital 47 GDPR (Marketing Purposes). In addition, you have the possibility to manage your personal appointments and applications in your personal area. You can view your personal data in your member area at any time.

5.1.5. Form: "finance property/real estate":

With this form we accept your request for financing and support you through our subsidiary company, McMakler Finanz GmbH, Am Postbahnhof 17,10243 Berlin, in the real estate financing/credit mediation. If necessary, information about the financing project issued by telephone and/or by e-mail is added. The processing is based on your consent in accordance with. Art. 6 (1) lit. a) or due to legitimate interests Art. 6 (1) lit. f), if necessary in conjunction with recital 47 GDPR (marketing purposes) as well as for purposes of pre-contractual measures, which are carried out at the request of the data subject, Art. 6 (1) lit. b) GDPR or for the execution of the contract. To ensure a financial/credit mediation and service that meets your individual criteria, the provision of personal data is required. These are details of your contact and personal data as well as specific details of the financing project/object and your creditwothiness. These data are processed for the offered agency/brokerage services as well as the further communication with you. The details can be found in the form.

5.2. Data collected by other sources

If you visit our website, third-party data may also be collected and processed. Processing is for the purpose of operating and optimizing our website, for marketing purposes, and for the purpose of providing and performing our agency/brokerage services (see 5.2.1 and below). In addition, our online forms and marketing tools will also be linked to affiliate sites, see 5.1, for accessing our website and/or using our services.

5.2.1. Web analytics services

The tracking measures listed below are used by us in accordance with Art. 6 (1) lit. f) GDPR for the protection of our legitimate interests and in individual cases on the basis of your consent, Art. 6 (1) lit. a). Basically, we want to optimize our website continuously and record and evaluate the data statistically. In general, we use these services according to type, scope and technical-organizational requirements without the requirement of an explicit consent ("opt-in") on your part. We reserve the right to make any adjustments and/or changes with regard to the current legal situation. Many of these services are active on partner and/or other third party sites, so there is a high likelihood that your browser already knows about these services and will execute cookies.

5.2.1.1. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter "Google"). Google Analytics uses so-called "cookies", text files that are stored on your device and allow an analysis of the use of the website. If you allow these cookies, they will be stored in your browser for 2 years since your last visit to the site by Google, which will allow you to be recognized on your next visit. How to prevent the substitution of cookies and/or cookies by third parties, see point 4. "Cookies".

The information generated by the cookie such as:

  • Browser type / version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (anonymized IP address),
  • Time of the server request

are usually transmitted to a Google server in the US and stored there. IP anonymisation is activated on this website, which means that the IP address of the users of Google is shortened beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to Google servers in the US and shortened there. Google will process this information in order to evaluate users' use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. You can prevent the storage of cookies by a corresponding setting of your browser software, see 4. „Cookies“ above. However, we point out that in this case you may not be able to use all functions of this website in full. In addition, you can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available here. If you delete your cookies, you must click this link again. Read here for more information on privacy at Google Analytics. More information and settings can be found here: Google Privacy Policy & Terms of Use. We have a contract for processing according to Art. 28 GDPR with Google completed. Google guarantees compliance with European data protection regulations through certification under the EU-US Privacy Shield. Further information can be found here.

5.2.1.2. Google Tag Manager

We use Google Tag Manager. Through this service of Google Inc. (see 5.2.1.1.) website tags can be managed via a user interface. The Google Tag Manager only implements tags. This means: no cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which in turn may capture data. However, Google Tag Manager does not access this data. If deactivated at the domain or cookie level, it will remain in effect for all tracking tags as far as they are implemented with the Google Tag Manager.

5.2.1.3. Google Optimize

Our website also uses Google Optimize. Google Optimize analyzes the use of different variations of our website and helps us to improve the usability according to the behavior of our users on the website. Google Optimize is a tool built into Google Analytics, see 5.2.1.1.

5.2.1.4. eKomi

This website reloads a JavaScript code of eKomi Ltd., located in Markgrafenstr. 11 in 10969 Berlin. eKomi allows us to integrate customer reviews on our website. If you have enabled JavaScript in your Internet browser and should not have a JavaScript blocker running, personal data may be transmitted to eKomi. Personal data from valuation processes are rendered unrecognizable at eKomi and deleted after the order has been completed with eKomi customers. Further information on data protection at eKomi can be found here.

5.2.1.5. Fullstory

This website uses Fullstory, of Fullstory Inc. (hereinafter "Fullstory"), 818 Marietta Street, Atlanta, GA 30318, USA. Fullstory processes information about the user behavior of the visit to our website. This is done for the purpose of analyzing user experience and improving the website experience of our visitors. Fullstory stores and collects this information in an anonymous form using cookies. How to prevent the setting of cookies, see point 4. "Cookies". You can deactivate the cookie tracking of Fullstory at any time, here you go to the opt-out: https://www.fullstory.com/optout. For more information on privacy at Fullstory, see: www.fullstory.com. Fullstory guarantees compliance with European privacy standards through certification under the EU-US Privacy Shield.

5.2.1.6. New Relic

Our website uses the analysis service of New Relic, Inc., 188 Spear St, San Francisco, CA 94105, USA, to statistically analyze the traffic to our site. New Relic creates pseudonymous user profiles to analyze visitor behavior, improve proposal design, and optimize our website for marketing purposes. The service uses cookies to recognize your browser at the next visit and to determine the statistical data. How to prevent the setting of cookies, see point 4 "Cookies". New Relic is certified under the EU-US Privacy Shield. You will find more information here: https://www.privacyshield.gov/participant?id=a2zt0000000TNPiAAO&status=Active. For more information on privacy at New Relic, see https://newrelic.com/termsandconditions/cookie-policy

5.2.1.7. Yieldlab

On our website we use a service of the company Yieldlab AG, Colonnaden 41, 20354 Hamburg, DE (hereinafter: Yieldlab). As part of web tracking, Yieldlab uses cookies that are stored on your computer and allow an analysis of the use of our website and your surfing behavior. We conduct this analysis on the basis of the Yieldlab tracking service to constantly optimize and make our internet offer better available. As part of the use of our website anonymized data are collected and transmitted to a server of the company Yieldlab and stored there. Further information on the handling of the transmitted data can be found in the data protection declaration of Yieldlab: http://www.yieldlab.de/meta-navigation/datenschutz/ and under point 4. "Cookies". You can prevent the collection and transfer of personal data and the processing of this data by setting the Yield opt-out cookie.

5.2.1.8. AppNexus

This website uses a service provided by AppNexus Inc., 28 W 23rd Street, 4th floor, New York, New York - 10010, USA. Among other things, AppNexus uses cookies that are stored on your computer and that allow an analysis of the use of the website. In the context of the use data, in particular the IP address and activities of the users can be transmitted to a server of the company AppNexus Inc. and stored there. We do not have any influence on data processing by AppNexus. You can prevent the collection and transfer of personal data (in particular your IP address) and the processing of this data by disabling the execution of Java Script in your browser (eg by 'NoScript') or your cookie settings adapt, see point 4. "Cookies". Cookies are usually stored for 33 days. Further information and the opt-out cookie can be found in the privacy policy of AppNexus.

5.2.1.9. BidSwitch

Our website uses BidSwitch, a service of BidSwitch 19 West 24th Street, 6th floor, New York, NY 10010, USA. BidSwitch uses cookies and counting pixels. As part of the use of the website, data such as e.g. the IP address and activities of the users are transmitted to a server of BidSwitch and stored there. It is not excluded that the company Bidswitch may transfer this information to third parties. You may object to the collection and transfer of personal information or prevent the processing of such data by disabling the execution of Java Script in your browser. Further information can be found under point 4. "Cookies". You can find your opt-out options in the privacy policy of BidSwitch.

5.2.1.10. Advertising.com

Our website uses a service provided by Oath, Inc., 770 Broadway, 10003 New York, USA (hereafter: Advertising.com). If you have enabled JavaScript in your browser and have not installed a Java Script Blocker, your browser may submit personal information to Advertising.com. You can prevent Advertising.com from collecting and processing your data by disabling the execution of script code in your browser or by installing a script blocker in your browser. For more information about privacy and opt-out options, visit https://policies.oath.com/ie/en/oath/privacy/index.html.

5.2.1.11. AddThis

Our website uses features of the AddThis service operated by AddThis, LLC, 1595 Spring Hill Rd, Suite 300, Vienna, VA 22182, USA ("AddThis"). AddThis provides web site creation and design tools that make it easy for website visitors to share pages with other users. The services can be recognized by the integrated buttons, eg. Eg "LinkedIn". AddThis provides tools that help analyze and improve website usage. AddThis also uses cookies and so-called web beacons ("counting pixels", which enable a log file analysis). When you click on an AddThis plug-in, your browser will connect to the AddThis servers and, if applicable, the selected social network. The generated data is transferred to AddThis and processed there. When you send content from our website to social networks, a link can be made between visiting the website and your user profile on the appropriate social network. Further information can be found under point 4 "Cookies". For more information about AddThis privacy, visit http://www.addthis.com/privacy/privacy-policy. The possibilities for opt-out can be found here.

5.2.1.12. Adobe Analytics

This page uses the capabilities of Adobe Analytics ("Adobe") of Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. This analysis tool enables us to optimize our services and to analyze the preferences of our site visitors. For example, to facilitate navigation on our site and to improve usability. In particular, Adobe uses the cookie "demdex". Your IP address will not be saved during the evaluation and will only be processed by us in anonymous form. In addition, pseudonymized information may be processed for marketing purposes. The generated information is transmitted to and stored by an Adobe server in the European Union. We have no control over the processing of the data by Adobe - Adobe also guarantees compliance with European data protection regulations through certification under the EU-US Privacy Shield. For how to refuse to accept cookies, see 4. "Cookies". For more information about privacy at Adobe and your opt-out opportunity, visit https://www.adobe.com/privacy/opt-out.html.

5.2.2. Marketing Services

For marketing purposes, ie for the purpose of advertising, providing and optimizing our agency services and websites, we use the following marketing services. The processing of data by using various marketing services is thus based on our legitimate interest in accordance with Art. 6 (1) lit. f) GDPR and in individual cases on the basis of your consent, Art. 6 (1) lit. a) GDPR. In general, we use these services according to type, scope and technical-organizational requirements without the requirement of explicit consent on your part. We reserve the right to make any adjustments and / or changes with regard to the current legal situation. Many of these services are active on partner and / or other third party sites, so there is a high likelihood that your browser already knows about these services and will execute cookies.

5.2.2.1. Google Ads Services (formerly Google Adwords)

Google Ads is an internet advertising service that allows advertisers to run both Google and Google Network search engine results. The purpose of Google Ads is to promote our website by displaying interest-based advertising on partner sites and in search engine results. The Google Ads Services Company is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. Google Ads uses tracking cookies to target advertising ads based on user behavior and device-related information. Google Ads thus enables us to specifically analyze and evaluate advertising measures. According to these ad server cookies, certain parameters for measuring success (in the first instance "clicks") are measured. For example we can measure which search terms and/or advertisements have brought you to our website. We have a legitimate interest in displaying interest-based advertising, making our online offer more attractive and optimizing advertising costs. The Ads cookies lose usually after 30 days its validity. Google will have the opportunity to recognize you during this period. You can see how to prevent the use of cookies in section 4. "Cookies". You may also opt-out of Google's interest-based advertising. Visit www.google.com/settings/ads and make the settings you want. The data processed by McMakler is based on information provided by Google that we can not use to identify users. We have no control over any information that Google processes. An identifiability by Google could be possible if the data can be assigned to your Google Account or if you are logged in to a Google Account.

We also use the Google Ads Remarketing feature of the Google Ads service, which allows us to present interest-based advertising on other pages within the Google Network to users of our website. For this purpose, interactions with our website are analyzed and a cookie is set by Google, which records the visits within the Google Display Network. This information identifies a particular web browser on a particular device, not the person. You can prevent the setting of cookies as described above. Google also provides a special browser plug-in: https://support.google.com/ads/answer/7395996. You can also opt-out of personalized ad serving through Google's Ads Ads Settings or via the Network Advertising Initiative opt-out page at: http://optout.networkadvertising.org/?c=1.

5.2.2.2. Display & Video 360 by Google (formerly DoubleClick Bid Manager by Google)

Our website uses Display & Video 360 (DV360) - a tool of Google's Google Marketing Platform (see 5.2.1.1.). DV360 uses cookies to serve users with relevant ads and to optimize campaign results. In addition, cookie ID information can be used to track conversions related to requests for specific ads. The cookie ID allows connections to be made between the ad served and a later point of sale. According to Google, the DV360 cookies contain no personal information. We have no influence on any processing and use of the data by Google as well as the identifiability of any (personal) aggregation of data on Google. The set DV360 cookies help us to analyze and understand how you communicate with our website and/or perform certain actions when you click on our content on Google or other platforms (conversion tracking). You can also block the setting of these cookies by means of corresponding cookie settings, see point 4 „Cookies“. You can also opt-out of personalized ad serving through Google's Ads settings, or through the About Ads self-regulatory campaign at: http://www.aboutads.info/choices.

5.2.2.3. Facebook Custom Audiences (Facebook Pixel)

This website uses technologies from Facebook Ireland Limited ("Facebook", 4 Grand Canal Square, Dublin 2, Ireland). Facebook is an Internet advertising service that allows advertisers to target users with advertising directly on Facebook and on the Facebook network. By using the remarketing feature "Custom Audiences", users of the website will be shown visiting Facebook or other sites using so-called "Facebook Ads" containing interest-based advertising. The purpose is to increase the attractiveness of our website through targeted marketing and the placement of advertisements. If you are the owner of a Facebook account, this can be recognized by the set Facebook pixel, which transmits the collected usage data to Facebook. The Facebook Pixel is a javascript code. Facebook uses tracking cookies based on user behavior information and device-related information to target Facebook ads. This data is stored for a maximum of 180 days. For more information on the purpose and scope of data collection and the further processing and use of the data by Facebook and your options to protect your privacy, please refer to the privacy policy of Facebook. If you do not want to show interest-based advertising, you can disable this feature in your browser. You can see how to prevent the use of cookies in section 4. "Cookies". Information that is processed and/or merged by Facebook, we have no influence. An identifiability through Facebook could be for example, if the data can be assigned to your Facebook account or you are logged in to a Facebook account. You can find out about corresponding settings for Facebook advertising at https://www.facebook.com/about/basics/advertising and make the appropriate settings. Instructions can be found here https://www.facebook.com/about/basics/advertising/ad-preferences. Logged in users can disable and customize the features here https://www.facebook.com/settings/?tab=ads#_.

5.2.2.4. Awin (formerly affilinet)

This website uses technologies of AWIN AG (formerly affilinet GmbH), Eichhornstraße 3, 10785 Berlin. "Affilinet" is an internet advertising service, a so-called affiliate program. This is a service for the integration of advertisements and the analysis of the advertising traffic over the respective advertisements. The purpose of the application is to promote our website by displaying interest-relevant advertising in the partner network. "Affilinet" uses tracking cookies to accurately track clicks and conversions on our website (a specific digital action, such as completing a form). You can see how to prevent the use of cookies in section 4. "Cookies". affilinet tracking cookies store the ID of the mediating partner (on which the advertisement was displayed) as well as the order number of the advertising material clicked by the visitor (banner, text link or similar). When concluding a transaction, the partner ID serves to be able to allocate the commission to be paid to the intermediary partner. Find out more about privacy at Awin here . Further information as well as a contradiction possibility / opt-out can be found on the following page: https://modules.affili.net/consent/publisher/289931

5.2.2.5. Criteo

This website uses "Criteo" technologies operated by Criteo SA, 32 rue blanche, 75009 Paris, France. Criteo specializes in creating and delivering personalized advertising through "Criteo Dynamic Retargeting" and "Criteo Sponsored Products". Criteo partners with online partners to promote ads to users who visit their partners' websites or their apps. In addition, Criteo partners with publishers to display personalized advertising. The purpose of Criteo is to promote our website by displaying interest-based advertising on Criteo's partner sites. Criteo collects information about tracking cookies placed in the user's browser or about advertising IDs in environments that do not support cookies, such as apps. Using these technologies, Criteo can analyze trends and identify the interests of individual users in terms of websites and apps. The storage period is a maximum of 6 months. If you do not want to receive interest-based advertising, you can disable this feature here . You can see how to prevent the use of cookies in section 4. "Cookies". Further information on data protection at Criteo and the processed data can be found here https://www.criteo.com/en/privacy/.

5.2.2.6. DCMN

DCMN is a service for (Internet-) advertising. This website uses technologies of DCMN GmbH ("DCMN", Boxhagener Str. 18, 10245 Berlin). The technology depends on a cookie-based analysis of user behavior to optimize marketing impact based on user behavior. For this purpose the analysis tool integrated on our side is used. A processing of IP addresses does not take place. You can see how to prevent the use of cookies in section 4. "Cookies". The provider provides an opt-out option. This can be found at https://www.dcmn.com/privacy#cookie-optout. Further information on data protection at DCMN can be found here .

5.2.2.7. Taboola

This website uses technologies from Taboola Inc., 28 West 23rd St. 5th Fl, New York, NY 10010, USA. Taboola is an Internet advertising service that allows advertisers to target advertising users on Taboola's partner websites. The purpose of Taboola is to promote our website by displaying interest-based advertising on the respective partner site. Taboola uses cookies. Cookies are used to collect device-related data and user behavior data on a website so that you can view interest-based advertising. How to prevent the setting of cookies, see point 4. "Cookies". If you do not want to show interest-based advertising, you can disable this feature here as well. For more information about privacy at Taboola, visit https://www.taboola.com/privacy-policy.

5.2.2.8. Microsoft Bing Ads

This website uses Microsoft Corporation conversion tracking ("Microsoft", One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads uses a cookie for this purpose when you visit our website via a Microsoft Bing ad. This way, we can see that our ad has been clicked and you have been redirected to our website and have previously reached a specific landing page ("conversion page"). We receive statistical evaluations about the users who clicked on a Bing ad and were redirected to the conversion page. Your identity will not be revealed. The storage period is a maximum of 60 days. You can prevent the setting of cookies, see point 4 "Cookies". You can opt-out from Microsoft via the following link, the opportunity to explain your opposition and prevent the setting of cookies: https://account.microsoft.com/privacy/ad-settings/signedout?ru=https:%2F%2Faccount.microsoft.com%2Fprivacy%2Fad-settings. For more information about Microsoft cookies and Bing Ads, visit the Microsoft Website at https://privacy.microsoft.com/en-us/privacystatement.

5.2.2.9. Outbrain

This website uses technology from Outbrain Inc. ("Outbrain", 39W 13th Street NY, NY 10011 USA). Outbrain is an Internet advertising service that allows advertisers to target targeted advertisers to Outbrain's partner websites. This ad will only appear on Outbrain commercials, either on Outbrain Engage's ad space or the Outbrain Extended Network. Processing purpose is the application of our website by the display of interests-relevant advertisement on the respective partner sides. The technology depends on a cookie-based analysis of user behavior. If you do not want to see interest-based advertising appear, you can disable this feature here and get the privacy policy from Outbrain. You can see how to prevent the use of cookies in section 4. "Cookies".

5.2.2.10. Yahoo Gemini

This website uses Yahoo Gemini, a marketing service provider operated by Oath (EMEA) Limited 5-7 Point Square, North Wall Quay, Dublin 1, Ireland. Yahoo Gemini is an Internet advertising service that allows advertisers to target advertising users on Yahoo Gemini's partner websites. Through the service, campaigns can be optimized, measured and the advertising media can be controlled based on behavior and interests. Processing purpose is the application of our website by the display of interests-relevant advertisement on the respective partner sides. Yahoo Gemini supports the delivery of personalized and behavioral advertising over the Internet using cookies. The collection and storage of data on cookies in terms of user behavior and device-related data of the user takes place in anonymized form and a conclusion to a natural person is not possible by using Yahoo Gemini. If you do not want to receive interest-based advertising, you can disable this feature here. You can see how to prevent the use of cookies in section 4. "Cookies". For more information on privacy at Oath, visit https://policies.oath.com/ie/o/terms/advertising/masterterms-322/index.html.

5.2.2.11. adality

This website uses the realTargeting technology of adality GmbH, Neumarkter Str. 22, 81673 Munich ("adality") for the optimization of initiation chains. When using our website, a cookie is set on your device by adality. The IP address or Mac address of your computer transmitted for technical reasons will be removed by deletion prior to forwarding the aforementioned information to adality, so that adality can not identify you. Adality uses Amazon Web Services Inc. as the processor to store the cookie ID. This may result in the above data being transmitted to a country that does not meet the same data protection standards as the European Union. In this case, adality ensures that the service providers guarantee by contract or otherwise an equivalent level of data protection. The adality cookie is automatically deleted after one year. You can object to the processing of your access data for the purpose of individualized online advertising at any time by clicking on this link. Further information on privacy at adality can be found at https://adality.de/datenschutz-auf-der-website.

5.2.2.12. Casale Media

A web service is being uploaded to our website from Casale Media Inc., 74 Wingold Avenue, M6B1P5 Toronto (hereinafter Casale Media). We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal information to Casale Media. This is done for error-free operation of our website. The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found in Casale Media's Privacy Policy: http://casalemedia.com/. You can prevent the collection and processing of your data by Casale Media by setting the opt-out cookie.

5.2.2.13. PubMatic

This page uses the PubMatic service provided by PubMatic Inc., 305 Main Street, First Floor, Redwood City, CA 9406, United States. PubMatic uses technologies for the optimization of interest-based advertising ("advertising"). For more information, see the PubMatic Privacy Policy at https://pubmatic.com/legal/privacy-policy/. Information about the cookie settings can be found under point 4. "Cookies". You may object to the processing of data by PubMatic by setting the opt-out cookie.

5.2.2.14. OpenX

This site uses a service provided by OpenX Technologies Inc. ("OpenX", address for privacy issues: OpenX Technologies, Inc., Attention: Legal Department, 888 East Walnut Street, 2nd Fl, 91101 Pasadena / CA, United States). OpenX processes usage data in pseudonymous profiles and "cookies" for the purposes of web analytics and interest-based advertising. You can object to this processing at any time by managing your cookies settings, see point 4 "Cookies". OpenX offers a possibility of contradiction or an "opt-out". For more information, see the OpenX Privacy Policy at https://www.openx.com/legal/privacy-policy/.

5.2.2.15. media.net

This website uses media.net Advertising FZ-LLC Technologies, 2701 Aurora Tower, Dubai Media City, Dubai 215028. The purpose is to process data in order to serve and generate interest-based advertising (marketing purposes). The service uses cookies that contain information about the use of the website and advertisements (eg clicks). You can see how to prevent the use of cookies in section 4. "Cookies". Further information on the privacy of media.net can be found at https://www.media.net/en/privacy-policy. Media.net offers opt-out cookies. This can be found at https://www.media.net/de/adchoices.

5.2.2.16. Ströer

This website uses a service of Ströer Digital Media GmbH, Kehrwieder 8 - 9, 20457 Hamburg ("Ströer"). Ströer offers the opportunity to target interest-based advertising in the ad network. Advertising-based content is displayed on the partner side and third-party pages. Ströer uses cookies that collect device-related data and user behavior data to display interest-based advertising. As you can contradict the setting of cookies, see point 4. "Cookies". For more information about privacy and the opt-out at Ströer, see: https://www.stroeerdigitalpublishing.de/index.html%3Fp=2614.html.

5.2.3. Social Networks / Social Media Plugins

We may use social networks on our website, as far as these are activated at the time oft he visit of our website. Which company processes data in this context can be seen here. The data processing is based on Art. 6 para. 1 lit. f) GDPR on our legitimate interest.

5.2.3.1. Facebook

Our website contains plugins/services from Facebook, 1601 South California Ave., Palo Alto, CA 94304, USA. The respective plugin is recognizable by the Facebook logo or the "like me" button. As soon as you visit our website, the Facebook plug-in establishes a direct connection between your Internet browser and the Facebook servers. In this way, Facebook is informed that your website has been visited with your IP address. In the event that you should be logged in to Facebook, you can use the "Like" button, the corresponding content that is located on our website, link in your profile on Facebook. Facebook is then able to assign your visit to our website to your Facebook account. We, as the provider of our website, are not informed by Facebook about the content of the transmitted data or the data usage. Here you can get further information. In the event that you should be a member of Facebook, but do not want Facebook through our website receives data about you and connects with your membership data, you must log out of Facebook before you visit our website.

5.2.3.2. Instagram

Features of the Instagram service are integrated on our website. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our website with your user account. We point out that we as the provider of the website do not receive any knowledge of the content of the transmitted data and their use by Instagram. Further information can be found in the privacy policy of Instagram at https://instagram-basics.de/datenschutzerklaerung/.

5.2.3.3. LinkedIn

You can find LinkedIn or LinkedIn Corporation plugins/services on our website at 2029 Stierlin Court, Mountain View, CA 94043, United States of America (hereafter "LinkedIn"). You can recognize the plugins of LinkedIn by the corresponding logo or the "Recommend" button. Please note that when you visit our website, the plugin establishes a connection between your respective internet browser and LinkedIn's server. LinkedIn is informed that our website has been visited with your IP address. If you click LinkedIn's "Recommend" button while logged in to your LinkedIn account, you have the option to link content from our website to your LinkedIn profile page. In doing so, you enable LinkedIn to associate your visit to our website with you or your user account. You must understand that we have no knowledge of the content of the submitted data and its use by LinkedIn. For more details on how to collect the data and your legal options, as well as recruitment options, please visit LinkedIn. These are provided here.

5.2.3.4. Twitter

Our Website includes features of Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA. If you use Twitter and in particular the "Re-Tweet" function, Twitter will link your Twitter account to the websites you frequently visit. This will be announced to other users on Twitter, especially your followers. In this way also a data transfer takes place to Twitter. We, as the provider of our website, are not informed by Twitter about the content of the transmitted data or the data usage. Here you can get further information. Please note, however, that you have the option to change your privacy settings on Twitter in your local account settings.

5.2.4. Ambassador

We use Ambassador for the realization of a partner program as part of our tipster portal (mcmakler.getambassador.com). Ambassador is a referral marketing software of Zferral, Inc. dba Ambassador Software, 301 West 4th Street, STE 301, Royal Oak, MI 48067, USA. For this purpose, we will hand over the contact data of the affiliate program registration to the software for the further management of the partnership. The legal basis for this data processing here is your consent under Art. 6 (1) lit. a) GDPR and our legitimate interest in implementing the partner program pursuant to Art. 6 (1) lit. f) GDPR. Further information about Ambassador's data processing and data protection can be found at https://www.getambassador.com/privacy.

5.2.5. Rating on Trustpilot

On our website we offer you the opportunity to rate our services via the Trustpilot portal of Trustpilot A / S, Pilestræde 58, 5, 1112 Copenhagen, Denmark. The purpose is to improve and feedback McMakler Group performance. After the conclusion of a contract, you will receive an e-mail from us on https://www.trustpilot.de, where you can rate our services. This requires the processing of your e-mail address as well as your first name and surname. These reviews are potentially accessible to third parties through our website and partner sites. Further information on data protection at Trustpilot can be found at https://de.legal.trustpilot.com/end-user-privacy-terms.

5.2.6. Rating on Ausgezeichnet.org

On our website we offer the opportunity to rate our services via the portal ausgezeichnet.org of AUBII GmbH, Alsterufer 34, 20354 Hamburg, Germany. The purpose is to improve and feedback McMakler Group performance. After conclusion of a contract, you will receive an e-mail for review at https://www.ausgezeichnet.org where you can rate our services. This requires the processing of your e-mail address as well as your first name and surname. These reviews are potentially accessible to third parties through our website and partner sites. For more information on privacy at ausgezeichnet.org, see https://www.ausgezeichnet.org/datenschutz/.

6. Marketing E-Mails / Newsletter

If you have given us consent to communicate by e-mail as part of our service or there is a legitimate interest, we will send you relevant e-mails around the topic real estate/property. We have collected the data that we process in this process from previous services you have requested from us. After obtaining consent, the sending of marketing e-mails in accordance with Art. 6 (1) lit. a) GDPR is generally lawful. If you are already an existing customer with us, the sending of marketing e-mails is permitted according to § 7 III UWG. If you still do not want to receive these marketing e-mails, please send us a written declaration of revocation to datenschutz@mcmakler.de. You can also unsubscribe from the marketing e-mails at any time by following the unsubscribe link in the relevant marketing e-mail. For e-mail marketing, we use the marketing cloud services. We have entered into a processing contract with the service provider, which includes standard contract clauses and binding corporate rules. Our cloud service is certified under the EU-US Privacy Shield and guarantees compliance with European privacy requirements.

7. E-Mail Contact

You have the opportunity to contact us via the following e-mail addresses:

Privacy-related topics: datenschutz@mcmakler.de
General customer service: service@mcmakler.de
Issues around the real estate marketing: verkauf@mcmakler.de
Other: info@mcmakler.de

In this case, we process and store the personal data transmitted by e-mail. This will basically be your e-mail address and all other information provided by you. Such data processing is required for the conversation and to provide you with our services. The data processing is based on our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR and is therefore lawful, as far as you are not unduly limited in your rights. If the contact serves the conclusion of a contract, the processing according to Art. 6 (1) lit. b) GDPR is lawfully. If you provide unsolicited further data, the processing is based on your consent within the meaning of Art. 6 (1) a) GDPR. We will delete this data as soon as the conversation ends and there is no purpose for storage/no legal and/or legitimate retention period. The conversation ends when it can be inferred from the circumstances that the affected process has finally been clarified.

8. Disclosure of your data by us

We disclose personal information in order to comply with legal obligations, to investigate complaints about offers or content that infringe the rights of third parties and to protect the rights, property or security of third parties. Disclosure of this information is strictly in accordance with applicable laws/privacy laws. In particular, we may disclose your personal information to law enforcement or regulatory agencies or authorized third parties for any obligation or authority in connection with any investigation or suspicion of a criminal offense, unlawful act or other matter that may arise for us, you or anyone give a third party a justification for disclosure. In such cases, we will disclose the necessary data such as name, location, postal code, telephone number, e-mail address, previous usernames, IP address, fraudulent complaints and other information as far as this is permitted.

9. Rights of the data subject

The applicable data protection law grants you as the data subject to the controller (McMakler) with regard to the processing of your personal data comprehensive data subject rights (information and intervention rights), about which we inform you below:

9.1. Right to confirmation

The data subject has the right to ask the controller for a confirmation as to whether personal data concerning them are being processed.

9.2. Right to information

If personal data of the data subject are processed, you have the right to information about this personal data and to the following information:

a. the processing purposes;
b. the categories of personal data being processed;
c. the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations;
d. if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for determining that duration;
e. the existence of a right to rectification or erasure of the personal data relating to him or to a restriction of processing by the controller or a right to object to such processing;
f. the existence of a right of appeal to a supervisory authority;
g. if the personal data are not collected from the data subject, all available information on the source of the data;
h. the existence of automated decision-making, including profiling, as referred to in Article 22 (1) and (4) and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.

9.3. Right to correction and completion

The data subject has the right to demand from the controller without delay the correction of incorrect personal data concerning him. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.

9.4. Right to be forgotten

The data subject has the right to require the controller to delete personal data concerning him or her without delay, and the controller is obliged to delete personal data immediately, if one of the following reasons applies:

a. the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
b. the controller revokes the consent on which the processing referred to in Article 6 (1) lit. a) or 9 (2) lit. a) was based and lacks any other legal basis for the processing.
c. the data subject objects to the processing in accordance with Article 21 (1) and there are no legitimate grounds for processing, or the data subject objects to the processing in accordance with Article 21 (2) lit. d).
e. the personal data were processed unlawfully.
f. the deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
g. the personal data were collected in relation to information society services offered in accordance with Article 8 (1).

However, the above does not apply if the processing is for legal purposes (see 8.). A deletion is also excluded if there are statutory storage requirements or overwhelming interests of the controller for the storage.

9.5. Right to restriction of processing

The data subject has the right to require the controller to restrict the processing if one of the following conditions is met:

a. the accuracy of the personal data is disputed by the data subject for a period of time allowing the controller to verify the accuracy of the personal data;
b. the processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data;
c. the controller no longer needs the personal data for processing purposes, but the data subject requires them to assert, exercise or defend legal claims; or
d. the person concerned has lodged an objection to the processing referred to in Article 21 (1) pending determination of whether the legitimate grounds of the controller prevail over those of the data subject.

Therefore, if the processing has been restricted, these personal data may only be stored with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest of the Union or a Member State.

An affected person who has restricted processing will be notified by the controller before the restriction is lifted.

9.6. Right to data transferability

The data subject has the right to receive in a structured, common and machine - readable format the personal data relating to him / her that are made available to a responsible person, and has the right to transfer that data to another person without hindrance by the person responsible for the data personal data provided, provided that:

a. the processing is based on a consent in accordance with Article 6 (1) lit. a) or Article 9 (2) lit. a) or on a contract pursuant to Article 6 (1) lit. b); and
b. the processing is done by automated methods.

In exercising their right to data portability, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another responsible party where technically feasible.

9.7. Right to objection

The data subject has the right at any time, for reasons arising from his / her special situation, against the processing of personal data relating to him or her, which pursuant to Art. 6 (1) lit. e) and f), to object; this also applies to profiling based on these provisions. The controller no longer processes the personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.

The data subject has the right to revoke their consent at any time with future effect. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. The data subject will be informed before the consent is given. You can send a revocation at any time textually to us (e-mail is sufficient) under datenschutz@mcmakler.de. Please understand that in the case of a revocation it may take up to 4 weeks before the revocation has been processed. In the meantime, there may be overlaps in the way of handling your request with marketing measures.

9.9. Right to appeal

Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the habitual residence, place of work or place of alleged infringement, if the data subject considers that the processing concerns them personal data breaches this Regulation.

10. Additional data protection advice for those affected

10.1. Joint controller (partners and cooperations)

According to Art. 26 (2) GDPR we inform you about the processing of personal data in joint controllership with cooperation partners. The purpose of this processing is the acquisition of new customers through advertising media of various online formats and cooperations (eg through online forms, affiliates etc.). The parties have jointly determined the order of processing of this data in the individual process sections and concluded a data protection agreement in joint controllership. In this connection, it is agreed between the parties which of the parties fulfills which obligations under the GDPR. This concerns, in particular, the exercise of the rights of data subjects and the fulfillment of the information obligations in accordance with Articles 13 and 14 GDPR. You can exercise your rights under the GDPR directly against both parties. In particular, both parties shall provide the information required under Articles 13 and 14 GDPR in a clear, transparent, understandable and easily accessible form, in a clear and simple language, free of charge. In individual cases, the parties inform each other immediately about legal positions asserted by the parties concerned. They provide each other with all the information necessary to respond to requests for information, as far as this is necessary. Our services are identified accordingly on third parties. In general, no personal data is processed by McMakler through banner advertising on third-party websites, regardless of the fact that you access our website via corresponding advertising material. A shared responsibility for the processing of personal data may also exist within the McMakler Group and in cooperation with partner companies. A shared responsibility, Art. 26 GDPR, may also exist as part of the processing of credit bureaus and in cooperation with web analysis, marketing and social media services (see 5.2.1 to 5.2.3.). If this is the case, appropriate data protection agreements have been concluded with the respective company. Your contact for services communicated through us is McMakler GmbH, Torstraße 19, 10119 Berlin. The current data protection regulations apply in their current version.

10.2. Additional information for customers and interested parties

We process your personal data in accordance with our privacy policy and the applicable data protection regulations. In general, it is only such information that you enter through our online forms or that you have provided to us by any other means (such as telephone, e-mail, or other information relevant to agency/brokerage services that you provide to us have personally communicated). This may also include information relevant to the agency/brokerage services, which we obtain from or pass on to third parties with your consent, on the basis of legitimate interest or on the basis of contractual agreements.

We process your personal data for the implementation of pre-contractual measures (initiation of contractual relationships such as contact inquiries and viewing appointments). The legal basis for processing in this case is Article 6 (1) lit. b) GDPR. In some cases, processing is based on consent, Art. 6 (1) lit. a), for example for purposes of real estate valuation and for other offers and marketing in connection with our brokerage services, if necessary on the basis of Art. 6 (1) lit. f) in conjunction with recital 47 GDPR (direct marketing). A given consent can be revoked at any time with effect for the future, according to your data subject rights, see point 9.8. In addition, processing takes place to fulfill contracts (eg, brokerage agreements and other arrangements such as commission agreements). The legal basis for processing in this case is Article 6 (1) lit. b) GDPR. Processing is in some cases required to fulfill legal obligations (eg commercial, tax and credit law regulations (KWG, GWG), statutory information and notification obligations). The legal basis for processing in this case is Article 6 (1) lit. c) GDPR. In the context of a balance of interests pursuant to Art. 6 (1) lit. f) of the GDPR, processing takes place, for example, to safeguard the interests of our company and safeguard the legitimate interests of third parties (credit and default risks, internal evaluations and analyzes for marketing measures; to assert, exercise and defend legal claims, to ensure IT security and the IT operation of our company, for purposes of securing evidence). In addition, we process personal information in accordance with our privacy policy. Further details can be found in this privacy policy. To safeguard your rights, see point 9 "Rights of the data subject".

10.2.2. Categories of recipients of personal data

Within the scope of the purposes and legal bases specified in 10.2.1. and this policy, recipients of personal data will receive them for the following purposes:

Credit institutions
Processing of payment transactions, brokerage and services

Law firms and courts
Enforcement and defense of claims as well as consulting services, legal cases

Owner of real estate
Contracting and execution of the brokerage, purchase and service

Prospective buyers and buyers of real estate
Contracting and execution of the brokerage, purchase and service

External auditors/consultants (auditors, tax consultants, data protection officers, etc.)
Initiation and implementation of legal and / or authorized testing and consulting services

Authorities and other government agencies
Legal information, notification, cooperation obligations (eg money laundering prevention)

Business and cooperation partners
Realization of agreements for the purposes of real estate brokerage, real estate credit mediation/brokerage, partner programs, affiliates, tipsters

Credit bureaus
Credit check, check for credit risks

Information parties/Credit reporting
Credit check, checking for credit risk

IT service providers
Specialized IT and audit services, operation and provision of software and services

Processors (Art. 28 GDPR)
Operation and provision of SaaS and specialized services, software maintenance

Internal areas and employees of McMakler GmbH
Efficient control of business processes and tasks

Companies and employees of the McMakler Group
Efficient control of business processes and tasks, group-internal administrative purposes, initiation and execution of specialized services and agreements (eg real estate credit mediation)

10.3. Additional information for job applicants

We process your personal data for the application process within the framework of the applicable data protection regulations as well as our privacy policy. To ensure your rights as data subject see 9. „Rights of the data subject“.

10.3.1. Which personal data we process

If you provide us with personal data as part of the application process, these are classified for collection, processing and / or use in the following types of data and data categories:

  • Personal data (first and last name, date of birth, address, graduation)
  • Communication data (telephone number, mobile phone number, fax number, e-mail address)
  • Information from third parties, see 10.3.2.
  • Data on assessment and evaluation in the application process
  • Data on education (school, vocational training, civil / military service, study, doctorate)
  • Data on the current professional background, training and employment certificates
  • Information on other qualifications (eg language skills, computer skills, etc.)
  • Application photo
  • Information on salary requirements
  • Applicant history (storage limited, Art. 5 (1) e) GDPR)

10.3.2. From what sources does personal data come from if we do not collect it from you?

Incidentally, we may process your publicly available job-related information, such as a profile in professional social media networks. If we do not collect the data directly from you and you have an active profile on StepStone, Xing or LinkedIn, or if you disclose an inactive or partially active profile to us during the application process, we may also collect personal information about it.

We process personal information about you for the purpose of your application for employment, to the extent that this is necessary for the decision to establish employment with us. The legal basis is Art. 6 (1) lit. b) GDPR in conjunction with § 26 Bundesdatenschutzgesetz (BDSG). Furthermore, we may process personal data about you, as far as this is required to defend against asserted legal claims from the application process against us. The legal basis is Art. 6 (1) lit. f) GDPR, the legitimate interest is, for example, a burden of proof in proceedings under the „Allgemeines Gleichbehandlungsgesetz (AGG)“ (D) respectively „Gleichbehandlungsgesetz (GIBG)“ (AT). For these purposes, the applicant data is kept for 6 months, see no. 9.

If there is an employment relationship between you and us, we may further process the personal data already received by you for employment purposes, if this is necessary for the execution or termination of the employment relationship or for performance or fulfillment of required by law or a collective agreement, an operating or service agreement (collective agreement) and duties of employee representation.

Your personal data will only be processed by persons involved in the application process. All data controllers are required to protect the confidentiality of your information. A transfer of the data to third parties only takes place, as far as you have given your consent or we are obliged by law and / or official or judicial orders to a data transfer.

10.3.4. Categories of recipients

We may transfer your personal data to companies affiliated with us (internal administrative purposes in accordance with recital 48 GDPR), insofar as this is possible within the framework of the provisions of Art. 6 and legal bases. Otherwise, personal data are processed on our behalf on the basis of contracts pursuant to Art. 26, 28 GDPR, in particular by host providers or providers of applicant management systems. Further transfers take place only on the basis of legal obligations (eg social security, tax authorities etc.).

10.3.5. Transfer of personal data to a third country

If a personal data transfer to a third country or an international organization takes place by McMakler and/or a processor, McMakler will verify to the processor/partner, in particular, the existence of an adequacy decision pursuant to Art. 45 (3) GDPR or the existence of appropriate guarantees by type 46 GDPR. Otherwise, a transfer will only take place if one of the prerequisites according to Art. 49 (1) lit. a) to g) is present.

10.3.6. How long will your data be stored?

We store your personal information as long as this is necessary to decide on your application. In addition, if employment between you and us does not materialize, we may continue to retain the information as necessary to defend against possible legal claims. The application documents will be deleted no later than six to nine months after notification of the rejection decision, unless a longer storage due to litigation is required.

10.3.7. Necessity of providing personal data

The provision of personal information is not required by law or contract, nor are you required to provide the personal information. However, the provision of personal information is required to enter into a contract of employment with us. This means that unless you provide us with personal data when applying, we can not enter into any employment relationship with you.

10.3.8. Automated decision making

There is no automated decision making on a case-by-case basis or no "profiling" within the meaning of Art. 22 DSGVO, ie the decision on your application is not based solely on automated processing.


© 2021 McMakler GmbH - Alle Rechte vorbehalten