Data Protection Statement

www.agromex.de

Whenever you visit this website, your personal data (hereinafter referred to as “personal data” or just “data”) will be processed by us in our role as data controller, and will be stored for as long as is necessary to fulfil certain specified purposes and to meet certain legal obligations. In the sections below, we will brief you on the nature of the data involved, on the ways in which they may be processed, and on your rights in this context.

Pursuant to Art. 4, No. 1, German Data Protection Regulation (“GDPR”), the term “personal data” is used for any information that relates to an identified or identifiable natural person (hereinafter “Data Subject” or “User”).

1. NAME AND ADDRESS OF THE CONTROLLER AND OF THE DATA PROTECTION OFFICE

This Data Protection Policy applies to the data processing on the website www.agromex.de by the Controller pursuant to Art. 4, No. 7, GDPR:
AGROMEX Invest GmbH
Auf dem Franzensberg 5
14548 Schwielowsee
Deutschland

E-mail: info@agromex.de
Phone: 03327-5690080
Fax: 03327-5690088
(hereinafter “Agromex,” “we” or “us”).
If you have any questions concerning data protection law or your data subject rights, feel free to contact us directly by sending an e-mail to berlin@agromex.de at any time.

2. PROCESSING OF PERSONAL DATA, AND PURPOSES OF SUCH PROCESSING

a) Webhosting

For the publication of this website, we rely on the web hosting services of Host Europe GmbH, Hansestrasse 111, D-51149 Cologne (hereinafter “Host Europe”). To operate a website, it is necessary to contract the services of a web hosting service. Contracting the services of Host Europe is based on our legitimate economic interest to make our own services available on this website pursuant to Art. 6, Sec. 1, Sent 1, Lit. f, GDPR. In line with its efforts to host our website, and on our behalf, Host Europe will process personal data that are generated by the use of our website.

To this end, we signed a third-party processing agreement with Host Europe. In the agreement, the service provider undertakes to process the data in compliance with the German Data Protection Regulation, and to guarantee the protection of data subject rights.

b) Visiting the Website

You have the option to visit our website without disclosing your identity. In that case, the browser used by your endpoint will automatically limit the information it sends to our website server (including date and time of access; time zone difference to Greenwich Mean Time [GMT]; name and URL of the page accessed; access status/HTTP status code; the amount of data transferred in each case; language and version of the browser; the website previously visited [referrer URL]).

This includes the IP address of your requesting endpoint. Your IP address will be saved in a so-called log file, and will automatically be deleted at the end of a 14-day period.

The IP address is processed for technical and administrative purposes of setting up, and maintaining the stability of, the Internet connection, to ensure the security and functioning of our website, and to be able to trace unlawful attacks targeting our website if necessary.

Legal basis for processing your IP address is Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR. Our legitimate interest derives from our mentioned interest to ensure security and the interference-free provision of our website.

Processing your IP address in the log file does not permit any direct conclusions regarding your identity.

c) How to Contact Us

You are welcome to get in touch with us for general inquiries by using the contact form provided on our website, or by sending a message to our stated contact e-mail address. Any personal data we receive in conjunction with your inquiry will be processed.

Required disclosures when submitting an inquiry via our online contact form include your last name and your e-mail address. When using the form, you may enter your message to us in the “subject” text box. We collect personal data in this context in order to be able to address you by name and to reply to your inquiry via e-mail. For added protection of the contact form, we use the so-called double-opt-in procedure, which means you will receive an e-mail after you submit your inquiry, prompting you to confirm it by clicking a link that the e-mail contains. The idea is to verify that the inquiry was indeed submitted by you.

If your inquiry concerns a specific project of ours, you also have the option to select the respective project in a drop-down list within the contact form. You may also wish to volunteer your first name and phone number so as to give us the opportunity to call you back whenever doing so would help to address more complex inquiries.

The processing of data in the context of responding to contact form inquiries is based on the consent you granted pursuant to Art. 6, Sec. 1, Sent. 1, Lit. a, GDPR, or else is based on our legitimate interest pursuant to Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR. If your request concerns an intended exchange of contracts with us, then Art. 6, Sec. 1, Sent. 1, Lit. b, GDPR, serves as basis for the data processing.

The personal data collected in connection with your use of our contact form will be deleted once your inquiry has been answered conclusively, unless statutory retention obligations prevent their deletion. The data will also be deleted if you revoke your consent before your inquiry has been processed conclusively, unless we are obliged to keep storing your data on the grounds of statutory retention obligations. Please note that it would be impossible to process your inquiry without your consent to process your data. The same is true for inquiries sent to our contact e-mail address.

d) Registration in Our List of Prospects

You also have the option to register for the list of prospects interested in a given property development of ours for the purpose of receiving updates on the respective development, e. g. its start of sales, or to receive sell sheets, and to be notified by us ahead of relevant dates.

In conjunction with the list of prospects, we will process—depending on which personal data you disclose to us, and on the ways in which you prefer to communicate with us—your postal address (street, address, postcode, and city), e-mail address and phone number in addition to your name.

The data processing is based on the consent you granted and that you may revoke with effect to the future at any time pursuant to Art. 6, Sec. 1, Sent. 1, Lit. a, GDPR.

The personal data collected for the list of prospects will be deleted once the processing purpose ceases to apply, unless statutory retention obligations prevent their deletion. The data will also be deleted if you revoke your consent, unless we are obliged to keep storing your data on the grounds of statutory retention obligations. Please note that it would be impossible to process your inquiry without your consent to process your data.

3. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

a) Disclosure of Personal Data to Third Parties

Your personal data will not be transmitted to any third party unless
– you expressly consented to it pursuant to Art. 6, Sec. 1, Sent. 1, Lit. a, GDPR,
– it is permitted by law and necessary pursuant to Art. 6, Sec. 1, Sent. 1, Lit. b, GDPR, for fulfilling our contractual relationship with you,
– we are under a legal obligation to disclose the data pursuant to Art. 6, Sec. 1, Sent. 1, Lit. c, GDPR, or
– it is permitted by law and necessary pursuant to Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR, to achieve our legitimate interests or those of third parties.

Any data thus transmitted may not be used by the respective third party except for the stated purposes.

b) Transfer of Personal Data to Third Countries

No personal data will be transferred to a third country or to an international organisation unless we notify you about it and unless the prerequisites specified in Art. 44 et seq., GDPR, are met.

The term “third country” designates any country outside the European Economic Area (EEA) where the GDPR is not directly applicable. A third country is deemed to be insecure if the EU Commission has not issued an adequacy decision for that country pursuant to Art. 45, Sec. 1, GDPR, so as to confirm that the country provides adequate protection of personal data.

One of the so-called insecure third countries is the United States. This means that the United States offer no data protection level equivalent to that provided within the EU. Transmissions of personal data to the United States are subject to the following risks: There is a risk that US agencies could access personal data via the PRISM and UPSTREAM surveillance programs as authorised by Section 702, FISA (Foreign Intelligence Surveillance Act), Executive Order 12333, or Presidential Police Directive 28. Neither in the US nor in the EU do EU citizens enjoy effective legal protection against this type of data interception.

One of the purposes of this data protection policy is to advise you when and how we will transmit personal data to the United States or other insecure third countries. We will not transmit your personal data unless
– the recipient provides adequate guarantees pursuant to Art. 46, GDPR, to protect your personal data,
– you expressly consented to the transmission pursuant to Art. 49, Sec. 1, Lit. a), GDPR, after having been briefed on the pertinent risks,
– the transmission is necessary to fulfil contractual obligations between you and us
– or another exception under Art. 49, GDPR, applies.

Guarantees pursuant to Art. 46, GDPR, may take the form of so-called standard contractual clauses. Under such a standard contractual clause, the recipient of the data will undertake to provide adequate protection to the data and thereby to guarantee a level of protection comparable to that mandated by the GDPR.

4. COOKIES AND COMPARABLE TECHNOLOGIES

Our website uses so-called “cookies” and similar features as part of the technology necessary to stage the website and to capture the website use statistically as well as to evaluate it for optimisation purposes (see Section 5, below). Our processing of your data via the placed cookies for the aforesaid technically required purposes pursuant to Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR, is based on our legitimate interest, which is deemed legitimate within the meaning of the aforesaid provision.

Moreover, we will place cookies and use them to process the data solely on the basis of your consent pursuant to Art. 6, Sec. 1, Sent. 1, Lit. a, GDPR. You may, at any time, use our consent management tool to revoke your consent with effect to the future or to adjust your settings.

a) Cookies

Cookies are small files that are automatically created by your browser and stored on your endpoint (laptop, tablet, smartphone or similar) when you visit our website. Cookies will cause no damage to your endpoint, and contain no viruses, Trojans or any other malware. The information stored in the cookie is in each case defined by the specific endpoint used. This does not mean that it enables us to learn your identity directly.

The purpose of using cookies is, on the one hand, to make our services technically available to you. For one thing, we use so-called session cookies to see which pages of our website you already visited, and to check whether you are already logged into your user account, if any, as well as to provide any service that you may have requested. Cookies of this type will be automatically deleted after you leave our website. By definition, such cookies are technically necessary. We may therefore place them without your prior consent. The data processed by our cookies are required for the aforementioned purposes, meaning to protect our legitimate interests to ensure a technically functional provision of our services pursuant to Art. 6, Sec. 1, Sent. 1, Lit f, GDPR.

On the other hand, we use cookies within the framework of our service offer to monitor the use of our website statistically, as well as for the purpose of optimising our service offer to you, and to provide additional services. Cookies of this type enable us to recognise you automatically as a returning user the next time you visit our website. These cookies will be automatically deleted after a certain period set in each case, and they are placed only with your consent.

Most browsers accept cookies automatically. However, you have the option to configure your browser in a way that prevents the storage of cookies or notifies you whenever a cookie is about to be placed. Please note that fully disabling cookies may prevent you from using all features of our website.

b) Pixel

Within the framework of our online service offer, we also make use of pixel tags (also known as tracking pixels or beacon trackers). Pixels are small graphics that are integrated via the HTML code of our web pages. The pixel tag itself will neither store nor alter any information on your endpoint, meaning that pixels will cause no damage to your endpoint, and contain no viruses, Trojans or other malware.

Pixels will send data to a web server, including your IP address, the referrer URL of the website you visited, the time at which the pixel was viewed, the browser used, as well as previously set cookie information. This enables us to measure the reach of our website and to perform other statistical evaluations that help us optimise our platform and our online service offer.

c) Consent Management Using Cookiebot

To manage user consent concerning the use of cookies and similar technologies, our website uses the “Cookiebot” consent management service provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. The latter will process the date and time of your visit, browser information, consent information, device information and the anonymised IP address of the accessing device. Legal basis for the data processing is Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR. Obtaining and managing the legally required consent is deemed a legitimate interest within the meaning of the aforementioned provision. The revocation of a previously granted consent will be saved for a period of 12 months.

5. WEB ANALYSIS OR TRACKING USING GOOGLE ANALYTICS

Our website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”). This service creates pseudonymous use profiles, and uses cookies. The use of Google Analytics is based on your consent pursuant to Art. 6, Sec. 1, Sent. 1, Lit. a, German Data Protection Regulation (GDPR). You may use the consent management tool to revoke your consent at any time.

Google processes the information on our behalf in order to analyse your use of our website, to compile reports on the activities on our website, and to provide other services to us that relate to the use of our website and of the Internet for the purposes of market research and of need-based customisation of these Internet pages.

We signed an order processing agreement with Google that governs the use of Google Analytics. In the agreement, Google undertakes to process the data in compliance with the GDPR, and to guarantee the protection of data subject rights.

We exclusively use Google Analytics with IP anonymisation enabled. This means that Google will truncate your IP address in advance within any member state of the European Union or within any member state of the Treaty on the European Economic Area. Your IP address will not be merged with other data available to Google.

We do not use the Universal Analytics with User ID that Google offers.

The collected data may be transmitted to third parties whenever doing so is legally mandated or if third parties have been contracted to process the data.

The user data collected via cookies are automatically deleted after 14 months.

The information generated by the cookies placed by Google Analytics about the use of our website (e. g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is also transmitted to Google servers in the United States and processed there. The data transmitted are pseudonyms only, and it is impossible to infer your name from them. For data transmission by Google to commissioned data processors or Google group companies in the United States or other insecure third countries, Google relies on standard contractual clauses approved by the EU Commission as warranty that a level of data protection comparable to that in the EU is guaranteed. The contract we concluded with Google also contains standard contractual clauses for the constellation that personal data are transmitted directly to a Google company in the United States or another insecure third country.

Details on data protection in the context of Google Analytics are available in the Google Analytics Help pages, for example. For details on Google’s use of data, see Google’s own data protection statement.

6. DATA SUBJECT RIGHTS

You have the right:

– to revoke at any time, pursuant to Art. 7, Sec. 3, GDPR, the consent you once granted to us. As a consequence of such a revocation, we will be unable to keep processing the data subject to the revoked consent;
– to demand information about your personal data processed by us pursuant to Art. 15, GDPR. In particular, you may demand information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to object, the origin of your data if these were not collected by us, as well as the existence of automated decision making, including profiling and, where applicable, meaningful information on the details thereof;
– to demand, pursuant to Art. 16, GDPR, the prompt correction of inaccurate or incomplete personal data stored by us;
– to demand, pursuant to Art. 17, GDPR, the deletion of your personal data stored by us unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
– to demand, pursuant to Art. 18, GDPR, the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you object to their deletion, or if we no longer need the data but you require them to assert, exercise or defend legal claims, or if you have lodged an objection to such data processing pursuant to Art. 21, GDPR;
– to demand, pursuant to Art. 20, GDPR, to have your personal data that you provided to us disclosed to you in a structured, common and machine-readable format or to request its transfer to another controller; and
– to complain to a regulator pursuant to Art. 77, GDPR. The best way to do so is normally to contact the regulator responsible for your habitual place of residence or workplace, or the regulator responsible for our principal place of business.

Information about Your Right to Object pursuant to Art. 21, GDPR

You have the right to object at any time to the processing of personal data concerning you on the basis of Art. 6, Sec. 1, Lit. f, GDPR (data processing on the basis of a balancing of interests) for reasons arising from your particular situation, including profiling based on this provision within the meaning of Art. 4, No. 4, GDPR.

If you file an objection, we will no longer process your personal data unless we can substantiate compelling reasons worthy of protection for processing your data which outweigh your interests, rights and freedoms, or unless the processing serves the assertion, exercise or defence of legal claims.

If your objection is directed against the processing of data for the purpose of direct marketing, we will immediately cease to process your data for this purpose. In this case, it is not necessary to detail your special situation. The same is true for profiling if it is connected to direct marketing of this type.

All you need to do to exercise your right to object is to send an e-mail to berlin@agromex.de stating your objection.

7. DATA SECURITY

All data transmitted by you personally are encrypted using the generally accepted and secure Transport Layer Security (TLS) standard. TLS represents a secure and proven standard that is also used in online banking, for example. One of the signs telling you that you are using a secure TLS connection is the “s” appended to “http” (i.e. “https://…”) in the address bar of your browser, another sign being the lock symbol shown in the lower part of your browser.

Other than that, we use adequate technical and organisational security measures to protect your data against accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological advances.

8. CURRENCY OF AND AMENDMENTS TO THIS DATA PROTECTION STATEMENT

The baseline date for this Data Protection Statement is September 2021.

The ongoing development of our website and of services offered on it, or changing legal or official requirements, may necessitate revisions of this Data Protection Statement from time to time. At any time, you can retrieve and print the latest version of the Data Protection Statement from this website.