Data Privacy

Controller

Controller according to the General Data Protection Regulation (GDPR) and other national data privacy laws of member states, as well as other data privacy regulations is

Studentkompanie Betriebs-GmbH

Rheinstrasse 4c

55116 Mainz

You can contact our data protection officer at dsb@clarius.legal.

 

General Information on Data Privacy

Categorically, we collect and use our users‘ personal data only as far as it is necessary to operate a functional website as well as to provide our contents and services. The collection and use of personal data are carried out periodically only after obtaining the user’s consent. There is an exception to this in such cases where obtaining consent ahead of time is not possible for practical reasons and the processing of data is permitted per legal provisions.

Where we obtain the data subject’s consent for processing operations for personal data, Article 6(1) lit. a of the EU General Data Protection Regulation (GDPR) serves as legal basis for the processing of personal data. When processing personal data as part of fulfilling a contract of which the data subject is a contracting party, Article 6(1) lit. b GDPR serves as legal basis. This also applies to processing operations essential to the implementation of precontractual measures. Where the processing of personal data is necessary for compliance with a legal obligation which our business is subject to, Article 6(1) lit. c GDPR serves as legal basis.

If the processing is necessary to the preservation of a legitimate interest held by our business or a third party and the data subject’s interests, constitutional rights and fundamental freedoms do not outweigh this, Article 6(1) lit. f GDPR serves as legal basis for the processing.

The data subject’s personal data will be deleted or made unavailable as soon as they are no longer necessary for fulfilling the purpose of their collection. The recording of data can also occur when it is provided for by European or national legislature in Union law regulations, laws, or other provisions which the data subject is subject to (e.g. in accordance with German Tax Code in certain cases for up to 10 years). Data blocking or deletion will also occur if a storage period required by the mentioned standards expires unless there is a necessity for the continued storage of the data for the conclusion or the fulfilment of a contract.

 

Operating the Website

With every visit to our website, our system will automatically collect data and information from the visiting computer’s operating system.

The following data will be collected:

  • Information about the type and version number of the used browser
  • The user’s operating system
  • The user’s internet service provider
  • The user’s IP address
  • Date and time of the visit
  • Websites from which the user’s system enters our website
  • Websites to which the user’s system exits our website

Article 6(1) lit. f GDPR serves as legal basis for the temporary storage of data. Temporarily storing the IP address is necessary to ensure the website is delivered to the user’s computer. Therefore, the user’s IP address needs to be stored for the duration of the session. The data is deleted as soon as it no longer needed to achieve the purpose of its storage. In the case of the data recorded for the delivery of the website, this will occur when the respective session has ended.

 

Cookies

Our website uses cookies. Cookies are text files that are saved in the internet browser or by the internet browser in the user’s operating system. When a user visits a website, the cookie can be saved in the user’s operating system. This cookie contains a distinctive character sequence which enables an exact identification of the browser on re-visiting the website.

We use session cookies to make our website more user-friendly. Some elements of our website require for the visiting browser to also be identifiable after changing pages (e.g. for saving a user’s language settings).

Article 6(1) lit. f GDPR serves as legal basis for the processing of personal data by using cookies. The purpose of using technically necessary cookies is to simplify the use of websites for the user. Some functions of our website cannot be operated without the use of cookies. For those, it is necessary for the browser to also be identifiable after changing pages. User data recorded by technically necessary cookies is not used to set up user profiles.

Cookies are stored on the user’s computer and transmitted from there to our website. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing your internet browser’s settings. Previously saved cookies can be deleted at any time. This can also be automated. If cookies are deactivated for our website, not all functions may be fully operational.

 

Third Party-Cookies

In addition, the website uses the third-party cookies described below. These are cookies from other businesses that we have allowed to be used on our website to improve the usability of our services. When accessing the website, the user will be informed about the cookies’ use for analytics purposes, among other things, and their consent to the processing of the personal data used in this context will be obtained.

 

Cloudflare

We use the Content Delivery Network (CDN) technology Cloudflare to ensure a shorter loading time of our website. Provider of the technology is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.

When visiting our website, the following data is transferred to Cloudflare:

  • Your IP address
  • Security fingerprints
  • DNS protocol data
  • Performance data for websites

We use this technology to create a pleasant user experience and to make it easier for you to contact us. The legal basis for the use of Cloudflare is Art. 6(1) S. 1 lit. a GDPR. You can find further information here: https://www.cloudflare.com/privacypolicy/.

 

Usercentrics

This website uses Usercentrics’ cookie-consent-technology to obtain your consent to the storage of certain cookies on your device and to document these in a data protection-compliant manner. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website: https://usercentrics.com (hereinafter referred to as “Usercentrics”).

When you access our website, the following personal data is transferred to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)
  • Your IP address
  • Information about your browser
  • Information about your device
  • Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to allocate the consents granted to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie itself or until the purpose for which the data is stored no longer applies. Mandatory statutory storage obligations remain unaffected.

Usercentrics is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1) S. 1 lit. c GDPR.

We have concluded a contract for data processing with Usercentrics. This is a contract which is required by data protection law and ensures that Usercentrics processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Further information on data protection can be found at: https://usercentrics.com/privacy-policy.

 

WPML

We use the plugin WPML. This serves to display the website in several languages. It saves the language chosen by the user. WPML is a service provided by OnTheGoSystems Limited, located at 22/F, 3 Lockhart Road, Wanchai, Hong Kong, websites: https://wpml.org and https://www.onthegosystems.com.

This is used to improve the user experience and to make the contents of the website available to the user in an understandable way at all times. The legal basis is Art. 6(1) S. 1 lit. f GDPR. Our legitimate interest lies in the interest of the analysis, as well as the optimisation of our offering.

Further information on data protection can be found at: https://wpml.org/documentation/privacy-policy-and-gdpr-compliance.

 

Social media presences

We maintain online presences in social networks and on platforms in order to communicate with the customers, prospects, and users active there and to inform them about our services.

We hereby inform you that you use these pages and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also view the information we offer on our website www.the-urbanclub.com.

By clicking on the link on our website, the respective provider of the website records your IP address and other information that is available on your PC in the form of cookies. The data collected about you in this context is processed by the respective provider and may be transferred to countries outside the European Union. Which information the service providers receive and how this information is used is described in general terms in their respective data use guidelines. There you will also find information about contact options as well as setting options for advertisements.

Also, in the case of requests for information and the assertion of user rights, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. Should you nevertheless require assistance, you can of course contact us.

You can also find us at:

  • Facebook.com. We use the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland for the information service offered there. The complete data guidelines of Facebook can be found here: https://www.facebook.com/full_data_use_policy.

 

Instagram Plugin

Social plugins for instagram.com have been embedded on this website. Instagram.com is a service by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you can link the website contents with your Instagram profile by clicking the Instagram button. Hereby, Instagram can amalgamate your visit on this website with your user account. Please note that the operator of this website does not receive information about the content of the transmitted data nor their use by Instagram.

We use social media plugins for improved customer communications and for marketing purposes, especially in order to allow you to share relevant and interesting content on various platforms. This also includes our legitimate interest in the processing of data described above by the third-party providers. Article 6(1) S. 1 lit. 1 GDPR serves as legal basis.

Find further information in Instagram’s data privacy notice: http://instagram.com/about/legal/privacy/.

 

“Book now” function

On our website we offer you the option to apply for our apartments via a “Book Now” contact form. For this purpose, we use the service provider REOS GmbH, Amsinckstraße 28, 20097 Hamburg, Germany, website: https://www.reos-software.com/ (in the following: “REOS”). This makes it easier for you to contact us in order to conclude a contract. If the “Book Now” contact form is used, the following data will be transmitted to us and stored:

  • Name (required field)
  • Email address (required field)
  • All information you enter into the “message” field

Additionally:

  • The user’s complete IP address
  • Date and time of the message

The processing of the personal data from the contact form serves us only to process the contact. For this purpose, the data will be transmitted to REOS and processed there.

REOS needs the personal data to prepare the initial housing application, so that it can then be evaluated by the landlord. A copy of the identity card and other personal documents are automatically deleted by the system as soon as the rental agreement is signed by both parties and is therefore binding. All other information that is important for the contact is of course stored in the system, such as the email address. When a tenant moves out, this information is also removed after a short retention period.

The complete REOS privacy policy can be found at: https://www.reos-software.com/en/74/data-protection.

The legal basis for the use of the “Book now” contact form and the associated data processing is Art. 6(1) lit. b GDPR. The processing of personal data from the contact form serves us solely to process your request. The other personal data processed during the sending process serves to prevent misuse of the form and to ensure the security of our information technology systems.

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected.

We have concluded a contract for data processing with REOS. This is a data protection contract which guarantees that REOS processes the personal data of our website users only in accordance with our instructions and in compliance with the DSGVO.

 

Service Contact Forms and Email Communications

You can fill out a contact form on our website. We use such contact forms in order to simplify communications. If a user chooses this option, the following data is transmitted to us and stored:

  • Name (required field)
  • Email address (required field)
  • All information you enter into the “message” field

Additionally:

  • The user’s complete IP address
  • Date and time of the message

Alternatively, you can contact us at the provided email address. In that case the user’s personal data transmitted via the email will be stored. In this context, no data will be disclosed to third parties. The data will be exclusively used for processing the conversation.

Article 6(1) lit. f GDPR serves as legal basis for the processing of data which has been transmitted as part of an email. If the email communications aim for the signing of a contract, Article 6(1) lit. b GDPR serves as additional legal basis for the processing.

The processing of personal data from the input screen is solely used to facilitate communications. In the case of email communications, this also includes the necessary legitimate interest in the processing of data. Any other personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

The data will be deleted as soon as they are no longer necessary for fulfilling the purpose of their collection.

 

Rights of Data Subjects

If your personal data is being processed, you are the data subject in accordance with the GDPR and you have the following rights against the controller:

  • You are entitled to information from the controller on whether any personal data concerning you is being processed by us.
  • You have a right to rectification, completion, restriction, and erasure of your personal data against the controller.
  • You have a right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format (right to data portability).
  • You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based Article 6(1) lit. e or lit. f GDPR.
  • You have the right to withdraw your consent at any time with regards to Article 7(3) GDPR.
  • Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement if you consider the processing of personal data relating to you infringes the GDPR.

If you want to assert any of your rights, you can contact us at dsb@clarius.legal or via the contact persons stated in the legal notice.