Privacy Information

Privacy Overview

Category Description
Types of Data In-App (Security & Technical Necessities):
IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific webpage)
Access status/HTTP status code
Amount of data transferred
Website from which the request originated
Browser
Operating system and its interface
Language and version of the browser software
Data Sharing No data sharing
Cloud Usage No cloud usage
Tracking No tracking
Advertising Only within legal limits via email for updates and similar products
Privacy Policy

§ 1 – Information on the Collection of Personal Data and Provider Identification

  1. The following informs you about the collection of personal data when using this website. Personal data refers to all data that can be personally linked to you, such as name, address, email addresses, and user behavior.
  2. The controller pursuant to Art. 4(7) of the EU General Data Protection Regulation (GDPR) is TRIACON GmbH, Andreasstr. 10, D-10243 Berlin, info@triacon.de (see our Imprint). Our data protection officer is Mr. Andreas Pinheiro LL.M., dsb@ap-datenschutz.de.
  3. If we use contracted service providers for individual functions of our offer or wish to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also specify the defined criteria for storage duration.

§ 2 – Rights, Particularly Regarding Information and Revocation

  1. You have the following rights regarding the personal data concerning you:
  • Right to information,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.
  1. If you have given consent to the use of your data, you can revoke it at any time. If the lawfulness of the processing is based on consent, it remains valid until the revocation is exercised.
  2. Please direct all requests for information, inquiries, or objections to data processing to us via email at info@triacon.de or to the address specified in § 1(2).
  3. You can request the deletion of your data from us at any time. However, statutory retention periods may exist that allow us to retain your data until the end of such periods.
  4. If your data is incorrect, you have the right to request us to correct it. We will comply with this request immediately.
  5. You have the right to receive the personal data you provided to us in a readable format, where technically feasible, to transfer it to another company (right to data portability).
  6. You have the right to lodge a complaint with the supervisory authority responsible for you. A list of data protection officers and their contact details can be found at the following link: bfdi.bund.de/EN/Infothek/Anschriften.

§ 3 – Data Security

  1. We maintain up-to-date technical measures to ensure data security, particularly to protect your personal data from risks during data transmission and from third-party access. These measures are regularly updated in line with the current state of technology.

§ 4 – Collection of Personal Data During Informational Use and Contact

  1. When you use the website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. When you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and ensure its stability and security (legal basis is Art. 6(1) sentence 1 lit. f GDPR):
  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Data volume transferred
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software
  1. When you contact us via email, your email address, name, and, if provided, your telephone number will be stored by us. The purpose of this storage is solely to contact you to answer your questions.
  2. The legal basis for the specified collection is the consent you have given by visiting our website and confirming the cookie banner or submitting the contact form (Art. 6(1) lit. a GDPR).
  3. We will only use your data for advertising purposes within the legally permitted scope. In particular, we use your email address only for direct advertising of our own similar goods or services. You can object to the use of your data for advertising purposes at any time in writing or via email to info@triacon.de. In this regard, we rely on our legitimate interest in promoting our products to our customers pursuant to Art. 6(1) lit. f GDPR.
  4. In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files stored on your hard drive, assigned to the browser you use, through which certain information flows to the entity that sets the cookie (in this case, us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the internet offering more user-friendly and effective overall.

§ 5 – Recipients or Categories of Recipients of Personal Data

  1. Within TRIACON GmbH, those departments that require your data to fulfill TRIACON GmbH’s contractual and legal obligations will have access to it. Processors engaged by TRIACON GmbH (Art. 28 GDPR) may also receive data for these purposes.
  2. The following categories of recipients may receive your data:
    • IT services (e.g., hosting of our email accounts)
    • Logistics (e.g., for file or data carrier destruction)
    • Debt collection (e.g., in case of outsourcing receivables management for overdue payments)
    • Credit agencies (e.g., SCHUFA)
    • Consulting and advisory services
    • Courts, bailiffs, and authorities (e.g., when applying for a payment order (court) or enforcing an enforceable title (bailiff))
    • Lawyers (e.g., to assert our own claims or defend against third-party claims or lawsuits)
    • Tax advisors (e.g., for tax consulting or preparation of annual financial statements)

§ 6 – Storage Duration

  1. We delete your personal data as soon as it is no longer required for the respective purposes. However, data may be stored for the period during which legal claims can be asserted against us (statutory regular limitation period of 3 years under § 195 BGB, up to 30 years under § 197 BGB).
  2. We also store your data if we are legally obliged to do so. Corresponding obligations to provide evidence and retain data arise for us from:
    • the German Tax Code: 10 years for tax purposes (§ 147 AO) (e.g., customer data and billing data for tax purposes)
    • the requirements under § 257 HGB: 6 years for documentation under commercial law requirements (e.g., documents and emails or order and contract documents in communication)

§ 7 – Cookies

  1. We use cookies on our website. Such cookies are necessary so that you can navigate the website freely and use its features; this includes, among other things, access to secure areas of the website. Cookies allow us to track who has visited the page(s) and infer how often certain pages are visited and which parts of the site are particularly popular. Session cookies store information about your activities on our website.
  2. This website uses the following types of cookies, the scope and functionality of which are explained below:
  • Transient cookies (temporary use)
  • Persistent cookies (time-limited use)
  • Third-party cookies
  1. Transient cookies are automatically deleted when you close your browser. These include, in particular, session cookies. These store a so-called session ID, which allows various requests from your browser to be assigned to the same session. This enables your computer to be recognized when you return to the website. Session cookies are deleted when you log out or close the browser.
  2. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.
  3. You can configure your browser settings according to your preferences and, for example, refuse the acceptance of third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.
  4. We use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you would need to log in again for each visit.
  5. The following cookies are used:
Name Storage Duration
utma 2 years
utmb 1 day
utmc Session
utmt 1 day
utmz 6 months

§ 8 – Data Transfer for Website Maintenance

  1. We will not transfer your personal data to third parties unless we inform you about such a transfer.
  2. Our IT service providers have access to our stored data to fix errors and enable us to implement the required technical and organizational measures. In this regard, we rely on our legitimate interest in securing our IT pursuant to Art. 6(1) lit. f GDPR or on the fulfillment of legal obligations pursuant to Art. 6(1) lit. c GDPR.
  3. The IT service provider(s) have been carefully selected and commissioned in writing by us. They are bound by our instructions and are regularly monitored by us. The service providers will not pass this data on to third parties.
  4. No transfer of your data outside the EU (EEA) takes place.

§ 9 – Web Tracking – Google Analytics

  1. This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies,” text files stored on your computer that enable an analysis of your use of the website (see § 5). The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website and internet usage to the website operator.
  2. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
  3. You can prevent the storage of cookies by adjusting your browser software accordingly; however, please note that in this case, you may not be able to use all functions of this website fully. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
  4. This website uses Google Analytics with the “_anonymizeIp()” extension. This means IP addresses are processed in truncated form, ruling out any personal traceability. If the data collected about you has a personal reference, it is immediately excluded, and the personal data is deleted promptly.
  5. We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained allow us to enhance our offer and make it more interesting for you as a user.
  6. The Google service processes your data outside the European Union and the European Economic Area at its parent company, Google LLC. The transfer of personal data to a so-called third country requires compliance with the provisions of §§ 44 ff. GDPR to ensure the level of protection guaranteed in the EU. The transfer of personal data to the USA is based on an adequacy decision by the EU Commission (Adequacy Decision for the EU-US Data Privacy Framework of 10.07.2023) pursuant to Art. 45(1) GDPR, the so-called EU-US Data Privacy Framework (DPF). Meta Platforms, Inc. can only rely on Art. 45(1) GDPR for the processing of personal data if it is registered in the list of participating organizations pursuant to Article 1 DPF (list available at: https://www.dataprivacyframework.gov/). Google LLC is registered in the list of participating companies. The registration covers personal data of employees (HR category). Thus, the present data processing can rely on Art. 45. Further information is available at: https://privacy.google.com/businesses/compliance/#!#gdpr
  7. The legal basis for the use of Google Analytics is your consent, pursuant to Art. 6(1) sentence 1 lit. a GDPR.
  8. Information from the third-party provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Terms of Use: http://www.google.com/analytics/terms/us.html, Privacy Policy: https://policies.google.com/privacy?hl=en&gl=en.

§ 10 – Google Tag Manager

  1. Google Tag Manager is a tool that allows marketers to manage website tags via an interface. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
  2. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect personal data. The tool triggers other tags, which may, in turn, collect data. Google Tag Manager does not access this data. If deactivation has been set at the domain or cookie level, it remains in place for all tracking tags implemented with Google Tag Manager. For more information, see: https://www.google.com/analytics/tag-manager/use-policy/.
  3. The legal basis for transferring personal data to Google is your consent, pursuant to Art. 6(1) lit. a GDPR.
  4. The Google service processes your data outside the European Union and the European Economic Area at its parent company, Google LLC. The transfer of personal data to a so-called third country requires compliance with the provisions of §§ 44 ff. GDPR to ensure the level of protection guaranteed in the EU. The transfer of personal data to the USA is based on an adequacy decision by the EU Commission (Adequacy Decision for the EU-US Data Privacy Framework of 10.07.2023) pursuant to Art. 45(1) GDPR, the so-called EU-US Data Privacy Framework (DPF). Meta Platforms, Inc. can only rely on Art. 45(1) GDPR for the processing of personal data if it is registered in the list of participating organizations pursuant to Article 1 DPF (list available at: https://www.dataprivacyframework.gov/). Google LLC is registered in the list of participating companies. The registration covers personal data of employees (HR category). Thus, the present data processing can rely on Art. 45. Further information is available at: https://privacy.google.com/businesses/compliance/#!#gdpr.

§ 11 – Google Maps

  1. This website uses the Google Maps service. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This allows us to display interactive maps directly on the website and enables you to use the map function conveniently.
  2. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. Additionally, the data mentioned under § 4 of this declaration is transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not wish for this association with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research, and/or tailoring its website to your needs. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, though you must contact Google to exercise this right.
  3. The legal basis for transferring personal data to Google is your consent, pursuant to Art. 6(1) sentence 1 lit. a GDPR. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy policies. There, you will also find additional information about your rights in this regard and settings options to protect your privacy: http://www.google.com/intl/en/policies/privacy.
  4. The Google service processes your data outside the European Union and the European Economic Area at its parent company, Google LLC. The transfer of personal data to a so-called third country requires compliance with the provisions of §§ 44 ff. GDPR to ensure the level of protection guaranteed in the EU. The transfer of personal data to the USA is based on an adequacy decision by the EU Commission (Adequacy Decision for the EU-US Data Privacy Framework of 10.07.2023) pursuant to Art. 45(1) GDPR, the so-called EU-US Data Privacy Framework (DPF). Meta Platforms, Inc. can only rely on Art. 45(1) GDPR for the processing of personal data if it is registered in the list of participating organizations pursuant to Article 1 DPF (list available at: https://www.dataprivacyframework.gov/). Google LLC is registered in the list of participating companies. The registration covers personal data of employees (HR category). Thus, the present data processing can rely on Art. 45.
  5. Further information is available at: https://privacy.google.com/businesses/compliance/#!#gdpr

§ 12 – Google Web Fonts

  1. This website uses so-called web fonts for the uniform display of fonts. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). When you access a webpage, your browser loads the required web fonts into its cache to display texts and fonts correctly.
  2. For this purpose, the browser you use must establish a connection to Google’s servers. This allows Google to know that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6(1) sentence 1 lit. f GDPR.
  3. If your browser does not support web fonts, a standard font from your computer will be used. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy.
  4. The Google service processes your data outside the European Union and the European Economic Area at its parent company, Google LLC. The transfer of personal data to a so-called third country requires compliance with the provisions of §§ 44 ff. GDPR to ensure the level of protection guaranteed in the EU. The transfer of personal data to the USA is based on an adequacy decision by the EU Commission (Adequacy Decision for the EU-US Data Privacy Framework of 10.07.2023) pursuant to Art. 45(1) GDPR, the so-called EU-US Data Privacy Framework (DPF). Meta Platforms, Inc. can only rely on Art. 45(1) GDPR for the processing of personal data if it is registered in the list of participating organizations pursuant to Article 1 DPF (list available at: https://www.dataprivacyframework.gov/). Google LLC is registered in the list of participating companies. The registration covers personal data of employees (HR category). Thus, the present data processing can rely on Art. 45.
  5. Further information is available at: https://privacy.google.com/businesses/compliance/#!#gdpr

§ 13 – Rental and Management of Real Estate

  1. In connection with the processing related to the rental and management of the residential units we manage or the rental of apartments or houses on behalf of the property owner, we process personal data that we receive from you.
  2. The following categories of data are processed:
    • Personal details (name, address, telephone number, email, date of birth, place of birth, marital status)
    • Copy of identity card
    • Copy of income statements
    • Payment data
    • Insurance proof (liability insurance)
    • Credit reports (to check creditworthiness)
    • Data on criminal/civil litigation history (from the tenant’s self-disclosure)
    • Other data from the tenant’s self-disclosure (employer, profession, income, previous landlord, other financial obligations, recent termination by the previous landlord)
    • Rent debt clearance certificate/documentation data (data from correspondence)
    • Employee data
    • Supplier data (e.g., external service providers)
  3. TRIACON GmbH processes personal data based on Art. 6(1) lit. b GDPR. The processing serves the performance of our contracts or pre-contractual measures with you and the execution of your instructions, as well as all activities necessary for the operation and management of our real estate management business. The specific details regarding the purpose of data processing can be found in the respective contractual documents and terms and conditions.
  4. Beyond the actual fulfillment of the contract, TRIACON GmbH processes personal data pursuant to Art. 6(1) lit. f GDPR. This is permissible insofar as the processing is necessary to safeguard our legitimate interests or those of a third party, provided that your interests or fundamental rights and freedoms, which require the protection of personal data, do not prevail.
  5. Such a legitimate interest exists, for example, in:
    • Processing payments via external service providers
    • Consultation with and data exchange with credit agencies (e.g., Creditreform) to assess default risks in specific business transactions
    • SCHUFA report: A self-disclosure is obtained from potential tenants before concluding the rental agreement. Landlords generally have a legitimate interest in checking the creditworthiness of their future tenants to avoid the risk of payment default
    • Notification and data exchange with credit agencies (e.g., SCHUFA) to report proven payment inability or unwillingness in specific business transactions. This only occurs if the debtor’s payment inability or unwillingness is proven, e.g., by a state authority
    • Assertion of legal claims and defense in legal disputes
    • Advertising our own products within the legally permitted scope (e.g., existing customer advertising or recommendation advertising not relevant under data protection law (flyers))
    • Ensuring IT security and IT operations of the company
    • Preventing and investigating criminal offenses, particularly using data analysis to detect indications of fraud or abuse

§ 14 – Video Conferences

  1. If you have given TRIACON GmbH consent to process your personal data to participate in a separate seminar, webinar, or video conference, the lawfulness of this processing is based on your consent (Art. 6(1) lit. a GDPR). Consent given can be revoked at any time. Please note that the revocation only takes effect for the future. Processing carried out before the revocation remains unaffected.
  2. You can register for the webinar, seminar, or video conference via email by providing your name and email address. We verify your identity through a personal inquiry via email. You will then receive a personal invitation link to your email inbox from us. At the time of the event, you can participate in the event via the web application by clicking the link. Your email address is also visible to other participants but will not be used otherwise. In the waiting area, you will only be admitted by us as the organizer if your booking is confirmed.
  3. The event takes place via the Teams service (Microsoft Deutschland GmbH, a subsidiary of Microsoft Inc.). In this regard, we refer to the privacy policy of our IT service provider: www.microsoftvolumelicensing.com/Downloader.aspx

§ 15 – Data Collection for Job Applications

  1. On our website, we occasionally offer open positions. If you apply for a position, we will store your application documents received by mail or email until the application process is completed.
  2. If we do not select you, we will destroy your application documents no later than six months after the end of the application process. We rely on our legitimate interest in efficient legal defense pursuant to Art. 6(1) lit. f GDPR in conjunction with § 21(5) AGG. The limitation period for such claims is 2 months.
  3. The processing of your application data is based on § 26(1) BDSG, as it is necessary for establishing an employment relationship.
Contact – TRIACON GmbH

We are here for you:

TRIACON GmbH
Andreasstr. 10
D-10243 Berlin
phone:+49 (0) 30 - 4 20 26 17-0
fax:+49 (0) 30 - 4 20 26 17-29
email:info@triacon.de