Services
Services
Property locations
Property locations
About us
About us
News
News
Career
Career
Contact

Data protection for tenants

The following information is intended to give you an overview of how we process your personal data and your rights under data protection law. When the rental agreement is concluded, the tenant's personal data is collected so that EUROPA-CENTER AG can fulfill its obligations under the agreement towards the tenant. The data may be processed and stored electronically by EUROPA-CENTER AG.

 

  1. Who is responsible for data processing and who can I contact?

The responsible body is:

EUROPA-CENTER AG

Hammerbrookstraße 74

20097 Hamburg

Tel.: +49 40 27144-0

Mail: info@europa-center.com

 

You can contact your data protection officer at:

IBS data protection services and consulting GmbH

Zirkusweg 1
20359 Hamburg
Tel.: 040-540 90 97 80

E-Mail: dsb@ibs-data-protection.de

 

2. What sources and data do we use?

 

We process your personal data that is necessary for the fulfillment of our obligations arising from the rental agreement. If, in individual cases, processing goes beyond this purpose, we will obtain your explicit consent. In cases where personal data is processed on the basis of our legitimate interest, we will inform you separately.

 

2.1 Categories of personal data/type of data:

 

EUROPA-CENTER AG and its agents process the data in order to establish, maintain, and process the rental agreement. Relevant personal data includes:

 

  • Surname, first name, date of birth, and telephone numbers,
  • Postal address, other addresses of the tenant,
  • Data on payments, bank account details, and outstanding claims,
  • Number and identity of persons,
  • Contents of sublease agreements, if concluded,
  • Vehicle registration number and, if applicable, type of drive

 

3. Why do we process your data (purpose of processing) and on what legal basis?

 

We process your personal data in accordance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and sector-specific data protection standards. The legal basis for the processing of your personal data is Art. 6 (1) (b) GDPR (data processing for the performance of a contract or pre-contractual measures). The legal basis for the processing of your personal data is Art. 6 (1) (a) GDPR (consent). The legal basis for the processing of your personal data is Art. 6 (1) (c) GDPR (legal obligation).

 

3.1 To fulfill contractual obligations

 

The processing of personal data (Art. 4 No. 2 GDPR) is carried out for the purpose of providing the services arising from the rental agreement. The purposes of data processing are primarily based on the specific rental agreement and may include, among other things, the involvement of third-party support, taking into account the applicable data protection regulations.

 

3.2 Within the framework of balancing interests

Where necessary, we also process your data to protect our legitimate interests or the legitimate interests of third parties.

 

For example:

  • Asserting legal claims and defending against legal disputes,
  • Ensuring IT security and IT operations,
  • Preventing and investigating criminal offenses,
  • Measures for building and facility security (e.g., access controls),
  • Measures to ensure house rules,
  • Measures for business management and further development,
  • Risk management within the company

 

Your personal data may only be processed for the purpose of detecting criminal offenses if there are documented factual indications giving rise to the suspicion that you have committed a criminal offense, if the processing is necessary for the detection of the offense, and if your legitimate interest in excluding the processing does not outweigh this, in particular if the nature and extent of the processing are not disproportionate in relation to the occasion.

 

 

3.3 Based on your consent

 

If you have given us your consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent. Consent that has been given can be revoked at any time. Please note that the revocation only applies to the future. Processing that took place before the revocation is not affected.

 

3.4 Based on legal requirements

 

In addition, as a company, we are subject to various legal obligations, i.e., legal requirements (e.g., tax laws) and requirements of the EU, federal, or state administration. The purposes of processing include, among other things, measures for identity verification, fraud prevention, the fulfillment of tax control and reporting obligations, and the assessment and management of risks.

 

4. Who receives my data?

With regard to the transfer of data to recipients outside the company, it should first be noted that we comply with the applicable data protection regulations. We may only pass on information about you if required to do so by law, if you have given your consent, or if we are authorized to provide such information. Under these conditions, recipients of personal data may include, for example:

Public authorities and institutions (e.g., government agencies, tax authorities) in the event of a legal or official obligation.

Other data recipients may be those entities for which you have given us your consent to transfer data.

 

5. How long will my data be stored?

We process and store your personal data for as long as this is necessary for the purpose. In addition, we are subject to various storage and documentation obligations, which arise from the German Commercial Code (HGB) and the German Fiscal Code (AO), among others. The periods specified there for storage and documentation are two to ten years. Finally, the storage period is also assessed in accordance with the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), can be up to thirty years, whereby the regular limitation period is three years. All other processing is only carried out until the purpose for the processing has been fulfilled.

 

6. Is data transferred to a third country or to an international organization?

Data is only transferred to third countries (countries outside the European Economic Area - EEA) if this is necessary, required by law, or if you have given us your consent. We will inform you separately about the details, if required by law.

 

7. What data protection rights do I have?

Every data subject has the right to information under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, and the right to data portability under Art. 20 GDPR. In addition, there is a right to lodge a complaint with a data protection supervisory authority (Article 77 GDPR).

 

8. To what extent is there automated decision-making in individual cases?

We do not use automated processing procedures to make decisions about your personal data (Article 22 GDPR). Should we use these procedures in individual cases, we will inform you separately if this is required by law.

 

9. To what extent is my data used for profiling (scoring)?

We do not process your data automatically with the aim of evaluating certain personal aspects (profiling or scoring).

Information about your right to object under Article 21 of the General Data Protection Regulation (GDPR).

 

Right to object in individual cases


You have the right to object at any time to the processing of personal data concerning you that is carried out by us on the basis of a balancing of interests (Article 6(1)(f) of the GDPR). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

 

The objection can be made informally and should be addressed to:

 

Responsible party

EUROPA-CENTER AG

Hammerbrookstraße 74

20097 Hamburg

 

Tel.:  +49 40 27144-0

Mail: info@europa-center.com