Real estate search

Privacy policy

The protection of your personal data is of particular concern to eugen GmbH (“eugen”, “we”, “us”). We therefore process your personal data exclusively on the basis of the statutory provisions, in particular the General Data Protection Regulation (“GDPR”), the applicable Data Protection Act (“DPA”) and the Telecommunications Act (“TKG”). In the following, you will learn what information we process when you visit our website www.eugen.immo (“Website”).

 

1. Name and address of the responsible persons

The person responsible for processing your personal data in accordance with the provisions of data protection law is:

eugen GmbH

Riemergasse 8,

1010 Wien

E-Mail: hallo@eugen.at

Please feel free to contact us directly if you have any questions about data processing that concerns you.

 

  1. 2. Data processing website

2.1. Scope of the processing of personal data when using the website

In the course of your visit to our website, we will automatically collect the following personal data about you:

  • Date and time of the call of a page on our website;
  • Data about your terminal device (device ID);
  • IP address;
  • Name and version of your web browser;
  • Session ID.

For information on the cookies we collect when you visit our website, please refer to our cookies.

2.2. Legal basis for the processing of personal data

As far as the data of your visit to our website and online services is concerned, we base the justification of the processing on our legitimate interest according to Art. 6 para. 1 lit. f GDPR, which is to make our website user-friendly and to protect you from attacks.

2.3. Purpose of data processing

We process your data in connection with your visit to our website for the following purposes:

  • to provide you with our website, including its features, and to further improve and develop this website;
  • to be able to compile usage statistics;
  • to be able to detect, prevent and investigate attacks on our website and online services.

2.4. Duration of storage

We will generally store your website visit data for a period of 14 days. Longer storage only takes place insofar as this is necessary to investigate identified attacks on our website and beyond that only until the end of relevant limitation periods, statutory retention periods or any legal disputes.

2.5. Recipients of data

For the operation and administration of the website, we regularly use IT service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT services.

We also transfer your personal data to the following recipients:

  • to other external third parties to the extent necessary (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an occasion, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, etc.).

Your data will not be passed on to any other third parties for their own purposes without your consent.

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA) or if this is done in the context of using third-party services, this will only be done if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements. Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

If this involves a transfer to countries without an adequacy decision pursuant to Article 45 (3) of the GDPR and without appropriate safeguards pursuant to Article 46 of the GDPR, such as the USA in particular, we would like to point out that there is a risk that your data transferred in this way may be subject to access by authorities in these third countries for control and monitoring purposes and that no effective legal remedies are available against this.

 

  1. 3. Data processing contact

3.1. Scope of the processing of personal data when contacting us

If you contact us by e-mail, post, via our social media channels or via our contact form, we process the personal data you provide (e-mail, name, etc.) and the content of your inquiry.

If you contact us via our social media pages on Facebook, Instagram, TikTok or LinkedIn, we receive your personal data from the respective operators of the social media platform and also transmit your personal data to the respective operators.

3.2. Legal basis for the processing of personal data

In order to be able to answer your inquiry, we rely on our legitimate interest according to Art. 6 (1) lit. f GDPR to justify the processing, which is to answer your question individually in a satisfactory manner.

3.3. Purpose of data processing

We process your data in connection with your request for the purpose of providing you with an individual and satisfactory response.

3.4. Duration of storage

We will store your data in connection with inquiries and contacts for a period of three years after answering the inquiry in order to be able to respond to any follow-up questions. Longer storage only takes place insofar as this is necessary to investigate identified attacks on our website and beyond that only until the end of relevant limitation periods, statutory retention periods or any legal disputes.

3.5. Recipients of data

In order to respond to inquiries, we regularly use IT service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT services.

We also transfer your personal data to the following recipients:

  • to other external third parties to the extent necessary (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an occasion, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, etc.).

Your data will not be passed on to any other third parties for their own purposes without your consent.

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only be done if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements. Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

If this involves a transfer to countries without an adequacy decision pursuant to Article 45 (3) of the GDPR and without appropriate safeguards pursuant to Article 46 of the GDPR, such as the USA in particular, we would like to point out that there is a risk that your data transferred in this way may be subject to access by authorities in these third countries for control and monitoring purposes and that no effective legal remedies are available against this.

 

  1. 4. Data processing for direct marketing

4.1. Scope of the processing of personal data for direct marketing

If you give us your voluntary consent for promotional contact, we will process your e-mail address, name, telephone number and title as well as your salutation for the purpose of sending you direct marketing materials.

If you receive a download link for documents via our CRM system in this context, we can also see whether and when (date and time) you downloaded the files.

4.2. Legal basis for the processing of personal data

We process your data in connection with direct marketing only on the basis of your express consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to be contacted for advertising purposes at any time, without giving reasons for all or individual purposes and with effect for the future (e.g. via a link at the end of each newsletter).

4.3. Purpose of data processing

We process your data in connection with direct marketing for the purpose of providing you with information about real estate and related offers, in-depth market reports, events and similar real estate services by e-mail and telephone.

4.4. Duration of storage

If you have only registered for newsletters and direct marketing and are not a customer of ours, we will store your personal data until you revoke it and for a maximum of three years.

4.5. Recipients of data

For the use of direct marketing, we regularly use IT service providers and other service providers who support us in the provision of our services and act on our behalf (including providers of marketing tools, marketing agencies, communication service providers and call centers) (processors).

We also transfer your personal data to the following recipients:

  • to other external third parties to the extent necessary (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an occasion, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, etc.).

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if this is done in the context of using third-party services, this will only be done if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements. Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

If this involves a transfer to countries without an adequacy decision pursuant to Article 45 (3) of the GDPR and without appropriate safeguards pursuant to Article 46 of the GDPR, such as the USA in particular, we would like to point out that there is a risk that your data transferred in this way may be subject to access by authorities in these third countries for control and monitoring purposes and that no effective legal remedies are available against this.

5. Applicant data

We collect your applicant data that you provide to us as part of your unsolicited or job-related application by e-mail, telephone or via our online applicant form on the website http://www.otto.at/uber-otto/jobs-ihre-zukunft-bei-uns.aspx. This data includes your name, title, contact details, photo, CV, letter of motivation, date of birth, place of birth and country of birth. In addition to your name, title, contact details, this includes your photo, CV, letter of motivation, professional experience, intended employment, date of birth, place of birth, country of birth, citizenship, marital status, driver’s license, gender, experience and other voluntarily provided documents such as references, education and training certificates. We collect your applicant data for the purpose of evaluating and allocating your application and matching it with vacancies (Art. 6 para. 1 lit. b GDPR).

Applicant data (name, title, contact details, photo, curriculum vitae, letter of motivation, work experience, intended employment, date of birth, place of birth, country of birth, citizenship, marital status, driver’s license, gender, experience and other voluntarily provided documents such as e.g. testimonials, education and training certificates) are stored for the duration of employment if an employment relationship is established. certificates, education and training certificates) are stored for the duration of the employment, provided that an employment relationship is established, and after termination of employment for as long as there are legal retention obligations (generally seven years for all relevant documents within the meaning of § 132 BAO and § 212 UGB) or as long as legal claims arising from the employment relationship can be asserted against the employer (generally 3 years). Personal data required for the issuance of a certificate of employment pursuant to § 39 ArbVG, § 1163 ABGB shall be stored for a period of 30 years. In addition, personal data will also be stored beyond the aforementioned periods in case of cause, as long as legal claims arising from the relationship between you and us can be asserted or until the final clarification of a specific incident or legal dispute. This longer storage is done to protect legitimate interests in the assertion, clarification and defense of legal claims.

If this involves a transfer to countries without an adequacy decision pursuant to Article 45 (3) of the GDPR and without appropriate safeguards pursuant to Article 46 of the GDPR, such as the USA in particular, we would like to point out that there is a risk that your data transferred in this way may be subject to access by authorities in these third countries for control and monitoring purposes and that no effective legal remedies are available against this.

 

  1. 6. Data security

We take appropriate technical and organizational security measures to protect your personal data against accidental or unauthorized destruction, alteration or against loss, theft and unauthorized viewing, disclosure, reproduction, use, modification or access. Furthermore, we and our employees are obliged to observe data secrecy and confidentiality. Likewise, our processors who need to have access to your personal data in order to perform their professional duties will have access and be subject to the same obligations of data secrecy and confidentiality.

 

  1. 7. Your data subject rights

7.1. Right to information

You have the right to obtain information from us about all data relating to you that is processed by us. You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

7.2. Right to rectification and right to restriction of processing

You may request that inaccurate or incomplete data be corrected or completed. You may, in certain circumstances, for example, if the accuracy of data is in dispute until the accuracy has been verified, request restriction of the processing of data to the effect that it may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person, or for reasons of important public interest.

7.3. Right to data portability

You may request that we send you – or, if technically feasible, a third party designated by you – a copy of your data in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that.

(1) the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, and
(2) the processing is carried out with the help of automated procedures.

In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from us to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

7.4. Right to deletion

You have the right to erasure of data in certain circumstances, such as when it is not processed in accordance with data protection requirements.

If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom personal data relating to you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

7.5. Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) (e) or (f) GDPR.

In this case, we will no longer process the personal data concerning you, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

7.6. Right to revoke the declaration of consent under data protection law

You have the right to revoke any declaration of consent granted under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

7.7. Supervisory authority

Notwithstanding any other legal remedies, you have the right to lodge a complaint with the national supervisory authority of your place of residence if unlawful processing of personal data is assumed. In Austria, the competent authority is the Data Protection Authority, Barichgasse 40-42, 1030 Vienna, e-mail dsb@dsb.gv.at, telephone: +43 1 52 152-0.

7.8. Assertion of your rights

To enable us to process your request regarding your rights listed above and to ensure that personal data is not disclosed to unauthorized third parties, please formulate the request by clearly identifying yourself and briefly describing the scope of the exercise of your data subject rights listed above.

 

Status: November 2022