Skip to main content

Privacy Policy

This privacy policy informs you in accordance with Art. 13 of the General Data Protection Regulation (GDPR) about the processing of your personal data in connection with the use of our website.

  1. Controller

Within the meaning of the GDPR, the controller for the operation of this website is:

Studentkompanie Betriebs-GmbH
Rheinstrasse 4c
55116 Mainz
Email: info@studentkompanie.com

  1. Information on the Processing of Personal Data when Visiting the Website

As a matter of principle, we only process your personal data when you use our website to the extent necessary to provide and maintain the website’s functionality.

When you access our website, certain personal data is automatically collected and transmitted by your browser to our server. This so-called “log data” includes:

  • Browser type;
  • Browser version;
  • Internet service provider;
  • Operating system;
  • Referring website (the website from which you accessed our website);
  • Destination website (the website you visit from our website);
  • Date and time of access;
  • Internet Protocol address (IP address).

Where we rely on your consent to process your personal data – for example, to enhance your user experience – processing is based on Art. 6(1) lit. a GDPR. Providing consent is voluntary and may be withdrawn at any time with effect for the future, without the need to provide a reason.

If processing your personal data is necessary to comply with a legal obligation (such as responding to legal or regulatory orders), we process your data on the basis of Art. 6(1) lit. c GDPR.

If processing is necessary to safeguard our legitimate interests, such as ensuring the security and proper functioning of our website, or protecting the legitimate interests of a third party, the processing is based on Art. 6(1) lit. f GDPR.

  1. Cookies

Our website uses cookies. Cookies are small text files stored on the user’s computer system by the internet browser. When a user visits a website, a cookie may be placed on the user’s operating system. This cookie contains a unique string of characters that allows the identification of the browser when the website is re-visit by the user. For further information, please see our .

  1. Contact Form

You may contact us by using the contract form for prospective tenants. We will process the data you provide, including your first name, surname and email address, to respond to your inquiry.

Data transmitted via the contact form will be processed for the purpose of performing pre-contractual measures pursuant to Art. 6(1) lit. b GDPR and to pursue our legitimate interests pursuant to Art. 6(1) lit. f GDPR. Our legitimate interests specifically include facilitating uncomplicated and direct contact, documenting inquiries and providing offers and information about our projects.

Additionally, if relevant, we process the data transmitted via the contact form to fulfil legal obligations pursuant to Art. 6(1) lit. c GDPR (e.g. commercial and tax law requirements on the storage of data as well as verification obligations).

  1. Recipients of Data

Your personal data will only be transferred to third parties if you have expressly consented to such transfer, if we have a legitimate interest in the transfer of data, or if we are obliged to do so by law or administrative/court orders (e.g. to cooperate with public authorities and law enforcement agencies, to respond to legal inquiries, to enforce our contractual and statutory claims).

We also use carefully selected and external service providers to operate our website. These service providers meet the required standards for data protection and security and process your data exclusively based on contractual agreements within the meaning of Art. 28 GDPR in accordance with our instructions.

When you use external features on our website, your personal data may be transmitted to other recipients such as Instagram or Google:

Instagram

We maintain an online presence on Instagram to communicate with customers, interested parties and users who are active on Instagram to inform them about our services. Instagram is a service provided by Meta Platforms Ireland Limited having its registered office at Merrion Road, Dublin 4, D04 X2K5, Ireland (“Instagram”).

We have no influence on the processing and usage of your data by Instagram and do not assume any responsibility in that respect. We further note that your use of Instagram and its functions is on your own responsibility. In particular, this applies to the use of the interactive functions (such as commenting or sharing of content).

By clicking the link to Instagram on our website, your browser connects to Instagram’s servers, i.e. Instagram receives your personal data, such as your IP address.

For more information on the integration of Instagram on our website, please see our . Further information on the processing of data by Instagram can be accessed at: https://www.facebook.com/help/instagram/155833707900388/?locale=en_GB&cms_id=155833707900388.

Google Maps

Our website uses Google Maps to display interactive maps. Google Maps is a service provided by Google Ireland Limited having its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (“Google“). By using Google Maps, information about your use of our website, including personal data such as your IP address, can be transmitted to Google located in the USA.

We have no influence on the processing and usage of data by Google and do not assume any responsibility in that respect. However, Google is certified under the EU-US Privacy Framework and commits to EU data protection standards with regard to the processing of data in the USA (a list of certified enterprises can be found here: https://www.dataprivacyframework.gov/list).

For more information on the integration of Google Maps on our website, please see our . Further information on the processing of data by Google can be accessed at: https://policies.google.com/privacy?hl=en.

  1. Transfer of Data to Third Countries

A transfer to a third country or to an international organization will only take place if expressly provided for in this privacy policy.

The security of your personal data is guaranteed by ensuring that the service providers we use in third countries have provided sufficient proof evidencing their level of data security, or that they are located in third countries (e.g. USA) that have an adequate level of data protection recognized by the EU Commission (Art. 45 GDPR). For more formation please see: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en?prefLang=de.

  1. Retention of Data

We only store your personal data, in line with the applicable data protection regulations, for as long as necessary or legally permissible for the purposes for which it was collected:

  • The log data is generally deleted at the end of your session, i.e. after you have completed your visit to our website;

  • The “session cookies” we use are automatically deleted when you have completed your visit to our website. Other cookies, such as analysis cookies, are only deleted if you withdraw your consent or after a specific period of time (for further information see our cookie policy). You can delete the cookies yourself at any time through the settings in your browser;

  • We generally delete the data transmitted via the contact form after the end of the contractual relationship, provided that the inquiry led to the conclusion of a contract between us. Otherwise, we delete your data when your inquiry has been processed and the storage of the data is no longer necessary.

Additionally, certain data might be subject to statutory retention requirements. In particular, commercial and tax law requirements (Sec. 257 German Commercial Code, Sec. 147 German Fiscal Code). In individual cases, these regulations oblige us to store your data for up to ten years.

Furthermore, longer storage may be necessary in individual cases to, e.g., assert, exercise or defend legal claims, to preserve evidence within the framework of statutory limitation periods (Sections 195 et seq. German Civil Code), in connection to pending or anticipated administrative proceedings or internal compliance investigations.

  1. Your Rights

Provided that the legal requirements are met, you have the right to:

  • Access your personal data processed by us (Art. 15 GDPR);
  • Request the rectification of inaccurate data (Art. 16 GDPR);
  • Request the deletion of your personal data (Art. 17 GDPR), provided that there are no conflicting statutory retention requirements;
  • Request the restriction of the processing of data (Art. 18 GDPR);
  • Data portability, i.e. receive the data in a machine-readable format (Art. 20 GDPR);
  • Object to the processing of data (Art. 21 GDPR), provided that the processing is based on legitimate interests within the meaning of Art. 6(1) lit. f GDPR; and
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR). A list of supervisory authorities (for the non-public sector), including their addresses, can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Furthermore, you have the option to withdraw your consent at any time by changing the settings in your browser or by contacting us (see contact details in Section 1 of this privacy policy). The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.

  1. Contractual or Legal Obligation to Provide Data

The provision of personal data is not required by law or contract. If you do not provide your personal data, you will not be able to (fully) use the services of our website.

  1. Privacy Policy Update

This privacy policy may be updated from time to time to reflect changes to our data processing or legal requirements. When you visit our website, the most recent version of the privacy policy applies.