Privacy policy
1. General information
The Digital Real Estate Association (“DREA” “we” “us”) is committed to ensuring that your personal data is adequately protected. protection.
DREA therefore complies with the applicable legal provisions for the protection, lawful handling and confidentiality of personal data, as well as for
data security, in particular the Austrian Data Protection Act (“DSG”), the EU General Data Protection Regulation (“GDPR”) and the Telecommunications Act
(“TKG”).
This informs you about the nature, scope and purposes of the collection and use of your collection and use of your personal data by DREA in connection with your
in connection with your visit to and use of our website drea.at (“Website”).
2. Name and address of the person responsible
The person responsible for the processing of your personal data in accordance with the data protection regulations:
DREA Digital Real Estate Association before apti Austrian PropTech Initiative e.V.
Tuchlauben 8, 5th Floor, 501, 1010 Vienna
You can contact our data protection officer at in**@dr**.at.
3. What is personal data?
Personal data Pursuant to Article 4(1) GDPR, personal data is information about data subjects (natural persons) whose identity is determined or at least determinable
(e.g. name, e-mail address or IP address).
4. Which of your data do we process in connection with our website?
4.1. Access data when using our website. website
When you use the website, we collect and store the following data:
Date and time of your visit to a page on our website, as well as data relating to your Interaction with the website (number of your visits and length of stay and
the selected language)
Data about your end device (screen resolution, ISP and operating system)
IP address and IP location, Referrer URL, name and version of your web browser
Session ID, search engines and keywords you have used to find us, log files (using of necessary cookies).
We process your data in connection with your visit to our website for the following purposes:
-to provide you with our to provide you with our website and to further improve and develop this website develop it;
-to detect, prevent and investigate attacks on our website and online services
-to compile usage statistics for statistical analysis in an anonymous form.
To justify the processing, we rely on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, which consist of offering our website securely and protecting
from attacks and collecting usage statistics.
4.2. Contact us
If you contact us via the contact e-mail address provided on our website, by telephone or by post, we will process the personal
data you provide (e-mail address, name, telephone number, postal address and your inquiry or the associated documents) for the purpose of processing your inquiry and will reply to
accordingly.
For the processing and answering, we rely on our legitimate interest in accordance with Art 6 para. 1 lit. f GDPR, which consists in processing your request quickly
and and to respond to any further queries.
If you are using form on the website or contact us by e-mail, your personal data will be data provided for the purpose of processing the request and
in the event of follow-up questions for six months. We do not share this data without your consent.
Our website uses the CleanTalk Anti-Spam plugin to prevent spam activities and ensure the security of the website. This plugin stores certain information in the browser’s local storage to distinguish between real users and spam bots.
The data stored in Local Storage includes, among other things:
-
Timestamps and interaction data:
- apbct_page_hits (number of page views)
- ct_fkp_timestamp, ct_ps_timestamp (timestamp for user interactions)
- ct_mouse_moved, ct_has_key_up, ct_has_input_focused, ct_has_scrolled (detection of mouse movements, keystrokes, focus on input fields)
-
Technical data for bot detection:
-
bot_detector_event_token, bot_detector_has_scrolled, bot_detector_pointer_data (detection of user behavior for spam detection)
-
bot_detector_browser_supports_cookies, bot_detector_webgl_support (technical information about the browser)
-
bot_detector_user_agent (analysis of the browser user agent)
-
bot_detector_referrer, bot_detector_referrer_previous (Referring websites for spam analysis)
-
-
Spam checks:
- ct_checked_emails, ct_checked_emails_exist (checking e-mail addresses for spam lists)
- ct_checkjs (check whether JavaScript is activated)
-
Other detection mechanisms:
- apbct_visible_fields (analysis of visible forms for spam detection)
- apbct_headless, bot_detector_headless (check whether a headless browser is being used)
- ct_screen_info, ct_timezone (screen and time zone information)
Purpose of data storage
The data collected is used exclusively to prevent spam and to ensure the security of our website. It will not be used for advertising purposes and will not be passed on to third parties, with the exception of verification by the CleanTalk cloud service.
Storage period and deletion
The data in the local storage remains on the user’s device and is not deleted automatically. Users can delete the stored data manually in their browser settings.
Legal basis of the processing
Storage takes place in accordance with Art. 6 para. 1 lit. f GDPR (legitimate interest) as it is necessary for security and to protect the website from misuse.
4.3. Registration as a DREA member
If you register as a DREA member, the data you provide will be stored in our member tool and newsletter tool and used to send you the newsletter.
4.4. Newsletter
If you voluntarily subscribe to our newsletter, we will process your e-mail address for the purpose of sending you our newsletter, invitations to our
events, publications and other information material about projects.
We process Your personal data in connection with the dispatch of our newsletter only on the basis of your express voluntary consent in accordance with
Art 6 para 1 lit a GDPR in conjunction with § 174 TKG. However, if you do not provide the data you will not be able to receive the newsletter. You can change your Revoke your consent at any time
with effect for the future (e.g. by e-mail to in**@dr**.at or via the “Unsubscribe link” in every newsletter).
Your data for receiving the newsletter will be processed as long as you have not revoked your voluntary consent for the respective purpose or
after a maximum of three years of inactivity on your part.
Shipping service provider:
The newsletter is published by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany (hereinafter referred to as the “shipping service provider”). The Data protection regulations
of the shipping service provider can be viewed here: www.brevo.com.
In addition to the above-mentioned purposes, your personal data will also be forwarded to PTE Events GmbH for the purpose of sending the newsletter. This forwarding
takes place exclusively on the basis of your express voluntary consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § 174 TKG.
4.5. Registration for events
When you register for events that we organize, we process the personal data you provide (e-mail, name, company) for the purpose of preparing
the event and controlling access on the day of the event.
We process this data to fulfill our (pre-)contractual obligations towards the participants in the event in accordance with Art 6 para 1 lit b GDPR and on the basis
of our legitimate interests in accordance with Art 6 para 1 lit f GDPR, which lie in being able to prepare and hold events administratively.
Your data in connection in connection with the registration for events will be stored for as long necessary for the organization of the event, beyond that only
as long as they have to be processed within the scope of statutory retention obligations. are required.
In addition to the above-mentioned purposes, your personal data will also be forwarded to PTE Events GmbH for the purpose of sending the newsletter. This forwarding
takes place exclusively on the basis of your express voluntary consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § 174 TKG.
5. How does the website use cookies?
5.1 Cookies are information that is transferred from our web server or third-party web servers to the user’s the user’s web browser and stored there for later retrieval.
are stored. Cookies can be small files or other forms of be information storage.
5.2 We use “session cookies”, which only last for the duration of the current visit. stored on our online presence (e.g. to check the login status or the
to enable the shopping cart function). In a session cookie, a randomly generated generated, unique identification number, a so-called session ID. session ID.
A cookie also contains information about its origin and the Storage period. These cookies cannot store any other data. Session cookies are deleted when you stop using our online offer, log out or close the browser. log out or close the browser.
5.3 Users are informed in the context of this privacy policy about the use of cookies for pseudonymous reach measurement.
5.4 If Users do not want cookies to be stored on their computer, they are asked to select the corresponding option in the system settings of their deactivate cookies in your browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
5.5 Users can object to the use of cookies used for reach measurement and advertising purposes purposes by visiting the deactivation page of the Network Advertising Advertising
Initiative (http://optout.networkadvertising.org/) and additionally the US-American page (http://www.aboutads.info/choices) or the European site (http://www.youronlinechoices.com/uk/your-ad-choices/) .
Regarding data processing: we work with “EDIS”. Please find the GDPR here:
https://manage.edis.at/client/ADV_EU-DSGVO-EDIS_GmbH.pdf
6. google analytics
6.1 We on the basis of our legitimate interests (i.e. interest in the Analysis, optimization and economic operation of our online offer in the within the meaning of
Art. 6 para. 1 lit. f GDPR) Google Analytics, a web analysis service of Google Inc. (“Google”). Google uses cookies. The data collected by the cookie information generated by
about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there. stored there.
6.2 Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law
(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
6.3 Google will use this information on our behalf to evaluate the use of our online online offer by users, to compile reports on the activities within this online offer activities within this online offering and to provide us with further information services associated with the use of this online offer and the use of the Internet. to provide services.
The processed data can be used to pseudonymous user profiles can be created from the processed data.
6.4 We only use Google Analytics with IP anonymization activated. The means that the IP address of the user is stored by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server
in the USA and shortened there. shortened there.
6.5 The information provided by the IP address transmitted by the user’s browser is not combined with other data from Google are merged. Users can prevent the storage of cookies by setting in their browser software; users can also prevent the prevent the collection of data generated by the cookie and related to their data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link download and install the browser plugin available at
: http://tools.google.com/dlpage/gaoptout?hl=de.
6.6 Further Information on the use of data by Google, on setting and You can find opt-out options on the Google website: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Data use for advertising purposes”), http://www.google.de/settings/ads (“Manage information, that Google uses,
to show you advertising”).
7. Will your data be passed on?
We will not pass on the aforementioned personal data collected to third parties, it unless it is necessary for the fulfillment of our obligations
or legally/officially obligatory. However your personal data for the operation of our website and for the administration of our newsletter and
our communication channels also from our service providers (processors). These processors are, in particular, providers of marketing tools,
IT service providers, providers of other tools and software solutions, IT maintenance services and other providers similar services. All our processors process your
data only on our behalf and on the basis of our instructions for the purposes purposes described above in accordance with the agreement concluded pursuant to Art 28 GDPR.
We also transfer your personal data to the following recipients:
-to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors auditors, insurance companies in the event of an insurance claim, legal representatives in the case, etc);
-to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.). Your data will not be passed on to
any other third parties for their own purposes without your consent.
8. Will your data be transferred to countries outside the EU/EEA?
Your personal data may be transferred to countries outside the European Union (EU) or the European Economic Area (EEA) that provide an adequate level of
provide an adequate level of data protection as determined by adequacy decisions of the European Commission
(https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) is determined.
The transmission your personal data to countries that do not belong to the EU/EEA and that do not ensure an adequate level of protection, will only be made,
if the the controller and the recipients of the data the Standard Contractual Clauses of the European Commission (SCCs) as appropriate guarantees for the
protection of your personal data, and have implemented additional security measures or you have not yet have given their express voluntary consent.
9. How do we protect your data?
We do our to make your visit and use of our website as secure as possible. possible. We therefore comply with the provisions of Art 32 GDPR,
in order to ensure the confidentiality and security of your personal data and take appropriate technical and organizational security measures.
10. What rights do you have?
You have a right to information about the personal data we process about you (Art 15 GDPR). In addition, you have the right to rectification of incorrect
data (Art 16 GDPR) and erasure of your data (“right to be forgotten”; Art 17 GDPR). You may also have a right to restriction of processing of your data
(Art 18 GDPR) as well as a right to the surrender of the data you data provided in a structured, commonly used and machine-readable format. format
(“data portability”; Art 20 GDPR). You can also withdraw your consent to the processing of personal data with effect for the future,
if the processing is based on your consent (Art 7 (3) GDPR). para. 3 GDPR).
You have the right to object to data processing at any time if there are reasons for this arising from your reasons arise from your particular situation and we base the processing on our
legitimate interest (Art 21 GDPR).
You also have the possibility of lodging a complaint with a data protection supervisory authority (Art 77 GDPR). The data protection supervisory authority responsible for us
is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, e-mail: ds**@ds*.at, Tel: +43 1 52 152-0.
Should If you have any questions regarding your personal data, please contact us at please contact us at in**@dr**.at
