Privacy policy

This privacy information pertains to the processing of your personal data within our corporate group or on our websites:
catella.de

catella-pm.de

To enhance readability, this privacy information will refer to "We" in the following text.

Responsible for processing and contact person for inquiries

Catella Project Management GmbH
Kaistr.18
40221 Düsseldorf
Contact details of the data protection officer:
datenschutz@catella-pm.de

Types of personal data we process:

Depending on the customer relationship, we process the following categories of your personal data:

Contact details (e.g., name, address, email address, phone number)
Payment and billing information (e.g., bank account details)
Interest profiles regarding real estate
Contract data
Purposes and legal basis of processing

Your personal data is processed for the following purposes and based on the following legal grounds:

Fulfillment of customer and contractual relationships (Art. 6(1)(b) GDPR)
Data processing based on our legitimate interests (Art. 6(1)(f) GDPR)
Data processing based on your consent (Art. 6(1)(a) GDPR)
Processing based on legitimate interests includes the use and analysis of your personal data for:

– Product information and services
– Measures to improve and develop services and products to provide you with personalized communication and suitable offers
– Conducting market and opinion research

– Ensuring transparency and quality of our products, services, and communication

– Contacting credit agencies (e.g., Schufa, Creditreform) to assess creditworthiness or payment default risks

– Address verification

– Credit checks

We also process personal data to meet legal obligations (e.g., due to commercial or tax regulations) based on Art. 6(1)(c) GDPR.

Source of your personal data
We collect your personal data directly from you, e.g., via the contact form or through direct inquiries to us.

Disclosure of personal data to third parties (recipients)
Your personal data may be disclosed or transferred within the purposes mentioned above. Recipients of personal data can include:

Marketing agencies
Service and cooperation partners
Printing and mailing service providers
Data destruction service providers
Consultants and consulting firms
Data transfers may also occur within the Catella Group or associated companies under joint responsibility as per Art. 26 GDPR to handle your project-related customer inquiries.

The contact point for this is the entity specified in our imprint, reachable via the contact details provided above.

If further data transfers occur, they are usually processed as part of contract data processing. Our service providers are contractually obligated to secure, confidential, and proper processing.

The processing of personal data primarily takes place within the European Union (EU) where we operate. Data transfers outside the EU (to third countries) or to international organizations only occur if the specific requirements of Art. 44 et seq. GDPR are fulfilled.

Storage duration
Personal data is stored for the purposes mentioned for the duration required to fulfill those purposes unless other legal retention periods (e.g., under the Commercial Code or Tax Code) or legal reasons for storage exist. This means we delete your personal data after the statutory retention periods, usually 10 years after the end of the contract.

Your rights regarding the processing of your personal data
You have the following rights regarding your personal data:

Right to access information about your stored personal data (Art. 15 GDPR),
Right to rectification if the stored data is incorrect, outdated, or inaccurate (Art. 16 GDPR),
Right to deletion if storage is unlawful, the purpose of processing has been fulfilled, or if you withdraw your consent to the processing of certain personal data (Art. 17 GDPR),
Right to restriction of processing if one of the conditions mentioned in Art. 18(1)(a) to (d) GDPR applies (Art. 18 GDPR),
Right to data portability for the personal data you have provided (Art. 20 GDPR),
Right to withdraw consent, where the withdrawal does not affect the legality of processing based on consent prior to its withdrawal (Art. 7(3) GDPR), and
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
For us, the relevant authority is:

The Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, PO Box 20 04 44, 40102 Düsseldorf, Tel. 0211 384 24-0, Fax: 0211 38424-10

Email: poststelle@ldi.nrw.de

Right to object
You may object to the processing of your personal data for direct marketing and/or market research purposes at any time without providing reasons.

Upon receipt of your objection, we will no longer process your personal data for direct marketing and/or market research purposes and delete the data, provided it is not required for other purposes (e.g., to fulfill the contract).

For other processing based on a legitimate interest as per Art. 6(1)(f) GDPR, you can object at any time, specifying reasons related to your particular situation. In case of a justified objection, we will generally no longer process the personal data for the specified purposes and delete the data unless we can demonstrate compelling reasons for processing that outweigh your interests, rights, and freedoms, or the processing serves to establish, exercise, or defend legal claims.

Please address your objection to the address mentioned at the beginning.

Privacy information for further uses
The information provided applies to the following specific uses unless other regulations are in place.

+ Server log files and website provision

Whenever our website is accessed, our system automatically collects data and information from the computer system of the accessing device.

The following data is collected:

Information about the browser type and version used
The user’s operating system
The user’s internet service provider
The user’s IP address
Date and time of access
Websites from which the user’s system accesses our website
Websites accessed by the user’s system via our website
The data is also stored in the log files of our system. Storage of this data alongside other personal data of the user does not occur.

The legal basis for the temporary storage of data and system log files is Art. 6(1)(f) GDPR.

Storage in system log files ensures the functionality of our website. Additionally, the data serves to optimize the website and ensure the security of our IT systems. Evaluation of the data for marketing purposes does not occur in this context.

Data is deleted as soon as it is no longer required to achieve the purpose of its collection. For system log files, this is typically after seven days. Longer storage is possible if IP addresses are anonymized or altered to prevent association with the client accessing the site.