Privacy Policy

Privacy Policy

September 2024

We (i.e., the company providing you with this Privacy Policy or the one mentioned in the imprint as the operator of this page) take the protection of your personal data seriously. This Privacy Policy describes how we collect and gather your personal data, use, disclose, transmit and store it (“process”). The personal data collected depends on the context of your interactions with us, the products, services, and features you use, your location and residence, and the applicable law.

1. Processing of personal data in connection with your use of our websites, applications and online services

Data categories and purpose of processing

As part of your use of our external and internal websites, applications or online services (each an “Online Offer”), we process the following categories of personal data:

- Your contact information, such as first and last name, business address, business phone number, business mobile phone number, and business email address,

- Organizational information, including position and company name,

- Further personal data that you provide yourself in contact and other forms of an Online Offer,

- Information you provide in the context of a support request, survey, comment, or forum post,

- Information automatically collected as part of the use of an Online Offer, such as your device and user ID, information about your operating system, pages and services you visited and used during your visit, as well as date and time of a user request.

We process your personal data for the following purposes:

- To enable you to use the services and features of the Online Offers, including to create and administer your online account, in the scope of updates, security, and error correction measures,

- To provide customer support and to improve and develop our Online Offers further,

- To account for the usage of an Online Offer, to establish your identity and enable user authentication,

- To process your request or instruction,

- To fulfil your order and provide you with related information and offers,

- To contact you with information and offers regarding our products and services and to send you further marketing information or to contact you within the scope of customer satisfaction surveys, as described in section 3,

- To enforce our terms of use, assert or defend legal claims, and to avert and prevent fraudulent and similar actions, including attacks on our IT infrastructure.

Online offers provided by your company

In some cases, our online offers are provided to you by the company you are employed with. If you use an Online Offer provided by your company, the processing of personal data uploaded by you or your company into the content of the Online Offer will be carried out on behalf and at the instruction of your company and within the scope of a data processing agreement between your company and us. In this case, your company is legally responsible for data protection. If you have any questions about the personal data that we process as a processor for your company, please contact your company.

2. Processing of personal data in connection with your use of our marketplaces

Data categories and purpose of processing

In the context of your use of our marketplaces (each a “Marketplace”), we process the following categories of personal data:

- Your contact information, such as first and last name, business address, business phone number, business mobile phone number, and business email address,

Organizational information, including position and company name,

Payment data, such as information required to process payment transactions or prevent fraud,

including credit card information and card verification numbers,

other personal data you provide yourself in contact and other forms of a marketplace,

Information you provide in the context of a support request, survey, comment, or forum post,

Information required by law in the context of compliance and export control screenings, such as date of birth,

nationality, residence, identity numbers, information on relevant court proceedings and other legal disputes and

Information automatically collected as part of the use of a marketplace, such as your device and user ID,

information about your operating system, pages and services you visited and used during your visit, as well as

date and time of a user request.

We process your personal data for the following purposes:

- Communication with you regarding our services and products, e.g., to process your inquiries or provide technical information

on products,

- Planning, conducting, and managing the (contractual) business relationship, e.g., to process orders for products and

services, collect payments, for accounting and billing purposes, and perform deliveries,

maintenance or repairs,

- Contacting you with information and offers about our products and services and carrying out further

marketing activities and customer satisfaction surveys as described in section 4,

- Maintaining and protecting the security of our products and services and our websites, preventing and detecting

security risks, fraudulent actions or other criminal or harmful acts,

- Complying with legal requirements (e.g., tax and commercial retention obligations), existing obligations for

compliance screenings (to prevent economic crime or money laundering) as well as our policies and

industry standards and

- Resolving legal disputes, enforcing existing contracts, and asserting, exercising, and defending legal claims.

3. Processing of personal data from business partners

Data categories and purpose of processing

In the context of collaboration with business partners, we process personal data of end consumers and contact persons

at customers, prospects, distribution partners, suppliers, and partners (each a “Business Partner”):

- Contact information, such as first and last name, business address, business phone number, business mobile phone number

and business email address,

- Organizational information, including position and company name,

- Payment data, such as information required for carrying out payment transactions or fraud prevention, including

credit card information and card verification numbers,

- Further information, the processing of which is necessary within the scope of a project or the execution of a contractual relationship with us or that is voluntarily provided by business partners, e.g., within the scope of orders placed, inquiries or project details,

- Personal data collected from publicly available sources (including company or profession-related social networks

and websites), information databases or from credit agencies and

- Information required by law in the context of compliance and export control screenings, such as date of birth,

nationality. residence, identity numbers, information on relevant court proceedings and other legal disputes,

in which business partners are involved.

We process the personal data for the following purposes:

- Communication with business partners about products, services, and projects, e.g., to handle inquiries from business partners

or provide technical information on products,

- Planning, executing and managing the (contractual) business relationship between the business partner and us,

e.g., to process orders for products and services, collect payments, for accounting and billing purposes and perform deliveries,

maintenance or repairs,

- Creating a personal profile with business-related information about interactions between you and us with the goal of,

providing you and the company you work for, with relevant information and suitable offers for services and products

and improving our personal communication with you,

- Conducting market analyses, competitions, contests or similar activities and events,

- Contacting you with information and offers about our products and services and carrying out further

marketing activities and customer satisfaction surveys as described in section 4,

- Maintaining and protecting the security of our products and services and our websites, preventing and detecting

security risks, fraudulent actions or other criminal or harmful acts,

- Complying with legal requirements (e.g., tax and commercial retention obligations), existing obligations

for compliance screenings (to prevent economic crime or money laundering) as well as our policies

and industry standards and

- Resolving legal disputes, enforcing existing contracts and asserting, exercising, and defending

legal claims.

4. Processing personal data for customer satisfaction surveys and direct marketing

Under applicable laws, we may use your contact information for direct marketing purposes (e.g., trade fair invitations,

newsletters with information and offers about our products and services) and for conducting

customer satisfaction surveys, also by email. You have the right to object to the use of your

contact information for these purposes at any time by sending an email to info@auctoa.de or using the

objection option in the message you have received.

5. Processing personal data in connection with your application

If you apply for an open position with us, we process your personal data as described in the

privacy policy of the auctoa Recruiting Portal or the application platform you are using.

6. Transmission and disclosure of personal data

We only transmit your personal data as described below:

Companies and distribution partners

To the extent and the purpose necessary to perform our business relationship with you, we transmit

your personal data to our affiliates and other third parties (e.g., distribution partners and representatives).

For example, we distribute certain products and services solely through local business relationships, and in this

case, we transmit your personal data to our respective local companies or other distribution partners,

who handle the business relationship with you.

Transactions on our marketplaces

Through our marketplaces, we also provide products, services, and offers from our companies and others

third parties. We transmit personal data of our customers in connection with these transactions to the respective company and/or other third parties.

Service providers

We subcontract companies and other companies to perform tasks on our behalf,

e.g., manufacturers, service providers, IT services, or payment processing. These companies and other companies

process personal data solely for the purpose of the commissioned products and services.

Other third parties

We transmit personal data in connection with fulfilling legal obligations or the

establishment, exercise or defence of rights or claims to other third parties (e.g., for court and

arbitration proceedings, to regulatory, law enforcement, and government authorities, lawyers and consultants).

Recipients of your personal data may be located outside the country where you reside.

Personal data that you publish via online offers (e.g., in chat rooms or forums), can be

accessible to other registered users of the respective online offer worldwide.

7. Storage periods

Unless an explicit retention period is specified at the time of collection (e.g., as part of a consent declaration),

your personal data will be deleted if it is no longer necessary to fulfil the purpose of the storage,

unless legal retention obligations (e.g., commercial and tax retention obligations) prevent deletion.

8. Your rights

Under applicable data protection law, you may have the right to:

- request confirmation as to whether we process personal data about you and access the

personal data we process,

- request the correction of inaccurate personal data,

- request the deletion of personal data that we process,

- request the restriction of processing of personal data,

- request the transfer of personal data you actively provided to us,

- object to the processing of personal data for reasons arising from your particular situation or

- revoke a given consent.

9. Data security

We take appropriate technical and organizational measures to protect personal data from accidental

or unlawful destruction, use, or alteration and unauthorized disclosure or unauthorized access.

10. Contact

Our data protection organization assists with all questions related to data protection. Complaints

against our data protection organization can also be made, and the rights mentioned in this Privacy Policy can be exercised.

Our data protection organization can be contacted at datenschutz@auctoa.de.

Our data protection organization is always committed to addressing and remedying your inquiries and complaints.

In addition to contacting the data protection organization, you can also contact the responsible

data protection supervisory authority at any time.

11. Processing of personal data under the EU General Data Protection Regulation

This section applies if your personal data is processed by one of our companies based in

the European Economic Area.

Data controller for data processing

Online offers

The company named in the imprint of the online offer is the data controller for processing

activities described in this Privacy Policy.

Marketplaces

The company stated as the operator of the marketplace on the marketplace is the data processing controller.

Personal data of business partners in our customer relationship systems

We may share business partner contact information within our business relationship with us with other companies.

We and these companies are jointly responsible for the protection of your personal data

(Article 26 GDPR). To ensure that you can easily and reliably exercise your data protection rights in the context of this

joint responsibility, we have agreed with these companies that you can exercise your rights as described in section 6 not only against the respective company but also centrally against SCAILE Technologies GmbH. Contact us at: datenschutz@auctoa.de.

Legal basis of processing

The GDPR obliges auctoa to inform you about the legal basis of data processing.

Unless otherwise expressly indicated at the time of collection of the personal data, the legal basis for the processing is:

- the implementation and fulfilment of a contract with you (Article 6 (1) (b) GDPR)

(“Contract execution”),

- the fulfilment of legal obligations to which we are subject (Article 6 (1) (c) GDPR)

(“Fulfilment of legal obligations”), or

- the protection of our legitimate interests (Article 6 (1) (f) GDPR)

(“Legitimate interest in processing”).

Our legitimate interest lies in the processing of your personal data for the purpose:

(i) of offering and operating the online offers and

(ii) in the initiation, execution and completion of our business relationship.

To the extent that our Legitimate interest in processing is specified below as the legal basis for the processing of your personal data, we believe that your interests, fundamental rights and freedoms are sufficiently taken into account, as:

(i) we regularly review the processing activities and processes described in this privacy statement,

(ii) we consider the protection of your personal data in our processes, including the Binding Corporate Guidelines

on the protection of personal data (auctoa Binding Corporate Rules),

(iii) we guarantee the transparency of our processing activities and

(iv) you have the aforementioned rights with regard to our processing activities.

If you would like more information on the interest measurement described, please contact our

data protection organization at datenschutz@auctoa.de.

If you have expressly given your consent to the processing of your personal data in individual cases, this

consent is the legal basis for processing (Article 6 (1) (a) GDPR) (“Consent”).

Processing of personal data in connection with the use of our online offers - purpose and legal basis

- Enabling the use of the services and features of the online offers, including creating and

administering your online account, in the context of updates, security, and error correction measures, to provide customer support

and to improve and further develop our online offers

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

- Billing for the use of an online offer

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

- Determining identity and user authentication

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

- Processing your request or instruction

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

- Processing your order and making available related information and offers

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Sending marketing information or contacting you within the scope of customer satisfaction surveys, as described in section 3

- Consent, if given voluntarily (Article 6 (1) (a) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Enforce our terms of use, assert and defend legal claims, avert and prevent

fraudulent and similar actions, including attacks on our IT infrastructure

- Fulfilment of legal obligations (Article 6 (1) (c) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Processing of personal data in connection with your use of our marketplaces and business partners

Communication about products, services, and projects, e.g., to handle inquiries from business partners or

provide technical information on products

- Contract execution (Article 6 (1) (b) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Planning, executing, and managing the (contractual) business relationship between us, e.g., to process orders for products

and services, collect payments, for accounting and billing purposes, and to perform deliveries,

maintenance or repairs

- Contract execution (Article 6 (1) (b) GDPR)

- Fulfilment of legal obligations (Article 6 (1) (c) GDPR)

Creating a personal profile with business-related information about interactions between you and us with the aim of,

providing you and the company you work for, with relevant information and suitable offers for services and products

and improving our personal communication with you,

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Conducting market analyses, competitions, contests or similar activities and events

- Consent, if given voluntarily (Article 6 (1) (a) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Conducting customer satisfaction surveys and direct marketing as described in section 4

- Consent, if given voluntarily (Article 6 (1) (a) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Maintaining and protecting the security of our products and services as well as our websites, preventing and

detecting security risks, fraudulent behavior or other criminal or harmful acts,

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Compliance with legal requirements (e.g., tax and commercial retention obligations), existing

obligations to conduct compliance screenings (to prevent economic crime or money laundering) as well as our

policies and industry standards

- Fulfilment of legal obligations (Article 6 (1) (c) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Resolving legal disputes, enforcing existing contracts and asserting, exercising, and defending

legal claims

- Fulfilment of legal obligations (Article 6 (1) (c) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

Processing of personal data for customer satisfaction surveys and direct marketing

Processing your contact details for direct marketing purposes (e.g., trade fair invitations, newsletters with further information

and offers about our products and services) and for conducting customer satisfaction surveys

- Consent, if voluntarily given (Article 6 (1) (a) GDPR)

- Legitimate interest in processing (Article 6 (1) (f) GDPR)

International data transfers

If we transfer your personal data to a recipient whose place of business is not in the European

Economic Area, we ensure your data is adequately protected in line with the GDPR. In this context, we take the following steps if legally required:

- we only transfer your personal data to companies in such countries if they have implemented the Binding Corporate Rules (BCR) for the protection of personal data.

- Personal data is only transferred to non-group recipients in such countries if they have

(i) concluded EU Standard Contractual Clauses with us or

(ii) implemented Binding Corporate Rules.

Further information and a copy of the implemented measures are available under datenschutz@auctoa.de.

The competent data protection authority

Our data protection organization assists with all questions related to data protection. In addition to contacting

the data protection organization, you can also contact the responsible data protection supervisory authority at any time.

An overview of the national and international data protection authorities is available here.

12. Processing of personal data under Swiss data protection law

Every data subject has the right to enforce their rights before a court or lodge a complaint with the

competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

13. Additional information for users of online offers and business partners in the USA

The following additional information applies to US citizens:

**Do Not Track**

Our online offers do not recognize so-called “Do Not Track” settings of your web browser.

For further information about the “Do Not Track” functionality, please visit the help pages of your web browser.

**Use by children**

Our online offers are not directed at children under 13 years of age. To the extent legally required, we do not knowingly collect personal data from children under 13 years of age without the consent of their legal guardians.

We only collect and transmit personal data from children where it is legally permissible to obtain the consent of the legal guardians or to protect the child.

**Your rights in certain US states**

Under the laws of certain US states, residents of these states have additional rights with regard to their

personal data. Further information is available here.

auctoa – Your partner for precise appraisals and certified reports. Property valuation and land valuation. With digital expertise, expert knowledge, artificial intelligence, personalised advice, and comprehensive market insights.

Solutions

Property Valuation

Financial Calculator

Sales Services

Estate Manager

More

Magazine

About us

Business Customers

Contact

Blog

Legal Information

Imprint

auctoa – Your partner for precise appraisals and certified reports. Property valuation and land valuation. With digital expertise, expert knowledge, artificial intelligence, personalised advice, and comprehensive market insights.

Solutions

Property Valuation

Financial Calculator

Sales Services

Estate Manager

More

Magazine

About us

Business Customers

Contact

Blog

Legal Information

Imprint

auctoa – Your partner for precise appraisals and certified reports. Property valuation and land valuation. With digital expertise, expert knowledge, artificial intelligence, personalised advice, and comprehensive market insights.

Solutions

Property Valuation

Financial Calculator

Sales Services

Estate Manager

More

Magazine

About us

Business Customers

Contact

Blog

Legal Information

Imprint