Schwarz Campus Service GmbH & Co. KG: Datenschutz

Data protection information for interested parties and users of student accommodation at WH|1 Wohnen im Wollhaus

Version 1.0

We take the protection of your personal data very seriously and endeavor to provide you with comprehensive information about the processing of your personal data. The following data protection information provides you with information on how and for what purposes we process your personal data if you are an interested party or user of student accommodation at WH|1.

We generally collect your personal data from you. In particular, the EU General Data Protection Regulation (GDPR) serves as the legal basis.

1. Controller within the meaning of Art. 4 No. 7 GDPR

The controller within the meaning of Art. 4 (7) GDPR for the data processing described below is

Schwarz Campus Service GmbH & Co. KG

Stiftsbergstraße 1

74172 Neckarsulm

E-mail: wh1@mail.schwarz

2. Application for a bedplace

2.1 Purposes and legal basis of data processing

2.1.1 Mandatory information that you must provide during the application process:

If you apply for one of our dormitories, we process your master data, such as your surname, first name and date of birth, your address and contact details and your CampusCard ID, if you have one, on the basis of Art. 6 para. 1 lit. b) GDPR. The processing takes place so that we can process your application and prepare any contractual relationship that may arise from it.

Furthermore, we process your identification document, such as your identity card or passport, information on your enrollment status (for students), information on your professional status, your nationality and, if you are not a national of an EU country, your visa on the basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to clearly identify you or to check your eligibility for a sheep place.

We also process your user name (= your email address) and your chosen password on the basis of Art. 6 para. 1 lit. b) GDPR in order to provide you with access to our online portal for the administration of your (user) data.

On the basis of Art. 6 para. 1 lit. b) GDPR, we also process information on family relationships and legal guardians if an application is made on behalf of one or more legal guardians for a minor student or if the consent of the legal guardian(s) is provided. This information is only mandatory if you are a minor.

2.1.2 Voluntary information that you can provide during the application process:

If you apply for a disability-friendly unit, we will process information about your disability or your disability certificate (health data) with your consent in order to check whether you are entitled to use a sleeping place in such a unit. The processing is carried out on the basis of Art. 9 para. 2 lit. a) GDPR.

If you decide during the application process to send us proof of salary and / or a certificate of freedom from rent arrears, we process this data on the basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to determine your reliability and ability to pay.

You can also optionally enter your telephone number, which we process on the basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in enabling (further) contact.

2.1.3 Data processing for technical reasons:

On the basis of Art. 6 para. 1 lit. f) GDPR, we also log your registrations and deregistrations in our online portal for user administration. In the event of a system failure or malfunction, our legitimate interest lies in being able to trace who used the system and whether this use may have led to a malfunction.

2.2 Recipients/categories of recipients

In exceptional cases, e.g. technical support services, the data you provide during the application process and uploaded documents may be accessible to REOS GmbH, Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal through which your application is made and on which your data is stored.

Your personal data may be accessible to Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, as they also provide support services for the online portal on our behalf.

Your data may be transmitted to other recipients to the extent necessary if they provide services on our behalf and need to process your data for this purpose.

2.3 Obligation to provide your data

You are neither legally nor contractually obliged to provide us with personal data for your application. However, if you do not provide us with the relevant information, we will not be able to process your application and will reject it.

2.4 Storage period

In the event that we reject your application, we will delete the personal data you have provided or transmitted during the application process no later than 12 months after your last activity on the REOS portal.

The documents/documents you uploaded will be deleted after we have notified you of the rejection.

We will delete the ID document you uploaded during the application process and any visa you uploaded immediately after we have checked your identity or your right of residence.

If your application is successful and we enter into a contractual relationship with you, we will store the relevant data for a period of up to 12 years from the end of the contractual relationship.

Log data for the use of the online portal for user management will be deleted 7 days after the respective use.

3. Booking of a sleeping place

3.1 Purposes and legal basis of data processing

When you book one of our dormitories, we process your master data, such as your name and date of birth, your address and contact details, your payment details, your signature, information on the start and end of the contract as well as information on your fee, information on your enrollment status (for students) and the ID of your CampusCard on the basis of Art. 6 para. 1 lit. b) GDPR. The processing takes place so that we can carry out or settle the existing contractual relationship with you.

On the aforementioned basis, we also process information about the hardware you use for Internet access (MAC address), the IP address and your consent to the General Terms and Conditions required for the connection in order to provide you with a corresponding Internet connection via Wi-Fi.

On the basis of Art. 6 para. 1 lit. f) GDPR, we process your master data (surname, first name), your sleeping place number and contact details (telephone number) in order to contact you. Our legitimate interest is to be able to contact you as part of the proper management of the property, especially in emergencies.

On this basis, we also process information about when the internet connection was used by you and how much data was transmitted. This user data is aggregated (summarized) so that it can no longer be assigned to an individual user and is used by us for statistical purposes (e.g. number of users per day and total upload and download figures for all users in the past month) in order to maintain the functionality of the network and to be able to provide sufficient bandwidth.

On the basis of Art. 6 para. 1 lit. b) GDPR, we process your user name (= your email address) and your chosen password in order to provide you with access to our online portal for the administration of your (user) data.

On the basis of Art. 6 para. 1 lit. f) GDPR, we also log your logins and logouts in the online portal for user management. In the event of a system failure or malfunction, our legitimate interest lies in being able to trace who used the system and whether this use may have led to a malfunction.

3.2 Recipients/categories of recipients

In exceptional cases, e.g. technical support services, your personal data may be accessible to REOS GmbH, Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal through which your user relationship is managed.

Your master data (surname, first name), address data for your residential unit as well as contact data (telephone and e-mail) and damage reports will be transmitted to the extent necessary to service companies commissioned by us so that they can rectify any damage we or you have detected in your residential unit and carry out repair work.

In order to provide you with an Internet connection via Wi-Fi, you agree to the General Terms and Conditions on the Wi-Fi landing page and we transmit information about the hardware you are using (MAC address) and your IP address to FREDERIX Hotspot GmbH, Oskar-Winter-Straße 9, 30161 Hanover, which provides parts of the infrastructure and the Internet on our behalf and provides corresponding support. This data may also be accessible to Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, which also operates parts of the infrastructure on our behalf and provides corresponding support services.

To enable the delivery of letters and parcels, we attach your data (surname, first name and number of the residential unit) to the letterbox and doorbell sign.

We also transmit your master data (surname, first name), the address of your apartment and the ID of your CampusCard to IntraKey technologies GmbH, Wiener Straße 114-116, 01219 Dresden, as they manage and configure the corresponding access authorizations for CampusCard users on our behalf.

For the billing of your contractual relationship, we transmit your master data (surname, first name, e-mail address, telephone number), address data and payment data to the required extent to Schwarz Corporate Solutions KG, Stiftsbergstraße 1, 74172 Neckarsulm, which carries out the billing on our behalf.

Your data may be transmitted to other recipients to the extent necessary if they provide services on our behalf and need to process your data for this purpose.

3.3 Obligation to provide your data

By concluding the student residence contract, you are obliged to provide us with the personal data that is necessary for us to ensure the proper execution and billing of the contractual relationship. This includes in particular your master data, address data, contact data and payment data. If you do not provide us with the required data, we will not be able to enter into or execute a contractual relationship with you.

3.4 Storage period

We store your personal data for a period of up to 12 years from the end of the contractual relationship.

Log data for the use of the online portal for contract management will be deleted 7 days after the respective use.

Your access data for the online portal (user name and password) will be deleted two years after the end of use.

4. Use of the online portal for user administration

4.1 Log files

4.1.1 Purposes and legal basis of data processing

Log files with the following content are generated when the online portal is used:

-The website from which you access our site;

-The IP address;

-The access date and time;

-The client's request;

-The http response code;

-The amount of data transferred;

-information about the browser you are using and the operating system you are using.

The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. The legitimate interest here arises from the protection of the online portal and the prevention of abusive or fraudulent behavior each time a user accesses this website.

4.1.2 Recipients/categories of recipients

In exceptional cases, e.g. for technical support services, your personal data may be accessible to REOS GmbH, Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal through which your user relationship is managed.

4.1.3 Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. However, the aforementioned data is processed for technical reasons as soon as you access our website. If you do not wish to provide us with the data, you will unfortunately not be able to use our website.

4.1.4 Storage period

The data will be deleted 7 days after the respective use.

4.2 Use of cookies

So-called "cookies" are used within the online portal. Cookies are small text files that are sent from the web server to your end device (PC, notebook, smartphone or tablet) when you visit this website and are stored there in the Internet browser you are using. The cookies used can fulfill various functions.

You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also set your browser so that it generally does not accept cookies or only rejects cookies from individual providers. However, we would like to point out that this may impair the functionality of this website.

4.2.1 Purposes and legal basis of data processing

We use the following cookies on the basis of Art. 6 para. 1 lit. f) GDPR to ensure the technical availability and functionality of our website. Our legitimate interest follows from the purposes described. The cookies generate a session ID that is used to assign the session to the user data record.

-XSRF-TOKEN" for the verification of form submissions

-"reos_onboarding_session" to assign the browser to the user data record

-"reos_tss_session" for assigning the browser to the user data record when using the TSS app/TSS web

4.2.2 Recipients/categories of recipients

In exceptional cases, e.g. technical support services, the data generated by the cookies may be accessible to REOS GmbH Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal used to manage your contractual relationship.

4.2.3 Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. If you do not wish to provide us with the aforementioned data, you can prevent this by using the settings mentioned above.

4.2.4 Storage period

The cookies mentioned are set for a period of two hours.

5. Your rights as a data subject

You have the right to receive information about the personal data stored about you free of charge upon request in accordance with Art. 15 para. 1 GDPR.

In addition, if the legal requirements are met, you have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data.

If the data processing is based on Art. 6 para. 1 lit. e) or lit. f) GDPR, you have the right to object in accordance with Art. 21 GDPR. If you object to data processing, this will not take place in the future unless the controller can demonstrate compelling legitimate grounds for further processing which override the interests of the data subject in objecting.

If you have provided the processed data yourself, you have the right to data portability in accordance with Art. 20 GDPR.

If the data processing is based on consent in accordance with Art. 6 para. 1 lit. a) or Art. 9 para. 2 lit. a) GDPR, you can revoke your consent at any time with effect for the future without affecting the legality of the previous processing.

Please contact the data protection officer in writing or by email in the aforementioned cases, if you have any unanswered questions or in the event of complaints. You also have the right to lodge a complaint with a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the controller has its registered office is responsible.

6. Contact data protection officer

If you have any further questions about the processing of your data or the exercise of your rights, you can contact the responsible data protection officer at the controller:

Schwarz Campus Service GmbH & Co. KG

Data Protection Officer

Stiftsbergstraße 1

74172 Neckarsulm

E-Mail: datenschutz@mail.schwarz

Data protection information for prospective tenants and tenants for student housing in W|27 Heilbronn

Version 5.0

We take the protection of your personal data very seriously and endeavor to provide you with comprehensive information about the processing of your personal data. The following data protection information provides you with information on how and for what purposes we process your personal data if you are a prospective tenant or tenant for student accommodation at W27 Heilbronn.

We generally collect your personal data from you. In particular, the EU General Data Protection Regulation (GDPR) serves as the legal basis.

1. controller within the meaning of Art. 4 No. 7 GDPR

The controller within the meaning of Art. 4 (7) GDPR for the data processing described below is

Schwarz Campus Service GmbH & Co. KG

Stiftsbergstraße 1

74172 Neckarsulm

E-mail: w27@mail.schwarz

2. application for an apartment

2.1 Purposes and legal basis of data processing

2.1.1 Mandatory information that you must provide during the application process:

If you apply for one of our apartments, we process your master data, such as your surname, first name and date of birth, your address and contact details and your CampusCard ID, if you have one, on the basis of Art. 6 para. 1 lit. b) GDPR. The processing takes place so that we can process your application and prepare a possible resulting tenancy.

Furthermore, we process your identification document, such as your identity card or passport, information on your enrollment status including matriculation number (for students), information on your professional status, your nationality and, if you are not a national of an EU country, your visa on the basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to clearly identify you or to check your eligibility for an apartment space.

We also process the user name and password you have chosen on the basis of Art. 6 (1) (b) GDPR in order to provide you with access to our online portal for managing your (tenant) data.

2.1.2 Voluntary information that you can provide during the application process:

If you apply for an apartment suitable for the disabled, we will process information about your disability or your disability certificate (health data) with your consent in order to check whether you are entitled to rent such an apartment. The processing is carried out on the basis of Art. 9 para. 2 lit. a) GDPR.

You can also optionally enter your telephone number, which we process on the basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in enabling (further) contact.

2.1.3 Data processing for technical reasons:

On the basis of Art. 6 para. 1 lit. f) GDPR, we also log your registrations and deregistrations in our online portal for tenant management. In the event of a failure or malfunction of the system, our legitimate interest lies in being able to trace who used the system and whether this use may have led to a malfunction.

2.2 Recipients/categories of recipients

In exceptional cases, e.g. technical support services, the data you provide during the application process and uploaded documents may be accessible to REOS GmbH Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal through which your application is made and on which your data is stored.

Your personal data may be accessible to Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, as they also provide support services for the online portal on our behalf.

Your data may be transmitted to other recipients to the extent necessary if they provide services on our behalf and need to process your data for this purpose.

2.3 Obligation to provide your data

2.4 Storage period

The documents/documents you uploaded will be deleted after we have notified you of the rejection.

We will delete the ID document you uploaded during the application process and any visa you uploaded immediately after we have checked your identity or your right of residence.

If your application is successful and we enter into a tenancy agreement with you, we will store the relevant data for a period of up to 12 years from the end of the tenancy agreement.

Log data for the use of the online portal for tenant management will be deleted 7 days after the respective use.

3. renting an apartment

3.1 Purposes and legal basis of data processing

When you rent one of our apartments, we process your master data, such as your name and date of birth, your address and contact details, your payment details, your signature, information on the start and end of the tenancy, information on your warm rent or flat-rate rent, information on your enrolment status (for students) and the ID of your CampusCard on the basis of Art. 6 para. 1 lit. b) GDPR. The processing takes place so that we can carry out or settle the existing tenancy with you.

You also enter your payment details on the master data sheet for the rental agreement. In this case, we process the data on the basis of Art. 6 para. 1 lit. b) GDPR in order to be able to pay you your deposit again after the end of a possible tenancy.

On the aforementioned basis, we also process information about the hardware you use for Internet access (MAC address), the IP address and the user name you have chosen for access as well as your chosen password in order to provide you with a corresponding Internet connection via W-Lan or Lan.

On the basis of Art. 6 para. 1 lit. f) GDPR, we process your master data (surname, first name), your apartment number and contact details (telephone number) in order to contact you. Our legitimate interest is to be able to contact you as part of the proper management of the property, especially in emergencies.

On this basis, we also process information about when you used the internet connection and how much data was transmitted. This user data is aggregated (summarized) so that it can no longer be assigned to an individual user and is used by us for statistical purposes (e.g. number of users per day and total upload and download figures for all users in the past month) in order to maintain the functionality of the network and to be able to provide sufficient bandwidth.

On the basis of Art. 6 para. 1 lit. b) GDPR, we process the user name and password you have chosen in order to provide you with access to our online portal for managing your (tenant) data.

On the basis of Art. 6 para. 1 lit. f) GDPR, we also log your registrations and deregistrations in the online portal for tenant management. In the event of a failure or malfunction of the system, our legitimate interest lies in being able to trace who used the system and whether this use may have led to a malfunction.

3.2 Recipients/categories of recipients

Your master data (surname, first name), address data for your apartment as well as contact data (telephone and e-mail) and damage reports will be transmitted to the extent necessary to service companies commissioned by us so that they can rectify any damage we or you have detected in your apartment and carry out repair work.

In order to provide you with an Internet connection via Wi-Fi and LAN, we transmit your master data (surname, first name), details of the hardware you are using (MAC address), the times you log on and off the network, the volume of data you transfer, your IP address and your user name and password for the network to FREDERIX Hotspot GmbH, Oskar-Winter-Straße 9, 30161 Hanover, which provides parts of the infrastructure and the Internet on our behalf and provides corresponding support. This data may also be accessible to Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, which also operates parts of the infrastructure on our behalf and provides corresponding support services.

In order to store your data within the digital doorbell system for the hall of residence and to give you access to the mailbox system, we transmit your master data (surname, first name) and the address of your apartment to Erwin Renz Metallwarenfabrik GmbH & Co KG, Boschstraße 3, 71737 Kirchberg/Murr, which operates the aforementioned systems on our behalf.

For the billing of your tenancy, the deposit and any repair costs for which you are responsible, we transmit your master data (surname, first name, e-mail address, telephone number), address data and payment data to the extent necessary to Schwarz KG, Rötelstraße 35, 74172 Neckarsulm, Germany, which carries out the billing on our behalf.

Your data may be transmitted to other recipients to the extent necessary if they provide services on our behalf and need to process your data for this purpose.

3.3 Obligation to provide your data

By concluding the tenancy agreement, you are obliged to provide us with the personal data that is necessary for us to ensure the proper execution and billing of the tenancy. This includes in particular your master data, address data, contact data and payment data. If you do not provide us with the required data, we will not be able to enter into or execute a tenancy agreement with you.

3.4 Storage period

We store your personal data for a period of up to 12 years from the end of the tenancy.

Log data for the use of the online portal for tenant management will be deleted 7 days after the respective use. Your access data for the online portal (user name and password) will be deleted two years after the end of the tenancy.

4. use of the online portal for tenant management

4.1 Log files

4.1.1 Purposes and legal basis of data processing

Log files with the following content are generated when the online portal is used:

- The website from which you access our site;

- The IP address;

- The access date and time;

- The request of the client;

- The http response code;

- The amount of data transferred;

- Information about the browser you are using and the operating system you are using.

4.1.2 Recipients/categories of recipients

4.1.3 Obligation to provide your data

4.1.4 Storage period

The data will be deleted 7 days after the respective use.

4.2 Use of cookies

4.2.1 Purposes and legal basis of data processing

- "XSRF-TOKEN" for the verification of form submissions

- "reos_onboarding_session" to assign the browser to the user data record

- "reos_tss_session" for assigning the browser to the user data record when using the TSS app/TSS web

4.2.2 Recipients/categories of recipients

In exceptional cases, e.g. technical support services, the data generated by the cookies may be accessible to REOS GmbH, Amsinckstraße 28, 20097 Hamburg, as this is the technical provider of the online portal used to manage your tenancy.

4.2.3 Obligation to provide your data

4.2.4 Storage period

The cookies mentioned are set for a period of two hours.

5 Your rights as a data subject

You have the right to receive information about the personal data stored about you free of charge upon request in accordance with Art. 15 para. 1 GDPR.

In addition, if the legal requirements are met, you have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data.

If you have provided the processed data yourself, you have the right to data portability in accordance with Art. 20 GDPR.

6. contact data protection officer

If you have any further questions about the processing of your data or the exercise of your rights, you can contact the responsible data protection officer at the controller:

Schwarz Campus Service GmbH & Co. KG

Data Protection Officer

Stiftsbergstraße 1

74172 Neckarsulm

E-Mail: datenschutz@mail.schwarz