Privacy policy for the website of PEAC (Germany) GmbH

1. Subject of the privacy policy

The protection of your personal data (hereinafter also referred to as "data") is an essential concern of PEAC (Germany) GmbH (hereinafter also referred to as "PEAC"). In the following, we would like to inform you which data is collected when you visit our website and use our offers and how this data is processed or used in the following, as well as which accompanying protective measures we have taken in technical and organisational terms.

2. Department responsible

Controller in the meaning of data protection law is PEAC (Germany) GmbH. All details can be found in the imprint.

We have appointed a company data protection officer. If you have any questions or comments about this data protection declaration or about data protection in general, you can contact him by email: datenschutz@peacfinance.de

or by post:

PEAC (Germany) GmbH
Data protection officer – confidential -
Gertrudenstraße 2
20095 Hamburg

at any time.

3. Collection and use of your data

PEAC is committed to protecting the privacy of all website visitors. When you use our web services, our servers temporarily store the connection data of the requesting computer by default for system security.

For the purely informational use of our website, it is generally not necessary for you to provide personal data. Rather, in this case, we only collect and use the data that your internet browser automatically transmits to us, such as:

• Date and time of accessing one of our Internet pages,

• your browser type,

• the browser settings,

• the operating system used,

• the last page you visited,

• the amount of data transferred and the access status (file transferred, file not found, etc.),

• the loading times of our website and

• your IP address.

We collect and use this data during an informational visit exclusively in nonpersonal form. It is done to enable the use of the internet pages you have accessed for statistical purposes and to improve our internet presence.

PEAC only stores the IP address for the duration of your visit; no personal evaluation takes place.

Additional personal information is not collected unless you provide this information voluntarily, e.g. in the context of an enquiry for financing, vendor partnership, making an appointment or applying for a job (see Section 4.).

4. Procedures by which we process your personal data

4.1 Financing Inquiry

If you would like to send us a financing enquiry, this is possible via our website. After entering the property and contact details, you can send them to us by clicking on the send button, thereby confirming at the same time that you have taken note of the data protection provisions. The legal basis for the processing of your data is Art. 6(1)(b) GDPR. The purpose of the processing is to establish and implement the con-tractual relationship with you.

As part of the processing of the financing request, a credit check and, if necessary, an enquiry with credit agencies (e.g. Creditreform) is carried out by us. The legal basis for the processing of your data is Art. 6(1)(f) GDPR as well as Section 505a of the BGB, Section 18a KWG). The purpose is our legitimate interest in assessing your creditworthiness and credit standing and the fulfilment of legal obligations.

4.2 Request an Appointment for Consultation

If you would like to send us an appointment request, this is possible via our website. After entering the desired date and time and your contact details, you can send them to us by clicking on the send button, thereby confirming at the same time that you have taken note of the data protection provisions.

The legal basis for processing your data is – depending on the nature of your request – Art. 6(1)(a) or Art. 6(1)(b) GDPR. The purpose of the processing is to keep the appointment with you and, if necessary, to establish and implement the contractual relationship with you.

4.3 Vendor Partnership Request

If you would like to send us a request for a vendor partnership, this is possible via our website. After entering the information about your business model and your contact data, you can send it to us by pressing the send button and confirming that you have noted the data protection regulations. The legal basis for the processing is Art. 6(1)(b) GDPR. The purpose of the processing is to establish and implement the contractual relationship with you.

4.4 Postident Procedure

Via our website, you can start the Postident procedure for the necessary identification of your person. After entering the partner number we have sent you, you will be directed to the portal of Deutsche Post AG, where its employees carry out personal identification using the online procedure. The legal basis for the processing is Art. 6(1)(b) GDPR.

For further information on the procedure and the data protection information of Deutsche Post, please click on the corresponding term.

4.5 Application

We process your personal data within the application process when you apply to us, regardless of how your application reaches us. The legal basis for the processing is § 26(1), (8)(2) BDSG or § 26(2), (8)(2) BDSG. The processing is carried out to contact you and assess your suitability for the position for which you are applying.

5. Transfer to Recipients of Personal Data

We will only pass on the personal data described here where necessary for the provision of our service or otherwise allowed by the law. Within the scope of the purposes stated here, personal data are transferred to service providers involved in providing our services. In addition to their legal obligation to comply with all data protection regulations, these service providers are bound to additional contractual data protection requirements. It includes, in particular, contractual obligations as a processor in accordance with Art. 28 GDPR.

In particular, we transfer personal data to the following categories of service providers insofar as this is necessary for the purposes stated in this data protection declaration within the scope of our business operations:

- Website hosting and support, quality assurance

- Accounting, financial institutions, tax and legal advice

- Operation of the applicant portal

- IT service and infrastructure

- IT support and maintenance

- Data destruction and facility services

In other cases, we transfer personal data to recipients only if there is a legal justification or you have expressed your consent. Any consent given can be revoked at any time with effect for the future. We will only disclose your data to government authorities within the framework of statutory obligations or as a result of an official order or court decision and only insofar as this is permitted under data protection law.

6. Data Security

We use technical and organisational security measures to protect personal data that we receive or collect, particularly against accidental or intentional manipulation, loss, destruction or attack by unauthorised persons. Our security measures are con-tinuously improved in line with technological developments.

Your personal data is also encrypted using SSL/TLS technology to prevent access by unauthorised third parties.

7. Your Rights

As a data subject of the data processing, you have the right to confirmation as to whether personal data relating to you are processed by PEAC and the right to access this personal data (Art. 15 GDPR), a right to rectification of your incorrect data (Art. 16 GDPR), a right to erasure (Art. 17 GDPR) and a right to restrict (block) your data (Art. 18 GDPR).

In addition, in the case of processing on the basis of Article 6(1)(e) or (f) GDPR, you may object to the processing (Art. 21 GDPR). If you have provided the data, you can request the transmission of the data (Art. 20 GDPR). Whether and to what extent these rights are effective in individual cases and under what conditions they apply is stipulated by law. If the processing is based on consent within the meaning of Art. 6(1) (a) or Art. 9(2)(a) GDPR, you can revoke consent at any time with effect for the future (Art. 7(3)(1) GDPR). You also have the right to contact the competent data pro-tection supervisory authority (Art. 77 GDPR).

Whether and to what extent these rights exist in individual cases and under what conditions they apply is specified by law in the named standards.

If we process your data on the basis of an overriding legitimate interest of our com-pany (Art. 6(1)(f) GDPR), you may object to this data processing for the future under the conditions of Art. 21(1) sentence 1 GDPR.

If we use your data for direct advertising purposes, you can object to this data pro-cessing in accordance with Art. 21(2) GDPR with effect for the future.

For the fastest possible processing of your data protection request or question, we recommend that you contact our data protection officer at datenschutz@peacfinance.de. Please provide us with all the necessary information to process your request.

8. Deletion

We delete your personal data as soon as it is no longer necessary for the aforemen-tioned purposes of processing. We also delete your personal data if you object to a certain processing of data based on legitimate interests unless there are compelling reasons for PEAC to continue processing. We also delete your data if you revoke your consent to the processing and if there is no other legal basis for processing. In some instances, e.g. if there is a statutory retention period, your data will initially be blocked and deleted upon expiry of the retention period.

Job Application-related data is retained until a decision is made and then deleted after a maximum of six months or, in the event of a successful application, trans-ferred to your personnel file.

9. No automated individual Decision-Making

We do not use your personal data for automated individual decisions in the meaning of Art. 22(1) GDPR.

10. Amendment of the Privacy Policy

New legal requirements, business decisions or technical developments may require changes to our privacy policy. The privacy policy will then be adapted accordingly. You can always find the latest version on our website.

Status: April 2022