This privacy policy informs you about the processing of your personal data by PropDesigner Pro as well as your related data protection rights under the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (hereinafter referred to as “BDSG”).

If you have any questions regarding the content of this privacy policy, you may contact us at any time at the following address:

As changes in laws or adjustments to our internal company processes may require us to update this privacy policy, we kindly ask you to review this privacy policy regularly.

§ 1 Scope

This privacy policy applies to the processing of your data in connection with your use of the online services of PropDesigner Pro, which are accessible under the domain https://www.propdesigner-pro.com as well as various subdomains and individual pages (hereinafter collectively referred to as the “Website”). It also applies if you are a prospective customer, client, or business partner of PropDesigner Pro.

§ 2 Definitions

For better understanding, we define below the terms underlying this privacy policy.

Recipient means a natural or legal person, authority, institution, or other body to whom personal data are disclosed, regardless of whether they are a third party or not. However, authorities that may receive personal data in the context of a specific investigation mandate under Union law or the law of the Member States are not considered recipients; the processing of this data by these authorities is carried out in accordance with the applicable data protection regulations and the purposes of the processing.

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Examples of personal data include name, contact details, bank details, or user behavior.

Controller means the natural or legal person, authority, institution, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. If the purposes and means of processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its nomination may be provided for by Union law or the law of the Member States.

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Data subject within the meaning of this privacy information includes, for example, prospective customers who inform themselves about PropDesigner Pro and our offers and services on our websites, arrange consultation appointments with us, or submit an inquiry via the contact form. From the moment a user account is created, a data subject is considered a customer. Business partners are current and future contractual partners who provide deliveries and services (e.g., programming) to PropDesigner Pro as subcontractors or service providers.

§ 3 Purposes and Legal Bases of Data Processing

The transfer of your personal data to third parties without your consent does not take place, except as described in this privacy policy, unless we are legally obligated to disclose such data or engage third parties bound by professional confidentiality to enforce our claims.

Specifically, we process the following data:

1. Website Visit

Depending on which functions or services of our website you use, it may be necessary to process personal data from you. Below we list the purposes of processing your personal data as well as the necessary legal bases. Your personal data will not be used beyond the types of use mentioned in this privacy policy.

Please note that you are not obligated to provide us with your personal data via our website. The provision of your data via our website is neither legally nor contractually required nor necessary for concluding a contract. However, failure to provide the data may result in you being unable to use certain functions/services on our website.

Each time our website is accessed and each time a file is retrieved, data about this process is automatically stored in a log file. These include:

* Information about which pages were accessed, the duration of stay on each page, the exit page (i.e., the point where the website was left),

* The search terms and search engine that redirected you to http://www.propdesigner-pro.com,

* Screen resolution,

* Browser,

* Operating system,

* Country from which the access was made,

* Information on whether and when (date and time) downloads were made,

* Date and time of access.

The storage serves exclusively internal system-related and statistical purposes and is necessary for the statistical recording of usage, optimization of our website, and ensuring data security and the smooth operation of the IT systems used for this purpose. The data and information are stored under the data sovereignty of PropDesigner Pro on the server of an external IT service provider/web hosting provider in Germany based on overriding interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR and insofar as required by legal provisions (e.g., § 257 HGB or § 147 AO).

2. Our Web Tool “PropDesigner Pro”

To use PropDesigner Pro, you must create a user account via registration. When you create a user account or log in, we use the provided access data (email address and password) to grant you access to and manage your user account. We also generate a unique identification number assigned to you (User ID). Providing this access data during registration and creating the User ID is necessary to use PropDesigner Pro. The access data and User ID provided during registration or login are used to verify your authorization to manage the user account and enable you to use PropDesigner Pro. We also use the User ID for product analysis and optimization. The legal basis for processing these data is Art. 6 para. 1 lit. b GDPR for enabling software use and Art. 6 para. 1 lit. f GDPR (legitimate interest) for product analysis and optimization.

3. Contact Form

Visitors to the website have the option to contact us via a contact form. The following data are requested, with mandatory fields marked with *:

* Salutation* in the drop-down menu (Mr, Ms, Diverse)

* First name

* Last name*

* Company name

* Email address*

* Phone number*

* Message (free text)

We use this data to respond to your inquiry in a service-oriented manner and to get in touch with you. Processing of this data is based on Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Data Processing Based on Consent

In individual cases, the processing of your personal data may also take place based on your voluntary consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. We will inform you separately about the purposes and consequences of refusal or withdrawal of consent in the respective text. Withdrawal of consent applies only prospectively. Processing carried out before withdrawal remains lawful. Should we wish to process your personal data for a purpose not listed above, we will inform you in advance within the legal framework.

5. Use of Brevo

We use Brevo (provider: Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany) as a Customer Relationship Management system (CRM), for sending newsletters, and for booking and conducting video calls. As part of this use, the following personal data is transmitted to and processed by Brevo: title, first name, last name, company, telephone number, and email address.

The processing is based on Art. 6 para. 1 lit. a GDPR (consent) for newsletter subscriptions or Art. 6 para. 1 lit. b GDPR (contract performance) for CRM functions and video call bookings. The data is used exclusively for customer management, sending newsletters (with appropriate consent), and coordinating and conducting video conversations.

We have concluded a data processing agreement with Brevo in accordance with Art. 28 GDPR, which ensures the data protection-compliant processing and protection of your personal data. You can withdraw your newsletter consent at any time by clicking the unsubscribe link in any email or by notifying us.

Further information about data processing by Brevo can be found in their privacy policy at:

https://www.brevo.com/legal/privacypolicy/

§ 4 Use of Cookies

Our website uses so-called cookies. Cookies are small text files that are stored on your device when you visit a website. They contain information that allows us to recognize you on subsequent visits or to enable certain functions.

Cookies can be divided into the following categories:

Technically necessary cookies:

These are required for the operation of the website and basic functions such as navigation or secure login. They cannot be disabled.

Preference cookies:

These store information that affects the behavior or appearance of the website (e.g., language settings).

Statistics cookies:

They help us understand how visitors interact with our website by collecting and analyzing information anonymously.

Marketing cookies:

These are used to track visitors across websites and display personalized advertising.

Some of the cookies used come from third parties (so-called third-party cookies) and enable, for example, the integration of external content or the analysis of user behavior by external services.

The legal basis for the use of technically non-essential cookies is your consent according to Art. 6 para. 1 lit. a GDPR, which you can give via our consent management tool (Cookiebot). Technically necessary cookies are used based on Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure and functional operation of the website).

Details about the cookies used, third-party providers, and your individual settings can be found at any time via our cookie banner at the bottom of the screen (“Cookie Settings”).

§ 5 Cookie Consent Management with Cookiebot

We use the consent management service Cookiebot from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, on our website.

Cookiebot enables us to collect, store, and document website visitors’ consents in compliance with the GDPR. When visiting our website, users are shown a consent banner where they can allow or reject certain cookies and services.

The following data are processed in this context: IP address (in shortened form), date and time of consent, browser information, URL of the accessed page, and consent status (stored via cookie).

Data processing is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR (legally compliant consent management) as well as Art. 6 para. 1 lit. c GDPR (legal obligation to provide evidence under Art. 7 GDPR).

Cookiebot stores your consent for 12 months and then requests it again. Further information can be found at: https://www.cookiebot.com/en/privacy-policy/

§ 6 Google Tag Manager

On our website, we use the Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is used for the technical management and integration of website tags. Through it, scripts and services such as Google Analytics, Facebook Pixel, TikTok Pixel, LinkedIn Insight Tag, and other tracking technologies are integrated.

The Tag Manager itself does not collect any personal data from users. It merely ensures that the integrated tools are executed in compliance with the selected privacy settings.

Actual data processing is carried out by the services separately named in this privacy policy. The integration of these services only takes place after your explicit consent via our consent management tool (Cookiebot) in accordance with Art. 6 para. 1 lit. a GDPR.

More information about the Google Tag Manager can be found here:

https://support.google.com/tagmanager/answer/9323295?hl=en

§ 7 Web Analytics with Google Analytics and Google Signals

On our website, we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google uses cookies that enable the analysis of website usage.

1. Google Analytics

The information generated by the cookie about your use of this website (including your IP address) is usually transmitted to a Google server in the USA and stored there. IP anonymization is enabled on this website, meaning your IP address is truncated within the EU or EEA before transmission. Only in exceptional cases is the full IP address transmitted to Google in the USA and truncated there.

Google processes this information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website usage.

The legal basis for using Google Analytics is your consent under Art. 6 para. 1 lit. a GDPR, which you give via our cookie consent tool (Cookiebot).

You can revoke your consent at any time via our consent tool or prevent data collection by Google Analytics by installing the browser plugin at the following link:

http://tools.google.com/dlpage/gaoptout?hl=en

More information:

https://support.google.com/analytics/answer/6004245?hl=en

2. Google Signals

If you are logged into your Google account when visiting our website and have enabled “personalized ads,” we also use Google Signals.

This service allows Google to create cross-device, anonymized reports on interactions on our website (e.g., sessions, user groups, conversions). The data is based on usage information from Google accounts, such as location data, search history, YouTube history, and device information—however, without direct personal identification.

Processing is also carried out solely based on your consent according to Art. 6 para. 1 lit. a GDPR. You can disable this function at any time by turning off the “personalized ads” option in your Google account under “Data & Privacy”:

https://adssettings.google.com/

Processing of personal data by Google may take place outside the EU (e.g., in the USA). The transfer is based on the EU Commission’s standard contractual clauses as well as any additional protective measures by Google.

§ 8 Marketing and Conversion Tracking (Pixel Technologies)

On our website, we use so-called pixel technologies and tag management systems to track user behavior after interaction with our advertisements on external platforms. This serves to measure reach, record conversions, and optimize the display of advertisements (remarketing). The integration of pixels is done via the Google Tag Manager.

The actual activation of tracking technologies only takes place after your explicit consent via our consent tool Cookiebot, in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. You can revoke your consent at any time via the following link: https://www.cookiebot.com/en/consent-management/.

Services used:

1. Meta Pixel (Facebook & Instagram)

Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

2. TikTok Pixel

Provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland

3. LinkedIn Insight Tag

Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland

4. Google Ads Conversion Tracking & Remarketing

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Processed data may include, among others: IP address, device information, pages visited, conversion data (e.g., purchases), referrer URL, browser data, and interactions on our website.

The providers partly act as joint controllers or processors. The transfer of personal data to third countries (e.g., USA) cannot be excluded. This takes place based on the standard contractual clauses (SCCs) of the EU Commission as well as additional measures by the providers.

Information about the cookies used can be found at any time in the settings of our consent banner (provided by Cookiebot).

§ 9 Use of Google Fonts

To ensure a uniform and appealing presentation of fonts, we use so-called web fonts, especially Google Fonts.

The fonts used are stored locally on our server and are not loaded from Google servers when the pages are accessed.

Therefore, no personal data (such as your IP address) is transmitted to Google. No data processing by third parties takes place in this context.

The legal basis is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in a technically uniform and user-friendly presentation of our website.

§ 10 Links to Social Networks

On our website, we provide links to company profiles on the social networks Facebook, Instagram, LinkedIn, and TikTok. These links are implemented as pure hyperlinks (no plugins or embedded content).

By clicking these links, you leave our website and are redirected directly to the offerings of the respective providers. Please note that their own privacy policies apply there, over which we have no influence.

Providers & Privacy Policies:

* Facebook / Instagram:

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

* LinkedIn:

LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland

* TikTok:

TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland

§ 11 Hyperlinks to Third-Party Websites

In addition to links to social networks, our website may contain hyperlinks to other websites of third-party providers. When you activate these hyperlinks, you will be directly redirected from our website to the websites of these other providers. You can recognize this, among other things, by the change of the URL.

PropDesigner Pro has no influence over the design and content of third-party websites. Therefore, we cannot accept any responsibility for the confidential handling of your data on third-party websites, as we have no control over whether these third parties comply with data protection regulations.

Please inform yourself about the handling of your personal data by these third parties directly on their respective websites.

§ 12 Transfer of Personal Data to Third Parties

The transfer of your personal data to third parties takes place in accordance with the provisions of this § 12, unless otherwise regulated elsewhere in this privacy policy. Transfers only occur insofar as necessary for the fulfillment of the purposes stated in this privacy policy or you have consented to the transfer of your data.

Furthermore, your personal data may be passed on to other recipients to fulfill our legal obligations based on Art. 6 para. 1 sentence 1 lit. c) GDPR, such as to authorities to comply with statutory reporting obligations (e.g., tax authorities, social security agencies, or law enforcement agencies).

Additionally, this may occur based on our legitimate interest within the scope of an information request to authorities, service providers, and network operators, provided the necessary conditions are met under Art. 6 para. 1 sentence 1 lit. f) GDPR. In the event of breaches of duty under a contract concluded with PropDesigner Pro and resulting legal disputes, forwarding to credit agencies, possibly external debt collection agencies, and external lawyers may occur. The processing of your personal data is based on Art. 6 para. 1 sentence 1 lit. b) GDPR for the execution and processing of the contract and on Art. 6 para. 1 sentence 1 lit. f) GDPR to safeguard, defend, and enforce our legitimate legal interests.

§ 13 Order Data Processing by External Service Providers

For the programming of our web tool, we partly use external service providers who process personal data on our behalf. These service providers have been commissioned by us in writing and carefully selected. They are bound by our instructions and are regularly monitored by us with regard to compliance with data protection requirements.

All systems in which your personal data is stored and to which external service providers have access are password-protected and accessible only to those persons who require your data to process the purposes authorized by you. Within the scope of legal provisions, we ensure that the data is processed, used, and transmitted by the external service providers in the agreed manner.

Our website and web tool are hosted by Amazon Web Services EMEA SARL (38 Avenue John F. Kennedy, L-1855 Luxembourg). The processing of personal data is carried out exclusively within the scope of order processing pursuant to Art. 28 GDPR. The servers are located in the region "eu-central-1" (Frankfurt, Germany).

In individual cases, data processing by AWS employees outside the EU (e.g., in the USA) may occur. This transfer is based on the EU standard contractual clauses and the EU–US Data Privacy Framework.

Further information is available at: https://aws.amazon.com/en/compliance/gdpr-center/

For sending and receiving emails, we use the services of united-domains GmbH, Gautinger Straße 10, 82319 Starnberg (Germany). The processing of email communication takes place on servers in Germany. Personal data may be processed, especially if you contact us by email or submit a form on the website. We have concluded an order processing agreement with united-domains according to Art. 28 GDPR. united-domains processes personal data exclusively according to our instructions and within the framework of applicable data protection laws.

§ 14 Measures to Protect the Data Stored by Us

We are committed to protecting your privacy and treating your personal data confidentially. To prevent loss or misuse of the data stored with us, we have implemented extensive security measures. We regularly review these measures to ensure that they comply with the latest technical standards.

Your data is stored in our databases. The databases are accessible only to us, our employees specially trained in data protection, and, if applicable, external service providers commissioned by us, with whom we agree on an appropriate level of security.

We place the highest value on the standards to be observed by us. However, we point out that we cannot exclude that the data protection rules and security measures we have taken are not observed by other persons or institutions outside our responsibility.

For this reason, data transmitted unencrypted over the internet may be intercepted by third parties. We have no technical influence over this. It is your responsibility to protect the data you provide from misuse through encryption or other means.

§ 15 Location and Procedure of Data Processing

We ensure the legally binding data protection established in the European Union. In some cases—especially for technical reasons—your entrusted data may be stored on servers outside the country (also outside the European Union) where you originally entered the data.

In such cases and in the event of a risk that the countries to which your data are transferred do not have data protection laws as strict as those in your home country or the country from which you use our services, we ensure that your data is treated according to the provisions of this privacy policy.

Automated decision-making—including profiling—does not take place.

§ 16 Duration of Data Storage

We store your personal data only as long as legally permitted for the purposes stated above. The stored personal data will be deleted when its storage is no longer necessary to fulfill the purpose pursued with the storage or if you have provided us with your data voluntarily based on your consent and have revoked that consent.

It may happen that personal data is retained for the period during which claims can be made against our company (statutory limitation periods of three to up to thirty years).

Additionally, we store your personal data insofar as we are legally obligated to do so. Corresponding proof and retention obligations arise, among others, from the German Commercial Code and the Fiscal Code. The storage periods are up to ten years.

After the retention periods expire, we will delete your data without you needing to request this.

§ 17 Your Data Protection Rights

As a data subject, you have the following rights regarding your personal data stored with us:

1. Right of Access (Art. 15 GDPR)

You have the right to request information about the personal data we have stored about you.

2. Right to Rectification (Art. 16 GDPR)

You have the right to have incorrect or incomplete data corrected.

3. Right to Erasure (Art. 17 GDPR)

You have the right to request the deletion of your data, provided there are no legal retention obligations or other legitimate reasons to the contrary.

4. Right to Restriction of Processing (Art. 18 GDPR)

You can request the restriction of processing of your data under certain conditions.

5. Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and, if applicable, to transfer it to another controller.

6. Right to Object to Processing (Art. 21 GDPR)

You can object to the processing of your data at any time, provided the processing is based on Art. 6 para. 1 lit. e or f GDPR.

7. Right to Withdraw Consent (Art. 7 para. 3 GDPR)

You can withdraw any consent given at any time with effect for the future. The lawfulness of the processing carried out before the withdrawal remains unaffected.

How to exercise your rights:

Please contact:

PropDesigner Pro

Dr. Alexander Knuppertz

Lindenstr. 75b

10969 Berlin

Email: [email protected]

Right to lodge a complaint with a supervisory authority:

If you believe that we are not processing your data in compliance with data protection laws, you have the right to lodge a complaint with a data protection supervisory authority.

Responsible authority:

Berlin Commissioner for Data Protection and Freedom of Information

Friedrichstraße 219

10969 Berlin

https://www.datenschutz-berlin.de

[email protected]

Phone: 030 138 89-0

§ 18 Changes to the Privacy Policy

The provisions of this privacy policy apply in their version valid at the time. This privacy policy may be supplemented or amended in content.

The updated privacy information applies from the time it is published on our website. You will be given the opportunity to view, print, and save the amended privacy information free of charge.