Thank you for your interest in the online presence of Aachener Grundvermögen Kapitalverwaltungsgesellschaft mbH. The protection of your privacy is important to us. In the following, we would like to inform you about the handling of personal data when using our website at www.aachener-grund.de . By personal data we mean all data that can be related to you personally, e.g. name, address and e-mail address.
For better orientation, we have divided the following information into sections (A) Basic information, (B) Visit to our website, (C) Use of our services and (D) Rights of data subjects.
Responsible under data protection law pursuant to art. 4 no. 7 EU General Data Protection Regulation (GDPR):
Further information as well as additional legal information can be found in the “Imprint” section.
2. Data protection officer
You can reach our data protection officer Mr. Andreas Kruse here:
50668 Cologne, Germany
E-Mail: privacy( at )aachener-grund.de.
Phone: +49 221 / 77204-771
3. Data and system security
We secure our website and systems through technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.
In connection with access to our website, data which may allow identification (e.g. IP address) is temporarily stored on our servers for the purposes of data and system security, but in principle for no longer than ten days. The processing of possibly personal data for purposes of data and system security is carried out on the basis of art. 6 para. 1 sentence 1 subpara f. GDPR and our legitimate interest in securing our systems and preventing misuse.
4. Principles for the storage and erasure of personal data
Personal data shall only be processed for the period of time necessary to achieve the respective storage purpose or if this is provided for in laws or regulations applicable to us (e.g. commercial or tax retention obligations). If a storage purpose no longer applies or if a legally prescribed storage period expires, the personal data concerned will be routinely erased in accordance with the statutory provisions or their processing will be restricted (e.g. limited processing within the scope of commercial or tax law storage obligations).
The processing of personal data on the basis of a legal obligation, namely the fulfilment of legal storage obligations, is based on art. 6 para. 1 sentence 1 subpara c GDPR. Insofar as personal data are processed art. 6 para. 1 sentence 1 subpara f GDPR for the purpose of preserving evidence, these processing purposes shall cease after expiry of the statutory limitation periods; the statutory regular limitation period is three years.
For further details on specific storage and deletion periods, we refer you to individual service descriptions or information in this data protection declaration.
Visit to our Website
If you only use our website for information purposes, i.e. if you do not register for our newsletter or do not provide us with personal information in any other way, personal data may be generated which your browser transmits to our server. We also use the tracking tool geoPlugin.
1. Technical provision of the website
When you visit our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure the stability and security of our online offering:
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Contents of the request (concrete page)
Access status/HTTP status code
amount of data transferred in each case
Website from which the request originates
Operating system and its interface
Language and version of the browser software.
The legal basis for this collection and processing is art. 6 para. 1 sentence 1 subpara f GDPR. Our legitimate interest lies in the provision of a functional website offering and its system security.
You can prevent the setting of cookies by setting your Internet browser and thus permanently object to the setting of cookies. In addition, cookies that have already been set can be deleted via an Internet browser or other software programs. However, please note that if you deactivate cookies in your Internet browser, you may not be able to use all the functions of our and other online services.
3. Web analysis (Matomo)
On our website we use the open source software tool Matomo (formerly PIWIK) to analyse the surfing behaviour of our users. We use Matomo without the use of tracking cookies. We have deactivated the use of tracking cookies in the basic configuration of Matomo in order to ensure a particularly data protection-friendly procedure. If individual pages of our website are accessed, the following data is stored:
two bytes of the IP address of the user’s calling system
called up web page
website from which the user has accessed the accessed website (referrer)
subpages that are called up from the called up web page
time spent on the website
frequency with which the website is accessed
The software runs exclusively on the servers of our website. The data of a website visit is only stored there. Matomo is set so that the IP addresses are not completely stored, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx ). In this way it is no longer possible to assign the shortened IP address to the calling computer.
The legal basis for the processing of users’ personal data is Art. 6 para. 1 sentence lit. f GDPR. The processing of users’ personal data enables us to analyse the surfing behaviour of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. For these purposes, it is also in our legitimate interest to process the data in accordance with Art. 6 para. 1 lit. f GDPR. By anonymizing the IP address, users’ interest in protecting their personal data is sufficiently taken into account.
The data will be deleted as soon as they are no longer needed for our recording purposes. In our case, this is the case after 12 months.
You have the option to make use of a separate out-out on our website. In this case a cookie is placed on your system, which signals to our system not to store the user’s data:
Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.
The tracking opt-out feature requires cookies to be enabled.
Use of our services
On our website we offer you various possibilities to get in touch with us and to send us news. You can also contact us by telephone or e-mail.
In the event of such contact, the data you provide (e.g. your e-mail address, possibly your name and telephone number) will be stored and processed by us in order to process your request. The legal basis in this respect is art. 6 para. 1 subpara b and f GDPR. Our legitimate interests lie in the efficient and structured recording and processing of enquiries. We delete the data after the storage is no longer necessary or restrict the processing if there are legal storage obligations.
2. Investor area
We provide our investors with access data to the information pages of Aachener Grund-Fonds Nr. 1, where we provide information about our fund. The legal basis for the processing of the login data is art. 6 para. 1 subpara b GDPR.
3. Google Maps API
This website uses Google Maps API to visually display geographic information. Google Maps is a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When Google Maps is used, Google also collects, processes and uses data relating to the use of map functions by visitors. For more information about data processing by Google, please refer to the Google Privacy Notice (https://policies.google.com/privacy?hl=en). There you can also change your personal data protection settings in the data protection centre.
We will be pleased to inform you about your rights under the GDPR as a “data subject”. You are then entitled to the following rights with regard to your personal data:
Right of access by the data subject (art. 15 para. 1, 2 GDPR)
Right to rectification (art. 16 GDPR) or erasure (art. 17 GDPR)
Right to restriction of processing (art. 18 GDPR)
Right to data portability (art. 20 GDPR)
Right to object (art. 21 GDPR)
Right of withdrawal (art. 7 para. 3 GDPR)
Right to lodge a complaint with a supervisory authority (art. 77 GDPR)
In addition, we summarise the key points of the rights of data subjects under the GDPR as follows, whereby this presentation does not claim to be exhaustive, but merely addresses the main features of the rights of data subjects under the GDPR:
Right of access by the data subject (including right to confirmation and rights to data provision)
The data subject shall have the right to obtain from the controller confirmation as to whether personal data relating to him or her are being processed.
The data subject shall have the right to obtain a copy of the personal data relating to him or her which are the subject of processing.
the purposes of the processing;
the categories of personal data to be processed;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration;
the existence of a right to the rectification or erasure of personal data relating to them or to the limitation of the processing by the controller or of a right to object to such processing;
the existence of a right to lodge a complaint with a supervisory authority;
where the personal data are not collected from the data subject, any available information as to the source of the data;
the existence of automated decision-making, including profiling, in accordance with art. 22 para. (1) and (4) of the GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing for the data subject;
if personal data are transferred to a third country or to an international organisation, to be informed of the appropriate safeguards pursuant to art. 46 GDPR in connection with the transfer.
Right to rectification
The data subject shall have the right to obtain from the controller without delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
Right to limitation of processing
The data subject shall have the right to request the controller to restrict the processing if one of the following conditions is met:
the accuracy of the personal data is contested by the data subject for a period of time which allows the controller to verify the accuracy of the personal data,
the processing is unlawful and the data subject refuses to erase the personal data and instead requests the restriction of the use of the personal data;
the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the assertion, exercise or defence of legal rights, or
the data subject has lodged an objection to the processing pursuant to art. 21 para. (1) GDPR, as long as it has not yet been established whether the legitimate reasons of the data controller outweigh those of the data subject.
Right of erasure
The data subject has the right, in principle and subject to the need for data processing as determined by law (cf. the exception in art. 17 para. (3) GDPR), to require the data controller to delete personal data relating to him without delay if one of the following reasons applies:
Personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
The data subject withdraws his consent on which the processing was based pursuant to art. 6 para. 1 subpara a or art. 9 para. 2 subpara a GDPR and there is no other legal basis for the processing.
The data subject objects to the processing pursuant to art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing or the data subject objects to the processing pursuant to art. 21 para. 2 GDPR.
The personal data have been processed unlawfully.
The deletion of personal data is necessary to fulfil a legal obligation under EU law or the law of the Member States to which the controller is subject.
The personal data have been collected in relation to information society services offered pursuant to art. 8 para. 1 GDPR.
Right to data portability
The data subject shall have the right to obtain the personal data relating to him which he has provided to a data controller in a structured, common and machine-readable format and shall have the right to communicate such data to another data controller without being hindered by the data controller to whom the personal data have been provided, if the processing is based on consent or on a contract pursuant to art. 6 para. 1 subpara b GDPR and the processing is carried out by automated means.
In exercising his/her right to data transfer, the data subject shall have the right to obtain that the personal data be transferred directly from one controller to another controller, to the extent that this is technically feasible.
Right to object
The data subject shall have the right to withdraw any consent given at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revoked.
Right to lodge a complaint with a supervisory authority
Any data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which he/she is staying, at his/her place of work or at the place of the alleged infringement, if he/she considers that the processing of his/her personal data is contrary to this Regulation.
The data protection supervisory authority responsible for us is: LDI – Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestr. 2-4, 40213 Düsseldorf.
– Separate reference to rights of objection pursuant to art. 21 para. 1, 2 GDPR
You have the right to object at any time to the processing of your personal data on the basis of art. 6 para. 1 subpara e or f GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions. If you file an objection, your personal data will no longer be processed unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms of the person concerned, or the processing serves the assertion, exercise or defence of legal claims.
If personal data are processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct advertising.
You can contact us at any time for the exercise of data subject rights and for general questions on data protection: