1. Name and address of responsible entity
The responsible entity for this website as defined in the GDPR, the BDSG-new and other data protection legislation valid in member states of the European Union and other privacy provisions of legal nature is:
CORESTATE Capital Holding S.A.
4, rue Jean Monnet
2. Name and address of data protection officer
Contact information of our data protection officer:
CORESTATE Capital Group GmbH
Friedrich-Ebert-Anlage 35-37 | Tower 185
60327 Frankfurt am Main, Germany
Phone: +49 69 3535630-139
Fax: +49 69 3535630-29
Please feel free to contact our data protection officer directly at any time if you have any questions or suggestions regarding data protection matters.
3. Collection and processing of personal data
4. Access data / Server log files
When a website is visited, access data is recorded in server log files. Access data includes: name of the website visited, file, access date and time, volume of data transmitted, notification of successful retrieval of data, browser type and version, operating system of the user, referrer URL (previously visited website), IP address, and querying provider.
We use this technical access data in keeping with Art. 6 (1f) GDPR (legitimate interests) exclusively for the purpose of improving our websites and/or identifying potential technical issues or malfunctions at an early stage. Data is stored for a period of four weeks.
Our newsletter informs you about our company and updates you on current corporate news. If you want to receive our newsletter, we will need to know your first name, last name, and a valid email address. No other data is collected. The provided information is exclusively used for the mailing list of our newsletter and not passed on to third parties. By subscribing to our newsletter, we will save your IP address and the date of registration. We only do so for documentation purposes in case a third party misuses your email address to subscribe to our newsletter without your knowledge. You can revoke your consent to the storage of personal data, the email address and its use for sending the newsletter at any time, either via the link provided in the newsletter or by sending a message to the contacts listed above.
Data provided when subscribing to our newsletter is exclusively processed based on your consent (Art. 6 (1a) GDPR). You can revoke your consent to the storage of personal data, the email address and its use for sending the newsletter at any time, e.g. by clicking “Unsubscribe” in the newsletter. Revocation of your consent will not affect the legality of previous data processing based on your consent. Data recorded for the purpose of sending the newsletter will remain stored until you unsubscribe from the newsletter, at which point it will be deleted.
6. Integration of third-party content and services
Our websites may include third-party content, such as YouTube videos, Google Maps data, RSS feeds or illustrations from other websites. By viewing this content, the IP address of the user will be transmitted to the respective content provider (referred to as “third parties” in the following). This is due to the fact that content cannot be transmitted to the user’s browser without an IP address, i.e. the IP address is necessary for the presentation of such content. We make every attempt to exclusively integrate content in our website by providers that use the IP address solely to provide their content. However, we have no influence on a third party’s decision to store the IP address, e.g. for statistical purposes. If we are aware of such practices, we notify our users accordingly.
This processing is based on legitimate interests as defined in Art. 6 (1f) GDPR.
Session cookies are only stored for the duration of the website visit and are automatically deleted when the user exits the browser. These cookies do not contain any personal data but simply identify the browser used to access the website. Other cookies make it possible to store specific, device-related information on the user’s access device (PC, smartphone, etc.), which is stored beyond the individual session. These cookies serve the purpose of retaining user settings for future website visits. They remain on your end device until you delete them and allow us to recognize your browser the next time you visit our website.
8. Webfont by Fast.Fonts.Net
To ensure the uniform display of fonts, our website uses web fonts provided by Monotype GmbH. When you load our website, your browser stores the required web fonts in your browser cache to be able to accurately display texts and fonts.
To do so, your browser needs to connect to the fast.fonts.net servers. Consequently, fonts.com acquires knowledge about your IP address accessing our website. The use of fast.fonts.net web fonts serves the purpose of an attractive, uniform display of our online offering and is considered a legitimate interest in accordance with Art. 6 (1f) GDPR. If your browser does not support web fonts, one of your computer’s default fonts is used.
9. Google Analytics
Google shortens your IP address within the member states of the European Union of other countries party to the Agreement on the European Economic Area. Only in exceptional cases will your full IP address be transmitted to a Google server in the USA and shortened there. Google Analytics does not link the IP address transmitted by your browser to any other Google data. We have concluded a data processing agreement with the provider based on which Google uses this information to evaluate your use of the website, to produce reports on website activities, and to render further services connected with the usage of the website and of the internet on behalf of the website operator.
Deactivation of Google Analytics
You can disable the collection of data generated by cookies during your use of the website (including your IP address), its transfer to and processing by Google by downloading and installing the browser plugin available at this link: (http://tools.google.com/dlpage/gaoptout?hl=de).
Alternatively, you can also disable data collection through Google Analytics by clicking the following link: (Deactivate Google Analytics). In this case, an opt-out cookie is placed that will prevent data collection during future visits to this website. Please note that your browser settings have to be set to ‘Cookies enabled’ for this option.
10. Google Tag manager
This website uses Google Tag Manager, a service which allows website tags to be managed using a central interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager.
11. Deletion of personal data
We store personal data of an individual only for the time period required to fulfill the relevant purpose. When the purpose of data storage ceases to apply or the storage period elapses, personal data is deleted in accordance with the applicable legal provisions.
12 .Rights of data subjects (users)
As data subject (user), you have the general right of access to information about which personal data has been stored. Provided that your interest does not collide with a legal obligation to store data, you have the right to require the rectification of incorrect data as well as erasure and/or restriction of processing of personal data. If data is processed based on your consent (in acc. with Art. 6 (1a) GDPR or Art. 9 (2a) GDPR), you can revoke your consent at any time. Revocation of your consent will not affect the legality of previous data processing based on your consent. In addition, you have the right to data portability.
To exercise these rights, please contact the responsible entity and/or your data protection officer. You can also contact the responsible regulatory authority directly. For CORESTATE Capital Holding S.A, this is the National Commission for Data Protection (https://cnpd.public.lu).
13. Legal bases of data processing
Art. 6 (1a) GDPR provides our company with the legal basis for data processing activities, for which the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
In cases where processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, Art. 6 (1b) GDPR serves as the legal basis. In cases where processing is necessary for compliance with a legal obligation to which the controller is subject, Art. 6 (1c) GDPR serves as the legal basis.
In cases where processing is necessary in order to protect the vital interests of the data subject or of another natural person, Art. 6 (1d) GDPR serves as the legal basis.
In cases where processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 (1f) GDPR serves as the legal basis.
14. Data security
We protect data you have provided through suitable technical and organizational means to protect it from intentional or unintentional manipulation, loss, destruction and/or access by unauthorized third parties. We continuously monitor and improve our security measures in keeping with technological developments and orga