DE Contact

DATA PROTECTION

DATA PROTECTION INFORMATION FOR TENANTS

Privacy Policy


The following data protection notice provides an overview of the collection and processing of your data.
The responsible handling of personal data is of particular importance to us and is a matter of course. If we receive personal data from you, we use or process it in compliance with the applicable national and European data protection regulations. Personal data in the sense of this information are all information which show a reference to your person.
The following data protection notice provides you with an overview of how we process your personal data and your rights under data protection law.

1. DATA CONTROLLER
The controller is:
Objekt Office Center Handelskai Immobilienerrichtungs S.à r.l. & Co OG
Handelskai 92
1200 Wien

2. SOURCE OF THE PERSONAL DATA
We process personal data that we receive from you during your visit to our websites or in the course of your contacting us.

3. CATEGORIES OF PERSONAL DATA THAT ARE PROCESSED
a. During a purely informative visit to our websites, we do not collect any personal data except for the data that your browser transmits to enable you to visit the website.

  • Your IP address, which is shortened in the last segment.
  • the remote host (name of the computer requesting the page), if transmitted by the network.
  • Date, the time, the status, the amount of data transferred.
  • The website from which you came to the requested page (referrer), if transmitted by the browser.
  • The product and version information of the browser used (user agent), if transmitted by the browser.
  • If your username is also transmitted by your network, this will not be stored by us.

This data is not merged with other data sources. The collection of this data is based on Art. 6 (1) S. 1 lit. f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be collected.

b. Your browser also stores so-called cookies. Cookies are small text files that are assigned to the browser you are using or stored on your device and through which the entity that sets the cookie (in this case, us) receives certain information. Cookies serve to make the Internet offer more user-friendly and effective overall.
This website uses the following cookies:

  • Transient cookies: These are automatically deleted when you close the browser. These include the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. The session cookies are deleted when you log out or close the browser.
  • Persistent cookies: These are automatically deleted after a predefined duration, which may differ depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

The collection of this data is based on Art. 6 (1) s. 1 lit. a) or f) GDPR.

c. In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data, which we use to provide the respective service. This data is collected based on the legal basis stated for the respective service.

4. PURPOSES FOR WHICH THE PERSONAL DATA ARE TO BE PROCESSED AND LEGAL BASES FOR PROCESSING
We process your personal data in compliance with the applicable national and European legal data protection requirements.
In this context, the processing is lawful if at least one of the following conditions is met:

a. Consent (Art. 6 (1) s. 1 lit. a) GDPR)
As far as you have given us consent to process your personal data for certain purposes (e.g. use of data for marketing purposes, cookie use, contact form), the lawfulness of this processing is based on your consent. The legal basis is then Art. 6 (1) s. 1 lit. a) GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. Consent given can be revoked at any time with effect for the future.

b. For the fulfillment of contractual obligations or for the implementation of pre-contractual measures (Art. 6 (1) s. 1 lit. b) GDPR)
In order to fulfill our contractual obligations in the individual case or also to carry out pre-contractual measures that take place upon request, we process personal data for the fulfillment of the contract. The purposes of data processing result primarily from the specific contractual relationship and may include, among other things, needs analyses and consulting. The further details on the data processing purposes can be found in the contract documents and terms and conditions.

c. Due to legal requirements (Art. 6 (1). s. 1 lit. c) GDPR)
Messeturm PropCo S.à.r.l. is subject to various legal obligations (e.g. commercial and tax retention requirements under the German Commercial Code and the German Fiscal Code). The purposes of the processing include, among other things, the fulfillment of control and reporting obligations under tax law and also risk assessment and control within the company.

d. Within the framework of the balancing of interests (Art. 6 (1) s. 1 lit. f) GDPR)
To the extent necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of us or third parties. Examples:

  • Revision and improvement of procedures for general business management and further development of products and services,
  • Advertising, customer satisfaction, unless you have objected to the use of your data,
  • Assertion of legal claims and defense in legal disputes,
  • Prevention, clarification or prevention of criminal offenses.

5. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Some of the aforementioned processes and services are carried out by carefully selected service providers who comply with data protection regulations. These external service providers are bound by our instructions and are regularly monitored. They will not pass on your data to third parties.
With regard to the transfer of data to other recipients, we will only pass on information about you if this is required by law, you have given your consent or we are authorized to do so. If these requirements are met, recipients of personal data may include:

  • Public authorities and institutions (e.g. tax authorities, law enforcement agencies) in the event of a legal or official obligation;
  • Other companies or comparable institutions to which we transfer personal data in order to carry out the business relationship with you (e.g. network operators, credit agencies).

6. INTENTION TO TRANSFER THE PERSONAL DATA TO A THIRD COUNTRY OR AN INTERNATIONAL ORGANIZATION
An active transfer of personal data to a third country will only take place if this has been expressly indicated within the scope of the aforementioned services and if the prerequisites of Art. 44. GDPR are given. A third country is a country outside the European Economic Area (EEA) in which the GDPR is not directly applicable. For the USA, the EU Commission has not issued an adequacy decision pursuant to Art. 45 (1) GDPR.

7. CRITERIA FOR DETERMINING THE PERIOD FOR WHICH PERSONAL DATA ARE STORED
The criteria for determining the duration of storage are based on the end of the purpose and the subsequent statutory retention period. If the data is no longer required for the fulfillment of contractual or legal obligations, it is regularly deleted, unless its further processing - limited in time and scope - is necessary for the following purposes:

  • Fulfillment of retention obligations under commercial and tax law: These include the German Commercial Code (HGB) and the German Fiscal Code (AO). These stipulate retention and documentation periods of up to 10 years.
    Preservation of evidence within the framework of the statutory limitation provisions: In accordance with Sections 195 of the German Civil Code (BGB), the regular limitation period is 3 years, but in special circumstances up to 30 years.

8. DATA PROTECTION RIGHTS
At any time you can request information about the stored data, the purpose of storage or its origin. In addition, you can have your personal data blocked, corrected or deleted at any time. A corresponding request or a request for correction, blocking or deletion of personal data should be addressed to the responsible body. Further contact details can be found in the imprint.
All requests for information, correction, blocking or deletion as well as the revocation of consent granted for the collection, use or processing of data must be addressed to this office. You also have the right to lodge a complaint with the data protection supervisory authorities.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) s. 1 lit. e) GDPR (data processing in the public interest) and Art. 6 (1) s. 1 lit. f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.
In individual cases, we process your personal data in order to conduct direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct advertising.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
The objection can be made form-free and directed to the contact details provided above.

9. OBLIGATION TO PROVIDE DATA AND POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE DATA
Within the scope of our business relationship, you must provide the personal data that is required for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations or which we are required to collect by law. Without this data, we will generally not be able to conclude or execute the contract with you.

10. EXISTENCE OF AUTOMATED DECISION MAKING INCLUDING PROFILING
For the establishment and implementation of the business relationship, we generally do not use automatic decision-making pursuant to Art. 22 GDPR. Should we use these procedures in individual cases, we will inform you about this separately if this is required by law.

11. DATA SECURITY
We protect your information through modern security systems and comply with the data protection and security regulations within the framework of the GDPR.
We maintain up-to-date technical measures to ensure data security, in particular to protect your personal data from risks during data transmissions and from third parties gaining knowledge. These are adapted to the current state of the art.
Online forms on our website are sent with SSL encryption to protect your entered data. Nevertheless, we cannot guarantee that the information sent cannot be viewed by third parties during transmission.

Stand: 09th May 2025

Continue reading here:

Building
Services
Sustainability
Location
Offices