Privacy Policy

Dear Sir or Madam,

We are delighted by your interest in Wunderflats GmbH and your visit to our website https://wunderflats.com/. With the following privacy policy, we would like to inform you in detail about the data processing which we carry out on the specified website.

General information

When using the term “personal data”, we do so in line with the definition specified in Art. 4 no. 1 of Regulation (EU) 2016/679 (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”), referring to all data which can be related to your person. This includes information such as your name, address, e-mail address, and user behaviour. With regard to the other terms, in particular “processing”, “controller”, “processor”, and “consent”, we refer to the legal data protection definitions specified in Art. 4 GDPR.

We generally only process personal data insofar as this is necessary for the provision of an operational website and of the content and services offered by us. Generally, your personal data are only processed if you have given us your consent within the meaning of Art. 6 para. 1 lit. a GDPR, or if the processing is permitted by legal regulations, in particular by one of the legal bases specified in Art. 6 para. 1 lit. b to lit. f GDPR.

Your personal data will be deleted or blocked as soon as the purpose of storage ceases to exist. Storage can additionally also take place if this is provided for by European or national regulations to which we are subject. In this case, the data will be blocked or deleted when the storage period prescribed in the respective regulations has expired, unless we need to store the data to conclude a contract or fulfil a contract.

If we rely on contracted service providers for individual functions of our website or if we wish to use your data for advertising purposes, we will inform you in detail below about the respective processes.

Data controller

The data controller within the meaning of Art. 4 no. 7 GDPR, other data protection laws in the Member States of the European Union, and other provisions and regulations of a data protection character, is:

Wunderflats GmbH
legally represented by Jan Hase, Arkadi Jampolski
Alexanderstr. 1-3
10178 Berlin
E-mail: admin@wunderflats.com

Further information about the data controller can be found in our legal notice.

Your rights

You have the following rights towards us regarding your personal data:

  • right to receive information,
  • right to rectification and erasure,
  • right to restriction of processing,
  • right to objection to processing,
  • right to data portability.
    You also have the right to lodge a complaint with a data protection supervisory authority, concerning our processing of your personal data.

The processing of personal data when using our website for information purposes

If you access our website without registering or otherwise providing us with information (“Informational use”), we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee its stability and security:

  • IP address
  • Date and time of request
  • Time zone difference relative to GMT
  • Website contents
  • Access status (HTTP status)
  • Amount of data transferred
  • The website from which you accessed our website
  • Web browser
  • Operating system
  • Browser language and version
    The aforementioned data are also stored on our servers in so-called log files. These data are not stored together with your other personal data.
    The collection and temporary storage of the IP address is necessary to enable the display of our website on your device. To this end, your IP address must remain stored for the duration of the visit to our website. The storage of the aforementioned data in log files serves to ensure the functioning and optimisation of our website and to guarantee the security of our information technology systems. These data are not evaluated for marketing purposes. Our legitimate interest in data processing lies in the above purposes. The legal basis for the collection and temporary storage of the aforementioned data is Art. 6 para. 1 clause 1 lit. f GDPR.
    Our legitimate interest in data processing lies in the above purposes. The legal basis for the collection and temporary storage of the aforementioned data and log files is Art. 6 para. 1 clause 1 lit. f GDPR.
    The aforementioned data necessary to provide our website will be deleted at the end of the respective session. The collection of the above data for the provision of the website and the storage of these data in log files is absolutely necessary for the operation of our website. There is no possibility to object.

Processing of personal data through cookies

We use so-called cookies on our website. Cookies are small text files that are stored on the storage medium of your end device, for example on a hard disk, and through which the body that sets the cookie, i.e. us, receives certain information. Cookies cannot run programs or transmit viruses to your device. This website uses the following types of cookies, the scope and functionality of which are explained below.
Cookies that are stored in relation to your web browser:

  • Transient cookies: These cookies are automatically deleted when you close your web browser. In particular, these include session cookies. These store a so-called session ID, which is used to assign the various requests made by your browser during the joint session. This allows your device to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.
  • Persistent cookies: These cookies are automatically deleted after a specified period, which may differ depending on the cookie in question. You can delete these cookies at any time using the system settings of your browser.
    The processing of personal data by the above cookies serves to design the entire offer of our website in a more user-friendly and effective manner for you. Some features of our website cannot be offered without the use of these cookies. In particular, some features of our website require that your requesting browser be identifiable even after changing pages. If you have an account, we will use cookies to identify you when you return to the site. This avoids you having to log in again each time you visit our website. The data processed by cookies which are required for the provision of our website features are not used to create user profiles. If cookies are used for analysis purposes, these serve to improve the quality and user-friendliness of our website, its content, and features. They enable us to understand how the website is used, together with which features and the frequency of use, which in turn helps us to continuously improve our offer.
    Insofar as this concerns technically necessary cookies, our legitimate interest in data processing lies in the above purposes. The legal basis in these cases is Art. 6 para. 1 lit. f GDPR. If this concerns cookies which are not technically necessary, such as analysis tools, we only use them after your express consent, Art. 6 para. 1 lit. a GDPR.
    The above cookies are stored on your device and transmitted to our server from there. This allows you to configure the data processing and information stored by the cookies yourself. You can configure the settings of your browser according to your wishes and reject, for example, the acceptance of third-party cookies or all cookies. In this context, we would like to point out that you may not be able to use all functions of our website properly. We additionally recommend that you manually delete cookies and your browser history on a regular basis.

Further functions and offers of our website

In addition to the informational use of our website described above, we offer various services that you can use if you are interested. This generally requires the provision of personal data, which we need to provide the relevant service. The above principles for data processing apply.
In some instances, we use external service providers to process these data. We have carefully selected and commissioned them. These service providers are bound by our instructions and are regularly audited by us. If personal data are transmitted to third parties for services that we offer together with partners, you can find more detailed information in the following descriptions of the individual services. If these third parties are located in a country outside of the European Union, we will inform you of the effects of this circumstance in the following descriptions of the individual services.

Contacting us

When contacting us by e-mail, the personal data which you transmit to us along with the e-mail will be stored. We additionally offer a contact form on our website which you can use to contact us. If you use this form, the data you enter will be transmitted to us and stored.

  • Title
  • First name
  • Surname
  • E-mail address
  • Phone
    If we do not use a third party specified below to provide the option to contact us, your data will not be passed on to any third parties. In addition, we collect your IP address and the time of sending.
    The processing of the above personal data only serves to process your contact requests. The processing of additional personal data, which are generated through the use of the contact form provided on our website, serves to prevent misuse and to safeguard the security of our information technology systems.
    If you send us an e-mail with the intention of entering into a contract with us, this creates an additional legal basis for its processing under Art. 6 para. 1 lit. b GDPR. If this is not the case, the processing within the specified scope and in the specified manner is in our legitimate interest (Art. 6 para. 1 clause 1 lit. f GDPR).
    Subject to statutory retention periods, the data will be deleted as soon as we have completed processing your request. If you contact us by e-mail, you can object to the storage of your personal data at any time. We point out, however, that we will not be able to process your request any further in this case. You can object by sending an e-mail to the e-mail address specified in the legal notice.

Registration

We offer users the opportunity to register by providing personal information, which is necessary to use further features of our website. The data are entered into an input form, transmitted to us, and stored. These data shall not be transmitted to third parties. The mandatory information requested during registration is marked as such and must be given in full. Otherwise, we will not accept the registration. The following data are collected during the registration process:

  • Title
  • First name
  • Surname
  • E-mail address
    The IP address and the date and time of the registration will also be stored at the time of registration.
    Registration is necessary for the provision of certain content and services on our website. We only process the data that you entered for the purpose of using the respective offer or service or to provide the services for which you have registered. In the event of important changes to our offers or services, such as those concerning the scope of the offer or for technically required changes, we use the e-mail address provided during registration to inform you hereof. The legal basis for processing is your consent under Art. 6 para. 1 clause 1 lit. b GDPR.
    All data are deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case if the registration on our website is cancelled or modified. You have the option of cancelling your registration at any time. The data stored about you can be changed at any time at your request. Statutory retention periods remain unaffected.
    We only transmit personal data to third parties if this is required to fulfil the terms of your contract. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data are not transmitted to third parties without your express consent, for example for advertising purposes.

Server location

We process and/or store your personal data on a server of an external provider in the European Union. This safeguards compliance with the standards and regulations of European data protection law.

Facebook Connect

We use “Facebook Connect” on our website, a service of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as: “Facebook”). Facebook Connect makes it easier to register for services on the Internet. Instead of using a registration form on our website, you can enter your Facebook login data to then use our offer. By using “Facebook Connect”, your web browser automatically establishes a direct connection to the Facebook server. You will be redirected to the Facebook page, where you can then log in with your Facebook username and password. This will link your Facebook user account to our service. We have no influence on the scope of the data collected and the further use of the data collected by Facebook through the use of Facebook Connect. To the best of our knowledge, Facebook receives the information that you have accessed the relevant part of our website or have clicked on an ad from us. If you are registered with a user account at Facebook and are logged into Facebook, Facebook can associate the visit with your Facebook account. Even if you are not registered with Facebook or have not logged in, it is possible for Facebook to obtain and store your IP address, as well as potentially other identifiers.
We use Facebook Connect to make the registration and login process easier and shorter for you. By using the function, you declare your consent to the data transfer to Facebook in accordance with Art. 6 para. 1 clause 1 lit. a GDPR. If you do not use Facebook Connect, your data will not be transmitted to Facebook.
Facebook is subject to and certified under the Privacy Shield Agreement between the European Union and the USA. Facebook therefore undertakes to comply with the standards and regulations of European data protection law. Further information can be found in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Third-party information: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For more information about the third party's privacy policy, please refer to the following Facebook website: https://www.facebook.com/about/privacy

Facebook Pixel

We use “Facebook Pixel” on our website, a service of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as: “Facebook”). Facebook Pixel allows Facebook to only display our Facebook ads to Facebook users who have visited our website, and above all to those visitors who have shown an interest in our online offer or in certain topics or products. Facebook Pixel also enables an evaluation whether users are directed to our website after they have clicked on a Facebook ad. Among other things, Facebook Pixel uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your device. If you are logged in to your Facebook user account, your visit to our online offer will be noted in your user account. The data collected on you remain anonymous to us, therefore, they do not provide us with any information about the identity of the user. However, these data can be linked to your Facebook user account by Facebook. We have no influence on the scope of the data collected and the further use of the data collected by Facebook through the use of Facebook Pixel. To the best of our knowledge, Facebook receives the information that you have accessed the relevant part of our website or have clicked on an ad from us. If you are registered with a user account at Facebook and are logged into Facebook, Facebook can associate the visit with your Facebook account. Even if you are not registered with Facebook or have not logged in, it is possible for Facebook to obtain and store your IP address, as well as potentially other identifiers.
We use Facebook Pixel for marketing and optimisation purposes, in particular to activate Facebook ads that are relevant and interesting to you, in order to improve our offer, make it more interesting for you, and to prevent showing you unwelcome ads.
The legal basis for the processing of your data by Facebook Pixel is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
To set what types of ads you see within Facebook, please visit this Facebook website: https://www.facebook.com/settings?tab=ads. Please note that this setting will be deleted if you delete your cookies. You can additionally disable the use of cookies which are used to measure audience reach and for advertising purposes, on the following websites:

Facebook Social Plugins

We use “Facebook Social Plugins” on our website, a service of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as: “Facebook”). Facebook Social Plugins stores and processes information about your user behaviour on our website. Amongst other things, Facebook Social Plugins uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your device and that allow an analysis of the use of our website by you.
We use Facebook Social Plugins for marketing and optimisation purposes, in particular to analyse the use of our Internet presence and to be able to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behaviour, we can improve our offer and make it more interesting for you as a user.
The legal basis for the processing your data through the plugin is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
You can prevent the setting of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your browser. Please note that in this case you may not be able to use all functions of our website to their full extent. You can also prevent the collection of the aforementioned information by Facebook by setting an opt-out cookie from one of the following linked websites:

Google Analytics

We use “Google Analytics” on our website, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). Google uses cookies, which are small text files placed on your device, to help the website analyse how users use the site. Information generated by the cookie about your use of our website is usually transmitted to and stored on a Google server in the USA. If anonymisation of the IP address to be transmitted by the cookie is activated on the website (“IP anonymisation”), your IP address will be truncated beforehand by Google within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. Google will use this information for the purpose of evaluating your use of the website on our behalf, compiling reports on website usage, and providing other services to us relating to website usage and Internet usage. Pseudonymous usage profiles of users may be created from the processed data. The IP address transmitted when using Google Analytics is not merged with other Google data.
We use Google Analytics exclusively with IP anonymisation, as described above. This means that your IP address will only be processed by Google in truncated form, so that reference to individuals can be ruled out.
We use Google Analytics for the purpose of analysing the use of our website and to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behaviour, we can improve our offer and make it more interesting for you as a user.
The legal basis for the processing is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
You may prevent the storage of cookies generated by Google Analytics at any time by making the relevant settings in your Internet browser. We would like to point out that you may not be able to use all the functions of our website in this case. If you wish to prevent the collection of data generated by cookies about your use of the website (including your IP address) as well as the processing of these data by Google, you can download and install the following browser plugin: http://tools.google.com/dlpage/gaoptout?hl=en.
We have concluded an order processing contract with Google, to obligate Google to only process the transmitted data in accordance with our instructions and to obligate Google to compliance with the applicable data protection regulations.
Third-party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland
For more information about the use of data by Google, the options you have pertaining to settings and objections, as well as the privacy policy, please refer to the following Google websites:

Google Tag Manager

We use “Google Tag Manager” on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Tag Manager allows us, as an advertiser, to manage web page tags from a single interface. The tool Google Tag Manager, which implements the tags, is a cookie-free domain and does not collect any personal data by itself. The Google Tag Manager causes other tags to be activated which may, for their part, register data under certain circumstances. The Google Tag Manager does not access these data. If a deactivation was made at the domain- or cookie level, this remains in place for all tracking tags that are implemented by the Google Tag Manager.
Third-party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland
Further information on data protection can be found on the following Google websites:

Google Web Fonts

We use “Google Web Fonts” on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). With Google Web Fonts, we can use external fonts, so-called Google Fonts. When you access our website, the required Google Font is downloaded onto your browser cache by your web browser. This is necessary so that your browser can also show an optically improved representation of our texts. If your browser does not support this feature, your computer will use a standard font for display. Integration of these web fonts is realised via a server access, typically a Google server in the United States. This transmits information to the server as to which of our webpages you have visited. The IP address of the browser of your device is also stored by Google. We have no influence on the scope of the data collected and the further use of the data collected and processed by Google through the use of Google Web Fonts.
We use Google Web Fonts for optimisation purposes, in particular to improve how you use our website and to make its design more user-friendly. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis is Art. 6 para. 1 clause 1 lit. f GDPR.
Third-party information: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland
For more information about data protection, please refer to Google's privacy policy: https://policies.google.com/privacy
Further information on Google Web Fonts can be found at http://www.google.com/webfonts/, https://developers.google.com/fonts/faq?hl=en-en&csw=1 and https://www.google.com/fonts#AboutPlace:about

On our website, we use the remarketing or “similar audiences” function of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If your usual place of residence is within the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller (responsible body) of your data. Google Ireland Limited is in this case the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection legislation. This service is used for the purpose of analysing visitor behaviour and visitor interests. Google uses cookies to analyse website usage, which form the basis for displaying advertisements based on interest. Cookies are used to record visits to the website and collect anonymous data on the use of the website. No personal data of visitors to the website are stored. On subsequent visits to other websites within the Google Display Network, advertisements are displayed which will very likely be based on the products and information viewed by the visitor on the previously visited websites. Your data may also be transmitted to the USA. Google is certified under the US-EU data protection agreement “Privacy Shield” and thus commits itself to compliance with EU data protection requirements. Data processing, in particular the setting of cookies, takes place based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time, without affecting the legality of processing carried out on the basis of consent until the time of revocation. Additional information on Google Remarketing and Google’s associated privacy policy can be found at: https://www.google.com/privacy/ads/.

We use the online advertising program “Google Ads” on our website, and the possibilities offered by this program for conversion tracking. Google Conversion Tracking is an analytical service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If your usual place of residence is within the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller (responsible body) of your data. Google Ireland Limited is in this case the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection legislation. When you click an ad delivered by Google, a cookie for conversion tracking is stored on your computer. These cookies have a limited validity period, they contain no personal data and are therefore not used for personal identification. If you visit certain pages within our website and the cookie has not yet expired, we and Google can recognise that you have clicked the advertisement and have been directed to that page. Each Google AdWords customer has a different cookie. There is therefore no way for cookies to be tracked through the websites of advertisers. The information collected using the conversion cookie is used for the purpose of generating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. We do not obtain any information that can be used to identify users personally. Your data may also be transmitted to the USA. Google is certified under the US-EU data protection agreement “Privacy Shield” and thus commits itself to compliance with EU data protection requirements. Data processing, in particular the setting of cookies, takes place based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. You may revoke your consent at any time, without affecting the legality of processing carried out on the basis of consent until the time of revocation. For additional information as well as for the Google privacy policy, please visit: http://www.google.com/policies/privacy/.

Mailchimp

This website uses the services of MailChimp to send out its newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Among other things, MailChimp is a service that can be deployed to organise and analyse the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on MailChimp servers in the United States.
MailChimp is in possession of a certification that is in compliance with the “EU-US-Privacy-Shield”. The “Privacy-Shield” is a compact between the European Union (EU) and the United States of America (USA) that aims to warrant compliance with European data protection standards in the United States.
With the assistance of the MailChimp tool, we can analyse the performance of our newsletter campaigns. If you open an e-mail that has been sent through the MailChimp tool, a file that has been integrated into the e-mail (a so-called web-beacon) connects to MailChimp’s servers in the United States. As a result, it can be determined whether a newsletter message has been opened and which links the recipient possibly clicked on. Technical information is also recorded at that time (e.g. the time of access, the IP address, type of browser and operating system). This information cannot be allocated to the respective newsletter recipient. Their sole purpose is the performance of statistical analyses of newsletter campaigns. The results of such analyses can be used to tailor future newsletters to the interests of their recipients more effectively.
If you do not want to permit an analysis by MailChimp, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.
The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter.
Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remains unaffected. You can find more details in the privacy policy of MailChimp at: https://mailchimp.com/legal/terms/.

WP Engine

Our website is hosted at WP Engine Inc, 504 Lavaca Street, Suite 1000, Austin, Texas 78701, USA. WP Engine only provides the web server platform. The management of the data including encryption, however, lies exclusively with Wunderflats. Further information on data protection at WP Engine can be found at https://wpengine.com/legal/privacy/.

Twilio

We have integrated the functions and contents of the Twilio service on our website. The provider is Twilio Inc, 375 Beale Street, Suite 300, San Francisco, CA 94105, USA. These buttons allow you to share a post or page using Twilio. Additionally, you can contact us, leave a contact request, or we can contact you via Twilio. For this purpose, contact data, especially name and phone number, will be processed. We have no influence on the amount of data that Twilio collects or transmits using this plug-in.
You can find more information in the privacy policy of Twilio at
https://www.twilio.com/legal/privacy.

Google Optimize

We use Google Optimize, a service of Google ("Google Optimize"). Google Optimize analyses the use of different variants of the website, so that we are able to adjust the user-friendliness according to the behaviour of the website users. Google Optimize is a tool integrated into Google Analytics and uses cookies.
The IP address received in this way is anonymized immediately after processing. In exceptional cases, the full IP address is transferred to a Google server in the USA and encrypted there. The transmitted IP address will not be merged with other data from Google.
You can prevent the storage of cookies by adjusting your browser settings accordingly.
However, we would like to point out that in this case, not all functions of our website may be used to their full extent. Furthermore, you can prevent the collection of data generated by the cookies and related to your use of the website by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Zapier

In our software service we may use the services by Zapier, Inc., 548 Market St. , #62411, San Francisco, CA 94104-5401, US(“Zapier”). Zapier will process event based messages to allow us to integrate other web applications in a standardized way (legal basis: Art. 6 (1) b. GDPR). Information transmitted can include booking details, name, address, email, profile picture and other personal data that is processed by Zapier.
Zapier Inc. is certified according to the “Privacy Shield” agreement between the European Union and the USA and guarantees compliance with applicable European data protection regulations (see: https://www.privacyshield.gov/). For more information please refer to: https://zapier.com/privacy/

Hotjar

We use Hotjar on our website, a web analytics service of Hotjar Ltd., Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta (hereinafter referred to as “Hotjar”). Among other things, Hotjar uses cookies, i.e. small text files that are stored locally in the cache of your browser on your device and allow an analysis of the use of our websites by you, as well as a so-called Tracking Code. The cookies used by Hotjar are stored on your device for different periods, some of them only during your visit, some for 365 days. The information collected in this way is transmitted to a Hotjar server in Ireland and stored there. The Tracking Code collects the following information: device-related data which are collected by your end device and your web browser:

  • The IP address of your device (collected and stored in an anonymous manner)
  • E-mail address including your first and last name, if you have provided these to us through our website
  • The screen size of your device
  • Device type and browser information
  • Geographical data (only the country)
  • Language used to display our website
  • User interactions
  • Mouse commands (movement, position, and clicks)
  • Keystrokes
  • Log data which are automatically used by our server when using Hotjar:
  • Referring domain
  • Visited web pages
  • Geographical data (only the country)
  • Language used to display our website
  • Date and time of access
    Hotjar uses this information to evaluate your use of our website, to compile reports on the use of the website, and to provide further services related to the evaluation of our website. Hotjar also uses third-party services (such as Google Analytics and Optimizely) to provide its services. These third-party companies can store or process in another way the information transmitted by your browser when you visit our website (in some cases also the IP address).
    We use Hotjar for the purpose of analysing the use of our website and to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behaviour, we can improve our offer and make it more interesting for you as a user.
    The legal basis for the processing is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
    You can prevent the setting of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your browser. We would like to point out that in this case you may not be able to use all the functions of our website. You can also prevent Hotjar from collecting these data by setting an opt-out cookie, through the website linked here: https://www.hotjar.com/opt-out. Please note that this setting will be deleted if you delete your cookies.
    Third-party information: Hotjar Ltd., Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta. For more information about the use of data by Hotjar, the options you have pertaining to settings and objections, as well as the privacy policy, please refer to the following Hotjar website: https://www.hotjar.com/privacy

Leadpages

Some of our pages use Leadpages plugins. The provider of this service is Avenue 81 Inc., 251 North 1st Avenue, Suite 200, Minneapolis, MN 55401, United States.

A connection to the Leadpages servers is established if you visit one of our pages featuring a Leadpages plugin. The Leadpages server receives information about which of our pages you have visited. Leadpages also receives your IP address and sets a cookie. This also applies if you are not logged in to Leadpages when you visit our website or do not have a Leadpages account. The information collected by Leadpages is transmitted to a Leadpages server in the USA. The legal basis for this processing is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
For further information about the handling of user data, please visit the Leadpages privacy policy: https://www.leadpages.net/privacy.

MangoPay

We use the KYC (Know Your Customer) function, a feature of MangoPay, headquartered at 10 Boulevard Royal, L-2449 Luxemburg, to verify user data before and during the creation of the contract between the tenant and the lessor. This verification process helps us protect tenants and landlords from financial fraud resulting from the provision of incorrect bank details or unverified persons. The use of MangoPay is also in our legitimate interest pursuant to Art. 6 para. 1 clause 1 lit. f GDPR, as it helps protect us from supporting criminal activities such as corruption, terrorist financing, and money laundering without our knowledge. For this purpose, the following data are transmitted to MangoPay:

  • First name
  • Surname
  • Account details (IBAN & BIC)
  • Address
    You have the option of adding a bank account to your Wunderflats account to create and verify your bank details. These data are automatically transferred from our server to MangoPay and checked there. To safeguard your data, this transmission takes place through encrypted SSL protocols. The MangoPay company is licenced by the EU and complies with the GDPR.

SendGrid

We use the services of SendGrid to send e-mails. This service is provided by SendGrid, Inc., 1801 California Street, Suite 500, Denver, CO 80202, USA, and helps us in sending automated e-mails. The following data are automatically transmitted from our servers to ensure that the correct content is transferred during the booking process:

  • Surname and first name
  • Job title
  • Employer
  • E-mail
  • Phone number
  • Address
    These e-mails never have an advertising purpose, but are rather automated notifications to inform the recipient about the booking and contract conclusion process. All transferred data serve the purpose of concluding the contract and fulfilling the obligations of the tenant and the landlord, with the legal basis thus being Art. 6 para. 1 clause 1 lit. b GDPR.
    SendGrid has committed itself to the “US-EU Privacy Shield Agreement”, therefore undertaking to comply with EU data protection regulations.

Pipedrive

We use Pipedrive to process our booking inquiries, a CRM system from provider Pipedrive OÜ, Paldiski mnt 80, Tallinn, 10617, Estonia, which is a subsidiary of Pipedrive US. The following data are automatically transmitted from our servers:

  • First name
  • Surname
  • E-mail address
  • Phone number
  • Employer
  • Job title
    The use of Pipedrive allows us to follow up on and process booking requests in detail. To ensure that a contract is concluded after a booking request, we optionally also transmit the following documents to Pipedrive:
  • Contract documents students
    .. Identity document
    ..
    Certificate of enrolment
    ..* Financial statement
  • Contract documents self-employed
    .. Identity document
    ..
    Financial statement
    ..* If necessary, confirmation of the project assignment
  • Contract documents employees
    .. Identity document
    ..
    Employment contract
  • Contract documents jobseekers
    .. Identity document
    ..
    Financial statement
    The listed documents are required to check the tenant's solvency and to provide verification thereof to the owner of the apartment, and therefore serves to fulfil the contract (Art. 6 para. 1 clause 1 lit. b GDPR.
    Pipedrive has committed itself to the Privacy Shield Agreement and thus offers an additional guarantee of compliance with European data protection law. Pipedrive privacy policy: https://www.pipedrive.com/en/privacy.

Aircall

Our site uses the external service provider Aircall, 42, rue du Faubourg Poissonnière, 75010, Paris, France, for the efficient and simplified processing of service requests through our hotline (legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR). The following personal data are collected/processed/transmitted to Aircall:

Zendesk Chat (Zopim)

We use Zendesk Chat, an external system provided by Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA, to give you the opportunity of contacting us directly through our website, without any waits, through an online chat feature.
Zendesk Chat uses cookies. The information generated by the cookie about the use of our website (including your anonymised IP address) is transmitted to a Zendesk Chat server in the USA and stored there. The information is visible only for the time spent visiting a certain page and will not be saved.
Chats are logged and saved after being conducted.
The legal basis for this processing is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time. The legality of the data processing that has already taken place remains unaffected by the revocation.
For more information about Zendesk's data processing, please see Zendesk's privacy policy at https://www.zendesk.de/company/customers-partners/privacy-policy/

Typeform

We use Typeform to collect information about potential tenants and to look for accommodation for these tenants. Typeform is a service of TYPEFORM, S.L., Bac de Roda 163, 08018 Barcelona, Spain (“Typeform S.L.”).
We use Typeform in the interest of creating an attractive online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 clause 1 lit. f GDPR.
The following data are transmitted automatically:

MongoDB

We use MongoDB to host our database. MongoDB processes data in line with the EU data protection directive and the EU General Data Protection Regulation, which entered into force on 25 May 2018. Stored data will never be transmitted to third parties or used for advertising purposes. MongoDB is headquartered at mLab 660 York St, Ste 101, San Francisco, CA 94110, United States of America.
For more information, please visit:
Legal notices: https://www.mongodb.com/legal/legal-notices
Privacy policy: https://www.mongodb.com/legal/privacy-policy
Our legitimate interest (Art. 6 para. 1 clause 1 lit. f GDPR) in the use of a hosting service for our database lies in a higher level of data security and the optimisation of user behaviour on our website.

DigitalOcean

We use DigitalOcean (Digital Ocean LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013) as a cloud computing platform to scale our applications. DigitalOcean has committed itself to the US-EU data privacy agreement “Privacy Shield”, therefore undertaking to comply with EU data protection regulations. For more information on data security, please visit: https://www.digitalocean.com/security/gdpr/

Azure

We use Azure as a cloud computing platform (from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA) to scale our applications. The Microsoft Corporation has committed itself to the US-EU data privacy agreement “Privacy Shield”, therefore undertaking to comply with EU data protection regulations.
For more information on data security, please visit: https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx.

Cloudflare

We use Cloudflare to secure our data and to improve the user experience on our website by caching the content displayed on our website, to speed up its output. The provider is Cloudflare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA. Cloudflare has committed itself to the US-EU data privacy agreement “Privacy Shield”, therefore undertaking to comply with EU data protection regulations. Further information on data protection at Cloudflare can be found under the following link: https://www.cloudflare.com/gdpr/introduction

Microsoft Bing Ads

Our online offers also use conversion tracking from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Bing Ads will place a cookie on your computer if you have accessed our website via a Microsoft Bing ad. In this way, we and Microsoft Bing can recognise that someone has clicked on an ad, has been redirected to our website, or has reached a previously defined target page (conversion page). We only see the total number of users who clicked on a Bing ad and were then redirected to the conversion page. No personal information about the identity of the user is disclosed. Should you not wish to participate in the tracking process, you can also reject the placement of a cookie in this instance by using the browser setting which generally disables the automatic placement of cookies. For more information on data protection and the cookies used at Microsoft Bing, please visit the Microsoft website: https://privacy.microsoft.com/en-us/privacystatement.

Taboola

Our website uses technologies of Taboola Inc. (1115 Broadway, 7th Floor, New York, NY 10010, USA). Taboola uses cookies that determine which content you use and which of our pages you visit. The cookie allows us to create pseudonymous user profiles by collecting data related to the device as well as log data, and to recommend content that fits your personal interests. This enables us to customise our offer for you. These usage profiles cannot be used to draw any conclusions on your person. For more information about Taboola and the option to deactivate the Taboola cookie, please visit https://www.taboola.com/privacy-policy (opt-out information can be found under “Site Visitor Choices”)

Yandex

This website uses Yandex Metrica, a web analysis service of Yandex LLC, 16 L'va Tolstogo St., Moscow, 119021, Russia (www.yandex.com). With the help of Yandex Metrica, and on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Art. 6 para. 1 lit. f GDPR, pseudonymised visitor data are collected, evaluated, and stored. Pseudonymised user profiles can be created and evaluated from these data for the same purpose. Yandex Metrica uses so-called “cookies”, i.e. small text files that are stored locally in the browser cache of the website visitor. Among other things, these cookies are used to recognise the browser, thus enabling a more accurate determination of statistical data. The user's IP address is collected along with other information; however, this is pseudonymised immediately after collection and before being stored in order to eliminate any possibility of reference to an individual person.
To safeguard the aforementioned interests, the information generated by the cookie (including the pseudonymised IP address) is transmitted to a Yandex server in the Russian Federation and stored there.

The data collected using the Yandex technologies will not be used to personally identify the user of the website or be combined with the personal data pertaining to the bearer of the pseudonym without the explicitly granted approval of the data subject.

If you wish to deactivate the analysis of user behaviour through cookies, you can configure your browser such that you are informed about the placement of cookies and decide individually on whether to accept them or to deactivate the acceptance of cookies, just in certain cases or completely.

Alternatively, you can opt-out of Yandex's data collection with effect from the future by setting an opt-out cookie, which you can obtain from the following website: https://yandex.com/support/metrica/general/opt-out.xml

You can find Yandex's current privacy policy at https://yandex.com/legal/confidential/?lang=en.

Quora

On our websites, we use the “Quora Tracking Pixel” from Quora Inc., 650 Castro Street, Suite 450, Mountain View, CA 94041, USA (“Quora”).

This allows us to track the user behaviour after a visitor has been forwarded to our websites by clicking on a Quora advertisement, which in turn enables us to measure the effectiveness of ads for statistical and market research purposes. The data collected in this way are anonymous for us, i.e. we do not see the personal data of individual users.

These data are collected and processed by Quora. Therefore, we inform you on the basis of the information that we have available to us about the situation: Quora can link this information to your Quora account and also use it for its own advertising purposes, in line with Quora's privacy policy: https://www.quora.com/about/privacy. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of the Quora service is Art. 6 para. 1 clause 1 lit. f GDPR. To deactivate the tracking function through Quora Pixel, please visit the following page (https://www.quora.com/optout).

Reddit

Our website uses the “Reddit Conversion Pixel”, an analysis service of Reddit Inc., 520 Third Street, Suite 305, San Francisco, CA 94107, United States. With this tool, a cookie is placed on your PC when you visit our website via a Reddit ad. The cookie is not used to trace users personally. If you visit our website, we, together with Reddit, can see that you have clicked on the corresponding advertisement and have been redirected to our page.

The data collected through conversion cookies are used to generate conversion statistics for us. In this way, we receive information on the total number of users who responded to our ad and were then directed to a website that was tagged with a Reddit pixel. We do not receive any information during this process with which we could personally identify you as a user. If you choose not to participate in the tracking procedure, you can disable the setting of cookies via your Internet browser. If necessary, use your browser's help function for further information. You can find out more about Reddit's privacy policy at https://www.reddit.com/help/privacypolicy/.

You can revoke your consent here: opt out. Please note that if you delete your cookies, this cookie will also be deleted automatically.

LinkedIn

On our website, we use the analysis and conversion tracking technology of the LinkedIn platform (LinkedIn Inc. 2029 Stierlin Ct, Mountain View, CA 94043, USA, hereinafter “LinkedIn”).

The aforementioned LinkedIn technology is used to show you more relevant advertisements based on your interests. LinkedIn also provides us with aggregated and anonymous reports on advertisement activities and information about how you interact with our website. To this end, LinkedIn uses a piece of JavaScript code (Insight Tag), which in turn sets a cookie (see Section 4) on your web browser or uses a pixel.
The LinkedIn Insight Tag is used to collect data on the use of our website, including the URL, referrer URL, IP address, device and browser properties, time stamp, and page views. The data collected through the LinkedIn Insight Tag are encrypted and anonymised within 7 days. The anonymised data will be deleted within 90 days. LinkedIn does not share any personal data with the website owner, but only provides summarised reports on the website audience and advertisement performance.
Related to the use of LinkedIn Conversion Tracking, the collected data are also processed on LinkedIn Inc. servers in the USA. LinkedIn is certified under the US-EU data protection agreement “Privacy Shield” and thus commits itself to compliance with EU data protection requirements.
The legal basis for the processing is the consent granted by you in accordance with Art. 6 I clause 1 lit. a GDPR. You can revoke this consent at any time by clicking on the following opt-out link: https://www.linkedin.com/psettings/guest-controls. The legality of the data processing that has already taken place remains unaffected by the revocation.
Alternatively, you can generally prevent the analysis of your usage behaviour related to LinkedIn by setting a corresponding cookie in your browser.
For more information about LinkedIn's privacy policy, please click here.

SalesViewer®

This website uses SalesViewer® technology from SalesViewer® GmbH, Bongardstraße 29, 44787 Bochum, to collect and store data for marketing, market research, and optimisation purposes on the basis of the legitimate interest of the website operator (Art. 6 para. 1 lit. f GDPR).
A JavaScript-based code is used for this purpose, which serves to collect data related to the company and the related use. The data collected with this technology are encrypted using a non-invertible one-way function (so-called hashing). The data are immediately pseudonymised and are not used to identify the visitor to this website in person.
You can object to the collection and storage of data at any time, with effect for the future, by clicking this link https://www.salesviewer.com/opt-out, which will prevent the future collection of data by SalesViewer® on this website. An opt-out cookie will be stored on your device for this website. If you delete your cookies from this browser, you will need to click on the link again.
All data which are provided by the user when registering, submitting a booking request, or during the contract creation process, are automatically synchronised with mLab, DigitalOcean, Azure, and Cloudflare by our servers. In particular, this concerns:

  • First name
  • Surname
  • E-mail address
  • Password (encrypted)
  • Phone
  • Date of birth
  • Employer
  • Job title
  • Nationality
  • Reason for stay
  • BIC
  • IBAN
  • Bank account holder
  • Bank name
  • Payment address
  • City/Town
  • Country
  • Postal code
    You can view SalesViewer's privacy policy at https://www.salesviewer.com/datenschutz.

Version of the privacy policy

The privacy policy is valid now and is current as of 9 March 2020.

Questions about data protection

If you have any questions about data protection, we kindly request that you get in touch with our contact for data protection:
Christian Thum
Wunderflats GmbH
Alexanderstr. 1-3
10178 Berlin
Phone: + 49 (0) 30 300 197 430
E-mail: info@wunderflats.com

Use the buttons below to download your user data or have it removed completely.