Public Procedure Directory
Information on the Responsible Organisation according to § 4e of the German Data Protection Law (Bundesdatenschutzgesetz - BDSG):
33602 Bielefeld
Graf von Westphalen Verwaltungs GmbH
Poststraße – Alte Post 9
20354 Hamburg
E-Mail: dsb@gvw.com
Purpose of data collection, processing, and usage.
The purpose of the company is to rent villas, apartments, and holiday apartments, as well as various accompanying services, to private persons and companies. The company collects, processes, and uses personal data for the purposes of customer service and to complete bookings. Employee data is used for personnel administration purposes
Affected Groups of People
- Interested parties
- Customers and holiday participants
- Employees and applicants
- Aggreived parties and complainants
- Contact persons for the affected groups of people named
Data or categories of data
- Surname, first name
- Address data
- Communication data, contact data
- Birthdays of customers/holiday participants
- Booking and services data
- Reviews and responses
- Damages data
- Accounting data, payment reminder data
Recipient of data or categories of recipients
- Employee responsible for customer and booking management, data processing administrator
- Landlord/manager/owner of the rented property
- Communication data, contact data
- Public authorities such as finance authorities or registration authorities
- For employees: Social Security Agency
- Tax consultant, attorney
Regular data deletion deadlines
We retain and delete data within the standard legal framework.
Data forwarding to third-parties
Besides data and email addresses collected by Google Analytics for the newsletter tool Mailchimp (name, surname, email address), no data that is collected will be transmitted to any third-party outside of the European Union. We are also not currently planning any change to this policy.
General description of data processing safety
- Employees responsible for data processing are contractually obligated to protect its privacy. They are informed about the company's data protection policy at least once per year.
- All data is protected against unauthorised access, theft, loss, or undesired manipulation by digital means. These means are also adjusted when required.
- Electronic transmission of data is protected according to modern encryption standards.
State: 16.02.2012