Please note that this is a translation of the original German version. We've made every effort to ensure accuracy, but in case of any discrepancies, the German version will take precedence.

Privacy Policy

The protection of information related to you, such as your name, phone number, and your email or IP address (referred to as "personal data"), is an important concern for us. Therefore, we operate this digital platform and the services we offer on it (safety deposit box rental) in accordance with the applicable data protection laws, particularly the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).

This privacy notice covers the processing of personal data on the website www.trisor.de, in our registration funnel and customer portal, as well as in the context of safety deposit box activation and rental.

Below you will find an explanation of how we handle your personal data in this context.

1.Controller and Contact Details of the Data Protection Officer

Responsible for this website and the services offered on it is
Trisor GmbH
represented by the Managing Directors::
Marco Wild, Dr. Justus Westerburg

Bachstraße 12
10555 Berlin

External Data Protection Officer of Trisor GmbH
c/o TÜV SÜD Akademie GmbH
80339 Munich
Email: datenschutz@trisor.de
You can also contact our Data Protection Officer by post at the address of the responsible entity, adding the note “Attn: Data Protection Officer.

2. What do we do with your personal data on our website?
In the context of providing our services, we operate the website www.trisor.de, among other things. Below, we would like to inform you about how we handle your personal data in this regard.

2.1.When you use our website
The provision of this website requires the processing of personal data, such as your IP address. This processing is necessary for accessing the content displayed on this website (including its functions) as well as for IT security measures.

In the context of the necessary balancing of interests, we have weighed your interest in confidentiality against our interest in providing this website and in contacting you. Your interest in confidentiality is thus subordinate. Otherwise, we would not be able to provide you with this website or respond to your inquiry.

The processing of your personal data for the provision of this website and for communication through this website is carried out based on our overriding legitimate interest (Article 6(1)(f) of the GDPR). For the provision of this website, it is technically necessary for us to process certain personal data (e.g., the IP address). It is also necessary for us to handle your respective personal data for your communication with us.

2.3 When you apply for a job with us

You have the opportunity to apply for job postings through our website. For this, you can use the contact options provided there. We process the data you provide in your application to assess your application and suitability for the advertised position.

The processing of your personal data in the context of your application is carried out based on Article 6(1)(b) of the GDPR and Section 26(1) Sentence 1 of the BDSG. The submission of photos is voluntary.

2.4. When you subscribe to our newsletter

You can register for our newsletters on our website by giving your consent. We collect the personal data that you enter in the registration form for this purpose.

Your consent is the legal basis for our data processing. You can revoke your consent at any time with effect for the future.

2.5. Logging during the use of our website

When you access our website or download data from the website or any of its subpages, information is processed in a log file. Depending on the access protocol used, the log data record includes information with the following content:

Name of the requested file, the date and time of the page access
IP address of the requesting computer
Requested access methods/functions from the requesting computer
The accessed webpage or the name of the retrieved file
Operating system and browser type or browser settings
The amount of data transferred and a message indicating whether the access/retrieval was successful

There is no way for us to link the IP address and any personal data that may be present when you use our website without being logged into your customer account. The stored data is used solely for the purposes of identifying and tracking unauthorized access attempts to the web server, as well as for statistical evaluations such as visitor numbers and page popularity, and to improve our online offerings. This data is used exclusively by us. It is not shared with third parties.

In the context of the necessary balancing of interests, we have weighed your interest in confidentiality against our interests in providing this website and in contacting you. Your interest in confidentiality is therefore subordinate. Otherwise, we would not be able to continuously improve this website and provide it in a user-friendly manner.

The processing of your personal data in the context of accessing our website and downloading content from our website is carried out based on our overriding legitimate interest (Article 6(1)(f) of the GDPR). To improve this website, it is necessary for us to process certain personal data (e.g., the IP address).

2.6. When you follow us on Facebook and other social media platforms of third-party service providers

You have the opportunity to follow us on Facebook and other social media platforms of third-party service providers (e.g., LinkedIn). We handle the personal data that you provide to us or that is made available to us by the respective platform operator, to the extent that it is provided to us. You can maWe process your personal data in the context of our social media offerings based on our overriding legitimate interest pursuant to Article 6(1)(f) of the GDPR. For the provision of our social media offerings, it is technically necessary for us to process certain personal data (e.g., your IP address; personal data that you have provided to the respective platform operator).

In the context of the necessary balancing of interests, we have weighed your interest in confidentiality against our interest in providing our social media offerings. Your interest in confidentiality is therefore subordinate. Otherwise, we would not be able to offer you our social media services.

The data you transmit to us as part of our social media offerings is automatically also transmitted to the respective social media platform operators.

2.7.Use of Cookies on Our Website
Our website uses so-called cookies. Cookies are data records that are stored by a web server on the user's device (e.g., computer, smartphone, tablet). When you revisit our website using the same device, these cookies are sent back either to our website ("First Party Cookies") or to another website ("Third Party Cookies")

We use this information to improve the performance and attractiveness of our website through statistical evaluation. Any storage of personal data beyond the aforementioned information occurs only with your explicit consent. Disabling the cookie function in your browser does not restrict the use of our website and the services offered.

2.8.Use of Analytics Tools and Marketing Tools

2.8.1. Google Analytics
Google Analytics uses cookies that are stored on your device and enable an analysis of your use of the websites. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, by activating IP anonymization, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide us with additional services related to website usage and internet usage. The IP address transmitted by your browser in the context of Google Analytics will not be combined with other data from Google.

For more information on data processing by "Google," please visit: https://www.google.com/policies/privacy

The legal basis for the processing is the consent you gave when accessing this website as part of our cookie banner(Art. 6 Abs. 1 S. 1 lit. a) GDPR).

2.8.2. Google Adwords
This website uses the services of Google Adwords. Google Adwords is an online advertising program by Google Ireland Limited (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Adwords collects anonymized information about user behavior to evaluate the success of search ads. Ad server cookies are used to assess performance parameters such as ad impressions, clicks, and conversions. This applies exclusively to visitors who have arrived at our website through a Google Adwords ad.

In addition to AdWords tracking, we also use Google Remarketing. This is a retargeting technique to deliver interest-based ads on other advertising spaces outside of our offerings. The cookie stored in your browser serves for recognition.

The information collected by Google marketing services about users is transmitted to Google and may be stored and processed on servers outside the EU/EEA.

Further information on data protection at Google can be found here: https://www.google.com/intl/de/policies/privacy/

The legal basis for storing the cookie and further analysis of the collected data is the consent given (Art. 6 Abs. 1 S. 1 lit. a) GDPR).

2.8.3. Microsoft Advertising (Bing Ads)
Our website uses Microsoft Advertising (Bing Ads). Microsoft Advertising is an online advertising program by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Advertising enables us to display ads in the Bing search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Additionally, targeted ads can be shown based on user data held by Microsoft (e.g., location data and interests) (audience targeting). As website operators, we can quantitatively evaluate this data, such as by analyzing which search terms led to the display of our ads and how many ads resulted in clicks.

Further information on the usage and privacy policies for this product can be found here: https://about.ads.microsoft.com/de-de/policies/legal-privacy-and-security

The legal basis for storing the cookie and further analysis of the collected data is the consent given (Art. 6 Abs. 1 S. 1 lit. a) GDPR).

2.8.4. Facebook Pixel
Additionally, we use so-called Facebook Pixel on our website from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. This allows us to track user actions after they have seen or clicked on a Facebook ad. Personal data about user activities, device and browser information, and data about displayed ads may be processed. Furthermore, data may be transmitted to Facebook's servers in the USA.

For more information on data processing by “Facebook,” please visit: https://de-de.facebook.com/policy.php

The legal basis for the processing is the consent you provided when accessing this website as part of our cookie banner (Art. 6 Abs. 1 lit. a) GDPR).

2.8.5. LinkedIn
We use the LinkedIn Insight Tag (registered within the EU: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). Integrating the Insight Tag on our website allows us to optimize campaigns, retarget website visitors, and learn more about our audience. Personal data such as your IP address, device and browser characteristics, and timestamps are processed. Direct identification of users is removed or pseudonymized after seven days.

For more information on data processing by “LinkedIn,” please visit: https://www.linkedin.com/legal/privacy-policy?src=or-search&veh=www.google.com

The legal basis for the processing is the consent you provided when accessing this website as part of our cookie banner (Art. 6 Abs. 1 lit. a) GDPR).

2.8.6. Hotjar
We use the web analytics service Hotjar from Hotjar Ltd., Level 2, St Julian's Business Centre, 3 Elia Zammit Street, St Julian's STJ 1000, Malta. Hotjar uses cookies, which are stored locally in the cache of your web browser on your device and allow for analysis of your use of our online presence. This can result in the storage and evaluation of personal data, particularly user activity (especially which pages were visited and which elements were clicked), device and browser information (especially the IP address and operating system), and a tracking code (pseudonymized user ID). The information collected in this way is transmitted to a server in Ireland by Hotjar and stored there anonymously.

For more information on data protection at “Hotjar,” please visit: https://www.hotjar.com/legal/policies/privacy/

The legal basis for storing the cookie and further analysis of the collected data is the consent given (Art. 6 Abs. 1 S. 1 lit. a) GDPR).

2.687. Taboola
Our website uses the technology of Taboola Europe Limited (2nd Floor, Aldgate House, 33 Aldgate High St, London EC3N 1DL, United Kingdom).

The purpose of using this technology is campaign optimization and targeted delivery of advertisements. To achieve this, Taboola collects information about your device and user behavior on the specified websites (and other partner websites) using pixels and similar technologies, creating user profiles using pseudonyms that generally do not allow conclusions to be drawn about personal data.

There may be transmission of your data to companies affiliated with Taboola (e.g., Taboola, Inc., USA). To ensure that data from the European Economic Area (EEA) is adequately protected when transmitted outside the EEA, Taboola states that it primarily uses EU standard contractual clauses for countries that do not provide an adequate level of data protection.

For more information on the usage and privacy policies for this product, please visit: https://www.taboola.com/policies/privacy-policy

The legal basis for the processing is the consent you provided when accessing this website as part of our cookie banner (Art. 6 Abs. 1 lit. a) GDPR).

2.8.8. Criteo
Our website also uses the services of Criteo SA. Criteo's retargeting technologies can display advertisements on partner websites, apps, and emails to visitors of our site who are interested in our products, based on advertising IDs and cookies. The delivery of these targeted product recommendations as personalized advertising banners on other websites is carried out using an algorithm. This data is not used to personally identify the visitor to the website. The collected data is used to improve the offerings.

For more information on the usage and privacy policies for this product, please visit: https://www.criteo.com/de/privacy

The legal basis for storing the cookie and further analysis of the collected data is the consent given. (Art. 6 Abs. 1 S. 1 lit. a) GDPR).

2.8.9. Outbrain
We use Outbrain on our website from Outbrain UK Ltd (175 High Holborn, London, WC1V 7AA). The use of this service allows you to receive recommendations for relevant content and advertisements based on your personal interests. Outbrain determines which content you use and how you navigate on our website for market research, statistical, and advertising purposes through cookies. In this process, device and log data (including operating system, browser type, visited subpages of our website, date and time of visit, location, and the shortened IP address) is collected, and usage profiles are created using a pseudonym, which do not allow conclusions to be drawn about the person.

For more information on data protection and cookies at Outbrain, please refer to Outbrain's privacy policy: www.outbrain.com/legal/privacy

The legal basis for storing the cookie and further analysis of the collected data is the consent given. (Art. 6 Abs. 1 S. 1 lit. a) GDPR).

Datenübertragung und Datenverarbeitung in den USA
Data processing may also occur in the USA. The basis for this data transfer is your consent given through the cookie consent banner (Art. 49(1)(a) GDPR). In the USA, there is no comparable level of data protection as in the European Union. It is possible that government authorities may access personal data without us or you being aware of it. Legal recourse may not be promising.
You can withdraw your consent at any time with effect for the future through the cookie settings in the footer.

2.9. Further use of tools on the website.

2.9.1. Zendesk
We use the ticketing system Zendesk to handle customer inquiries, a customer service platform from Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102. The use of Zendesk allows for direct and rapid contact with us via the website. For more information on data processing by “Zendesk,” please visit: https://www.zendesk.de/company/customers-partners/privacy-policy/

In the context of the necessary balancing of interests, we have weighed your interest in confidentiality against our interest in providing this website and its functions. Your interest in confidentiality is outweighed in this case. Otherwise, we would not be able to provide you with this website with these features.

The legal basis for using these tools is our overriding legitimate interest. (Art. 6 Abs. 1 lit. f) GDPR).

2.9.2. Cookie-Consent-Tool “CookiePro”
This website uses the cookie consent tool “CookiePro” from OneTrust LLC, 1200 Abernathy Rd NE, Sandy Springs, GA 30328, USA (“OneTrust”) to obtain effective user consent for consent-required cookies and cookie-based applications.

By embedding a corresponding JavaScript code, users are shown a banner upon accessing the site, where they can give consent for specific cookies and/or cookie-based applications by checking boxes. The tool blocks the setting of all consent-required cookies until the respective user has granted the corresponding consents by checking the boxes. This ensures that such cookies are only set on the user’s device if consent has been given.

To allow the cookie consent tool to clearly associate page visits with individual users and to individually record, log, and store the consent settings made by users for the duration of a session, certain user information (including the IP address) is collected upon accessing our website, transmitted to OneTrust servers, and stored there.

These data processing activities are carried out in accordance with Art. 6 Abs. 1 lit. f) GDPR based on our legitimate interest in a legally compliant, user-specific, and user-friendly consent management for cookies, and thus in a legally compliant design of our online presence.

2.9.3. Zapier
This website uses the integration service provider Zapier, a service from Zapier Inc., 548 Market St 62411, San Francisco, California 94104, USA (hereinafter referred to as “Zapier”). We use Zapier to integrate various databases and web tools. Zapier is a web service that automates actions between different web tools and synchronizes their applications to execute the desired processes. Zapier automates our processing operations and ensures various workflows to efficiently structure work processes in our processing system.

The legal basis for using these tools is our overriding legitimate interest (Art. 6 Abs. 1 lit. f) GDPR).

2.9.4. Stripe
If you choose a payment method offered through the payment service provider "Stripe," the payment processing will be carried out by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass your information provided during the contract creation (name, address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) in accordance with Art. 6 Abs. 1 lit. b) GDPR. The transfer of your data is carried out exclusively for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose.

For more information on data processing by Stripe, please visit: https://stripe.com/de/privacy#translation

2.9.5. Onfido
We use the service of Onfido Limited (Finsbury Avenue 3, EC2M 2PA London, United Kingdom) to verify your identity. To do this, you need to upload a picture of your identification document and your face through the mobile integration of Onfido in our app. Your data and the uploaded image will then be compared with the image on the identification document to check for consistency. Additionally, Onfido will verify whether the uploaded identification document has been reported as stolen, forged, lost, or otherwise compromised. This processing is carried out for the purpose of identity verification.

For more information on data processing by Onfido, please visit: https://onfido.com/privacy/

The legal basis for this is pre-contractual measures in accordance with Art. 6(1)(b) GDPR, as clear identification is necessary for the conclusion of the product.

2.9.6. Postident
We use the POSTIDENT service provided by Deutsche Post AG (Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany) to verify your identity.

As part of the POSTIDENT procedure through AutoID, biometric data is processed to better detect fraud attempts, such as identity theft. For instance, facial position data is compared with the identification document.

Your biometric data is not stored. Only the results of the processing are saved, which do not contain biometric data and cannot be used to identify the person. Moreover, no further processing, such as for analysis or profiling, takes place.

For more information on data processing by Postident, please visit: www.deutschepost.de/de/p/postident/postident-datenschutzhinweise.html

The legal basis for this is pre-contractual measures according to Art. 6 I 1 lit. b. GDPR, as clear identification is necessary for the conclusion of the product.

2.9.7. Trusted Shop
To display our Trusted Shops trustmark, collected reviews, and offer Trusted Shops products to buyers after an order, the Trusted Shops Trustbadge is integrated into this website. This serves to protect our overriding legitimate interests in the optimal marketing of our offer according to Art. 6(1)(f) GDPR. The Trustbadge and related services are provided by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne.

When the Trustbadge is accessed, the web server automatically stores a so-called server log file that contains, for example, your IP address, the date and time of access, the amount of data transmitted, and the requesting provider (access data), and documents the access. This access data is not evaluated and is automatically deleted no later than seven days after your visit. Other personal data (such as your email address) will only be transmitted to Trusted Shops if you choose to leave a review for our company or decide to use Trusted Shops products after completing an order or if you are already registered to use them. In such cases, the contractual agreement between you and Trusted Shops applies.

For more information about Trusted Shops and data privacy at Trusted Shops, please refer to the provider's privacy policy: www.trustedshops.com/de/legal/datenschutz

3. What do we do with your personal data within the registration funnel and customer portal?

If you wish to reserve a safety deposit box, you must first register through our registration funnel. How and which personal data is processed in this process will be explained to you below.

3.1. Booking Funnel

To rent a digitally controlled bank safety deposit box, you must first register through the so-called registration funnel. During this process, we collect the personal data necessary for registration (title, first name, last name, email address, payment interval, payment method, payment details).

To reserve a safety deposit box, you must also select a location of the vault (branch selection) and the size of the box. After entering the data, it will be summarized and must be confirmed by you for the reservation. Following confirmation, a reservation confirmation will be displayed on the screen and sent to you again via email.

After registration, you will also have the option to use our customer portal. After your initial login (customer identification and appointment booking for activation), you can manage general information and functions (such as personal data, payment details, support, actions concerning cards and keys, or adding authorized persons). You also have the option to purchase additional insurance.

3.1.1. Legal basis and balancing of interests
We process personal data during the registration and activation by natural persons for the initiation, execution, and handling of the respective rental agreement, as well as the transfer of your data to increase the insurance amount you have requested (Art. 6 Abs. 1 lit. b) GDPR).

We process personal data during the registration and activation by legal entities for the conclusion and execution of the respective rental agreement (Art. 6(1)(b) GDPR) and based on our overriding legitimate interest (communication with customer-relevant contacts; Art. 6(1)(f) GDPR). As part of the necessary balancing of interests, we have weighed the confidentiality interests of customer-relevant contacts against our interest in customer-related communication. The confidentiality interest of customer-relevant contacts is subordinate in this case, as we would otherwise not be able to fulfill our rental agreement.

3.1.2. Mandatory information
If you do not provide this personal data, we will not be able to conclude the respective contractual relationship.

3.1.3.Data transfer and data processing in the USA.
Data processing may also take place in the USA. The basis for this data transfer is your consent provided through the cookie consent banner (Art. 49 para. 1 lit. a) GDPR). In the USA, there is no comparable level of data protection as in the European Union. It is possible that government authorities may access personal data without us or you being aware of it. Legal recourse may not be promising.

You can revoke your consent at any time with effect for the future via the cookie settings in the footer.

3.2. Categories of recipients

We engage service providers for the provision and execution of the registration process. These include: Amazon Web Services (AWS) for data storage, SendGrid (a customer communication platform for transactional and marketing emails), Stripe (an online payment service), PayPal (for processing payments), and Amazon Cognito (registration and login).

The legal basis for the use of these service providers is, as stated above, our overriding legitimate interest (Art. 6 para. 1 lit. f) GDPR). Additionally, we have entered into a data processing agreement with all service providers.

When increasing the insurance coverage, your relevant data will be transmitted to the designated insurance brokers.

3.3. Wenn Sie unseren Registrierungsfunnel nutzen

In our registration funnel, so-called cookies are used. We only use technically necessary cookies. These are required for providing the registration funnel and for accessing the content displayed there (including its functions), as well as for IT security measures.

As part of the required balancing of interests, we have weighed your interest in confidentiality against our interest in providing this registration funnel (including its functions). Your interest in confidentiality is outweighed in this case, as we would otherwise be unable to offer you the functions of our registration funnel.

The legal basis for this is our overriding legitimate interest (Art. 6 Abs. 1 lit. f) GDPR).

4. If you would like to have your safe deposit box activated

To activate the safe deposit box, an ID check, the selection of an activation appointment, and the creation of a customer card are required.

4.1. ID-Prüfung

If you want to have your safe deposit box activated, you must first complete an ID check in accordance with the Anti-Money Laundering Act. This requires a copy of your ID, name, date and place of birth, and address. You can choose from various options for the ID check, and an in-person ID check can also be arranged.

We use service providers such as "Onfido" and "PostIdent" to carry out the ID check. We transmit personal data to these service providers, who are contractually obligated to handle personal data with the same level of care as we do.

We process your personal data as part of the activation of the safe deposit box for the initiation, execution, and handling of the corresponding rental contract (Art. 6 para. 1 lit. b) GDPR). We are also obligated to process your personal data during the ID verification procedure according to the Anti-Money Laundering Act (Art. 6 Abs. 1 lit. c) GDPR).

4.2. Safe deposit box activation for customers

If you have consented, your fingerprint will be captured via an electronic scanner during the first access to the safe deposit box and stored on your customer card along with an additional PIN. You will need this customer card to access the self-service terminal area and your safe deposit box. The fingerprint is stored exclusively on your customer card. Fingerprints are considered personal data, specifically biometric data as defined in Art. 4 No. 13 and 14 GDPR. According to Art. 9 GDPR, this biometric data falls into the category of particularly sensitive personal data.

We process your personal data as part of the activation of the safe deposit box to allow you access to the self-service terminal area and the safe deposit box using the customer card, for the initiation, execution, and handling of the corresponding rental contract (Art. 6 para. 1 lit. b) GDPR); Art. 6 para. 1 lit. f) GDPR), especially for your verification during the activation and use of the safe deposit box.

For these purposes, we process your fingerprint as biometric data based on your prior consent (Art. 9 para. 2 lit. a) GDPR).

In some cases, we may use third-party service providers for specific services we offer. We may share your personal data with such contracted service providers. They will act solely under our instructions and have been contractually obligated to comply with data protection regulations in accordance with Art. 28 GDPR.

4.3. Fingerprint capture of authorized representatives

If you have been designated as an authorized representative by a customer and you have consented, your fingerprint will be captured via an electronic scanner during your first access to the safe deposit box and stored on your customer card along with an additional PIN. You will need this customer card to access the self-service terminal area and the customer's safe deposit box. The fingerprint is stored exclusively on your customer card. Fingerprints are considered personal data, specifically biometric data as defined in Art. 4 No. 13 and 14 GDPR. According to Art. 9 GDPR, this biometric data falls into the category of particularly sensitive personal data.

We process your personal data for your verification during the activation of a safe deposit box and when using the safe deposit box. For these purposes, we process your fingerprint as biometric data based on your prior consent (Art. 9 para. 2 lit. a) GDPR).

4.4. Access to the rental property

We process your personal data when you authenticate yourself in the terminal area (where the self-service terminal for accessing the safe deposit box is located) using your customer card and the fingerprint stored on it.

We process your personal data for authentication at the self-service terminal to grant you access to the self-service terminal area and the safe deposit box. For these purposes, we process your fingerprint as biometric data based on your prior consent (Art. 9 para. 2 lit. a) GDPR), and if you are a customer, also for the execution and handling of the corresponding rental contract (Art. 6 para. 1 lit. b) GDPR).

4.5. Recording and disclosure obligations on our part

We process your personal data in accordance with our recording and disclosure obligations. We are required to verify the identity and address of each authorized user and each beneficial owner as defined by the Anti-Money Laundering Act (GWG) before activating the safe deposit box, and to record the necessary information in an appropriate format, such as files. For this purpose, we process the personal data provided by the customer prior to the activation appointment. An alphabetical register of authorized users and beneficial owners is maintained.

We process your personal data to fulfill the legal obligations we are subject to (recording and disclosure obligations according to § 154 para. 1 of the General Tax Code (AO))

Legally authorized authorities may request information regarding the authorization of the safe deposit boxes at any time. For this, we are obligated to provide the necessary information.

4.6. Video surveillance in the terminal area

The terminal area is secured through video recording. This records individuals entering the terminal area, but does not capture the placement or removal of items from the safe deposit box. Video surveillance is necessary to facilitate the investigation and prevention of crimes, as well as to protect the business premises.

As part of the required balancing of interests, we have weighed your interest in keeping your personal data confidential against our interest in monitoring and securing the terminal area. Your interest in confidentiality is outweighed in this case, as we would otherwise be unable to ensure the investigation and prevention of crimes and the protection of the business premises.

We process your personal data based on our overriding legitimate interest (Art. 6 para. 1 lit. f) GDPR). To investigate and prevent crimes, as well as to protect the business premises, it is essential that we record individuals entering the terminal area.

Data from video surveillance is generally stored for 72 hours. The data will then be deleted when it is no longer needed for the original purposes for which it was collected.

5.How long do we retain your personal data in all other cases?

We delete your personal data when the purpose of storage no longer applies and no legal provision requires retention.

6. What rights do you have as a data subject?

Please contact us using the aforementioned contact details to exercise your rights and to withdraw your consent.

You have the right to request information at any time about all personal data that we process about you.
If your personal data is inaccurate or incomplete, you have the right to rectification and supplementation.
You can request the deletion of your personal data at any time, provided we are not legally obligated or entitled to further process your data.
If the legal requirements are met, you can request a restriction on the processing of your personal data.
You have the right to object to the processing of your personal data if the processing is for the purposes of direct marketing or profiling. If the processing is based on a balancing of interests, you may object to the processing for reasons arising from your particular situation.
If the processing of your data is based on your consent or a contract, you have the right to transfer the data you provided, as long as it does not adversely affect the rights and freedoms of others.
If we process your data based on a consent declaration, you have the right to withdraw this consent at any time with future effect. The processing carried out before the withdrawal remains unaffected by the withdrawal.
You also have the right to file a complaint with a data protection authority at any time if you believe that the processing of your data violates applicable law.

7.In what context do we create automated profiles?

No automated profiles are created.

8. Data security

We take appropriate technical and organizational security measures to protect the personal data we process against accidental or intentional manipulation, loss, destruction, or unauthorized access.