As an asset management company we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. We collect various personal data when you use our services or send us deliveries. Personal data comprises data by which you can be personally identified. This Privacy Policy describes which data we collect and its use. It also explains how and for what purpose this is done. Because of constant technical change this notice is regularly adapted. We therefore recommend to read our information and notes regarding data processing regularly. Please visit our website www.dje.de and www.solidvest.de at any time to view and print the latest version of our data protection statement. We will inform you about fundamental changes via the website, by email or mail.

1. Responsibility for data processing

Responsible entity:

DJE Kapital AG
Pullacher Straße 24
82049 Pullach
Tel.: +49 89 790453-0
Fax: +49 89 790453-185
E-mail: Qngrafpuhgm@qwr.qr

Contact details of our company data protection officer:
Ms. Désirée Wittwer
External data protection officer of DJE Kapital AG
aigner business solutions GmbH
Managing Director: Rainer Aigner
Goldener Steig 42
94116 Hutthurm
Phone: +49 (0)8505 91927 – 0
Email: qrfverr.jvggjre@nvtare-ohfvarff-fbyhgvbaf.pbz
Web: www.aigner-business-solutions.com

II Data processing in the use of our services or with regard to our suppliers

If you are a client, supplier or interested party, if you conclude a contract with us or if such a contract in preparation we process your personal data in the following ways:

1. Processing personal data from the following sources.

• family members,
• co-applicants,
• legal representatives (agents),
• beneficiaries of our client,
• beneficial owners of our client,
• shareholders,
• representatives of legal entities,
• employees of service providers or trading partners,

A. When concluding and using products/services, personal data may be collected, processed and stored. We process the following personal data:

• identity information (e.g. first and last name, identity card or passport number, nationality, place and date of birth, gender, photograph, IP address)
• contact information (address, email address and phone number)
• tax information (tax identification number, tax status)
• banking, financial and transactional information (e.g. bank account details (IBAN),
  money transfers from and to your account/deposit, assets, investor profile provided, financial expenses)
• with regard to the securities transactions: information on knowledge and/or experience with securities (MiFID status), investment behavior/strategy (period, scope, frequency of the customer's transactions with financial instruments, customer's risk tolerance), information on education and profession (e.g. level of education, occupation, name of employer) earnings, financial situation (assets, liabilities, income, e.g. from un/self-employed/self-employed persons). (e.g. assets, liabilities, income, e.g. from employment/self-employment/business; expenses), foreseeable changes of financial circumstances (e.g. retirement age), concrete goals/major concerns for the future (e.g. planned purchases, repayment of liabilities), marital status and family situation, tax information (e.g. information on church tax liability), documentation data (e.g. declarations of suitability).
• in the management of interest rates, currency and liquidity: information on knowledge and/or experience with interest rate/currency products/money investment (MiFID status), investment behavior/strategy (period, scope, frequency of the client's transactions with financial instruments, risk tolerance of the client), occupation, financial situation (assets, liabilities, income, e.g. from un/self-employed persons). (e.g. from self-employment / trade; expenses), foreseeable changes in financial circumstances (e.g. retirement age), concrete goals / major concerns in the future (e.g. planned purchases, redemption of liabilities), tax information (e.g. information on church tax liability), documentation data (e.g. advisory protocols).
• contact details of clients during the phase of business initiation as well as during the business relationship, in particular through personal, phone or written contacts initiated by you or DJE Kapital AG, further personal data, e.g. information on the contact channel, date, occasion and result, (electronic) copies of correspondence and information on participation in direct marketing measures as well as details of wishes expressed by you to us.
• Audiovisual data (information from the video legitimation procedure, recordings of calls).

If requested by clients, we also collect personal data from children. In doing so, we ensure that the holders of parental responsibility consent to the processing of the personal data or, in certain cases, consent to the child's consent.

Personal data on racial or ethnic origin, political convictions, religious or ideological views, trade union membership as well as genetic data, biometric data for the unique identification of a natural person, health data or data on sexual life or sexual orientation are not processed by us as a matter of principle (unless it is required, for example, for the payment of church tax or by order of the supervisory authorities).

B. When visiting the websites www.dje.de and www.solidvest.de: When you visit our websites, information is automatically sent to the server of our websites by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected and stored until automated deletion:

• IP address of the requesting computer (or terminal device)
• date and time of access
• name and URL of the file accessed
• website used to access the site made
• browser used and, if applicable, the operating system of your computer (or terminal device) as well as the name of your access provider.

C. Cookies

This website uses cookies.

We use cookies to ensure the functionality of our website as well as to personalize content and advertisements, to offer social media functions and to analyses the access to our website.

By clicking on "Allow cookies" you agree to our privacy policy and consent to the use of all cookies.

Cookies are small text files used by websites to make the user experience more efficient.

By law, we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookie we need your permission.

This site uses different types of cookies. Third parties that appear on our pages place some cookies.

You can change or revoke your consent to cookies at any time on our website.

Find out more about who we are, how you can contact us and how we process personal data in our privacy notice.

Please provide your consent ID and date when contacting us regarding your consent.

Your consent applies to the following domains: dje.de, dje.com, dje.lu, depot.solidvest.de, partner.solidvest.de, cms.solidvest.de, b2b.solidvest.de, wissen.solidvest.de, blog.solidvest.de, www.solidvest.de, email.solidvest.de.

Your current state: Decline.

Your consent ID: 5G74yrb9ftNhi2gNdrDvAPNzPLI0WTs4jvN4f55hx0AAdkkZhLKM7A==Consent date: Thursday, 18 August 2022 14:05:28 CEST.

Change consent | Revoke consent

Cookie statement was last updated by Cookiebot on 12/11/22:

See on the Cookies-page

 

D. Supplier data

We collect personal data from our suppliers in the course of working with them to ensure a smooth business relationship. We collect the data of our contact persons within the organization, e.g. name, phone number and email address. Furthermore we collect bank data enabling us to make payments to our suppliers.

Personal data on racial or ethnic origin, political beliefs, religious or ideological views, trade union membership as well as genetic data, biometric data for the unique identification of a natural person, health data or data on sexual life or sexual orientation are not processed by us as a matter of principle (unless it is required, for example, for the payment of church tax or by order of the supervisory authorities).

 

2. What do we process your data for (purpose of processing) and on what legal basis?

We process the aforementioned personal data in accordance with the provisions of the EU General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG):

A. For the fulfilment of contractual obligations (Art. 6 para. 1 lit. b DSGVO).

Personal data is processed for the provision of financial services in the context of the performance of our contracts with our clients or for the performance of pre-contractual measures, which are carried out at your request. The purposes of the data processing primarily depend on the specific product (see under point 1) and may include, among other things, needs analyses, advice, asset management and support and the execution of transactions.

With regard to our supplier relationships, we process the personal data of individuals within our suppliers' organization in order to be able to obtain services from them. We also store financial data so that we can pay our suppliers for their services.

C. Within the framework of the balancing of interests (Art. 6 para. 1 lit. f DSGVO)

Where necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of third parties or us. Examples:

• testing and optimization of procedures for demand analysis and direct customer approach; incl. customer segmentations and calculation of conclusion probabilities
• advertising or market and opinion research, insofar as you consent to the use of your data.
• assertion of legal claims and defense in legal disputes
• ensuring the IT security and IT operation of DJE Kapital AG
• prevention of criminal offences, in particular fraud prevention
• video surveillance to safeguard house rights, to collect evidence in the event of robberies and fraud offences
• measures for building and facility security (e.g. access controls)
• other measures to ensure house rules
• measures for business management and further development of services and products

With regard to the websites offered:

• ensuring a smooth connection of the websites www.dje.de and www.solidvest.de
• ensuring a comfortable use of our websites
• evaluation of system security and stability as well as
• for further administrative purposes

With regard to cookies:

With the use of cookies, we want to optimize the use of our websites www.dje.de and www.solidvest.de in terms of user-friendliness as well as record statistics and evaluate them for optimizing our offer for you.

In relation to Google Analytics:

With the tracking measures that are used we want to ensure a needs-based design and the ongoing optimization of our websites as well as to experience the statistical evaluation of the use of our websites.

With regard to Google DoubleClick remarketing:

We use Google's remarketing technology. Through this technology users who have already visited our websites and online services and who are interested in what we have to offer are approached again through targeted advertising on the pages of the Google Partner Network. The advertising is displayed using cookies. With the help of the text files, user behavior when visiting the websites can be analyzed and then used for targeted product recommendations and interest-based advertising. No personal data of visitors to the websites is stored. You can permanently deactivate the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://www.google.com/settings/ads/plugin. The DoubleClick cookies can also be deactivated by visiting the NAI (Network Advertising Initiative) deactivation page at http://www.networkadvertising.org/choices/). Further information on Google Remarketing and Google's privacy policy can be found at http://www.google.com/privacy/ads/.

In relation to Google Conversion Tracking:

Furthermore, we use the so-called conversion tracking as part of the use of the Google AdWords service. When you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer/end device. These cookies lose their validity after 30 days, as they do not contain any personal data and they are not used for personal identification. The information obtained with the help of the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. User data is processed pseudonymously as part of Google's marketing services. This means that Google does not store and process the name or email address of the users, for example, but processes the relevant data on a cookie basis within pseudonymous user profiles. This means that from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected about users by Google marketing services is transmitted to Google and stored on Google's servers in the USA.

The Google marketing services we use include the online advertising programme "Google AdWords". In particular we use the remarketing function within the Google AdWords service. In the case of Google AdWords, each AdWords customer receives a different "conversion cookie". Cookies can therefore not be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers notice the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However they do not receive any information that can be used to identify a user personally.

We may include third-party advertisements based on the Google marketing service "DoubleClick". DoubleClick uses cookies to enable Google and its partner websites to serve ads based on users' visits to this website or other websites on the Internet.

Furthermore, we may use the "Google Tag Manager" to integrate and manage Google analytics and marketing services on our websites. Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The Tag Manager tool itself (which implements the tags) is a non-cookie domain and triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this will remain in place for all tracking tags implemented with Google Tag Manager. We may ask you for permission to share some product data with other Google products to enable certain features, such as making it easier to add new conversion tracking tags for AdWords. In addition our developers review product usage information from time to time to further optimize the product. For more information, please see the usage guidelines for this product at http://www.google.com/intl/de/tagmanager/use-policy.html.

For more information about Google's use of data for marketing purposes, please visit the overview page: https://www.google.com/policies/technologies/ads. Google's privacy policy is available at https://www.google.com/policies/privacy. If you wish to object to interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google.

If you wish to object to interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google: https://adssettings.google.de.

You can find more information about Google and Google's privacy policy at http://www.google.com/privacy/ads/. In addition you can opt out of interest-based ads on Google as well as interest-based Google ads on the web (within the Google display network) in your browser by activating the "Off" button at https://adssettings.google.de or by deactivating them at deactivation at http://www.aboutads.info/choices. For more information on your settings options in this regard and Google's data protection, please visit https://www.google.de/intl/de/policies/privacy/?fg=1.

With regard to Facebook Pixel:

We use the "meta pixel" of the social network "Facebook", 1601 South California Avenue, Palo Alto, CA 94304, USA within our website. So-called tracking pixels are integrated on our pages. When you visit our pages, the tracking pixel establishes a direct connection between your browser and the Facebook server. Facebook thereby receives, among other things, the information from your browser that our page has been accessed from your end device. If you are a Facebook user, Facebook can assign your visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. We can only select which segments of Facebook users (such as age, interests) should be shown our advertising. By calling up the pixel from your browser, Facebook can also see whether a Facebook ad was successful, e.g. led to the conclusion of an online contract. This allows us to measure the effectiveness of Facebook ads for statistical and market research purposes. Please click here if you do not wish to have data collected via the Facebook Pixel: https://www.facebook.com/settings?tab=ads#_=_. Alternatively you can deactivate the Facebook Pixel on the page of the Digital Advertising Alliance under the following link: http://www.aboutads.info/choices/.

The transfer of data to the USA is permitted under Art. 45 of the GDPR, as Facebook is Privacy Shield certified and thus an adequate level of data protection exists under Commission Implementing Decision (EU) 2016/1250 (https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=CELEX%3A32016D1250). The certification can be viewed at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

In relation to Facebook Lead Ads:

We use Lead Ads an advertising format from Facebook to generate contact data. This data is used exclusively for sending Solidvest newsletters. Users who have signed up for a newsletter via a Lead Ad can unsubscribe or object to the storage and use of the data at any time. Solidvest only uses the generated data that has been confirmed via the double opt-in procedure. The responsibility for processing the data lies with both Facebook and DJE Kapital AG. The data is only transmitted from Facebook to Solidvest/DJE Kapital AG when the user clicks on "Send" within the lead ad. The data is processed in accordance with Art. 6 (1) a) DSGVO on the basis of the consent provided in the Lead Ads form.

In relation to Hubspot:

We use the marketing automation software "Hubspot" of the company "Hubspot, Inc.", Guild Street, Dublin 1, Ireland (European headquarters) within our website. This software enables the tracking of user behavior in marketing emails and on our websites. The following cookies are used. The explanation of its purpose is as follows:

_hssc: This cookie is used to track sessions. The cookie is used to determine whether the session number and timestamps in the _hstc cookie should be incremented. Values included: domain, viewCount (number of page views; increment with each page view in a session) and session start timestamp.

_hssrc: This cookie supports the detection of new user sessions. It is set to 1 at the start of a user session. If the cookie is not set, it is assumed to be a new session.

_hstc: This is the main cookie for capturing visitors. Values included: domain, user token (hubspotutk, see below), start timestamp (first visit), end timestamp (last visit), current timestamp (this visit) and session number (increment with each subsequent session).

hubspotutk: This cookie supports visitor tracking; it is passed to Hubspot when a form is submitted.

In relation to GoToWebinar.

A. Purpose and scope of the processing

We use the tool "GoToWebinar" to be able to conduct online seminars via the internet. "GoToWebinar" is a service provided by LogMeIn, Inc. that is based in the USA. If you access the "GoToWebinar" website, the provider of "GoToWebinar" is responsible for data processing. However  you only need to access the website to use "GoToWebinar" in order to download the software for using "GoToWebinar". You can also use "GoToWebinar" if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the "GoToWebinar" app. If you do not want to or cannot use the "GoToWebinar" app, the basic functions can also be used via a browser version, which you can also find on the "GoToWebinar" website. If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent. The fact of the recording will also be displayed to you in the "GoToWebinar" app.

If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However this will not usually be the case. In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars. If you are registered as a user with "GoToWebinar", then reports on "online meetings" (meeting metadata, phone dial-in data, questions and answers in webinars, survey function in webinars) may be stored by "GoToWebinar" for up to 90 days. Automated decision-making within the meaning of Art. 22 DSGVO is not used.

B. Data processed

Various types of data are processed when using "GoToWebinar". The scope of the data also depends on the data you provide before or during participation in an "online meeting".

The following personal data are subject to processing:

• User details: first name, last name, phone (optional), email address, password (if "single sign-on" is not used), profile picture (optional), department (optional).
• Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information.
• For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
• Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an "online meeting". In this respect the text entries you make are processed in order to display them in the "online meeting" and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "GoToWebinar" applications.

In order to participate in an "online meeting" or to enter the "meeting room", you must at least provide information about your name.

C. Legal basis for data processing

Insofar as personal data of Solidvest employees is processed, Section 26 BDSG is the legal basis for data processing. If, in connection with the use of "GoToWebinar", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of "GoToWebinar", Article 6 (1) f) DSGVO is the legal basis for data processing. In these cases, our interest is in the effective implementation of "online meetings". Otherwise, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of "online meetings".

D. Recipients / passing on of data

Personal data processed in connection with participation in "online seminars" will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that content from "online seminars" as well as from personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on. Other recipients: The provider of "GoToWebinar" necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing agreement with "GoToWebinar".

"GoToWebinar" is a service of LogMeIn Ireland Limited (Bloodstone Building Block C 70 Sir John Rogerson's Quay Dublin 2, Ireland), a subsidiary of LogMeIn Inc. (Log-MeIn, 320 Summer Street, Boston, MA 02210, USA). Processing of personal data thus also takes place in a third country. We have concluded an order processing agreement with the provider of "GoToWebinar" that meets the requirements of Art. 28 DSGVO. A level of data protection comparable with the EU is regulated by the conclusion of the so-called EU standard contractual clauses.

C. Legal basis for data processing

We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion only comes into consideration after expiry of the respective retention obligation.

With regard to Zoom:

We use the tool "Zoom" to conduct phone conferences, online meetings, video conferences and/or webinars (hereinafter: "Online Meetings"). "Zoom" is a service provided by Zoom Video Communications, Inc. that is based in the USA.

Responsible

DJE Kapital AG, Pullacher Straße 24, 82049 Pullach, Germany, is the data controller for data processing directly related to the conduct of "Online Meetings".

Note: Insofar as you call up the website of "Zoom", the provider of "Zoom" is responsible for data processing. However accessing the website is only necessary for the use of "Zoom" in order to download the software for the use of "Zoom".

You can also use "Zoom" if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the "Zoom" app.

If you do not want to or cannot use the "Zoom" app, the basic functions can also be used via a browser version, which you can also find on the "Zoom" website.

What data is processed?

Various types of data are processed when using "Zoom". The scope of the data also depends on the data you provide before or during participation in an "online meeting".

The following personal data are subject to processing:

User details: first name, last name, phone (optional), email address, password (if "single sign-on" is not used), profile picture (optional), department (optional).

Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information.

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.

For dial-in with the phone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.

Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an "online meeting". In this respect the text entries you make are processed in order to display them in the "online meeting" and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Zoom" applications.

In order to participate in an "online meeting" or to enter the "meeting room", you must at least enter your name.

Scope of the processing

We use "Zoom" to conduct "online meetings". If we want to record "online meetings", we will transparently communicate this to you in advance and - where necessary - ask for consent. The fact of the recording will also be displayed to you in the "Zoom" app.

If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However this will not usually be the case.

In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars.

If you are registered as a user with "Zoom", then reports on "online meetings" (meeting metadata, phone dial-in data, questions and answers in webinars, survey function in webinars) may be stored by "Zoom" for up to one month.

Automated decision-making within the meaning of Art. 22 DSGVO is not used.

Legal basis for data processing

Insofar as personal data of DJE Kapital AG employees is processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of "Zoom", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of "Zoom", the legal basis for data processing is Article 6 (1) (f) DSGVO. We are interested in the effectively conducting "online meetings" in these cases.

Otherwise, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships.

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of "online meetings".

Recipients / passing on of data

Personal data processed in connection with participation in "online meetings" will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that the content of "online meetings" as well as personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: The provider of "Zoom" necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with "Zoom".

Data processing outside the European Union

"Zoom" is a service provided by a provider from the USA. A processing of personal data therefore also takes place in a third country. We have concluded an order processing agreement with the provider of "Zoom" which complies with the requirements of Art. 28 DSGVO.

An appropriate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As additional protective measures, we have also configured our Zoom system in such a way that only data centers in the EU, the EEA or secure third countries such as Canada or Japan are used to conduct "online meetings".

Your rights as a data subject

You have the right to obtain information about the personal data concerning you. Please contact us for information any further information at any time.

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.

Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.

Finally you have a right to object to processing within the scope of the law.

You also have a right to data portability within the framework of data protection law.

Deletion of data

We delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.

Right of complaint to a supervisory authority

You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

In relation to teams:

A. Purpose of the processing

We use the "Microsoft Teams" tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter: "Online Meetings"). "Microsoft Teams" is a service provided by Microsoft Corporation.

B. Responsible party

We use the "Microsoft Teams" tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter: "Online Meetings"). "Microsoft Teams" is a service of Microsoft Corporation. The controller for data processing directly related to the conduct of "Online Meetings" is Solidvest. Note: If you access the "Microsoft Teams" website, the "Microsoft Teams" provider is responsible for data processing. However accessing the website is only necessary to download the software for the use of "Microsoft Teams". If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.

C. What data is processed?

When using "Microsoft Teams" various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an "online meeting".

The following personal data are subject to processing:

User details: e.g. display name, email address (if applicable), profile picture (optional), preferred language.

Meeting metadata: e.g. date, time, meeting ID, phone numbers, location

Text, audio and video data: You may have the opportunity to use the chat function in an "online meeting". In this respect the text entries you make are processed in order to display them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications.

D. Scope of the processing

We use "Microsoft Teams" to conduct "online meetings". If we want to record "online meetings", we will transparently communicate this to you in advance and - where necessary - ask for consent. If it is necessary for the purposes of recording the outcomes of an online meeting, we will record the chat content. However this will not usually be the case. Automated decision-making within the meaning of Art. 22 DSGVO is not used.

E. Legal basis of data processing

Insofar as Solidvest employees process personal data, Section 26 BDSG is the legal basis for data processing. If, in connection with the use of "Microsoft Teams", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of "Microsoft Teams", Article 6 (1) (f) DSGVO is the legal basis for data processing. In these cases, our interest lies in the effective implementation of "online meetings". Otherwise, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of "online meetings".

F. Legal basis of data processing

Personal data processed in connection with participation in "online meetings" will generally not be disclosed to third parties unless it is specifically intended for disclosure. Please note that the content of "online meetings" as well as personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on. Other recipients: The provider of "Microsoft Teams" necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with "Microsoft Teams".

G. Data processing outside the European Union

Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our storage location to data centers in the European Union. However we cannot exclude the routing of data via internet servers that are located outside the EU. This can be the case in particular if participants in "Online Meeting" are in a third country. However the data is encrypted during transport via the internet and thus protected against unauthorized access by third parties.

‍With regard to Clarity:

In addition we use Clarity on our site. A program of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA). This is a program designed to provide us with information about the behavior and interaction of users of the site. The legal basis for the processing of personal data is the consent of the user pursuant to Art. 6 para. 1 lit. a DSGVO.

Responsibility for data processing

1. responsible entity:

DJE Kapital AG
Pullacher Street 24
82049 Pullach
Phone: +49 89 790453-0
Fax: +49 89 790453-185
Email: info@dje.de

2. responsible body:

Meta Platforms Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour
Dublin 2, Ireland
Web: www.meta.com

For more information see: https://www.facebook.com/policy

In relation to "YouTube", "Xing.com", "LinkedIn", "Twitter" and "Facebook" and "Instagram".

On our websites you will find links to YouTube, Xing, LinkedIn, Twitter and Facebook ("social networks"). We do not use social plug-ins from these social networks when you visit our websites. Only when you click on the symbol or link of a social network will you be taken to its website. Now data is collected, processed and used. We have no influence on what data these social networks collect, how they process and use it. For the purpose and scope of the data collection and the further processing and use of this data, please refer to the data protection information of the respective social network on the following websites:

Data protection information of the respective social network on the following websites:

• Youtube: https://policies.google.com/privacy/
• Xing: https://www.xing.com/privacy
• LinkedIn: https://www.linkedin.com/legal/privacy-policy?
• Twitter: https://twitter.com/en/privacy
• Facebook: https://de-de.facebook.com/policy.php
• Instagram: https://de-de.facebook.com/help/instagram/155833707900388

We will never use the data from the cookies or the analysis tools to draw conclusions about your person

C. Based on your consent (Article 6 para. 1 lit. a DS-GVO)

If you have given us your consent to process personal data for certain purposes (e.g. transfer of data within the association / group or to use your data for certain advertising purposes), this processing is lawful based on your consent. Data processing for contacting us is based on your voluntarily given consent, for example when you use the contact form or newsletter registration on our websites www.dje.de and www.solidvest.de or hand us a business card. Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us before the EU General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected. If we want to use your personal data for purposes other than those mentioned above, we will inform you accordingly and obtain your consent if necessary.

C. Due to legal requirements (Article 6 (1) (c) DS-GVO) or in the public interest (Article 6 (1) (e) DS-GVO)

As a financial services institution, we are subject to various legal obligations, i.e. legal requirements (e.g. German Banking Act, Money Laundering Act, Securities Trading Act, Tax Laws) as well as banking supervisory requirements (e.g. of the European Supervisory Authority, the Deutsche Bundesbank and the German Federal Financial Supervisory Authority (BaFin)). The purposes of the processing include, among others, the obligations under the German Securities Trading Act (WpHG) to record the knowledge and experience of the respective client with securities services and financial instruments, the financial circumstances and investment objectives of the client, identity and age verification, fraud and money laundering prevention, compliance with sanctions and embargo provisions, to respond to official enquiries from a competent government agency or judicial authority, the fulfilment of control and reporting obligations under tax law and the assessment and management of risks of DJE Kapital AG.

3. Is there an obligation for you to provide data?

Within the scope of our business relationship, you must provide those personal data that are necessary for the establishment and execution of a business relationship and the fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or execute the order or will no longer be able to perform an existing contract and may have to terminate it. In particular we are obliged under money laundering regulations to identify you, for example on the basis of your identity card, before the business relationship is established and to collect and record your name, place of birth, date of birth, nationality as well as your residential address and identity card data. In order for us to be able to comply with this legal obligation, you must provide us with the necessary information and documents in accordance with Section 11 (6) of the Money Laundering Act and notify us immediately of any changes that arise in the course of the business relationship. If you do not provide us with the necessary information and documents, we may not enter into or continue the business relationship requested by you.

Who receives your data?

Within DJE Kapital AG, access to your data is granted to those offices that need it in order to fulfil our contractual and legal obligations. Service providers and vicarious agents employed by us may also receive data for these purposes if they maintain banking secrecy and comply with our written instructions under data protection law. We may only pass on information about you if legal provisions require us to do so, you have given your consent or order processors commissioned by us guarantee compliance with the provisions of the DSGVO or the BDSG in the same way. Under these conditions, recipients of personal data can be, for example:

• public bodies and institutions (e.g. Deutsche Bundesbank, Federal Financial Supervisory Authority (BaFin), European Supervisory Authority, tax authorities, Federal Central Tax Office) in the event of a legal or official obligation.
• other credit and financial services institutions, comparable institutions and order processors to whom we transmit personal data in order to carry out the business relationship with you. These companies are also legally or contractually obliged to treat personal data with the necessary care. In particular, we work with IT service providers, financial service providers and custodian banks.
• service providers who support us, specifically in the following activities: Support / maintenance of IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data destruction, purchasing / procurement, space management, real estate appraisals, loan processing services, collateral management, recovery, client management, letter shops, marketing, mailing of client presentations, media technology, reporting, research, risk controlling, expense reporting, telephony, video legitimation, website management, securities services, share register, fund administration, auditing services, payment transactions, independent representatives, intermediaries, brokers.
• members of certain regulated professions such as lawyers, notaries or auditors.
• other data recipients may be those entities for which you have given your consent to the transfer of data or for which you have exempted us pursuant to an agreement or consent.

On this website, we use HubSpot for our online marketing activities. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

We use HubSpot for:

• evaluating the use of our websites (e.g. hits, pages visited, length of stay, etc.)
• the dispatch of the newsletter

We trust in the reliability and IT and data security of HubSpot. HubSpot is certified under the Privacy Shield agreement and thus offers the guarantee of complying with the European level of data protection. Furthermore, we have concluded a "Data Processing Agreement" with HubSpot. This is a contract in which HubSpot undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection provisions and in particular not to pass it on to third parties. You can find more information on HubSpot's privacy policy here: https://legal.hubspot.com/privacy-policy

You can find more information about the cookies used by HubSpot here: https://knowledge.hubspot.com/privacy-and-consent/what-cookies-does-hubspot-set-in-a-visitor-s-browser

1. scope of data processing

When using the service, so-called "web beacons" are used and cookies are also set, which are stored on your computer and thus enable an analysis of your use of our website by us. The following information is collected in the process:

• IP address
• the geographical location
• type of browser
• duration of the visit
• and the page accessed

If you have registered for our newsletter, your email address, your newsletter "opt-in" and optionally your name will also be stored here. As soon as you have registered with us, the following data will also be stored:

• Name, first name
• Address
• Phone number
• Contract data
• stated expectation

2. legal basis of the processing

The data processing is based on your consent (Art. 6, para. 1, lit. a DSGVO).

3. possibility of objection and removal

If you wish to object to the general collection, you can prevent the storage of cookies at any time in your browser settings.

4. Hubspot log files

Each time you visit a website/landing page created by or with Hubspot, Hubspot automatically creates so-called log files. The log files may contain the following information, among others: IP address, browser, operating system, internet provider, pages visited, etc. The collection of data serves to optimize the pages, to ensure the security of the websites and to compile general statistics on the use of pages created by/with Hubspot. The automatically collected data is linked to personal data stored in Hubspot. The legal basis for storing the data in the log files is Art. 6, Para. 1, lit. f DSGVO. The data is deleted after 180 days and during this time only authenticated Hubspot IT employees have access to the log files.

A web service of the company Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter: cookiebot.com) is reloaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data (the IP number in anonymised form; the date and time of consent; the user agent of the browser; the URL from which the consent was sent; an anonymous, random and encrypted key; the consent status, which serves as proof of consent) to cookiebot.com. The legal basis for the data processing is Art. 6 para. 1 lit. f DSGVO. The legitimate interest consists in a faultless function of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transmitted data can be found in the privacy policy of cookiebot.com: https://www.cookiebot.com/en/privacy-policy/  You can prevent the collection and processing of your data by cookiebot.com by deactivating the execution of script code in your browser or installing a script blocker in your browser.

On the "Personal video call" page, we use the online service Google Calendar to schedule appointments. The provider is Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), hereinafter "Google". If you select an appointment via the deposited window, this appointment will also be deposited in the Google Calendar. To use the functions of Google Calendar, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. We have no influence on this data transfer. The privacy policy of the calendar operator Google can be found here: https://policies.google.com/privacy/frameworks?hl=en-GB.  When transferring data from the EU/EEA to other countries such as the United States of America, Google, according to its own information, complies with legal framework conditions that ensure an equivalent level of protection to EU law. You can read more about the legal framework for data transfers here: Data Transfer Framework - Privacy Policy & Terms of Use - Google. We process your data regarding the function as follows:

1. Scope of data processing:

The following data are processed when appointments are made:

• Salutation
• Surname, first name
• email address
• Phone number (optional)

2. purpose and legal basis:

The legal basis for the processing of data for making appointments is your consent (Art. 6 para. 1 lit. a DSGVO).

3. storage period:

Appointments are stored in Google Calendar for an indefinite period as long as they are not to be deleted by Solidvest at your express request.

4. possibility of objection and removal:

The provision of your personal data is voluntary or solely based on your consent. If you do not wish the processing, you should not book an appointment via the tool. In this case, you can contact us for the same purpose at widerspruch@dje.de. If you prevent access, this will mean that you will not be able to make an appointment. If you wish to object subsequently to the general collection of data, you can exercise your right of revocation vis-à-vis Google (cf. https://policies.google.com/privacy?hl=en-GB&gl=de/) and DJE Kapital AG (cf. Chapter IV. Rights).

5. Is data transferred to a third country or to an international organization?

Data is only transferred to countries outside the EU or the EEA (so-called third countries) if this is necessary to execute your orders (e.g. payment and securities orders), if it is required by law (e.g. reporting obligations under tax law), if you have given us your consent or within the scope of commissioned processing. If service providers in a third country are used, in addition to written instructions, they are obliged to comply with the level of data protection in Europe by agreeing to the EU standard contractual clauses. If you require a printout of these provisions or information on their availability, you can contact us in writing.

6. How long will your data be stored?

We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. It should be noted that our business relationship is a continuing obligation, which is intended to last for several years. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted, unless its - temporary - further processing is required for the following purposes:

• Fulfilment of retention periods under commercial and tax law: These include the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The retention and documentation periods specified there are two to ten years.
• Preservation of evidence within the framework of the statute of limitations. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years. For applicants without subsequent conclusion of a contract, a retention period of six months applies.

7. to what extent is there automated decision-making (including profiling)?

We process your data in part automatically with the aim of evaluating certain personal aspects (Profiling). For example, we use Profiling in the following cases:

• Due to legal requirements, we are obliged to combat money laundering and fraud. In the process, data evaluations (including in payment transactions) are also carried out. These measures also serve to protect you.
• In order to be able to provide you with targeted information and advice on products, we may use evaluation tools. These enable needs-based communication and advertising, including market and opinion research.

III. How is your personal data protected?

We take reasonable and appropriate measures to protect the information we store and process from misuse, loss or unauthorized access. Therefore we have taken a number of technical and organizational measures that are updated currently. If you suspect that your personal information has been misused, lost or accessed without authorization, please let us know as soon as possible.

IV. Your rights

As soon as your personal data is processed, you are a data subject within the meaning of the GDPR. You therefore have the following rights vis-à-vis the controller (i.e. us):

Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply.

The right to information includes information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing, objection or data portability, the existence of a right of complaint, the origin of your data if it has not been collected by us as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information about its details.

You can request the immediate correction of incorrect or the completion of your personal data collected by us at any time. You can request the deletion of your personal data stored by us for the following reasons:

• if your personal data is no longer required for the purposes for which it was collected,
• if you withdraw your consent and there is no other legal basis,
• if you object to the processing,
• if your personal data have been processed unlawfully,
• if your personal data must be deleted in order to comply with legal requirements.

Deletion may not take place insofar as processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims. If this is not the case, we will delete your data upon request. We will also usually assume that it is your wish that we include your name in our list of people who do not wish to be contacted. By doing so we minimize the chance of you being contacted in the future if your data is collected separately in other circumstances.

In certain circumstances you may request that we restrict the processing of your personal data. This means that we will only store your data in the future and cannot carry out any further processing activities until: (i) one of the conditions listed below has been resolved; (ii) you give your consent; or (iii) further processing is necessary to assert, exercise or defend legal claims, to protect the rights of others, or if it is necessary on the basis of legitimate public interest of the EU or a member state. You may request that we restrict the processing of your personal data in the following circumstances:

• If you dispute the accuracy of the personal data we process about you. In this case, the processing of your personal data by us will be restricted until the accuracy of the data has been verified.
• If you object to us processing your personal data in accordance with our legitimate interests. In this case, you may request that the data be restricted while we review our grounds for processing your personal data.
• If the processing of your data by us is unlawful but you prefer to restrict the processing by us rather than have the data erased.
• Where there is no longer a need for us to process your personal data but you need the data here to assert, exercise or defend legal claims.

V. Your right to object according to Art. 21 DSGVO:

 

1. Individual right of objection.

For reasons arising from your particular situation you have the right to object at any time to the processing of personal data relating to you that is carried out based on Art. 6(1)(e) DSGVO (data processing in the public interest) and Art. 6(1)(f) DSGVO (data processing because of a balance of interests); this also applies to a profiling based on this provision within the meaning of Art. 4(4) DSGVO. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

1. Right to object to processing of data for advertising purposes

In individual cases, we process your personal data to carry out direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made form-free and should preferably be made by sending an email to widerspruch@dje.de.

DJE Kapital AG