Information on data protection
The entity responsible for data processing on this website is:
MyHomeScout UG i.Gr.The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
We collect personal data when you voluntarily provide it during registration, inquiries, or search requests. This may include:
The processing of this data is carried out in accordance with Art. 6 para. 1 lit. b GDPR for the fulfillment of a contract or for the implementation of pre-contractual measures.
We process your data particularly for the following purposes:
When you access our website, our server automatically collects and stores information that your browser transmits (so-called server logfiles):
This data will not be merged with other data sources. The collection is based on Art. 6 para. 1 lit. f GDPR; we have a legitimate interest in the technically error-free provision, stability, and security of our website (especially for the detection and prevention of attacks and abuse). The log files will be deleted after a maximum of 30 days, unless they are needed to clarify a specific case of abuse.
If you contact us via our contact form, by email, or by phone, we store your information including the contact details you provided in order to process your inquiry and in case of follow-up questions. When using the contact form, we additionally store your IP address to prevent abuse and automated spam sending (limiting the number of inquiries).
The processing is based on Art. 6 para. 1 lit. b GDPR, provided that your inquiry is related to the fulfillment of a contract or the execution of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6 para. 1 lit. f GDPR).
We do not share this data without your consent. It remains with us until you request deletion or the purpose of storage ceases. Mandatory legal retention periods remain unaffected.
A user account is required to use our service. During registration, we collect the mandatory data you provided as well as your IP address and the time of registration. To confirm your email address, we send you an activation code or an activation link (double opt-in procedure). The legal basis is Art. 6 para. 1 lit. b GDPR.
If you activate two-factor authentication, we additionally process your email address or your phone number. To protect your account and prevent abuse, we log security-relevant events (e.g., logins, password and email changes) with the time and IP address. The legal basis is Art. 6 para. 1 lit. f GDPR. You can have your account deleted at any time.
We send service emails regarding your account, your matches, messages, applications, payments, and package durations to fulfill our contract (Art. 6 para. 1 lit. b GDPR). These are necessary for using our service; you can adjust the scope and channels in your notification settings.
In addition, we will send you tips for apartment searches, offers, and news only if you have explicitly consented to this (Art. 6 para. 1 lit. a GDPR, § 7 para. 2 no. 2 UWG). You give your consent voluntarily by checking a separate, unchecked checkbox during registration or at any time later in your notification settings. Granting consent is not a prerequisite for using our service.
To prove your consent, we log the time of granting or revoking consent, the language version of the consent text used, your IP address, and your browser identification (Art. 7 para. 1 GDPR). The confirmation of your email address takes place in the double opt-in procedure through the activation of your account.
You can revoke your consent at any time with effect for the future – via the unsubscribe link at the end of each promotional email, through the unsubscribe function of your email program, or in your notification settings. The legality of the processing carried out until the revocation remains unaffected. Your service emails are not affected by the revocation.
The core of our service is an automated process: We match the search requests you create (including location, postal code, price range, size, number of rooms, and other criteria) with the recorded property offers. For each offer, a matching value is calculated, based on which the offer is displayed to you as suitable (positive match) or not suitable (negative match). The legal basis is Art. 6 para. 1 lit. b GDPR.
If you request the automated application function, we will transmit the application data you provided to the respective providers of the identified suitable properties on your behalf and at your request. You determine which data is provided; the triggering occurs based on your order.
An automated decision within the meaning of Art. 22 GDPR, which has legal effects on you or significantly affects you in a similar way, does not take place. The decision regarding your application and the conclusion of a contract is made exclusively by the respective providers or landlords.
Your data will only be shared if:
We operate a referral program. If you reach our website via a referral link with a referral code, we store the time of the call, the referral code used, and your IP address to assign a later registration to the referring user and to correctly calculate the compensation. We also store the call in your session.
The legal basis is our legitimate interest in the billing and abuse control of the referral program (Art. 6 para. 1 lit. f GDPR) as well as, in relation to the referring user, the fulfillment of the affiliate agreement (Art. 6 para. 1 lit. b GDPR). Referring users are shown only aggregated evaluations; your identity is not disclosed.
Our app processes the same account data as the website. Additionally, we store a session token on your device for login purposes. This local storage is technically necessary for the operation of the app (§ 25 Abs. 2 TDDDG).
If you allow push notifications, a device-specific push token will be generated and transmitted to us. We use it exclusively for sending the notifications you have activated (e.g., new matches, messages, payments, package duration) via Google Firebase Cloud Messaging. The legal basis for service notifications is Art. 6 Abs. 1 lit. b GDPR, for advertising notifications your consent (Art. 6 Abs. 1 lit. a GDPR).
You can deactivate push notifications at any time in the app settings or your operating system. Upon cancellation or deletion of your account, the push token will be deleted.
In the AI assistant of our app, you can optionally enter your question by voice. Tapping the microphone icon will start the voice recognition of your Android device. The recording and conversion to text is not done by us, but by the voice recognition service set up on your device – usually the service from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Depending on your device settings, your voice input will be transmitted to Google servers and processed there; transmission to the USA cannot be excluded.
We do not receive the audio recording nor do we process your voice. Only the already recognized text is transmitted to us and treated like a typed input. The use of voice input is voluntary; you can type your question at any time instead. Access to the microphone occurs only with your explicit permission (Art. 6 para. 1 lit. a GDPR) and only during voice input. You can revoke the microphone permission at any time in your device settings. The processing by the voice recognition service is subject to its privacy policy; you can find Google's policy at policies.google.com/privacy.
To provide our service, we use carefully selected service providers who process personal data on our behalf and according to our instructions (processing according to Art. 28 GDPR). This includes in particular:
Some of the aforementioned service providers are based or process data in the USA or other countries outside the EU or the EEA. If personal data is transferred to a third country, this is done on the basis of appropriate safeguards within the meaning of Art. 44 et seq. GDPR, in particular based on EU standard contractual clauses and – where applicable for the respective provider – a certification under the EU-U.S. Data Privacy Framework. Further information can be obtained upon request via the contact details mentioned above.
We would like to point out that the USA does not provide a level of data protection that is fully equivalent to that of Europe, according to the European Court of Justice. US companies may be required to disclose personal data to security authorities without you being able to take effective legal action against it. We have no influence on such processing.
Your data will only be stored as long as necessary to fulfill the mentioned purposes or as required by legal retention periods.
Unless a more specific storage duration is mentioned in this privacy policy, your data will remain with us until the purpose of processing ceases. If you assert a legitimate deletion request or revoke consent, the relevant data will be deleted unless there are legally permissible reasons for further storage. If your data has been transmitted to providers as part of an application, they are responsible for its storage and deletion there.
You have the right:
Many processing activities are only possible with your explicit consent. You can revoke a consent already given at any time. The legality of the processing carried out until the revocation remains unaffected. To exercise your rights, a simple informal notification to the contact details mentioned above is sufficient.
If processing is based on Art. 6 Abs. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. If you object, we will no longer process the relevant data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims (Art. 21 Abs. 1 GDPR).
If your personal data is processed for the purpose of direct marketing, you have the right to object to this processing at any time. If you object, your data will no longer be used for direct marketing purposes (Art. 21 Abs. 2 GDPR).
The use of the contact details published in the imprint for sending unsolicited advertising is hereby objected to. We expressly reserve the right to take legal action in the case of unsolicited advertising.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR), in particular in the member state of your residence, your workplace, or the place of the alleged infringement. The Berlin Commissioner for Data Protection and Freedom of Information is responsible for us.
We implement technical and organizational security measures to protect your data against manipulation, loss, destruction, or unauthorized access. Our security measures are continuously improved in line with technological developments.
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address bar of your browser starts with "https://" and a lock symbol is displayed. We store passwords exclusively as cryptographic hashes and never in plain text.
We would like to point out that data transmission over the Internet – for example, when communicating via email – may have security vulnerabilities. A complete protection of the data against access by third parties is not possible.
Our website uses cookies to facilitate usage and provide certain features. You can disable cookies in your browser settings.
| Category | Purpose | Legal basis | Storage duration |
|---|---|---|---|
| Necessary | Session management, login, shopping cart, language setting, CSRF protection, storage of your cookie selection | Art. 6 para. 1 lit. b and f GDPR, § 25 para. 2 TDDDG | Session up to 12 months |
| Statistics | Anonymized reach measurement and improvement of our services | Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG | up to 12 months |
| Marketing | Measurement of advertising campaigns and recommendations (affiliate tracking) | Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG | up to 12 months |
You can revoke or adjust your cookie consent at any time with effect for the future. To do this, click on the following button or on the cookie symbol at the bottom right of each page. Additionally, you can delete cookies at any time in your browser settings.
We reserve the right to adjust this privacy policy to ensure it meets current legal requirements or to implement changes in our services.
We use necessary cookies for the operation of the website. Additionally, we would like to set cookies for statistics and marketing – only with your consent. More about this in our Privacy Policy