Data Protection Declaration

The protection of your personal data is of particular concern to us, ImRaum Immobilien GmbH (“ImRaum”). We therefore process your personal data exclusively on the basis of the data protection and civil law provisions (in particular the General Data Protection Regulation (“GDPR”), Data Protection Act, Telecommunications Act) and in accordance with this data protection declaration (“DSE”). In this DSE, we inform you about the most important aspects of data processing by our company.

In this DSE, you will find out which data we collect, for what purposes we collect the data and what we do with the data collected.

If you have any questions about the collection and use of your personal data by ImRaum, we will be happy to provide you with information about the data stored about you at any time. Even if you wish to correct, restrict or delete your data or in the event of complaints, requests for information (see also point 10) or general questions on the subject of data protection, our data protection officer is available at [email protected].

1. Data controller:

1.1. ImRaum Immobilien GmbH

1.2. Josef Trauttmansdorff-Straße 18
3140 Pottenbrunn
Tel: +43 (0) 1 38 90 160
E-mail: [email protected]

2. Data collection and data processing

2.1. Personal data (see Art. 4 No. 1 GDPR) is all information relating to an identified or identifiable natural person (“data subject”). This includes, for example, name, address, e-mail address, telephone number, date of birth, age, gender, social security number, bank details, IP address or photos.

2.2. This data will either be used with your consent for the purposes agreed with you in accordance with point 3, or if there is another legal basis in accordance with the GDPR (such as, in particular, the implementation of pre-contractual measures, fulfillment of contracts or a legitimate interest).

2.3. Only such personal data is collected that is necessary for the treatment of your inquiry or your interest in a residential property and for the implementation and processing of our services as a property developer, or that you voluntarily provide to us.

3. Purpose of processing / Processed data categories / Legal bases of processing

3.1. The disclosure and transmission of your personal data is voluntary. The data provided by you is required to answer inquiries, to provide information about residential properties and projects, to carry out pre-contractual measures or to fulfill the contract. Without this data, we cannot provide our services to you.

3.2. We will process your personal data for the following purposes:

3.2.1. The data of customers is processed for the handling of the respective contractual relationship. ImRaum builds and sells residential properties, which are handed over “turnkey” to the buyers after complete construction.

3.2.2. The data of suppliers, business partners and other contractual partners are processed for the handling of the respective contractual relationship or for the provision of services and use of services by ImRaum.

3.3.3. The data of interested parties are processed for the purpose of processing or answering your inquiry and for the future transmission of information about residential properties and projects.

3.3. We process the following personal data of customers (see point 3.2.1), contractual partners, suppliers and other business partners (see point 3.2.2) for the fulfillment of a contract or for the implementation of pre-contractual measures that take place at the request of the data subject, in accordance with Art. 6 Para. 1 lit. b GDPR:

• Form of address
• First name
• Last name
• Date of birth
• Social security number / Company registration number
• Title
• Contact person
• Address
• E-mail address
• Telephone number
• Fax number
• Profession
• Nationality
• Bank details
• VAT number

We process the following personal data of interested parties for the purposes described in point 3.2.3, based on their consent in accordance with Art. 6 Para. 1 lit. a GDPR or for the implementation of pre-contractual measures in accordance with Art. 6 Para. 1 lit. b GDPR:

• Form of address
• First name
• Last name
• Address
• E-mail address
• Telephone number
• Fax number

4. Disclosure of personal data / Data transfer to the USA

4.1. In order to process your request regarding residential properties, it is also necessary to pass on your data to third parties (e.g. funding bodies and banks (for financing and funding), tax office, courts, authorities, lawyers, notaries, trustees, service providers, professionals, building societies, utility companies and cable operators, planners (in particular architects), appraisers, providers of credit and creditworthiness information, property management companies, municipalities (in connection with the comparison of pre-registration lists and the obtaining of registration confirmations, etc.).

4.2. Some of the recipients mentioned in this DSE are located outside your country or process your personal data there. The level of data protection in other countries may not correspond to that of Austria. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection, for which we conclude standard contractual clauses SCCs (2010/87/EC and/or 2004/915/EC).

4.3. Your personal data will only be passed on on the basis of our DSE and the statutory data protection provisions and only in one of the following cases:

4.3.1. With your consent: We pass on personal data to companies, organizations or persons if we have received your consent to do so.

4.3.2. For processing by processors: We provide personal data to other trustworthy companies or persons who process it on our behalf. This is done using suitable confidentiality and security measures on the basis of our instructions and in accordance with our DSE. We have concluded a contract for commissioned data processing with each of the commissioned processors and have obliged them to maintain data security in accordance with Art. 24 and 32 GDPR.

4.3.3. For legal reasons: We pass on personal data to companies, organizations or persons if we may assume in good faith that this is necessary in order to

• comply with or enforce laws, regulations or legal proceedings and comply with official orders – including the investigation of possible violations;
• to detect, prevent or combat fraud, security vulnerabilities or technical problems.

4.4. As described in more detail in point 7, we use services from third-party providers such as Google LLC on our website, which are based in the USA and carry out data processing there. In its judgment of July 16, 2020 (Case C-311/18, Schrems II), the European Court of Justice (ECJ) declared the EU Commission’s adequacy decision on data transfer to the USA (so-called “Privacy Shield Agreement”) invalid. The ECJ does not consider the level of data protection in the USA to be adequate, as the Privacy Shield Agreement does not offer sufficient protection against intelligence service requests for the disclosure of personal data of EU citizens that is processed in the USA or transferred there. On the other hand, the ECJ ruled that the standard contractual clauses (SCC) remain fundamentally valid. The validity of the clauses depends on whether they guarantee effective mechanisms for compliance with the level of protection, e.g. whether the transfers of personal data are suspended or prohibited if the clauses are violated, which are also fundamentally included. If the required level of protection cannot be maintained in the third country concerned, the company in the third country must notify the contractual partner of this and the latter must suspend the data transfer or withdraw from the contract with the recipient. Such a clause is contained in the current standard contractual clauses of the European Commission. In the case of the transfer of data to the USA, ImRaum bases the data transfer on the existence of standard contractual clauses; subsidiarily, in connection with the transfer of data to third countries – in particular the USA – we rely on the necessity for the fulfillment of a contract with the data subject (“exceptions for specific cases” pursuant to Art. 49 GDPR).

5. Duration of storage

5.1. We will not store your data longer than is necessary to fulfill our contractual or legal obligations. The stored personal data will be deleted if the data processing is based on consent, with revocation.

5.2. Should a request from you not lead to the initiation or conclusion of a contract, your personal data will be deleted after two years from the last contact with us. If a contract is concluded with you, your personal data will be deleted after the expiry of the applicable guarantee, warranty, limitation and statutory retention periods, as well as after the termination of any legal disputes in which the data is required as evidence.

5.3. If longer storage is necessary due to legal regulations, storage will take place until the expiry of this period.

6. Cookies

6.1. Our website uses cookies in accordance with Union law and Austrian law (Art. 5 Para. 3 E-Privacy-RL and § 96 Para. 3 TKG).

6.2. Our website uses HTTP cookies to store user-specific data. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

6.3. Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the “user-related” information back to our website. Thanks to the cookies, our website knows who you are and offers you the setting you are used to.

6.4. There are first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malware”. Cookies also cannot access information on your computer.

6.5. Categories of cookies:

6.5.1. absolutely necessary cookies to ensure basic functions of the website;

6.5.2. functional cookies to ensure website services;

6.5.3. target-oriented cookies for better user-friendliness;

6.5.4. advertising cookies to deliver individually tailored advertising.

6.6. You can also set your browser to block all cookies, including those associated with our services, or to display a message as soon as a cookie is set by us. However, please note that some of our services may not function properly if you have deactivated cookies. For example, we cannot then save your preferred language setting.

7. Integrated services and third-party content: Google services / Social media elements and platforms / Contact forms / Newsletter / other services

7.1. Our website uses functions of the web analysis service Google Analytics. Google Analytics collects data about your actions on our website. For example, if you click on a link, this action is stored in a cookie and sent to Google Analytics. Cookies are used for this purpose, which enable an analysis of the use of the website. The information generated in this way is transmitted to the provider’s server and stored there. With the help of the reports that we receive from Google Analytics, we can better adapt our website and our service to your wishes. We use the analytics functions, among other things, for remarketing, reports on impressions in the Google Display Network, integration of DoubleClick Campaign Manager and Google Analytics reports on interests and demographic characteristics. You can deactivate Google Analytics for display advertising and adapt the ads in the Google Display Network by calling up the ad settings under this link: https://www.Google.de/settings/ads.

7.2. We have implemented the IP address anonymization of Google Analytics on this website. This function was developed by Google so that this website can comply with the applicable data protection regulations and recommendations of the local data protection authorities if they prohibit the storage of the full IP address. The anonymization or masking of the IP takes place as soon as the IP addresses arrive in the Google Analytics data collection network and before the data is stored or processed. More information on IP anonymization can be found at https://support.google.com/analytics/answer/2763052?hl=de .

7.3. For our website we use the Google Tag Manager, via which we can centrally install and manage code sections of various tracking tools that we use on our website.

7.4. We use Google reCAPTCHA to securely design our website. You can see how reCAPTCHA works using the demo version from Google at https://www.google.com/recaptcha/api2/demo.

7.5. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. You can find more information about data processing by Google in Google’s data protection information at https://www.google.at/intl/de/policies/privacy/. There you can also change your settings in the privacy center so that you can manage and protect your data. When using Google services, data is also transferred to a non-European third country (see the note in point 4.5).

7.6. ImRaum is also represented on social media platforms, e.g. on Facebook and Instagram. If you access the respective network or platform, the terms and conditions and data protection guidelines of the respective operators apply. When you access the Facebook page, your browser is automatically connected to the respective network. Your IP address and other information, e.g. cookies, may be transmitted if you have visited the respective platform before. If you click on the relevant symbol (e.g. Facebook or Instagram logo), you agree to communicate with the respective platform. You also agree that information about you, e.g. your IP address, will be transmitted to this social network. Unless otherwise stated, ImRaum processes the data of users of social media platforms when they communicate with ImRaum there, i.e. e.g. write and like posts or send messages.

7.7. You can use the online contact forms on our website to send us general inquiries or inquiries about individual residential properties. In order to process your inquiries, it is necessary that you send us the data mentioned in point 3.4 for the purpose mentioned in point 3.2.3. In the course of contacting us, data is transmitted to the integrated real estate software portal justimmo.at of the company B & G Consulting & Commerce GmbH, Mariahilfer Straße 8/11, 1070 Vienna, which we have commissioned and obliged as a processor. You expressly agree to the transfer of data concerning you to third parties to the extent described above.
More information on data protection at justimmo can be found at http://w-6164.websites.justimmo.at/datenschutzinformation.

7.8. Our concern within the meaning of the GDPR (legitimate interest) is to improve our offer and our website. Since the privacy of our users is important to us, the user data is pseudonymized. The user data is stored for the duration specified by the respective service provider and the storage period that can be accessed under the links mentioned above.

8. Remarketing / Retargeting

8.1. Our website may contain hyperlinks to websites of third parties (“external links”). Other data protection and cookie guidelines apply to such websites, about which you should inform yourself comprehensively on the respective website. Third-party websites are subject to the liability of the respective operator.

8.2. We assume no liability or responsibility for data protection on third-party websites. The inclusion of external links does not mean that we adopt the content behind the reference or link as our own. Constant monitoring of external links is not possible/reasonable for us without concrete indications of legal violations. The use of third-party websites is at your own risk.

9. Data Security / Validity of our DSE

9.1. Your personal data is protected by appropriate organizational and technical precautions. These precautions relate in particular to the protection against unauthorized, unlawful or accidental access, processing, loss, use and manipulation of your data.

9.2. We regularly review our practices for collecting, storing and processing your data, including physical security measures, to protect against unauthorized access.

9.3. We restrict access to personal data to employees and contractors who need to know the data in order to process it for us. The recipients are obligated to comply with strict confidentiality and security standards.

9.4. Our website is transmitted in encrypted form. This enables increased security for the transmission of your data. Through the use of TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this security for data transmission by the small padlock symbol in the upper left corner of the browser and the use of the https (instead of http) scheme as part of our Internet address.

9.5. Notwithstanding the efforts to maintain a consistently high standard of due diligence requirements, it cannot be ruled out that information that you disclose to us via the Internet may be viewed and used by other persons. Please note that we therefore assume no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacking attack on e-mail account).

9.6. We endeavor to ensure that data protection breaches or data incidents are detected at an early stage and, if necessary, reported to you or the competent supervisory authority without delay, including the respective data categories that are affected.

9.7. Our DSE applies to all services offered by ImRaum. However, it does not apply to services offered by other companies/persons, or other websites linked to our services. Our DSE does not cover the handling of information by other companies or organizations that advertise our services and may use cookies, pixel tags and other technologies to provide relevant advertisements.

9.8. Please inform yourself regularly about the current content of the data protection declaration of ImRaum at imraum.at/datenschutz. Since, for example, the legal situation or the services offered here by ImRaum including the associated data processing may change, we reserve the right to adapt this data protection declaration accordingly. However, this only applies to declarations on data processing. If ImRaum requires your consent for data processing or parts of this data protection declaration contain regulations of the contractual relationship with you as a customer or supplier/business partner, the changes will only be made with your consent.

10. Your rights and how you can assert them:

10.1. Right to information (Art 15 GDPR)

10.1.1. Upon request, ImRaum will provide you with comprehensive information on all data stored about you at ImRaum within the legally standardized period.

10.1.2. In addition to the personal data, this information also includes the processing purpose and the type of processing. If the right to information is excessively claimed by you by directing information requests to ImRaum in an excessive manner, we are entitled to collect a customary fee for processing the information request.

10.2. Right to rectification (Art 16 GDPR)

10.2.1. You have the right to demand from ImRaum the immediate rectification of incorrect personal data concerning you.

10.2.2. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.

10.3. Right to erasure (Art 17 GDPR)

10.3.1. Upon your request, ImRaum will delete all personal data concerning you that is stored at ImRaum within the legally prescribed period, insofar as it is not required for the purposes for which it was collected or otherwise processed and there is no legal reason to prevent the deletion.

10.3.2. If the deletion is requested by you, ImRaum will check the aforementioned legal requirements and inform you about this.

10.4. Right to restriction of processing (Art 18 GDPR)

10.4.1. You have the right to request ImRaum to restrict the processing.

10.5. Right to data portability (Art 20 GDPR)

10.5.1. You have the right to have all data stored about you at ImRaum transferred to another company.

10.6. Right to object (Art 21 GDPR)

10.6.1. If ImRaum processes personal data that is based on a public interest or is carried out in the exercise of official authority or is necessary due to a legitimate interest, you have the right to object to this processing of your data at any time due to your particular situation.

10.6.2. If ImRaum processes personal data in order to carry out direct advertising, you have the right to object to this processing of your data at any time. This also applies to profiling, insofar as it is associated with such direct advertising.

10.7. Withdrawal of consent (Art 7 para. 3 GDPR)

10.7.1. You can revoke your consent to the collection and use of your data as well as a registration at any time with effect for the future, in whole or in part. Until the time of revocation, the processing of your data is lawful. In this case, we will immediately delete your data to the extent requested by you or block it for further use. To do so, please contact us at

10.8. If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you are welcome to contact us directly ([email protected]; +43 (0) 1 38 90 160) to clarify any possible misunderstandings. Please enclose a copy of an official identification document with your request for identification / proof of your identity. Alternatively, you also have the right to complain directly to the Austrian Data Protection Authority Wickenburggasse 8, 1080 Vienna (www.dsb.gv.at).

This DSE was last updated on 2025-06-05. Subject to changes and input errors.